Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Authorization header in Http Request in linkedin

Hi in my servlet code I am requesting the server with access_token on behalf of user i am able to request with below code:

OAuthRequest request2 = new OAuthRequest(Verb.GET,"https://api.linkedin.com/v1/people/~:(first-name,last-name,email-address)?oauth2_access_token="+accesstok);

But How i can request with Authorization Header like below:

GET /v1/people/~ HTTP/1.1
Host: api.linkedin.com
Connection: Keep-Alive
Authorization: Bearer AQXdSP_W41_UPs5ioT_t8HESyODB4FqbkJ8LrV_5mff4gPODzOYR

I am using in the below way but not wrking:

private static final String PROTECTED_RESOURCE_URL = "/v1/people/~:(first-name,last-   name,email-address) HTTP/1.1 Host: api.linkedin.com Connection: Keep-Alive Authorization: Bearer ";
Object AccessToken=  o.get("access_token"); 

String accesstok=AccessToken.toString();

OAuthRequest request2 = new OAuthRequest(Verb.GET,PROTECTED_RESOURCE_URL+accesstok);

Thank You

like image 835
Raj Avatar asked Nov 29 '14 09:11

Raj


People also ask

What is an HTTP authorization request?

The HTTP Authorization request header contains the credentials to authenticate a user agent with a server, usually, but not necessarily, after the server has responded with a 401 Unauthorized status and the WWW-Authenticate header. Authentication type. A common type is "Basic" . Other types:

How do I make an API request on LinkedIn?

Once you've obtained an access token, you can start making authenticated API requests on behalf of the member by including an Authorization header in the HTTP call to LinkedIn's API. To protect members' data, LinkedIn does not generate long-lived access tokens.

What is HTTP authentication request header?

The HTTP Authorization request header contains the credentials to authenticate a user agent with a server, usually, but not necessarily, after the server has responded with a 401 Unauthorized status and the WWW-Authenticate header. Authentication type. A common type is "Basic" .

What is the authorization code for LinkedIn?

The authorization code is not the final token that you use to make calls to LinkedIn with. It is used in the next step of the OAuth 2.0 flow to exchange for an actual access token.


1 Answers

You could use the apache.http library for that. You don't need some OAuth-library or anything. The OAuth protocol is so 'easy' to handle, that you can do it with normal http requests. Here an example with the apache-http library.

[EDIT] I changed the code to give you a full example, how to use those libraries.

import java.io.IOException;
import org.apache.http.HttpResponse;
import org.apache.http.ParseException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;

public class OAuthConnect {

    public static void main(String[] args) {
        try {
            HttpClient httpclient = HttpClientBuilder.create().build();  // the http-client, that will send the request
            HttpGet httpGet = new HttpGet("");   // the http GET request
            httpGet.addHeader("Authorization", "Bearer AQXdSP_W41_UPs5ioT_t8HESyODB4FqbkJ8LrV_5mff4gPODzOYR"); // add the authorization header to the request
            HttpResponse response = httpclient.execute(httpGet); // the client executes the request and gets a response
            int responseCode = response.getStatusLine().getStatusCode();  // check the response code
            switch (responseCode) {
                case 200: { 
                    // everything is fine, handle the response
                    String stringResponse = EntityUtils.toString(response.getEntity());  // now you have the response as String, which you can convert to a JSONObject or do other stuff
                    break;
                }
                case 500: {
                    // server problems ?
                    break;
                }
                case 403: {
                    // you have no authorization to access that resource
                    break;
                }
            }
        } catch (IOException | ParseException ex) {
            // handle exception
        }
    }
}

And here you can find the jar files which you can add as a library:

Apache HTTP-Core v 4.3.3
Apache HTTP-Client v 4.3.6

You can also download that jars from the Apache page

As you will see, the libraries provide you with everything to handle all Requests you may need to access the API (GET POST DELETE..). You can change the headers and handle what ever content you get as a response. I know it looks complicated, but with this you will have full control over you OAuth requests and don't need to rely on any library.

[Yet another EDIT]
When you download the zip files from the Apache page you need to unpack them and the jar file you need is within the lib folder.

httpcomponents-core-4.3.3
   +-examples
   +-lib
      +-commons-cli-1.2.jar
      +-httpcore-4.3.3.jar   <-- this one you need
      +-httpcore-ab-4.3.3.jar
     ...

and the same with the httpClient

httpcomponents-client-4.3.6
   +-examples
   +-lib
      +- commons-codec-1.6.jar
      +- ...
      +- httpclient-4.3.6.jar  <-- this one
      +- ...
like image 101
GameDroids Avatar answered Oct 18 '22 01:10

GameDroids