2
我想通過api(http://zootool.com/api/docs/add)用java將頁面添加到我的zootool頁面。爲此,我需要使用摘要式身份驗證。zootool api授權
一個PHP的例子給出了獲得頁面的授權:
<?php
$username = 'username';
$password = 'password';
$api_url = 'http://zootool.com/api/users/items/?username='
. $username . '&apikey=###';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $api_url);
// HTTP Digest Authentication
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_DIGEST);
curl_setopt($ch, CURLOPT_USERPWD, strtolower($username) . ':' . sha1($password));
curl_setopt($ch, CURLOPT_USERAGENT, 'My PHP Script');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
curl_close($ch);
$data = json_decode($result, true);
print_r($data);
?>
但是這是怎麼用Java語言寫在網頁中加入?搜索後,我發現Apache公用程序HttpClient可能是有用的,但我似乎無法繞過它。
我想:
String url = "http://zootool.com/api/add/?url=http://www.google.com
&title=Google&apikey=###";
DigestScheme authscheme = new DigestScheme();
HttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet(url);
HttpResponse authResponse = httpclient.execute(httpget);
Header challenge = authResponse.getHeaders("WWW-Authenticate")[0];
authscheme.processChallenge(challenge);
Header solution = authscheme.authenticate(
new UsernamePasswordCredentials("username", "password"),
new BasicHttpRequest(HttpPost.METHOD_NAME,
new URL(url).getPath()));
HttpResponse goodResponse = httpclient.execute(httpget);
我試圖SH1哈希密碼,但沒有運氣(如API-手冊上規定)。看來我的代碼無法找到任何響應的挑戰。
Api-key,用戶名和密碼都是正確的。
UPDATE 我現在比較確定我需要使用搶先式摘要授權,但是在嘗試使用由apache給出的解決方法時,我仍然得到401和「身份驗證錯誤:摘要授權挑戰預期,但未找到」 - 來自java的警告。我使用的代碼是:
HttpHost targetHost = new HttpHost("www.zootool.com", 80, "http");
DefaultHttpClient httpclient = new DefaultHttpClient();
try {
httpclient.getCredentialsProvider().setCredentials(
new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT),
new UsernamePasswordCredentials("username", "sha1-password"));
// Create AuthCache instance
AuthCache authCache = new BasicAuthCache();
// Generate DIGEST scheme object, initialize it and add it to the local
// auth cache
DigestScheme digestAuth = new DigestScheme();
// Suppose we already know the realm name
digestAuth.overrideParamter("realm", "www.zootool.com");
// Suppose we already know the expected nonce value
digestAuth.overrideParamter("nonce", "something");
authCache.put(targetHost, digestAuth);
// Add AuthCache to the execution context
BasicHttpContext localcontext = new BasicHttpContext();
localcontext.setAttribute(ClientContext.AUTH_CACHE, authCache);
HttpGet httpget = new HttpGet("/api/add/?url=http://www.google.com&title=Google&apikey=###");
System.out.println("executing request: " + httpget.getRequestLine());
System.out.println("to target: " + targetHost);
for (int i = 0; i < 3; i++) {
HttpResponse response = httpclient.execute(targetHost, httpget, localcontext);
HttpEntity entity = response.getEntity();
System.out.println("----------------------------------------");
System.out.println(response.getStatusLine());
if (entity != null) {
System.out.println("Response content length: " + entity.getContentLength());
}
EntityUtils.consume(entity);
}
} finally {
// When HttpClient instance is no longer needed,
// shut down the connection manager to ensure
// immediate deallocation of all system resources
httpclient.getConnectionManager().shutdown();
}
}
我是否必須爲DigestScheme參數提供有意義的值? 我是否在正確的軌道上?
/André