質問編集履歴
2
呼び出し事例(公式)を記載しました。
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -309,3 +309,217 @@
|
|
|
309
309
|
BufferedReader reader = new BufferedReader(new InputStreamReader(
|
|
310
310
|
|
|
311
311
|
connection.getInputStream()));
|
|
312
|
+
|
|
313
|
+
|
|
314
|
+
|
|
315
|
+
★20180311追記
|
|
316
|
+
|
|
317
|
+
|
|
318
|
+
|
|
319
|
+
・呼び出し方事例(公式 https://oauth.net/core/1.0a/#anchor43)
|
|
320
|
+
|
|
321
|
+
After Jane informs printer.example.com that she would like to print her vacation photo stored at photos.example.net, the printer website tries to access the photo and receives HTTP 401 Unauthorized indicating it is private. The Service Provider includes the following header with the response:
|
|
322
|
+
|
|
323
|
+
|
|
324
|
+
|
|
325
|
+
WWW-Authenticate: OAuth realm="http://photos.example.net/"
|
|
326
|
+
|
|
327
|
+
The Consumer sends the following HTTP POST request to the Service Provider:
|
|
328
|
+
|
|
329
|
+
|
|
330
|
+
|
|
331
|
+
https://photos.example.net/request_token?oauth_consumer_key=dpf43f3p2l4k3l03&oauth_signature_method=PLAINTEXT&oauth_signature=kd94hf93k423kf44%26&oauth_timestamp=1191242090&oauth_nonce=hsu94j3884jdopsl&oauth_version=1.0&oauth_callback=http%3A%2F%2Fprinter.example.com%2Frequest_token_ready
|
|
332
|
+
|
|
333
|
+
The Service Provider checks the signature and replies with an unauthorized Request Token in the body of the HTTP response:
|
|
334
|
+
|
|
335
|
+
|
|
336
|
+
|
|
337
|
+
oauth_token=hh5s93j4hdidpola&oauth_token_secret=hdhd0244k9j7ao03&oauth_callback_confirmed=true
|
|
338
|
+
|
|
339
|
+
|
|
340
|
+
|
|
341
|
+
・phpコードサンプル(公式 https://dev.zaim.net/home/api/authorize)
|
|
342
|
+
|
|
343
|
+
<?php
|
|
344
|
+
|
|
345
|
+
require_once('HTTP/OAuth/Consumer.php');
|
|
346
|
+
|
|
347
|
+
session_start();
|
|
348
|
+
|
|
349
|
+
|
|
350
|
+
|
|
351
|
+
// Provider info
|
|
352
|
+
|
|
353
|
+
$provider_base = 'https://api.zaim.net/v2/auth/';
|
|
354
|
+
|
|
355
|
+
$request_url = $provider_base.'request';
|
|
356
|
+
|
|
357
|
+
$authorize_url = 'https://auth.zaim.net/users/auth';
|
|
358
|
+
|
|
359
|
+
$access_url = $provider_base.'access';
|
|
360
|
+
|
|
361
|
+
$resource_url = 'https://api.zaim.net/v2/home/user/verify';
|
|
362
|
+
|
|
363
|
+
|
|
364
|
+
|
|
365
|
+
// Consumer info
|
|
366
|
+
|
|
367
|
+
$consumer_key = YOUR_CONSUMER_KEY;
|
|
368
|
+
|
|
369
|
+
$consumer_secret = YOUR_CONSUMER_SECRET;
|
|
370
|
+
|
|
371
|
+
$callback_url = sprintf('http://%s%s', $_SERVER['HTTP_HOST'], $_SERVER['SCRIPT_NAME']);
|
|
372
|
+
|
|
373
|
+
|
|
374
|
+
|
|
375
|
+
// Session clear
|
|
376
|
+
|
|
377
|
+
if (isset($_REQUEST['action']) &&
|
|
378
|
+
|
|
379
|
+
$_REQUEST['action'] === 'clear') {
|
|
380
|
+
|
|
381
|
+
session_destroy();
|
|
382
|
+
|
|
383
|
+
$_SESSION = array();
|
|
384
|
+
|
|
385
|
+
session_start();
|
|
386
|
+
|
|
387
|
+
}
|
|
388
|
+
|
|
389
|
+
|
|
390
|
+
|
|
391
|
+
$content = '';
|
|
392
|
+
|
|
393
|
+
try {
|
|
394
|
+
|
|
395
|
+
// Initialize HTTP_OAuth_Consumer
|
|
396
|
+
|
|
397
|
+
$oauth = new HTTP_OAuth_Consumer($consumer_key, $consumer_secret);
|
|
398
|
+
|
|
399
|
+
|
|
400
|
+
|
|
401
|
+
// Enable SSL
|
|
402
|
+
|
|
403
|
+
$http_request = new HTTP_Request2();
|
|
404
|
+
|
|
405
|
+
$http_request->setConfig('ssl_verify_peer', false);
|
|
406
|
+
|
|
407
|
+
$consumer_request = new HTTP_OAuth_Consumer_Request;
|
|
408
|
+
|
|
409
|
+
$consumer_request->accept($http_request);
|
|
410
|
+
|
|
411
|
+
$oauth->accept($consumer_request);
|
|
412
|
+
|
|
413
|
+
|
|
414
|
+
|
|
415
|
+
if (!isset($_SESSION['type'])) $_SESSION['type'] = null;
|
|
416
|
+
|
|
417
|
+
|
|
418
|
+
|
|
419
|
+
// 2 Authorize
|
|
420
|
+
|
|
421
|
+
if ($_SESSION['type']=='authorize' &&
|
|
422
|
+
|
|
423
|
+
isset($_GET['oauth_token'], $_GET['oauth_verifier'])) {
|
|
424
|
+
|
|
425
|
+
// Exchange the Request Token for an Access Token
|
|
426
|
+
|
|
427
|
+
$oauth->setToken($_SESSION['oauth_token']);
|
|
428
|
+
|
|
429
|
+
$oauth->setTokenSecret($_SESSION['oauth_token_secret']);
|
|
430
|
+
|
|
431
|
+
$oauth->getAccessToken($access_url, $_GET['oauth_verifier']);
|
|
432
|
+
|
|
433
|
+
|
|
434
|
+
|
|
435
|
+
// Save an Access Token
|
|
436
|
+
|
|
437
|
+
$_SESSION['type'] = 'access';
|
|
438
|
+
|
|
439
|
+
$_SESSION['oauth_token'] = $oauth->getToken();
|
|
440
|
+
|
|
441
|
+
$_SESSION['oauth_token_secret'] = $oauth->getTokenSecret();
|
|
442
|
+
|
|
443
|
+
}
|
|
444
|
+
|
|
445
|
+
|
|
446
|
+
|
|
447
|
+
// 3 Access
|
|
448
|
+
|
|
449
|
+
if ($_SESSION['type']=='access') {
|
|
450
|
+
|
|
451
|
+
// Accessing Protected Resources
|
|
452
|
+
|
|
453
|
+
$oauth->setToken($_SESSION['oauth_token']);
|
|
454
|
+
|
|
455
|
+
$oauth->setTokenSecret($_SESSION['oauth_token_secret']);
|
|
456
|
+
|
|
457
|
+
$result = $oauth->sendRequest($resource_url, array(), 'GET');
|
|
458
|
+
|
|
459
|
+
|
|
460
|
+
|
|
461
|
+
$content = $result->getBody();
|
|
462
|
+
|
|
463
|
+
|
|
464
|
+
|
|
465
|
+
// 1 Request
|
|
466
|
+
|
|
467
|
+
} else {
|
|
468
|
+
|
|
469
|
+
// Get a Request Token
|
|
470
|
+
|
|
471
|
+
$oauth->getRequestToken($request_url, $callback_url);
|
|
472
|
+
|
|
473
|
+
|
|
474
|
+
|
|
475
|
+
// Save a Request Token
|
|
476
|
+
|
|
477
|
+
$_SESSION['type'] = 'authorize';
|
|
478
|
+
|
|
479
|
+
$_SESSION['oauth_token'] = $oauth->getToken();
|
|
480
|
+
|
|
481
|
+
$_SESSION['oauth_token_secret'] = $oauth->getTokenSecret();
|
|
482
|
+
|
|
483
|
+
|
|
484
|
+
|
|
485
|
+
// Get an Authorize URL
|
|
486
|
+
|
|
487
|
+
$authorize_url = $oauth->getAuthorizeURL($authorize_url);
|
|
488
|
+
|
|
489
|
+
|
|
490
|
+
|
|
491
|
+
$content = "Click the link.<br />\n";
|
|
492
|
+
|
|
493
|
+
$content .= sprintf('<a href="%s">%s</a>', $authorize_url, $authorize_url);
|
|
494
|
+
|
|
495
|
+
}
|
|
496
|
+
|
|
497
|
+
|
|
498
|
+
|
|
499
|
+
} catch (Exception $e) {
|
|
500
|
+
|
|
501
|
+
$content .= $e->getMessage();
|
|
502
|
+
|
|
503
|
+
}
|
|
504
|
+
|
|
505
|
+
?>
|
|
506
|
+
|
|
507
|
+
<html>
|
|
508
|
+
|
|
509
|
+
<head>
|
|
510
|
+
|
|
511
|
+
<title>OAuth in PHP</title>
|
|
512
|
+
|
|
513
|
+
</head>
|
|
514
|
+
|
|
515
|
+
<body>
|
|
516
|
+
|
|
517
|
+
<h2>Welcome to a Zaim OAuth PHP example.</h2>
|
|
518
|
+
|
|
519
|
+
<p><a href='?action=clear'>Clear sessions</a></p>
|
|
520
|
+
|
|
521
|
+
<p><pre><?php print_r($content); ?><pre></p>
|
|
522
|
+
|
|
523
|
+
</body>
|
|
524
|
+
|
|
525
|
+
</html>
|
1
Hurl.itでの実行結果ならびに87行目の示しました。
test
CHANGED
|
File without changes
|
test
CHANGED
|
@@ -263,3 +263,49 @@
|
|
|
263
263
|
Java1.6 + Junit
|
|
264
264
|
|
|
265
265
|
eclipse4.4
|
|
266
|
+
|
|
267
|
+
|
|
268
|
+
|
|
269
|
+
★20180311追記
|
|
270
|
+
|
|
271
|
+
ありがとうございます。Hurl.itにてPOST/oauth1.0aで試行してみましたので、その結果を記述します。
|
|
272
|
+
|
|
273
|
+
|
|
274
|
+
|
|
275
|
+
POST https://api.zaim.net/v2/auth/request?oauth_consumer_key=略&oauth_signature=EWWa2vRVJPnAKqXpbS5ZG7l5a0Y=&oauth_timestamp=1520742972&oauth_nonce=14367107062858923431520742972&oauth_version=1.0&oauth_signature_method=HMAC-SHA1
|
|
276
|
+
|
|
277
|
+
|
|
278
|
+
|
|
279
|
+
HEADERS
|
|
280
|
+
|
|
281
|
+
Connection: keep-alive
|
|
282
|
+
|
|
283
|
+
Content-Type: application/json; charset=utf-8
|
|
284
|
+
|
|
285
|
+
Date: Sun, 11 Mar 2018 04:36:13 GMT
|
|
286
|
+
|
|
287
|
+
Server: nginx
|
|
288
|
+
|
|
289
|
+
Transfer-Encoding: chunked
|
|
290
|
+
|
|
291
|
+
X-Powered-By: PHP/7.1.13-1+ubuntu16.04.1+deb.sury.org+1
|
|
292
|
+
|
|
293
|
+
|
|
294
|
+
|
|
295
|
+
BODY view raw
|
|
296
|
+
|
|
297
|
+
{
|
|
298
|
+
|
|
299
|
+
"error": true,
|
|
300
|
+
|
|
301
|
+
"message": "400 OAuth parameter(s) does not exist: oauth_callback"
|
|
302
|
+
|
|
303
|
+
}
|
|
304
|
+
|
|
305
|
+
|
|
306
|
+
|
|
307
|
+
TestZaim.java 87行目 connectionを実行する箇所です。
|
|
308
|
+
|
|
309
|
+
BufferedReader reader = new BufferedReader(new InputStreamReader(
|
|
310
|
+
|
|
311
|
+
connection.getInputStream()));
|