English 中文(简体)
OAuth Callback procedure for mobile devices
原标题:

I am designing a Netflix Application for BlackBerry mobile devices. I am currently working on the OAuth. I am at the point where I can generate a Netflix login page in an embedded browser field in my application.

After the user signs in, Netflix will send the user from the login page to a specified callback url. The callback url will also contain an authorized token, which is then needed to send back to Netflix.

My question is: How am I supposed to do this on a mobile device? Is there a procedure set in place? I am unsure how I can extract the authorized token from the callback URL and send it back to my application. From my research, it does not appear that Netflix will provide a PIN/verifier for the user to then type into the application...

Does anyone have any ideas?

Thanks...

最佳回答

Instead of embedding browserfield, you may be better off creating a seamless (i.e. browserless) user experience by simply letting the mobile app do all the necessary handshaking with netflix. You ll need to set up a public domain server as your callback host for OAuth and have that negotiate your new session key/secret key and pass it back to your device. All the while, the device will need to maintain an open http connection to your public server in order to finally receive the credentials and proceed to request the user data directly from netflix. The whole round trip should not take more than roughly 15 seconds so HTTP timeouts should not be an issue. You ll need to first study(i.e. "screen scrape") the netflix login html page to extract the necessary/relevant html form param names etc. Good luck.

时间:2010-06-05 04:13:47
问题回答

There are two ways to deal with callbacks on mobile devices. The first is to set the value of oauth_callback to oob . This is done if your device is unable to receive callbacks. See the OAuth spec, section 2.1:

Temporary Credentials

Using oob should cause the server (Netflix) to display a verification code that the user then types into your application to authorize the request token.

The second way, if your device supports it, is to use a custom URI scheme. I know that on iPhones, you can register a callback with a custom scheme that is assigned to your application. Is there a way to do this on a BlackBerry? If so, I d use this approach as it s a much better user experience.

时间:2010-01-23 03:33:35

I found these two pages helpful:

时间:2010-05-13 15:08:29


上一篇:
下一篇:


相关问题
Using PHP to find part of a URL

Take this domain: http://www.?.co.uk/elderly-care-advocacy/mental-capacity-act-advance-medical-directive.html How could i use PHP to find the everything between the first and second slash regardless ...

时间:2009-11-16 13:20:36 回答:8 展示:1
Domains & Foreward Slash

This is rather difficult to explain so please bear with me. We will be hosting 4 websites on our server and the plan is to have each site sit under its own domain: site-a.com site-b.com sub1.site-b....

时间:2009-11-10 11:34:14 回答:2 展示:1
Encoding of window.location.hash

Does window.location.hash contain the encoded or decoded representation of the url part? When I open the same url (http://localhost/something/#%C3%BC where %C3%BCtranslates to ü) in Firefox 3.5 and ...

时间:2009-11-09 20:27:15 回答:4 展示:1
Auth-code with A-Za-z0-9 to use in an URL parameter

As part of a web application I need an auth-code to pass as a URL parameter. I am currently using (in Rails) : Digest::SHA1.hexdigest((object_id + rand(255)).to_s) Which provides long strings like : ...

时间:2009-11-09 19:05:27 回答:4 展示:1
RubyCAS-Client question: Rails

I ve installed RubyCAS-Client version 2.1.0 as a plugin within a rails app. It s working, but I d like to remove the ?ticket= in the url. Is this possible?

时间:2009-11-09 18:52:58 回答:1 展示:1
采用网路服务方法

我撰写了一个网络服务,期望一个参数(所谓的“hlink”)成为一种ur。 在使用网络服务之前,URLEncode 所涉参数(“hlink”)。 然后我打电话......。

时间:2009-11-06 17:13:49 回答:1 展示:1
热门标签

友情链接

Allggapp Alljchome-教程家园 mvfinale.com-影视剧情大结局大全