关于oauth得详解在这里就不多说了.关于ios开发中得oauth认证过程为了方便用户使用一半会考虑用uiwebview来实现这个授权过程.然而在这个过程中..可以通过webview得委托方法抓到用户得帐号密码.简单分析以下post信息也包含在httpbody里,通过相应的委托方法 可以获得到当前页面的httpbody然后分析出post信息.
- (BOOL) webView: (UIWebView *) webView shouldStartLoadWithRequest: (NSURLRequest *) request navigationType: (UIWebViewNavigationType) navigationType {
NSData *data = [request HTTPBody];
NSLog(@”===%@”,[[[NSString alloc] initWithData:data encoding: NSUTF8StringEncoding] autorelease]);
return YES;
}
2011-08-23 17:00:41.154 weiQo[16073:b303] ===action=submit®Callback=http%253A%252F%252Fapi.t.sina.com.cn%252Foauth%252Fmobilehtml5%253Foauth_token%253Dbaf7b00e4390d85ae38df5f57c185960%2526oauth_callback%253Doauth%253A%252F%252Fweiqo.com%2526from%253D&oauth_token=baf7b00e4390d85ae38df5f57c185960&display=null&oauth_callback=oauth%3A%2F%2Fweiqo.com&from=&userId=Netseye%40gmail.com&passwd=********(密码省略);
不过我认为这个问题会有很多有人心人在意
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.
You must be logged in to post a comment.