我有一个本地运行的应用程序, tumblr.com网站( tumblr.com )进行API调用。 这涉及设置一些OAuth凭据; 沿途的一步需要从服务器指向浏览器的回调URL中提取密钥。 所以我目前用户所做的是:
在浏览器中打开授权链接,提示他们在网站上授权OAuth应用程序
点击网站上的授权页面(“ 是的,我允许xxxxx应用访问与我的帐户相关的特定信息 ”)
单击“ Authorize app向localhost发出请求,其中包含URL中的参数。 这意味着tumblr会将浏览器重定向到页面http://localhost/?oauth_token={TOKEN}&oauth_verifier={VERIFIER}#_=_ 。 我认为这会导致向本地计算机发出请求。
期望用户将URL中的关键参数与浏览器的导航栏隔离,并将其粘贴到应用程序中。
那么有什么方法可以绕过第3步和第4步,只是让应用程序选择回调请求而不是期望用户从浏览器中复制并粘贴它? 我担心我对如何在python中处理网络请求知之甚少。
要清楚,我需要做的是获得{VERIFIER}字符串。
I have a locally-run app that makes API calls to a website (tumblr.com). This involves setting some OAuth credentials; one step along the way requires extracting a key from a callback url that the server directs the browser to. So what I currently have the user do is:
Open an authorization link in a browser, which prompts them to authorize the OAuth application on the website
Click through the authorization page on the website (“Yes, I allow xxxxx app to access certain info associated with my account”)
Clicking Authorize app makes a request to the localhost which includes a parameter in the url. Meaning that tumblr will redirect the browser to the page http://localhost/?oauth_token={TOKEN}&oauth_verifier={VERIFIER}#_=_. I assume that causes a request to be made to the local machine when it does that.
The user is expected to isolate the key parameter in the url from the browser’s navigation bar, and paste it in the application.
So is there any way I can bypass steps 3 and 4 and simply have the app pick up the callback request instead of expecting the user to copy and paste it from the browser? I’m afraid I don’t know much about how to handle network requests in python.
To be clear, what I need to do is get the {VERIFIER} string.
最满意答案
首先,对于http请求,一个好的python模块是requests
http://docs.python-requests.org/en/master/
然后,您的应用程序为tumblr提供回调地址,以便tumblr可以告诉您的应用程序客户端信息或登录错误。
现在,你的观点3尚不清楚。 “单击授权应用程序向localhost发出请求”
实际上为用户点击“授权应用程序”向tumblr请求说他接受了。 然后tumblr向你的回调网址发出请求,传递信息。
回调网址应该是你的服务器地址,你必须有一个脚本监听tumblr,它会给你一个特殊的参数来调用它们的api ...
此外 :
因此,当用户单击“授权应用程序”时,会向tumblr发出请求,该请求会将用户重定向到回调URL(添加oauth令牌和验证程序)。
现在,显然,您不能要求每个用户在其计算机上运行http服务器。
因此,您必须将回调网址设置为您的服务器。
因此,如果您将其设置为“myserver.com/tumblr”,则用户将被重定向到您的网页,您将进入您的服务器,并为该用户会话启动oauths令牌和验证程序。
和...
假设您的应用只是客户端,我会说有两种选择。
您的用户可以手动输入他们的API密钥。
或者将网络服务器嵌入到您的应用中。
在嵌入式网络服务器的情况下,我建议烧瓶简单。 只需让您的Web服务器侦听给定端口并将回调URL设置为该服务器:port。
这样您就可以直接获得客户端令牌。
okay first thing first, for http requests, a good python module is requests
http://docs.python-requests.org/en/master/
Then, your app gives a callback address to tumblr so that tumblr can tell to your app client info, or login error.
Now, your point 3 isn't clear. "Clicking authorize app makes a request to localhost"
Actually clicking "authorize app" for the user makes a request to tumblr saying he accepts. Then tumblr makes a request to your callback url passing the infos.
The callback url should probably be your server address, there you must have a script listening for tumblr, which will give you your special parameter to call their api...
In addition :
So when the users click "authorize app" there is a request to tumblr, which redirects the user to the callback url (adding oauth token and verifier).
Now, obviously, you can't ask for every user to have an http server running on their computer.
So you must set the callback url to your server.
So if you set it to "myserver.com/tumblr" for instance, the user will get redirected to your webpage, and you'll get on your server, and for that user session, the oauths token and verifier.
and...
Assuming your app is client only I'd say there are two options.
Either have your users enter manually their API keys.
Or either embed a webserver into your app.
In the case of the embedded webserver, I'd suggest flask for its simplicity. Simply have your webserver listen on a given port and set the callback url to that server:port.
This way you'll get the client tokens directly.
更多推荐
发布评论