如何使用omniauth对服务进行经过身份验证的调用? [英] How to use omniauth to make authenticated calls to services?

问题描述

我已经使用OmniAuth从服务接收到令牌/机密，并且可以为用户存储令牌/机密，但是我对如何实际使用令牌/机密来调用服务感到困惑.

I've received a token / secret from a service using OmniAuth and can store it for users, but I'm stuck as to how to actually use these to call a service.

我在这个问题上看到的最接近的东西是此处，但是他解决那里感觉不对的方式.如果您知道自己在做什么，我觉得OmniAuth可能会为您完成所有这一切.

The closest thing I've seen to this question is here but the way he's solved that there doesn't feel right. I feel like OmniAuth likely does this all for you if you know what you're doing.

Netflix有一个相当复杂的身份验证过程，所以我希望能够避开一切通过使用OmniAuth从所有这些中抽象出我.

Netflix has a pretty involved auth process, so I was hoping to skirt all of this by using OmniAuth to abstract me from all of this.

鉴于我为用户拥有令牌和秘密，如何在调用Netflix之类的服务时使用这些令牌和秘密?

Given that I have a token and secret for a user, how to use these in calling a service like Netflix?

非常感谢:)

推荐答案

嘿，我是OmniAuth gem的作者. OmniAuth用于身份验证过程.对于像Netflix这样的OAuth提供者，这意味着将请求令牌交换为访问令牌，然后将其用于从API中提取用户信息.这些一次性调用是为每个提供程序专门设计的，不是意味着要成为给定提供程序的通用API客户端.

Hey, I'm the author of the OmniAuth gem. OmniAuth is meant to be used for the authentication process. In the case of OAuth providers like Netflix, this means exchanging a request token for an access token which is then used to pull user information from the API. These one-off calls are specifically designed for each provider and are not meant to be a generic API client for the given provider.

您可以使用OmniAuth来获取凭据，然后针对网站本身使用另一个特定的库(例如ruby-netflix或其他任何内容，我不确定最好的库是什么)是)拨打电话.您可以通过访问env['omniauth.auth']['credentials']来检索在身份验证舞蹈中获得的访问令牌和密码，然后使用它们来初始化API客户端.

What you can do it use OmniAuth to obtain the credentials and then use another specific library for the site itself (such as ruby-netflix or anything else, I'm not sure what the best one is) to make calls. You can retrieve the access token and secret that is obtained in the authentication dance by accessing env['omniauth.auth']['credentials'], then use those to initialize the API client.

您还可以直接使用OAuth库进行这些调用，但是我强烈建议您仅使用现有的库，这样会更快，更轻松.所有这些都有意义吗?

You can also use the OAuth library directly to make these calls, but I would strongly recommend just using an existing library, it will be much faster and easier. Does all of that make sense?

这篇关于如何使用omniauth对服务进行经过身份验证的调用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！