在Android上授權的HTTP POST請求

Question

當我從HttpPost使用setHeader設置“Authorization”標頭時，主機名從請求中消失，並且總是返回錯誤400（錯誤請求）。 相同的代碼在純java（沒有android）上工作正常，當我在android上刪除設置“Authorization”標題時，它工作正常，但我需要授權。 這是一個代碼（域已更改）：

HttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost("http://myhost.com/test.php");
post.setHeader("Accept", "application/json");
post.setHeader("User-Agent", "Apache-HttpClient/4.1 (java 1.5)");
post.setHeader("Host", "myhost.com");
post.setHeader("Authorization",getB64Auth());
List <NameValuePair> nvps = new ArrayList <NameValuePair>();
nvps.add(new BasicNameValuePair("data[body]", "test"));
AbstractHttpEntity ent=new UrlEncodedFormEntity(nvps, HTTP.UTF_8);
ent.setContentType("application/x-www-form-urlencoded; charset=UTF-8");
ent.setContentEncoding("UTF-8");
post.setEntity(ent);
post.setURI(new URI("http://myhost.com/test.php"));
HttpResponse response =client.execute(post);

方法getB64Auth（）返回使用Base64編碼的“login：password”，如：“YnxpcYRlc3RwMTulHGhlSGs =”，但這並不重要。

當在純java上調用上面的代碼時，這是一個lighttpd的error.log：

2011-02-23 15:37:36: (request.c.304) fd: 8 request-len: 308
POST /test.php HTTP/1.1
Accept: application/json
User-Agent: Apache-HttpClient/4.1 (java 1.5)
Host: myhost.com
Authorization: Basic YnxpcYRlc3RwMTulHGhlSGs=
Content-Length: 21
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Encoding: UTF-8
Connection: Keep-Alive

HTTP/1.1 200 OK
Content-type: text/html
Transfer-Encoding: chunked

並從access.log記錄（IP已更改）：

1.1.1.1 myhost.com - [23/Feb/2011:15:37:36 +0100] "POST /test.php HTTP/1.1" 200 32 "-" "Apache-HttpClient/4.1 (java 1.5)"

當在android上調用相同的代碼時，我在日志中得到這個：

POST /test.php HTTP/1.1
Accept: application/json
User-Agent: Apache-HttpClient/4.1 (java 1.5)
Host: myhost.com
Authorization: Basic YnxpcYRlc3RwMTulHGhlSGs=

Content-Length: 21
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Encoding: UTF-8
Connection: Keep-Alive
Expect: 100-Continue


2011-02-23 15:45:10: (response.c.128) Response-Header:
HTTP/1.1 400 Bad Request
Content-Type: text/html
Content-Length: 349
Connection: close

access.log的：

1.1.1.1 - - [23/Feb/2011:15:45:10 +0100] "POST /test.php HTTP/1.1" 400 349 "-" "Apache-HttpClient/4.1 (java 1.5)"

如何使用POST在android上進行授權？ 當我使用HttpURLConnection而不是HttpClient時，它沒有區別。

Answer 1

感謝Samuh的提示:)插入了一個額外的換行符，它在GET請求中沒有任何意義，但在POST中則很重要。 這是在android中生成Authorization標頭的正確方法（在本例中為getB64Auth）：

 private String getB64Auth (String login, String pass) {
   String source=login+":"+pass;
   String ret="Basic "+Base64.encodeToString(source.getBytes(),Base64.URL_SAFE|Base64.NO_WRAP);
   return ret;
 }

缺少Base64.NO_WRAP標志。

Answer 2

簡單地用這個：

String authorizationString = "Basic " + Base64.encodeToString(
                        ("your_login" + ":" + "your_password").getBytes(),
                        Base64.NO_WRAP); //Base64.NO_WRAP flag
                post.setHeader("Authorization", authorizationString);