Authorization code for github used in java via scribe library

时光总嘲笑我的痴心妄想 提交于 2020-01-05 08:09:33

问题


I am trying to access the github api(https://api.github.com/user) as mentioned in scribe library example (https://github.com/scribejava/scribejava/blob/master/scribejava-apis/src/test/java/com/github/scribejava/apis/examples/GitHubExample.java)

which return me this authorization url

https://github.com/login/oauth/authorize?response_type=code&client_id=156d37xxxxxxxxx&redirect_uri=http%3A%2F%2Flocalhost%3A8282%2FReportsServer%2Fsuccessful.jsp&state=secret846593

but now i have to give the authorization code as mentioned in above link example

 final Scanner in = new Scanner(System.in, "UTF-8");

            System.out.println("=== " + NETWORK_NAME + "'s OAuth Workflow ===");
            System.out.println();

            // Obtain the Authorization URL
            System.out.println("Fetching the Authorization URL...");
            final String authorizationUrl = service.getAuthorizationUrl();
            System.out.println("Got the Authorization URL!");
            System.out.println("Now go and authorize ScribeJava here:");
            System.out.println(authorizationUrl);
            System.out.println("And paste the authorization code here");
            System.out.print(">>");
            final String code = in.nextLine();
            System.out.println();

            System.out.println("And paste the state from server here. We have set 'secretState'='" + secretState + "'.");
            System.out.print(">>");
            final String value = in.nextLine();
            if (secretState.equals(value)) {
                System.out.println("State value does match!");
            } else {
                System.out.println("Ooops, state value does not match!");
                System.out.println("Expected = " + secretState);
                System.out.println("Got      = " + value);
                System.out.println();
            }

            // Trade the Request Token and Verfier for the Access Token
            System.out.println("Trading the Request Token for an Access Token...");
            final OAuth2AccessToken accessToken = service.getAccessToken(code);
            System.out.println("Got the Access Token!");
            System.out.println("(The raw response looks like this: " + accessToken.getRawResponse() + "')");
            System.out.println();

but the problem is that how can i get the authorization code and Can any one tell me what the authorization code is?


回答1:


So far you are at step 1: that is, creating the authorization URL that tells the server about the application (details like your client id, redirect URL etc..)

in any OAuth flow, there are 3 parties involved

  1. User
  2. An app that is requesting the access token
  3. Service Provider (Github in this case)

Let's say I am the GitHub user who is on the website managed by you. Your website wants to access my data residing on GitHub. Your website can not directly retrieve any of my protected data from GitHub without access-token.

How do you get this access token?

  • Your website registers as a client on GitHub and gets client-secret
  • Everytime website needs some user's access-token, first it identifies itself via authorization-url to GitHub by sending identification params. In your case, you need to paste that authorization-url into the browser to continue. On production, your website should redirect user onto authorization-url.
  • Github then validates the identification details of the website and if they are all good, it asks the user (me in this case) whether I want to give access to my protected data to your website.
  • If I say yes, GitHub will call the URL you specified in redirect_url param along with request-token (aka authorization-code)
  • Your website will read this request-token, make the server call to GitHub and exchange it with access-token
  • Once the website has my access-token, it can request my protected data to GitHub.


来源:https://stackoverflow.com/questions/49233440/authorization-code-for-github-used-in-java-via-scribe-library

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!