本文介绍了问题访问谷歌任务，客户端登录的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 我试着编写应用为Android访问谷歌的任务。我决定使用ClientLogin授权方法。我是从第一个POST请求得到的ClientLogin验证标志。然后我尝试使用GET请求检索用户的任务列表。我写了下面code此： 字符串requestString =htt​​ps://www.googleapis.com/tasks/v1/users/@me/lists;串resultString =;     尝试{       URLConnection的连接1 = NULL;       网址URL =新的URL（requestString）;       连接1 = url.openConnection（）;       HttpURLConnection的httpsConnection1 =（HttpURLConnection类）连接1;       httpsConnection1.setRequestMethod（GET）;       httpsConnection1.setRequestProperty（授权，权威性的GoogleLogin =+ authkeyString）;       httpsConnection1.setDoInput（真）;       httpsConnection1.connect（）;       INT响应code = httpsConnection1.getResponse code（）;       的System.out.println（响应code）;       如果（响应code == HttpsURLConnection.HTTP_OK）{         InputStream的时间= httpsConnection1.getInputStream（）;         InputStreamReader的ISR =新InputStreamReader的（在UTF-8）;         StringBuffer的数据=新的StringBuffer（）;         INT℃;         而（（C = isr.read（））！= - 1）{           data.append（（char）的C）;         }         resultString =新的String（da​​ta.toString（））;       }       其他{            resultString =Errror - 连接问题;           }       }       httpsConnection1.disconnect（）;      }      赶上（MalformedURLException的E）{                 resultString =MalformedURLException1：+ e.getMessage（）;        }      赶上（IOException异常五）{                resultString =IOException1：+ e.getMessage（）;       } 下面是authkeyString - 字符串变量与授权标记当我运行在真正的Andr​​oid设备的应用我收到：IOException异常：SSL握手失败：失败是SSL库，通常是协议错误......此外，我试图运行简单的Java应用程序这个code从桌面： 异常螺纹主java.lang.IllegalArgumentException：如果邮件标头值非法字符（S）：AUTH的GoogleLogin DQ = UT .....在sun.net.www.protocol.http.HttpURLConnection.checkMessageHeader（HttpURLConnection.java:428）在sun.net.www.protocol.http.HttpURLConnection.isExternalMessageHeaderAllowed(HttpURLConnection.java:394)在sun.net.www.protocol.http.HttpURLConnection.setRequestProperty（HttpURLConnection.java:2378）在sun.net.www.protocol.https.HttpsURLConnectionImpl.setRequestProperty(HttpsURLConnectionImpl.java:296)在Tasks.main（Tasks.java:81） 解决方案 的ClientLogin使用用户名/密码 如果你想使用ClientLogin与谷歌API客户端库对Java ，你需要安装一个Htt的prequestFactory支持验证。 私有静态HttpTransport运输=新ApacheHttpTransport（）; 公共静态的Htt prequestFactory createRequestFactory（   最终HttpTransport运输）{  返回transport.createRequestFactory（新的Htt prequestInitializer（）{   公共无效初始化（HTT prequest要求）{    GoogleHeaders标题=新GoogleHeaders（）;    headers.setApplicationName（MyApp的/ 1.0）;    request.headers =头;    尝试{     authorizeTransport（请求）;    }赶上（例外五）{     e.printStackTrace（）;    }   }}）; 注意authorizeTransport方法，将基本授权请求。该authorizeTransport看起来是这样的： 私人无效authorizeTransport（HTT prequest要求）抛出的Htt presponseException，IOException异常{    //使用ClientLogin验证    的ClientLogin认证=新的ClientLogin（）;    authenticator.authTokenType = Constants.AUTH_TOKEN_TYPE;    authenticator.username = Constants.USERNAME;    authenticator.password = Constants.PASSWORD;    authenticator.transport =运输;    尝试{     响应响应= authenticator.authenticate（）;     request.headers.authorization = response.getAuthorizationHeaderValue（）;    }赶上（HTT presponseException E）{     e.printStackTrace（）;    }赶上（IOException异常五）{     e.printStackTrace（）;    }   } 您基本的设置提供了一个用户名/密码时应ClientLogin身份验证方法。该身份验证方法就可以验证的基础上提供的值，并返回可被添加到HTTP头，可以提供ClientLogin验证响应对象。 的Andr​​oid的AccountManager 为了与Android整合的AccountManager（避免Android用户在输入自己的用户名/密码），你可以在这里找到一些样本code的 HTTP：//$c$c.google.com/p/google-api-java-client/wiki/AndroidAccountManager ，用户不需要在他的用户名/密码键事实增加了用户的舒适度，但是该解决方案仍相对不安全的。我强烈建议执行以下操作： 使用客户端库 我会建议迁移到谷歌API客户端库的Java 对于这种类型的相互作用。它是各种谷歌的API兼容Android的Java客户端库。您不想与实施低水平HTTP，安全和JSON管道被人打扰。借助谷歌任务API开发人员指南还提到了相同的库。图书馆会照顾认证的为您服务。如果你想使用ClientLogin，所有你需要做的就是指定一个用户名/密码，或者与Android整合的AccountManager 避免使用的ClientLogin 的ClientLogin被认为是不安全的，并已发现有关该认证机制的一些安全漏洞。谷歌还不建议这样做。但是，如果你决定继续使用的ClientLogin的谷歌API客户端库的Java不支持它。I'm trying to write application for Android to access Google Tasks. I decided to use ClientLogin authorization method.I'm getting ClientLogin "Auth" marker from first POST request. Then i try to retrieve a user's task lists with GET request. I wrote the following code for this:String requestString = "https://www.googleapis.com/tasks/v1/users/@me/lists";String resultString = ""; try { URLConnection connection1 = null; URL url = new URL(requestString); connection1 = url.openConnection( ); HttpURLConnection httpsConnection1 = (HttpURLConnection)connection1; httpsConnection1.setRequestMethod("GET"); httpsConnection1.setRequestProperty("Authorization", "GoogleLogin auth="+authkeyString); httpsConnection1.setDoInput(true); httpsConnection1.connect(); int responseCode = httpsConnection1.getResponseCode(); System.out.println(responseCode); if (responseCode == HttpsURLConnection.HTTP_OK) { InputStream in = httpsConnection1.getInputStream(); InputStreamReader isr = new InputStreamReader(in, "UTF-8"); StringBuffer data = new StringBuffer(); int c; while ((c = isr.read()) != -1){ data.append((char) c); } resultString = new String (data.toString()); } else{ resultString = "Errror - connection problem"; } } httpsConnection1.disconnect(); } catch (MalformedURLException e) { resultString = "MalformedURLException1:" + e.getMessage(); } catch (IOException e) { resultString = "IOException1:" + e.getMessage(); }Here is "authkeyString" - string variable with authorization marker.When i run application under real Android device i receive: "IOException:SSL handshake failure: Failure is ssl library, usually a protocol error ..... "Also i tried to run this code from simple java application from desktop:Exception in thread "main" java.lang.IllegalArgumentException: Illegal character(s) in message header value: GoogleLogin auth=DQ ..... UTat sun.net.www.protocol.http.HttpURLConnection.checkMessageHeader(HttpURLConnection.java:428)at sun.net.www.protocol.http.HttpURLConnection.isExternalMessageHeaderAllowed(HttpURLConnection.java:394)at sun.net.www.protocol.http.HttpURLConnection.setRequestProperty(HttpURLConnection.java:2378)at sun.net.www.protocol.https.HttpsURLConnectionImpl.setRequestProperty(HttpsURLConnectionImpl.java:296)at Tasks.main(Tasks.java:81) 解决方案 ClientLogin with username / passwordIf you want to use ClientLogin with the Google APIs Client Library for Java , you'll need to setup a HttpRequestFactory that supports authentication. private static HttpTransport transport = new ApacheHttpTransport(); public static HttpRequestFactory createRequestFactory( final HttpTransport transport) { return transport.createRequestFactory(new HttpRequestInitializer() { public void initialize(HttpRequest request) { GoogleHeaders headers = new GoogleHeaders(); headers.setApplicationName("MyApp/1.0"); request.headers=headers; try { authorizeTransport(request); } catch (Exception e) { e.printStackTrace(); } }});Notice the authorizeTransport method, that will basically authorize the request. The authorizeTransport looks like this:private void authorizeTransport(HttpRequest request) throws HttpResponseException, IOException { // authenticate with ClientLogin ClientLogin authenticator = new ClientLogin(); authenticator.authTokenType = Constants.AUTH_TOKEN_TYPE; authenticator.username = Constants.USERNAME; authenticator.password = Constants.PASSWORD; authenticator.transport = transport; try { Response response = authenticator.authenticate(); request.headers.authorization=response.getAuthorizationHeaderValue(); } catch (HttpResponseException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } }You basically setup a ClientLogin authentication method by providing a username/passsword. The authenticate method will authenticate based on the provided values and returns a response object that can be added to the HTTP header to provide ClientLogin authentication.Android AccountManagerIn order to integrate with the Android AccountManager (avoiding the android user to type in his username / password) , you can find some sample code here http://code.google.com/p/google-api-java-client/wiki/AndroidAccountManager The fact that the user doesn't need to key in his username/passwords adds to the users comfort level, but the solution remains relatively insecure.I would strongly suggest doing the following :Use a client libraryI would suggest moving to Google APIs Client Library for Java for this type of interaction. It's Android compatible java client library for all kinds of Google APIs.You don't want to be bothered with implementing low level HTTP, security and JSON plumbing.The Google Task API Developers guide also mentions the same library. The library will take care of the authentication for you. If you want to use ClientLogin, all you'll have to do is specify a username/password, or integrate with the Android AccountManager.Avoid using ClientLoginClientLogin is considered insecure, and a number of security holes have been found regarding this authentication mechanism. Google also doesn't recommend it. However, should you decide to continue using ClientLogin, the Google APIs Client Library for Java does support it. 这篇关于问题访问谷歌任务，客户端登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！