* api_sig is a signature used across all apis on yupoo(including
getToken). It is caculated by md5 using previous parameters plus
method name.
Thanks Alberto, I think it's a little bit complex and I'll check the
flickr.
On 2015年05月21日 16:13, Alberto Mardegan wrote:
> Hi! The signon-plugin-oauth only handles OAuth 1.0 and 2.0. Since
> yupoo uses its own non-standard authentication, you cannot use the
> signon- plugin-oauth with it.
>
> You need to write a signon plugin specialized for yupoo.
> Unfortunately this is not well documented, but at least there are a
> few examples of signon plugins around. The more complex is
> certainly signon-plugin-oauth, but here's a few simpler ones:
>
> https://gitlab.com/accounts-sso/signon-plugin-digest
> https://gitlab.com/accounts-sso/signon-plugin-sasl (click on the
> "Files" tab on the left to see the project files)
>
> I had a look at the yupoo documentation at
> http://dev.yupoo.com/apidoc2/www/ but since it's in Chinese, I
> didn't understand much about it. It appears that it all starts with
> this call (please correct me if I'm wrong):
>
> http://www.yupoo.com/services/auth/?api_key=[api_key]&perms=[perms]&api_sig=[api_sig]
>
> The above link should be opened in a web view, where the user will
> be asked to authenticate and authorize the app, and then it will be
> redirected to the callback url, which will have the "frob"H
> appended in a query item. Is my understanding correct? And, what do
> you need in order to generate the "api_sig"?
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi: www.yupoo. com/services/ auth/?api_ key=[api_ key]&frob= [frob]& perms=[ perms]& api_sig= [api_sig]" getToken;
yupoo auth could be simplified to the following:
* 1.retrieve frob through yupoo.auth.getFrob;
* 2. construct the link
"http://
and then launch onto the webview;
* 3. access the token through yupoo.auth.
* api_sig is a signature used across all apis on yupoo(including plugin- oauth, but here's a few simpler ones: /gitlab. com/accounts- sso/signon- plugin- digest /gitlab. com/accounts- sso/signon- plugin- sasl (click on the dev.yupoo. com/apidoc2/ www/ but since it's in Chinese, I www.yupoo. com/services/ auth/?api_ key=[api_ key]&perms= [perms] &api_sig= [api_sig]
getToken). It is caculated by md5 using previous parameters plus
method name.
Thanks Alberto, I think it's a little bit complex and I'll check the
flickr.
On 2015年05月21日 16:13, Alberto Mardegan wrote:
> Hi! The signon-plugin-oauth only handles OAuth 1.0 and 2.0. Since
> yupoo uses its own non-standard authentication, you cannot use the
> signon- plugin-oauth with it.
>
> You need to write a signon plugin specialized for yupoo.
> Unfortunately this is not well documented, but at least there are a
> few examples of signon plugins around. The more complex is
> certainly signon-
>
> https:/
> https:/
> "Files" tab on the left to see the project files)
>
> I had a look at the yupoo documentation at
> http://
> didn't understand much about it. It appears that it all starts with
> this call (please correct me if I'm wrong):
>
> http://
>
> The above link should be opened in a web view, where the user will
> be asked to authenticate and authorize the app, and then it will be
> redirected to the callback url, which will have the "frob"H
> appended in a query item. Is my understanding correct? And, what do
> you need in order to generate the "api_sig"?
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJ VXaq6AAoJECfSBu GWom3jDxQIANfIH TInlAla+ Z8DPAdu3ssi jEOKDXzAevepmqk XxwK2ReSRx1mUfU Z23MLdEhJcRGtLN 2Gyi epgb7sEn6+ OGQpMcFGsYrrvw1 cZH2jA8ksTaBav/ jEY4GfwUI HgOOdiR1iIsOIy/ gbRHGekWP5fZjNW XYScuh2O42Tht5A E7uq 4/4Q0/+ tu+BLE96FSbxzd6 3xJWg1Kxy1+ 0mKFgdOwh+ 9D8yFEIO13 t5pbEk7nXOtuyAT drYUUKN3Ho0ri+ zGWA2v/ C/DzmVnNdWDc=
Ilevm/qRLvbKhFP
xNJKr8xysMGYNRb
mqMu7YZGtrYKBVB
2AKxjZmjUG+
qwr/fawsjSaloAR
=APEQ
-----END PGP SIGNATURE-----