3

我需要在我的 Android 应用程序上接收令牌。我在 Laravel 上创建了 API,我需要接收身份验证令牌,但我不知道如何在 Android 上执行此操作。我做了一些代码,但它不起作用。

public class LoginActivity extends AppCompatActivity {

    WebView webView;
    private final String URL = "https://login.ipleiria.pt/adfs/ls/?client-request-id=5d88995c-4405-40c7-985f-a02fd6d62749&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAY2RO2_TUABGc-PEbaMKKsTAgEQHpEpI176-14_YEhLOw2mihDRJCWCBKtuxEzdObPzIa2Pr2IEBOiHElJEBIf4AUsXQqUN_QcWEmBgYaMTCBmc4-ubz3aM4hlPuoj9guDJEjsNBy16tvwhv5LaevTl6ni19efD64C17fr5TPQHXRnPGDTzbDV2DCeIluDOI4yBSWNZPYs_3h4zvOK5lM5Y_Yv2pwX4C4AyAZVoSiZiX8rKABUw4TLBAGCKKHI-wDEWMLMjjngMNCROICTIkx-Z4yxQv0tebahIP8Ep-6C7sH-kNxw9HB4EfxSfUK1Cy4kIpqvbL5UIb1RO-3PcXjXqnPjuM-b6gNatoaFZQ7XBSRxGJZTnUO2Iv6DWTmdgtVrwGP2sN1HGguhW3PVet3eFcm-JW-2k3atSQqor7Lyb8UINDSCJnz8vbu16Xx9CR9Xwy6xgjTeppiVM3ySNB79RMW-C6e3BJ_VfjDxR91Wnkj08p2g_ssds7y4BvmU1EKevrua3UrdR26mcGvMteffH-csreXtspvZzYvz5ufk2dZlm2bZS1_mLgdcbF_ccto2BOpPzDqDEvPklCvWvpbWLwXpUvmf37ROGOaXBM05c0-E6Do7XU541_fXeRu4kRJ0NEIMdtc0hBSBGw_hs1&RedirectToIdentityProvider=http%3a%2f%2flogin.ipleiria.pt%2fadfs%2fservices%2ftrust";

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.login);

        webView = findViewById(R.id.webView);
        webView.setWebViewClient(new WebViewClient());
        webView.loadUrl(URL);

        // Cria problemas de XSS na aplicação. Usar com cuidado
        webView.getSettings().setJavaScriptEnabled(true);


        if (URL.length() == 0) {
            getToken("https://login.ipleiria.pt/adfs/ls/?client-request-id=5d88995c-4405-40c7-985f-a02fd6d62749&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAY2RO2_TUABGc-PEbaMKKsTAgEQHpEpI176-14_YEhLOw2mihDRJCWCBKtuxEzdObPzIa2Pr2IEBOiHElJEBIf4AUsXQqUN_QcWEmBgYaMTCBmc4-ubz3aM4hlPuoj9guDJEjsNBy16tvwhv5LaevTl6ni19efD64C17fr5TPQHXRnPGDTzbDV2DCeIluDOI4yBSWNZPYs_3h4zvOK5lM5Y_Yv2pwX4C4AyAZVoSiZiX8rKABUw4TLBAGCKKHI-wDEWMLMjjngMNCROICTIkx-Z4yxQv0tebahIP8Ep-6C7sH-kNxw9HB4EfxSfUK1Cy4kIpqvbL5UIb1RO-3PcXjXqnPjuM-b6gNatoaFZQ7XBSRxGJZTnUO2Iv6DWTmdgtVrwGP2sN1HGguhW3PVet3eFcm-JW-2k3atSQqor7Lyb8UINDSCJnz8vbu16Xx9CR9Xwy6xgjTeppiVM3ySNB79RMW-C6e3BJ_VfjDxR91Wnkj08p2g_ssds7y4BvmU1EKevrua3UrdR26mcGvMteffH-csreXtspvZzYvz5ufk2dZlm2bZS1_mLgdcbF_ccto2BOpPzDqDEvPklCvWvpbWLwXpUvmf37ROGOaXBM05c0-E6Do7XU541_fXeRu4kRJ0NEIMdtc0hBSBGw_hs1&RedirectToIdentityProvider=http%3a%2f%2flogin.ipleiria.pt%2fadfs%2fservices%2ftrust");
        }
    }

    private void getToken(String url) {

        StringBuilder strBuild = new StringBuilder();

        String authURL = "https://login.ipleiria.pt/adfs/ls/?client-request-id=5d88995c-4405-40c7-985f-a02fd6d62749&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAY2RO2_TUABGc-PEbaMKKsTAgEQHpEpI176-14_YEhLOw2mihDRJCWCBKtuxEzdObPzIa2Pr2IEBOiHElJEBIf4AUsXQqUN_QcWEmBgYaMTCBmc4-ubz3aM4hlPuoj9guDJEjsNBy16tvwhv5LaevTl6ni19efD64C17fr5TPQHXRnPGDTzbDV2DCeIluDOI4yBSWNZPYs_3h4zvOK5lM5Y_Yv2pwX4C4AyAZVoSiZiX8rKABUw4TLBAGCKKHI-wDEWMLMjjngMNCROICTIkx-Z4yxQv0tebahIP8Ep-6C7sH-kNxw9HB4EfxSfUK1Cy4kIpqvbL5UIb1RO-3PcXjXqnPjuM-b6gNatoaFZQ7XBSRxGJZTnUO2Iv6DWTmdgtVrwGP2sN1HGguhW3PVet3eFcm-JW-2k3atSQqor7Lyb8UINDSCJnz8vbu16Xx9CR9Xwy6xgjTeppiVM3ySNB79RMW-C6e3BJ_VfjDxR91Wnkj08p2g_ssds7y4BvmU1EKevrua3UrdR26mcGvMteffH-csreXtspvZzYvz5ufk2dZlm2bZS1_mLgdcbF_ccto2BOpPzDqDEvPklCvWvpbWLwXpUvmf37ROGOaXBM05c0-E6Do7XU541_fXeRu4kRJ0NEIMdtc0hBSBGw_hs1&RedirectToIdentityProvider=http%3a%2f%2flogin.ipleiria.pt%2fadfs%2fservices%2ftrust";
        String redirect_uri = "urn:ietf:wg:oauth:2.0:oob";
        strBuild.append("&redirect_uri=").append(redirect_uri);

        try{
            java.net.URL obj = new URL(authURL);

            HttpURLConnection con = (HttpURLConnection) obj.openConnection();
            con.setDoOutput(true);
            con.setRequestMethod("POST");

            con.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");

            DataOutputStream wr = new DataOutputStream(con.getOutputStream());
            wr.writeBytes(strBuild.toString());
            wr.flush();
            wr.close();

            System.out.println(con.getResponseCode());
            System.out.println(con.getResponseMessage());

        }catch (Exception e)
        {
            System.out.println("Error.");
        }
        System.out.println(strBuild.toString());
    }
}
4

1 回答 1

1

好的,您有两个选择:

第一个
第一个是更好的。如果您可以访问 Web 前端的代码,则可以执行此操作。基本上你只需添加一个WebAppInterface. 文档描述得非常好。您的 android 函数应该接受令牌作为参数,并且应该在用户成功登录并获得他的令牌后由您的前端调用。

所以你的可能看起来像这样:

class WebAppInterface(private val mContext: Context) {

    /** Show a toast from the web page  */
    @JavascriptInterface
    fun consumeToken(token: String) {
        //do whatever you want to do with the token.
    }
}

您必须像这样注册它:webView.addJavascriptInterface(WebAppInterface(this), "Android")

然后您的 Web 前端(javascript 端)可以像这样调用该函数: Android.consumeToken(token);

第二个
这个有点复杂。像往常一样加载您的网址和set a WebViewClient to your WebView. 像这样:

webView.webViewClient = object: WebViewClient() {
    override fun onPageFinished(view: WebView?, url: String?) {
        super.onPageFinished(view, url)
        webView.evaluateJavascript("(function() { return JSON.stringify(localStorage); })();") { s ->
            if (s != "\"{}\"") {
                var jsonAsStr = s.substring(1, s.length - 1).replace("\\", "")
                val obj = JSONObject(jsonAsStr)
                val token = obj.getString("token")
            }
        }

    }
}
webView.loadUrl("https://www.google.com/")

onPageFinished加载新站点时调用。这样您就知道用户完成了登录(是的,如果有任何其他按钮或者他可以单击这些按钮也会触发此功能)。但是,您可以通过检查 url 中的 url 来捕获这些错误,onPageStarted并查看它是否与用户在登录后应该看到的页面匹配。所以像这样:onPageStarted被调用 -> 如果 url 与用户在登录后应该看到的页面的 url 匹配,那么它是正确的,你可以调用evaluateJavascript. 但也许我的简单示例足以满足您的用例。

无论如何,evaluateJavascript然后将 javascript 注入客户端,该客户端将读取localStorage. 然后检查它是否为空,然后解析为jsonObject. 然后只需从 jsonified 本地存储中检索令牌。而已 :)

Java中的同样的事情:

    webView.setWebViewClient(new WebViewClient() {
    @Override
    public void onPageFinished(WebView view, String url) {
        super.onPageFinished(view, url);
        webView.evaluateJavascript("(function() { return JSON.stringify(localStorage); })();", new ValueCallback<String>() {
            @Override
            public void onReceiveValue(String s) {
                if (s != "\"{}\"") {
                    String jsonAsStr = s.substring(1, s.length() - 1).replace("\\", "");
                    try {
                        JSONObject obj = new JSONObject(jsonAsStr);
                        String token = obj.getString("token");
                    } catch (JSONException e) {

                    }
                }
            }
        });
    }
});
于 2019-04-26T19:22:27.833 回答