JavaEye api的用户认证
现在的网站越来越流行开放api了,看到java eye的api感觉挺简单的决定用apache的HttpClient试一下,没想到在认证就麻烦不断,经过摸索终于搞定了。后来搜索后发现两种方法论坛都有人做过了,在这就当是总结吧。方法一:直接添加header验证,这中方式比较简单,代码如下
package apiTest;import java.io.BufferedReader;import java.io.InputStream;import java.io.InputStreamReader;import org.apache.http.HttpEntity;import org.apache.http.HttpResponse;import org.apache.http.client.methods.HttpGet;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.protocol.BasicHttpContext;import org.apache.http.protocol.HttpContext;public class Test {public static void main(String[] args) throws Exception {DefaultHttpClient httpClient = new DefaultHttpClient();//get请求HttpGet httpGet = new HttpGet("http://api.iteye.com/api/auth/verify");httpGet.addHeader("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3 JavaEye API Client");httpGet.addHeader("Authorization", "name:password");//请求内容HttpContext httpContext = new BasicHttpContext();HttpResponse response = httpClient.execute(httpGet,httpContext);HttpEntity httpEntity = response.getEntity();StringBuffer sb = new StringBuffer();InputStream is = httpEntity.getContent();BufferedReader br = new BufferedReader(new InputStreamReader(is, "utf-8"));String str = "";while((str=br.readLine()) != null){sb.append(str);}System.out.println("Code:"+response.getStatusLine().getStatusCode());System.out.println("Content:"+sb.toString());httpClient.getConnectionManager().shutdown();}}
其中name:password是base64encode加密后内容;User-Agent使用模拟的Chrome的,加上了 JavaEye API Client,不模拟一个浏览器会被认为是网络爬虫抓取;
方法二:使用HttpClient的验证方式
package apiTest;import java.io.BufferedReader;import java.io.IOException;import java.io.InputStream;import java.io.InputStreamReader;import org.apache.http.HttpEntity;import org.apache.http.HttpException;import org.apache.http.HttpHost;import org.apache.http.HttpRequest;import org.apache.http.HttpRequestInterceptor;import org.apache.http.HttpResponse;import org.apache.http.auth.AuthScheme;import org.apache.http.auth.AuthScope;import org.apache.http.auth.AuthState;import org.apache.http.auth.Credentials;import org.apache.http.auth.UsernamePasswordCredentials;import org.apache.http.client.CredentialsProvider;import org.apache.http.client.methods.HttpGet;import org.apache.http.client.protocol.ClientContext;import org.apache.http.impl.auth.BasicScheme;import org.apache.http.impl.client.DefaultHttpClient;import org.apache.http.protocol.BasicHttpContext;import org.apache.http.protocol.ExecutionContext;import org.apache.http.protocol.HttpContext;public class Test {public static void main(String[] args) throws Exception {DefaultHttpClient httpClient = new DefaultHttpClient();//认证httpClient.getCredentialsProvider().setCredentials(new AuthScope(AuthScope.ANY_HOST,AuthScope.ANY_PORT), new UsernamePasswordCredentials("username", "password"));//get请求HttpGet httpGet = new HttpGet("http://api.iteye.com/api/auth/verify");httpGet.addHeader("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3 JavaEye API Client");//请求内容HttpContext httpContext = new BasicHttpContext();BasicScheme basicAuth = new BasicScheme();httpContext.setAttribute("preemptive-auth", basicAuth);httpClient.addRequestInterceptor(new HttpRequestInterceptor(){@Overridepublic void process(HttpRequest request, HttpContext context)throws HttpException, IOException { AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE); // If no auth scheme avaialble yet, try to initialize it preemptively if (authState.getAuthScheme() == null) { AuthScheme authScheme = (AuthScheme) context.getAttribute("preemptive-auth"); CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute(ClientContext.CREDS_PROVIDER); HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST); if (authScheme != null) { Credentials creds = credsProvider.getCredentials(new AuthScope(targetHost.getHostName(),targetHost.getPort())); if (creds == null) { throw new HttpException("No credentials for preemptive authentication"); } authState.setAuthScheme(authScheme); authState.setCredentials(creds); } }}},0);HttpResponse response = httpClient.execute(httpGet,httpContext);HttpEntity httpEntity = response.getEntity();StringBuffer sb = new StringBuffer();InputStream is = httpEntity.getContent();BufferedReader br = new BufferedReader(new InputStreamReader(is, "utf-8"));String str = "";while((str=br.readLine()) != null){sb.append(str);}System.out.println("Code:"+response.getStatusLine().getStatusCode());System.out.println("Content:"+sb.toString());httpClient.getConnectionManager().shutdown();}}
其中的HttpRequestInterceptor直接使用的HttpClient中的例子
用到的jar在apache上都有下载,版本看截图:
http://dl.iteye.com/upload/attachment/324892/8e0e917f-6c5a-3025-9cf3-520797312d57.png
经过抓包发现两种方法都是在请求中添加了Authorization: username:password
页:
[1]