我试图让用户验证我的应用程序以使用他存储在 MapMyRun(https://developer.underarmour.com/apps/myapps)上的数据。
这是我的代码:
let oauth2 = OAuth2CodeGrant(settings: [
"client_id": "asdasdasd",
"client_secret": "asdasdasd123",
"authorize_uri": "https://www.mapmyfitness.com/v7.1/oauth2/uacf/authorize/?client_id=asdasdasd&response_type=code&redirect_uri=http://localhost.mapmyapi.com:12345/callback",
"token_uri": "https://api.mapmyfitness.com/v7.1/oauth2/access_token/",
"redirect_uris": ["http://localhost.mapmyapi.com:12345/callback"],
"api-key":"asdasdasd",
"grant_type": "authorization_code",
"keychain": false, // if you DON'T want keychain integration
] as OAuth2JSON)
override func viewDidLoad() {
super.viewDidLoad()
startAuthorization()
// Do any additional setup after loading the view.
}
func startAuthorization() {
oauth2.logger = OAuth2DebugLogger(.trace)
oauth2.authorize() { authParameters, error in
if let params = authParameters {
print("Authorized! Access token is in `oauth2.accessToken`")
print("Authorized! Additional parameters: \(params)")
}
else {
print("Authorization was cancelled or went wrong: \(String(describing: error))") // error will not be nil
}
}
}
我的输出:
[Debug] OAuth2: Starting authorization
[Debug] OAuth2: No access token, checking if a refresh token is available
[Debug] OAuth2: I don't have a refresh token, not trying to refresh
[Debug] OAuth2: Opening authorize URL in system browser: https://www.mapmyfitness.com/v7.1/oauth2/uacf/authorize/?redirect_uri=http%3A%2F%2Flocalhost.mapmyapi.com%3A12345%2Fcallback&client_id=asdasdasdasd&response_type=code&state=123123123
到目前为止,我得到的是正确的重定向
http://localhost.mapmyapi.com:12345/callback + /callback state=&code=xxxxxxxxxxxxxxxxxxxxxxxx
但 OAuth2 不处理这个。
如何使其通过 MapMyRun 进行身份验证?我的想法是为例如实施深层链接。register://,这里将是所有回调数据。这将由下一个帖子请求处理,该请求将为我们提供访问令牌。但这对我来说听起来有点复杂。
有没有其他方法可以解决它?
我正在尝试重写我的 python 代码,它工作得很好,但现在我需要把它放在我的 iOS 应用程序上:D
https://developer.underarmour.com/docs/v71_OAuth_2_Demo
import logging
import os
import sys
import urlparse
import webbrowser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
import requests
#logging.basicConfig(level=logging.DEBUG)
# Store your client ID and secret in your OS's environment using these keys, or
# redefine these values here.
CLIENT_ID = os.environ.setdefault("MMF_CLIENT_ID", "asdasdasdasd")
CLIENT_SECRET = os.environ.setdefault("MMF_CLIENT_SECRET", "asdasdasd123123")
print CLIENT_ID
if CLIENT_ID is None or CLIENT_SECRET is None:
print 'Please ensure $MMF_CLIENT_ID and $MMF_CLIENT_SECRET environment ' \
'variables are set.'
sys.exit(1)
# As a convenience, localhost.mapmyapi.com redirects to localhost.
redirect_uri = 'http://localhost.mapmyapi.com:12345/callback'
authorize_url = 'https://www.mapmyfitness.com/v7.1/oauth2/uacf/authorize/?' \
'client_id={0}&response_type=code&redirect_uri={1}'.format(CLIENT_ID, redirect_uri)
# Set up a basic handler for the redirect issued by the MapMyFitness
# authorize page. For any GET request, it simply returns a 200.
# When run interactively, the request's URL will be printed out.
class AuthorizationHandler(BaseHTTPRequestHandler):
def do_GET(self):
self.send_response(200, 'OK')
self.send_header('Content-Type', 'text/html')
self.end_headers()
self.server.path = self.path
parsed_redirect_uri = urlparse.urlparse(redirect_uri)
server_address = parsed_redirect_uri.hostname, parsed_redirect_uri.port
print 'server_address:', server_address
# NOTE: Don't go to the web browser just yet...
webbrowser.open(authorize_url)
# Start our web server. handle_request() will block until a request comes in.
httpd = HTTPServer(server_address, AuthorizationHandler)
print 'Now waiting for the user to authorize the application...'
httpd.handle_request()
# At this point a request has been handled. Let's parse its URL.
httpd.server_close()
callback_url = urlparse.urlparse(httpd.path)
authorize_code = urlparse.parse_qs(callback_url.query)['code'][0]
print 'Got an authorize code:', authorize_code
access_token_url = 'https://api.mapmyfitness.com/v7.1/oauth2/access_token/'
access_token_data = {'grant_type': 'authorization_code',
'client_id': CLIENT_ID,
'client_secret': CLIENT_SECRET,
'code': authorize_code}
response = requests.post(url=access_token_url,
data=access_token_data,
headers={'Api-Key': CLIENT_ID})
print 'Request details:'
print 'Content-Type:', response.request.headers['Content-Type']
print 'Request body:', response.request.body
# retrieve the access_token from the response
try:
access_token = response.json()
print 'Got an access token:', access_token
except:
print 'Did not get JSON. Here is the response and content:'
print response
print response.content
# Use the access token to request a resource on behalf of the user
activity_type_url = 'https://api.ua.com/v7.1/activity_type/'
response = requests.get(url=activity_type_url, verify=False,
headers={'api-key': CLIENT_ID, 'authorization': 'Bearer %s' % access_token['access_token']})
# Refresh a client's credentials to prevent expiration
refresh_token_url = 'https://api.ua.com/v7.1/oauth2/uacf/access_token/'
refresh_token_data = {'grant_type': 'refresh_token',
'client_id': CLIENT_ID,
'client_secret': CLIENT_SECRET,
'refresh_token': access_token['refresh_token']}
response = requests.post(url=refresh_token_url, data=refresh_token_data,
headers={'api-key': CLIENT_ID, 'authorization': 'Bearer %s' % access_token['access_token']})
print 'Request details:'
print 'Content-Type:', response.request.headers['Content-Type']
print 'Request body:', response.request.body
try:
access_token = response.json()
print 'Got an access token:', access_token
except:
print 'Did not get JSON. Here is the response and content:'
print response
print response.content
# Attempt another request on the user's behalf using the token
refresh_token = response.json()
response = requests.get(url=activity_type_url, verify=False,
headers={'api-key': CLIENT_ID, 'authorization': 'Bearer %s' % access_token['access_token']})
谢谢!
抄送:@Makaille