-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi: yupoo auth could be simplified to the following: * 1.retrieve frob through yupoo.auth.getFrob; * 2. construct the link "http://www.yupoo.com/services/auth/?api_key=[api_key]&frob=[frob]&perms=[perms]&api_sig=[api_sig]"; and then launch onto the webview; * 3. access the token through yupoo.auth.getToken; * api_sig is a signature used across all apis on yupoo(including getToken). It is caculated by md5 using previous parameters plus method name. Thanks Alberto, I think it's a little bit complex and I'll check the flickr. On 2015年05月21日 16:13, Alberto Mardegan wrote: > Hi! The signon-plugin-oauth only handles OAuth 1.0 and 2.0. Since > yupoo uses its own non-standard authentication, you cannot use the > signon- plugin-oauth with it. > > You need to write a signon plugin specialized for yupoo. > Unfortunately this is not well documented, but at least there are a > few examples of signon plugins around. The more complex is > certainly signon-plugin-oauth, but here's a few simpler ones: > > https://gitlab.com/accounts-sso/signon-plugin-digest > https://gitlab.com/accounts-sso/signon-plugin-sasl (click on the > "Files" tab on the left to see the project files) > > I had a look at the yupoo documentation at > http://dev.yupoo.com/apidoc2/www/ but since it's in Chinese, I > didn't understand much about it. It appears that it all starts with > this call (please correct me if I'm wrong): > > http://www.yupoo.com/services/auth/?api_key=[api_key]&perms=[perms]&api_sig=[api_sig] > > The above link should be opened in a web view, where the user will > be asked to authenticate and authorize the app, and then it will be > redirected to the callback url, which will have the "frob"H > appended in a query item. Is my understanding correct? And, what do > you need in order to generate the "api_sig"? > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJVXaq6AAoJECfSBuGWom3jDxQIANfIHTInlAla+Z8DPAdu3ssi Ilevm/qRLvbKhFPjEOKDXzAevepmqkXxwK2ReSRx1mUfUZ23MLdEhJcRGtLN2Gyi xNJKr8xysMGYNRbepgb7sEn6+OGQpMcFGsYrrvw1cZH2jA8ksTaBav/jEY4GfwUI mqMu7YZGtrYKBVBHgOOdiR1iIsOIy/gbRHGekWP5fZjNWXYScuh2O42Tht5AE7uq 2AKxjZmjUG+4/4Q0/+tu+BLE96FSbxzd63xJWg1Kxy1+0mKFgdOwh+9D8yFEIO13 qwr/fawsjSaloARt5pbEk7nXOtuyATdrYUUKN3Ho0ri+zGWA2v/C/DzmVnNdWDc= =APEQ -----END PGP SIGNATURE----- -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to signon-plugin-oauth2 in Ubuntu. https://bugs.launchpad.net/bugs/1457298 Title: invalid auth for online-account Status in signon-plugin-oauth2 package in Ubuntu: New Bug description: In order to launch authentication like most other accounts, yupoo need to register a new .provider file to Online accounts. But this XML-format file requires an standard-parameter request for authenticating and accessing token, including client_id, token_path and others, which doesn't match with the request format of yupoo. Yupoo need to launch an auth with a link like http://www.yupoo.com/services/auth/?api_key=[api_key]&frob=[frob]&perms=[perms]&api_sig=[api_sig]. It is an non standard-format request and need additional parameter requests before accessing token. So we can hardly integrating the entire auth of yupoo into Online-accounts. Shall we provide an more agile policy for configure when creating the .provide file? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/signon-plugin-oauth2/+bug/1457298/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
