OAuth的回调程序的移动设备 [英] OAuth Callback procedure for mobile devices
问题描述
我设计黑莓移动设备Netflix的应用。我目前工作的OAuth的。我在那里我可以在我的应用程序生成的嵌入式浏览器领域的Netflix的登录页面的地步。
I am designing a Netflix Application for BlackBerry mobile devices. I am currently working on the OAuth. I am at the point where I can generate a Netflix login page in an embedded browser field in my application.
在用户登录后,Netflix公司将从登录页面用户发送到指定回调URL。回调URL也将包含一个授权令牌,然后将需要发送回Netflix的。
After the user signs in, Netflix will send the user from the login page to a specified callback url. The callback url will also contain an authorized token, which is then needed to send back to Netflix.
我的问题是:我怎么做到这一点在移动设备上?是否有适当设定的顺序?我不确定我怎么能提取回调URL授权令牌,并将其发送回我的应用程序。从我的研究,它不会出现Netflix的将提供一个PIN /校验为用户然后输入到应用程序...
My question is: How am I supposed to do this on a mobile device? Is there a procedure set in place? I am unsure how I can extract the authorized token from the callback URL and send it back to my application. From my research, it does not appear that Netflix will provide a PIN/verifier for the user to then type into the application...
有没有人有什么想法?
谢谢...
推荐答案
而不是嵌入browserfield,你可能会更好创造简单地让移动应用做所有必要的握手与Netflix的无缝(即无浏览器)的用户体验。你需要建立一个公共领域的服务器作为回调主机的OAuth和有商议新的会话密钥/秘密密钥,并将其传递回设备。
在这期间,该装置将需要保持以最终收到的凭证开放的HTTP连接到您的公共服务器,然后继续直接从Netflix的请求用户数据。
整个往返不应大于约15秒钟,以便HTTP超时不应该是一个问题。
你需要先研究(即屏幕刮),Netflix的登录html页面中提取必要的/相关的HTML表单参数名称等。
祝你好运。
Instead of embedding browserfield, you may be better off creating a seamless (i.e. browserless) user experience by simply letting the mobile app do all the necessary handshaking with netflix. You'll need to set up a public domain server as your callback host for OAuth and have that negotiate your new session key/secret key and pass it back to your device. All the while, the device will need to maintain an open http connection to your public server in order to finally receive the credentials and proceed to request the user data directly from netflix. The whole round trip should not take more than roughly 15 seconds so HTTP timeouts should not be an issue. You'll need to first study(i.e. "screen scrape") the netflix login html page to extract the necessary/relevant html form param names etc. Good luck.
这篇关于OAuth的回调程序的移动设备的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
