2

我正在尝试使用 java 通过 api ( http://zootool.com/api/docs/add ) 将页面添加到我的 zootool 页面。为此,我需要使用摘要身份验证。

给出一个获取页面授权的php示例:

<?php

$username = 'username';
$password = 'password';
$api_url  = 'http://zootool.com/api/users/items/?username=' 
                   . $username . '&apikey=###';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_url);

// HTTP Digest Authentication
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_USERPWD, strtolower($username) . ':' . sha1($password));

curl_setopt($ch, CURLOPT_USERAGENT, 'My PHP Script');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$result = curl_exec($ch);
curl_close($ch);

$data = json_decode($result, true);

print_r($data);

?>

但是如何在 Java 中添加页面呢?搜索后,我发现 apache commons HttpClient 可能有用,但我似乎无法理解它。

我试过了:

    String url = "http://zootool.com/api/add/?url=http://www.google.com
                      &title=Google&apikey=###";
    DigestScheme authscheme = new DigestScheme();

    HttpClient httpclient = new DefaultHttpClient();
    HttpGet httpget = new HttpGet(url);
    HttpResponse authResponse = httpclient.execute(httpget);

    Header challenge = authResponse.getHeaders("WWW-Authenticate")[0];

    authscheme.processChallenge(challenge);

    Header solution = authscheme.authenticate(
            new UsernamePasswordCredentials("username", "password"),
            new BasicHttpRequest(HttpPost.METHOD_NAME,
            new URL(url).getPath()));


    HttpResponse goodResponse = httpclient.execute(httpget);

我试图对密码进行 sh1-hash(如 api 手册中所述),但没有运气。看来我的代码找不到任何要应对的挑战。

Api-key、用户名和密码正确。

更新我现在相对确定我需要使用抢先式摘要授权,但是当尝试使用 apache 给出的解决方法时,我仍然收到 401 和“身份验证错误:预期的摘要授权挑战,但未找到”-来自 java 的警告。我使用的代码是:

HttpHost targetHost = new HttpHost("www.zootool.com", 80, "http");

DefaultHttpClient httpclient = new DefaultHttpClient();
try {
    httpclient.getCredentialsProvider().setCredentials(
                new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
                new UsernamePasswordCredentials("username", "sha1-password"));

    // Create AuthCache instance
    AuthCache authCache = new BasicAuthCache();
    // Generate DIGEST scheme object, initialize it and add it to the local
    // auth cache
    DigestScheme digestAuth = new DigestScheme();
    // Suppose we already know the realm name
    digestAuth.overrideParamter("realm", "www.zootool.com");
    // Suppose we already know the expected nonce value
    digestAuth.overrideParamter("nonce", "something");
    authCache.put(targetHost, digestAuth);

    // Add AuthCache to the execution context
    BasicHttpContext localcontext = new BasicHttpContext();
    localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);


    HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=###");

    System.out.println("executing request: " + httpget.getRequestLine());
    System.out.println("to target: " + targetHost);

    for (int i = 0; i < 3; i++) {
        HttpResponse response = httpclient.execute(targetHost, httpget, localcontext);
        HttpEntity entity = response.getEntity();

        System.out.println("----------------------------------------");
        System.out.println(response.getStatusLine());
        if (entity != null) {
            System.out.println("Response content length: " + entity.getContentLength());
            }
        EntityUtils.consume(entity);
    }

} finally {
    // When HttpClient instance is no longer needed,
    // shut down the connection manager to ensure
    // immediate deallocation of all system resources
    httpclient.getConnectionManager().shutdown();
    }
}

我必须为 DigestScheme 参数赋予有意义的值吗?我在正确的轨道上吗?

/安德烈

4

1 回答 1

0

抢先授权码有效!错误是 login=true 必须添加到 api url,如下所示:

HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=####&login=true"); 

api 手册中没有此信息。

于 2011-02-11T14:08:48.490 回答