我正在尝试使用 ScribeJava OAuth 机制访问可汗学院。成功获得令牌后,我得到了 401 异常。这对于未经授权的访问非常明确。如果我将 URL 更改为
http://api-explorer.khanacademy.org/api/v1/user/videos/cGg1j1ZCCOs?userId=vilething&username=&email=
它给了我一个回应。但是,所有与用户相关的信息都是空的。
public abstract class KhanAcademyAccess {
private final static String USER_AGENT = "Mozilla/5.0";
public static void main(String... args) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException, IOException, Exception {
String videoId = "C38B33ZywWs";
String username = "###";
String password = "###";
final OAuth10aService service = new ServiceBuilder()
.apiKey("###")
.apiSecret("###")
.build(KAApi.instance());
//Get Request Token
final OAuth1RequestToken requestToken = service.getRequestToken();
System.out.println(requestToken.getToken());
sendPost("https://www.khanacademy.org/api/auth2/authorize", username, password, requestToken.getToken().toString());
final OAuth1AccessToken accessToken = service.getAccessToken(requestToken, "");
System.out.println(accessToken);
final OAuthRequest request = new OAuthRequest(Verb.GET, "https://www.khanacademy.org/api/internal/_mt/user/videos/cGg1j1ZCCOs/log_compatability?", service);
service.signRequest(accessToken, request);
request.addHeader("Accept", "application/json; charset=utf-8");
request.addHeader("Content-Type", "application/json; charset=utf-8");
request.addHeader("X-Requested-With", "XMLHttpRequest");
request.addHeader("Accept-Encoding", "application/json");
Response response = request.send();
System.out.println(response.getCode());
System.out.println(response.getMessage());
System.out.println(response.getBody());
}
private static void sendPost(String url, String username, String password, String oauthToken) throws Exception {
DefaultHttpClient httpclient = new DefaultHttpClient();
// Comment out from here (Using /* and */)...
// ...to here and the request will fail with "HttpResponseException: Moved Permanently"
try {
HttpPost httpPost = new HttpPost(url);
String encoding = Base64Encoder.getInstance().encode(StringUtils.getBytes(username + ":" + password));
List<NameValuePair> params = new ArrayList<NameValuePair>();
params.add(new BasicNameValuePair("identifier", username));
params.add(new BasicNameValuePair("password", password));
params.add(new BasicNameValuePair("oauth_token", oauthToken));
httpPost.setEntity(new UrlEncodedFormEntity(params));
System.out.println("executing request " + httpPost.getURI());
// Create a response handler
ResponseHandler<String> responseHandler = new BasicResponseHandler();
HttpResponse responseBody = httpclient.execute(httpPost);
// Add your code here...
int responseCode = responseBody.getStatusLine().getStatusCode();
while(responseCode!=200 ){
for(Header header : responseBody.getAllHeaders()){
if(header.getName().equalsIgnoreCase("Location")){
responseCode = getRequest(header.getValue());
}
}
}
} catch (Exception e) {
e.printStackTrace();
} finally {
// When HttpClient instance is no longer needed, shut down the connection
// manager to ensure immediate deallocation of all system resources
}
}
我正在使用用户名和密码身份验证,因为我想自动化授权过程并且不希望用户被重定向到页面并单击接受按钮。
添加可能有用的日志以识别问题
请求令牌:
OAuth1RequestToken{oauth_token=t0000005405940108, oauth_token_secret=NyGQchdSAj7AwukA, oauth_callback_confirmed=true}
访问令牌:
OAuth1AccessToken{oauth_token=t0000005413417574, oauth_token_secret=UMAV7Y54suAVPcJZ}