带有 Ruby on Rails 和 OAUTH2 的 Yahoo API [英] Yahoo API with Ruby on Rails and OAUTH2

问题描述

我有一个从证券交易所获取数据的 RoR 站点，我通过 Yahoo API 使用 Yahoo 的财务表.我需要授权才能完全访问 YQL，这要求我使用 Oauth2.我需要帮助获取对 Yahoo 的 OAuth 访问权限.

I have an RoR site that gets data from stock exchanges and I am using Yahoo's finance table via the Yahoo API. I need authorization to gain full access to YQL, which requires that I use Oauth2. I need help getting OAuth access to Yahoo.

这是我尝试过的:

client = OAuth2::Client.new(oauth_consumer_key,oauth_consumer_secret, {
        access_token_path:   '/oauth/v2/get_token',
        authorize_path:      '/oauth/v2/request_auth',
        authorize_url:       'https://api.login.yahoo.com/oauth/v2/request_auth',
        request_token_path:  '/oauth/v2/get_request_token',
        site:                'https://api.login.yahoo.com'
    })
puts client.auth_code.authorize_url( redirect_uri: "http://localhost:3000")
code = gets.chomp
token = client.auth_code.get_token(code, redirect_uri: "http://localhost:3000")

我不知道我必须使用哪个代码".Authorize_url返回我这个网址，但目前还不清楚代码"是什么.这个问题启发了我.

I don't know which "code" I must use. Authorize_url returns me this URL, but it is unclear what the "code". I was inspired by this Question.

推荐答案

别问我为什么，雅虎很难找到他们的 OAuth 2.0 文档.不过我找到了！

Don't ask me why but Yahoo has made it very hard to find their OAuth 2.0 documention. I found it, though!

此外，非常棒"，您可以获得 refresh_token 而无需明确询问用户离线"权限.在我看来，这是雅虎的安全问题.Google 和 Microsoft 都需要明确的离线"访问权限.

Also, pretty "awesome" that you get a refresh_token without needing to explicitly ask the user for "offline" permissions. In my opinion, this is a security concern for Yahoo. Both Google and Microsoft require explicit "offline" access.

require 'oauth2'

OAuth2::Client.new(Rails.application.secrets.yahoo_consumer_id, Rails.application.secrets.yahoo_consumer_secret, site: 'https://api.login.yahoo.com', authorize_url: '/oauth2/request_auth', token_url: '/oauth2/get_token')
client.auth_code.authorize_url(redirect_uri: redirect_uri, headers: { "Authorization" => basic_authorization })
token = client.auth_code.get_token(code, redirect_uri: redirect_uri)

# Later
token.refresh!

这篇关于带有 Ruby on Rails 和 OAUTH2 的 Yahoo API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！