无法在android应用程序上获得对Amazon alexa的授权令牌访问权
我创建了一个安全配置文件,并从中获得了密码挑战 @文卡特什: 生成codeVerifier和codeChallenge:无法在android应用程序上获得对Amazon alexa的授权令牌访问权,android,httpclient,alexa,alexa-voice-service,Android,Httpclient,Alexa,Alexa Voice Service,我创建了一个安全配置文件,并从中获得了密码挑战 @文卡特什: 生成codeVerifier和codeChallenge: String codeVerifier = generateCodeVerifier(); String codeChallenge = generateCodeChallenge(codeVerifier, "S256"); private String generateCodeVerifier() { String rand
String codeVerifier = generateCodeVerifier();
String codeChallenge = generateCodeChallenge(codeVerifier, "S256");
private String generateCodeVerifier() {
String randomOctetSequence = generateRandomOctetSequence(100);
String codeVerifier = base64UrlEncode(randomOctetSequence.getBytes());
return codeVerifier;
}
private String generateRandomOctetSequence(int count) {
char[] chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890-_.~".toCharArray();
StringBuilder sb = new StringBuilder();
Random random = new Random();
for (int i = 0; i < count; i++) {
char c = chars[random.nextInt(chars.length)];
sb.append(c);
}
return sb.toString();
}
private String generateCodeChallenge(String codeVerifier, String codeChallengeMethod) {
String codeChallenge = "";
if ("S256".equalsIgnoreCase(codeChallengeMethod)) {
try {
byte[] digest = MessageDigest.getInstance("SHA-256").digest(
codeVerifier.getBytes());
codeChallenge = base64UrlEncode(
digest);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
} else {
// Fall back to code_challenge_method = "plain" codeChallenge = codeVerifier;
}
return codeChallenge;
}
private String base64UrlEncode(byte[] arg) {
String s = new String(Base64.encode(arg, Base64.URL_SAFE | Base64.NO_PADDING | Base64.NO_WRAP));
s = s.split("=")[0]; // Remove any trailing '='s
s = s.replace('+', '-'); // 62nd char of encoding
s = s.replace('/', '_'); // 63rd char of encoding
return s;
}
String codeVerifier=generateCodeVerifier();
字符串codeChallenge=generateCodeChallenge(代码验证器,“S256”);
私有字符串generateCodeVerifier(){
String randomOctetSequence=generateRandomOctetSequence(100);
String codeVerifier=base64UrlEncode(randomOctetSequence.getBytes());
返回码校验器;
}
专用字符串生成器DomOcteTSequence(int计数){
char[]chars=“abcdefghijklmnopqrstuvxyzabcdefghijklmnopqrstuvxyz1234567890-。~”.tocharray();
StringBuilder sb=新的StringBuilder();
随机=新随机();
for(int i=0;i请看我的评论(来源):欢迎链接到解决方案,但请确保您的答案在没有它的情况下是有用的:这样您的其他用户就会知道它是什么以及为什么存在,然后引用您链接到的页面的最相关部分,以防目标页面不可用。
06-23 18:31:02.496 29161-29523/gct.venkatesh.com.alexabot I/com.amazon.identity.auth.device.authorization.AuthorizationHelper: Return auth code success
06-23 18:31:02.500 29161-29523/gct.venkatesh.com.alexabot D/AmazonLoginActivity: success ANkBjQgTSnsVwfcQCqrU amzn://gct.venkatesh.com.alexabot amzn1.application-oa2-client.bd04c0584c0c4a1296bf3c1f14f9a831
06-23 18:31:02.611 29161-29161/gct.venkatesh.com.alexabot I/Timeline: Timeline: Activity_idle id: android.os.BinderProxy@1496318b time:21809219
06-23 18:31:04.543 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Server ,Value : Server
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Date ,Value : Fri, 23 Jun 2017 13:00:42 GMT
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Content-Type ,Value : application/json
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Content-Length ,Value : 92
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Connection ,Value : keep-alive
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : x-amzn-RequestId ,Value : f6f231ed-5813-11e7-88b7-1d51a9cde1df
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : X-Amz-Date ,Value : Fri, 23 Jun 2017 13:00:42 GMT
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : x-amzn-ErrorType ,Value : OA2UnauthorizedClientException:http://internal.amazon.com/coral/com.amazon.panda/
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Cache-Control ,Value : no-cache, no-store, must-revalidate
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Pragma ,Value : no-cache
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot I/System.out: Key : Vary ,Value : Accept-Encoding,User-Agent
06-23 18:31:04.544 29161-29523/gct.venkatesh.com.alexabot D/Response: {"error_description":"Not authorized for requested operation","error":"unauthorized_client"
String codeVerifier = generateCodeVerifier();
String codeChallenge = generateCodeChallenge(codeVerifier, "S256");
private String generateCodeVerifier() {
String randomOctetSequence = generateRandomOctetSequence(100);
String codeVerifier = base64UrlEncode(randomOctetSequence.getBytes());
return codeVerifier;
}
private String generateRandomOctetSequence(int count) {
char[] chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890-_.~".toCharArray();
StringBuilder sb = new StringBuilder();
Random random = new Random();
for (int i = 0; i < count; i++) {
char c = chars[random.nextInt(chars.length)];
sb.append(c);
}
return sb.toString();
}
private String generateCodeChallenge(String codeVerifier, String codeChallengeMethod) {
String codeChallenge = "";
if ("S256".equalsIgnoreCase(codeChallengeMethod)) {
try {
byte[] digest = MessageDigest.getInstance("SHA-256").digest(
codeVerifier.getBytes());
codeChallenge = base64UrlEncode(
digest);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
} else {
// Fall back to code_challenge_method = "plain" codeChallenge = codeVerifier;
}
return codeChallenge;
}
private String base64UrlEncode(byte[] arg) {
String s = new String(Base64.encode(arg, Base64.URL_SAFE | Base64.NO_PADDING | Base64.NO_WRAP));
s = s.split("=")[0]; // Remove any trailing '='s
s = s.replace('+', '-'); // 62nd char of encoding
s = s.replace('/', '_'); // 63rd char of encoding
return s;
}