可能重复:
可以';t使Twitter OAuth回调身份验证在Cocoa应用程序中工作
我有一个发送推特更新(推特(的应用程序。当前版本使用OOB进程进行OAuth身份验证:
(1( 发送请求令牌请求:
consumer = [[OAConsumer alloc] initWithKey: kOAuthConsumerKey secret:kOAuthConsumerSecret];
OAMutableURLRequest *request = [[[OAMutableURLRequest alloc]
initWithURL: [NSURL URLWithString:kOAuthTwitterRequestTokenURL]
consumer: self.consumer
token: nil realm: nil signatureProvider: nil] autorelease];
[request setHTTPMethod:@"POST"];
OADataFetcher *fetcher = [[[OADataFetcher alloc] init] autorelease];
[fetcher fetchDataWithRequest:request delegate:self didFinishSelector:@selector(setRequestToken:withData:) didFailSelector:@selector(failRequestToken:data:)];
(2( 然后组装身份验证URL并打开浏览器窗口:
NSString *dataString = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
self.requestToken = [[[OAToken alloc] initWithHTTPResponseBody:dataString] autorelease];
NSString *urlString = [NSString stringWithFormat: @"%@?oauth_token=%@", kOAuthTwitterAuthorizeURL, self.requestToken.key];
NSURL *requestURL = [NSURL URLWithString: urlString];
[[NSWorkspace sharedWorkspace] openURL: requestURL];
(3( 弹出一个带有文本字段的警报窗口,从用户那里获取PIN号,然后:
self.requestToken.secret = [input stringValue];
OAMutableURLRequest *request = [[OAMutableURLRequest alloc] initWithURL:[NSURL URLWithString:kOAuthTwitterAccessTokenURL] consumer: self.consumer token: self.requestToken realm: nil signatureProvider: nil];
[request setHTTPMethod:@"POST"];
OADataFetcher *fetcher = [[[OADataFetcher alloc] init] autorelease];
[fetcher fetchDataWithRequest:request delegate:self didFinishSelector:@selector(setAccessToken:withData:) didFailSelector:@selector(failAccessToken:data:)];
(4( 保存退货凭证:
NSString *dataString = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
accessToken = [[OAToken alloc] initWithHTTPResponseBody:dataString];
[accessToken storeInUserDefaultsWithServiceProviderName: kOAuthTwitterDefaultsDomain prefix: kOAuthTwitterDefaultsPrefix];
(为简洁起见,已删除内存管理和错误检查(
这一切都很好,但我真的很讨厌重定向到浏览器,然后让用户复制并粘贴PIN号码的过程。我想停止使用OOB方法,转而使用回调方法。对于桌面应用程序来说,这需要一些欺骗。所以我切换到使用WebView,我做的步骤1和2是一样的,只是2做的是:
NSString *dataString = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
self.requestToken = [[[OAToken alloc] initWithHTTPResponseBody:dataString] autorelease];
OAMutableURLRequest* requestURL = [[[OAMutableURLRequest alloc] initWithURL:[NSURL URLWithString:kOAuthTwitterAuthorizeURL] consumer:nil token:self.requestToken realm:nil signatureProvider:nil] autorelease];
[requestURL setParameters:[NSArray arrayWithObject:[[[OARequestParameter alloc] initWithName:@"oauth_token" value: self.requestToken.key] autorelease]]];
[[webview mainFrame] loadRequest: requestURL];
[NSApp beginSheet: webSheet modalForWindow: [NSApp mainWindow] modalDelegate:self didEndSelector: @selector(webSheetDidEnd:returnCode:contextInfo:) contextInfo:nil];
在用户授权使用Twitter网页后,我使用WebView PolicyDelegate来查找重定向(到我的回调URL(:
- (void)webView: (WebView *)webView decidePolicyForNavigationAction: (NSDictionary *)actionInformation request: (NSURLRequest *)request frame: (WebFrame *)frame
decisionListener: (id<WebPolicyDecisionListener>)listener
{
NSString *urlString = [[actionInformation objectForKey:@"WebActionOriginalURLKey"] absoluteString];
if ([urlString rangeOfString:@"oauth_verifier"].location != NSNotFound)
{
// parse out oauth_token and oauth_verifier from the URL
}
self.requestToken.secret = oauthVerifier;
[listener ignore];
[NSApp endSheet:webSheet returnCode: 0];
OAMutableURLRequest *request = [[[OAMutableURLRequest alloc] initWithURL:[NSURL URLWithString:kOAuthTwitterAccessTokenURL] consumer: self.consumer token: self.requestToken realm: nil signatureProvider: nil] autorelease];
[request setHTTPMethod:@"POST"];
OADataFetcher *fetcher = [[[OADataFetcher alloc] init] autorelease];
[fetcher fetchDataWithRequest:request delegate:self didFinishSelector:@selector(setAccessToken:withData:) didFailSelector:@selector(failAccessToken:data:)];
}
据我所知,这应该是完全相同的身份验证。就Twitter而言,唯一的区别是,我使用的是回调URL中的oauth_verifier,而不是呈现给用户的(并提供给我的应用程序(。但是,如果这是一个真正的服务器到服务器的实现,那么这就是我无论如何都会使用的值。
实际发生的情况是,最后一步(获取访问令牌(失败:
failAccessToken:"错误域=NSURLErrorDomain代码=-1012"操作无法完成。(NSURLErrorDomainerror-1012。("UserInfo=0x101b3e780{NSErrFailingURLStringKey=http://api.twitter.com/oauth/access_token,NSUnderlyingError=0x101bacf40"操作无法结束。(kCFErrorDomainCFNetwork错误-1012。(",NSErrorFailingURLKey=http://api.twitter.com/oauth/access_token}'
关于是什么导致身份验证失败,有什么想法吗?
joe
我最终放弃了OAuthConsumer框架,转而使用Google GTMOAuth框架。这很好。