Weibo Login

Documentation

This document explains how to integrate the Weibo authorization login function in an Android client. Weibo login usage scenario: The Weibo APP is already installed on the user's phone. The user clicks the Weibo login button on the client APP. The IDaaS SDK launches the authorization page within the Weibo APP. After the user clicks the "Authorize Login" button and authorization is successful, the Weibo APP redirects back to the client APP. At this point, the IDaaS SDK automatically receives a temporary credential and requests authentication from the IDaaS server with this credential. The final authentication result is returned to the client APP.

Process Description

Login Flow

Integration Flow Description

1. The user clicks the Weibo login button on the APP client.

2. The APP client invokes the IDaaS SDK's Weibo login method.

3. The IDaaS SDK sends a login authorization request to the Weibo SDK.

4. The Weibo SDK launches the Weibo APP on the phone and displays the authorization login page.

5. The user clicks the authorize login button.

6. Weibo authorization is successful, launching the client APP and carrying the Weibo authorization credential access token and uid. At this point, the IDaaS SDK automatically obtains the Weibo authorization credential during the launch.

7. IDaaS uses the Weibo authorization credential to request authentication from the IDaaS server.

8. The IDaaS server checks if a phone number is bound. If a phone number is already bound, the IDaaS server authentication succeeds and returns a sessionToken to the IDaaS SDK.

9. The IDaaS SDK returns the sessionToken to the APP client.

10. If the IDaaS server finds that no phone number is bound, it returns an identifier indicating that binding or registration is required.

11. The IDaaS server displays the binding or registration page.

12. The user enters a phone number, clicks to get the verification code, and completes the slider verification.

13. The IDaaS SDK takes the slider verification code to the IDaaS server to request slider verification.

14. The IDaaS server successfully validates the slider and returns a token to the IDaaS SDK.

15. The IDaaS SDK uses the token and phone number to request the IDaaS server to send an SMS verification code.

16. The user receives the SMS verification code, enters it into the input box, and clicks the bind or register button.

17. The IDaaS SDK submits the binding or login data to the IDaaS server.

18. Binding or registration is successful. The IDaaS server returns a sessionToken to the IDaaS SDK.

19. The IDaaS SDK returns the sessionToken to the client APP.

Preparations

Developers need to go to the Weibo Open Platform https://open.weibo.com/ (opens new window) to create their own development account, create a new application, and get it approved. Obtain the application's appID and appSecrete.

Obtain Application clientID

Log in to the IDaaS Enterprise Center platform, click "Resources -> Applications", select the relevant application and click to view it.

Configure Authentication Source

1. Log in to the IDaaS Enterprise Center platform, click "Authentication -> Authentication Source Management -> Weibo".

2. Click Add Authentication Source, fill in the AppKey and AppSecrete obtained after registering the application on the Weibo Open Platform. Select 'Mobile Application' in the channel selection box. Enter a name in the Display Name field.

The callback address here needs to be filled in the advanced information of the application configuration on the Weibo Open Platform.

The authorization callback page here is as follows, which is also used as a redirectURI parameter required by the SDK: https://tenant.bccastle.com/api/v1/login/weibo

The deauthorization callback page is: https://tenant.bccastle.com/CancelRedirectUri

6. Click OK, and you will get an authentication source as shown in the figure below.

7. Then go to Resources -> Applications, and click on the newly created App. After the application is created, go to Login Configuration -> Mobile Application -> Configuration.

8. You will arrive at the window as shown below. Click the toggle button next to Weibo to turn it on.

   

Import Dependency Packages

Import the aar package into lib, as shown in the figure below:

Configure build.gradle

/*begin*/
/*  rxjava2 +  okhttp + retrofit2  */
api 'io.reactivex.rxjava2:rxjava:2.2.10'
api 'io.reactivex.rxjava2:rxandroid:2.1.1'
api 'com.squareup.retrofit2:retrofit:2.6.0'
api 'com.squareup.retrofit2:adapter-rxjava2:2.6.0'
api 'com.squareup.retrofit2:converter-gson:2.6.0'
api 'com.squareup.okhttp3:okhttp:4.3.1'
api 'com.squareup.okhttp3:logging-interceptor:3.6.0'
api 'com.jakewharton.retrofit:retrofit2-rxjava2-adapter:1.0.0'
api 'com.trello.rxlifecycle2:rxlifecycle-components:2.1.0'
api 'com.alibaba:fastjson:1.2.61'
 /*end*/ 
    
//Common library, required
implementation(name: 'AuthnCenter_Common-1.5.3', ext: 'aar')   
//Weibo Login SDK, required
implementation(name: ''AuthnCenter_Login_Weibo-1.5.3', ext: 'aar')
//Official Weibo dependency library, required
implementation(name: 'core-4.3.1-openDefaultRelease', ext: 'jar')

Configure AndroidManifest

  <!--Permissions-->
    <uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.CAMERA" />
    <uses-permission android:name="android.permission.RECORD_AUDIO" />
    <uses-permission android:name="android.permission.READ_PHONE_STATE" />
    <uses-permission android:name="android.permission.MOUNT_UNMOUNT_FILESYSTEM"/>
        
  
        <!-- Country code interface, register as needed -->
        <activity
            android:name="com.authncenter.wechat.view.CountryCodeListActivity"
            android:launchMode="singleTask"
            android:screenOrientation="portrait" />
        <!-- SMS verification interface, register as needed -->
        <activity
            android:name="com.authncenter.loginweibo.view.MsgActivity"
            android:launchMode="singleTask"
            android:screenOrientation="portrait" />

Development Integration

Built-in API Introduction

Basic configuration initialization main class AuthnCenterAPI method introduction:

/**
 * SMS verification code -- Send SMS
 */
public void smsSend(Context context, SendSmsReq req, RequestListener listener)

/**
 * Get country code    Note: If country codes are configured, this interface must be called to obtain the country code
 */
public void getCountryCode(Context context, RequestListener listener)

/**
 * Social account binding interface
 * @param context      Context
 * @param stateToken   Temporary token returned after current login
 * @param otpsmsReq    Binding object information
 * @param listener     Event callback
 */
public void socialBind(Context context, String stateToken, OTPSMSReq otpsmsReq, RequestListener listener)

/**
 *  Register
 * @param context      Context
 * @param stateToken   Temporary token returned after current login
 * @param otpsmsReq    Registration object information
 * @param listener     Event callback
 */
public void register(Context context, String stateToken, OTPSMSReq otpsmsReq, RequestListener listener)

Weibo login initialization main class AuthnCenterLoginWeibo method introduction:

/**
 *   Weibo login
 * @param context  Context
 * @param loginListener Event listener
 * @param loginType      LoginType.DEFAULT (Built-in), LoginType.CUSTOM (Custom)
 */
public void loginByWeiBo(Context context, WeiboLoginListener loginListener, LoginType loginType)

Mobile International Dialing Code Retrieval

If international phone number support is enabled, please first call the international dialing code retrieval interface. The international dialing code retrieval interface returns the configured list of international dialing codes, along with regular expressions for phone numbers. The image below shows how to configure the international dialing code list and the preferred dialing code.

Example code for retrieving the international dialing code list:

AuthnCenterAPI.Builder().getCountryCode(this, new RequestListener<CountryCodeInfoRsp>() {
    @Override
    public void success(CountryCodeInfoRsp codeInfoRsp) {
  
    }

    @Override
    public void error(String code, String errorMessage) {
    }
});

Successful example code=0, data value:

{
	"phoneAreaCodeDefinitions": [
		{
			"areaCode": "86",
			"displayMapping": {
				"zh-TW": "中國大陸",
				"en": "China",
				"zh-CN": "中国大陆"
			},
			"countryCode": "CN",
			"mobileRegex": "^(\\+86){0,1}\\-?1\\d{10}$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "852",
			"displayMapping": {
				"zh-TW": "中國香港",
				"en": "Hong Kong",
				"zh-CN": "中国香港"
			},
			"countryCode": "HK",
			"mobileRegex": "^(\\+852){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "886",
			"displayMapping": {
				"zh-TW": "中國臺灣",
				"en": "Taiwan",
				"zh-CN": "中国台湾"
			},
			"countryCode": "TW",
			"mobileRegex": "^(\\+886){1}\\-?[6,7,9](?:\\d{7}|\\d{8})$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "853",
			"displayMapping": {
				"zh-TW": "中國澳門",
				"en": "Macau",
				"zh-CN": "中国澳门"
			},
			"countryCode": "MO",
			"mobileRegex": "^(\\+853){1}\\-?0{0,1}[1,4,5,6,7,8,9](?:\\d{7}|\\d{8}|\\d{12})$",
			"areaCodeSuffixes": []
		},
		{
			"areaCode": "93",
			"displayMapping": {
				"zh-TW": "阿富汗",
				"en": "Afghanistan",
				"zh-CN": "阿富汗"
			},
			"countryCode": "AF",
			"mobileRegex": "^(\\+93){1}\\-\\d{6,11}",
			"areaCodeSuffixes": []
		}
	],
	"preferredAreaCode": "CN"
}

Return Parameters:

Parameter Name	Chinese Name	Type	Description
preferredAreaCode	Preferred International Dialing Code	String	The preferred international dialing code configured for the current enterprise center.
countryCode	Country/Region Code	String	Country/Region Code
areaCode	International Telephone Dialing Code	String	International Telephone Dialing Code
areaCodeSuffixes	International Telephone Dialing Code Suffix	String	International Telephone Dialing Code Suffix
mobileRegex	Mobile Number Format Regex	String	Mobile Number Format Regex
displayMapping	Multi-language Display Name Mapping	String	Multi-language Display Name Mapping

Built-in Sliding Verification {/内置滑动校验/}

Human-machine interaction verification is required when sending verification codes.

BlockPuzzleDialog mBlockPuzzleDialog = new BlockPuzzleDialog(mContext);
mBlockPuzzleDialog.setOnResultsListener(new OnResultsListener() {
        @Override
        public void onResultsClick(String result) {
            LogUtil.getInstance().d("Secondary verification callback result mCaptchaToken:" + result);
            // This callback result is the captchaToken parameter for SMS verification.
        }
        @Override
        public void onError(String code, String msg) {
            ToastUtils.ShowToast(mContext, String.format("Error Code: %s  Error Message: %s", code, msg));
        }
    });
}

Sending Verification Code

The App client needs to have its own UI interface, which should include several essential components: a phone number input field, a verification code input field, a button (or event) to trigger obtaining the verification code, and a login button (or event).

1. After the user enters a phone number and before clicking (triggering) the send verification code event, the App client should perform phone number format validation.

2. When the send verification code event is clicked (triggered), the App client calls the IDaaS SDK's method to send the verification code. An example is as follows:

//Send verification code
SendSmsReq sendSmsReq = new SendSmsReq();
sendSmsReq.setMobile(getPhoneNum());
sendSmsReq.setType(SendSmsType.login);//Type enumeration
sendSmsReq.setCaptcha_token("The result returned after successful sliding captcha verification");
AuthnCenterAPI.Builder().smsSend(mContext, sendSmsReq
        , new RequestListener<BaseResponse>() {
            @Override
            public void success(BaseResponse rsp) {
            }
            @Override
            public void error(String code, String errorMessage) {
            }
        });

Built-in UI Development Integration

Initialization

AuthnCenterSDK.Builder()
                .init(this)
                .setBaseUrl("https://xxx.xxx.com")      //Tenant domain name
                .setClientId("xxxx") //Application client-id from the tenant backend
                .isCheckSSL(false) //Whether to check SSL certificate
                .logEnable(false).build(); //Whether to enable HTTP request logging
PlatformConfig.Builder().init(this).setWeiBoAppId("XXXX"); //Set Weibo APPID
PlatformConfig.Builder().init(this).setWeiBoRedirectUrl("XXX"); //Set Weibo Open Platform callback URL

UI Customization

The caller can set the text, descriptions, colors, etc., of the binding interface via BindThemeConfig. Specific attributes are as follows:

//Customize interface
BindThemeConfig.Builder().setBindTitle("I am the title")
        .setBindDes("I am the details")
        .setBindButtonText("I just want to change the button text")
        .setBindButtonTextDefaultColor("#367517")
        .setBindButtonTextColor("#C8E2B1")
        .setBindButtonTextOnPressColor("#F9F400")
        .setSendMsgColor("#976D00")
        .setSendMsgNoActiviColor("#50A625")
        .setDialogTitle("I just want to customize")
        .setDialogBtnConfirmColor("#FFB6C1");

Attribute Description

Parameter	Type	Description	Example
setBackFont	String	Change the back text	N/A
setBackFontColor	String	Change the back text color	Hexadecimal color, e.g., #FFFFFF
setBackImg	int	Set the back icon	Resource file R
setBackFontSize	int	Set the back text size	14sp
setCountryCodeVisibility	boolean	Set whether to display the international dialing code	Default is true
setBindTitle	String	Binding interface title	N/A
setBindDes	String	Binding interface description	N/A
setBindButtonText	String	Binding button text	N/A
setBindButtonTextDefaultColor	String	Binding button text default background color	Hexadecimal color, e.g., #FFFFFF
setBindButtonTextColor	String	Binding button text color	Hexadecimal color, e.g., #FFFFFF
setBindButtonTextOnPressColor	String	Binding button text background color after being pressed	Hexadecimal color, e.g., #FFFFFF
setSendMsgColor	String	Send SMS button text color	Hexadecimal color, e.g., #FFFFFF
setSendMsgNoActiviColor	String	Countdown text color	Hexadecimal color, e.g., #FFFFFF
setDialogTitle	String	Unbind popup dialog title	N/A
setDialogBtnConfirmColor	String	Unbind popup dialog confirm button color	Hexadecimal color, e.g., #FFFFFF
sendMsgNoActiveBackground	int	Send SMS button background resource	Android color or background resource file (R)
setButtonBackground	int	Send SMS button default background resource	Android color or background resource file (R)
setSendMsgBackground	int	Binding button background resource	Android color or background resource file (R)

Weibo Login Built-in Interface

AuthnCenterLoginWeibo.Builder().loginByWeiBo(this, new WeiboLoginListener() {
    @Override
    public void success(String code, String data) {
  //Success callback
    }
    @Override
    public void error(String code, String errorMessage) {
//Failure callback
    }
}, LoginType.DEFAULT);

Integration via API Development

If you choose this integration method, after the login returns, you need to handle the binding or registration business and perform basic operations related to phone number verification yourself based on the returned status.

Also, the relevant registration information in the AndroidManifest file can be filled in with your own.

Call Sequence Description

After a successful login, if the returned status is binding, then you need to call:

1. Get country code (call this based on whether internationalization support is configured) (getCountryCode)

2. Slide verification (BlockPuzzleDialog)

3. Send SMS (smsSend)

4. Bind or register (socialBind/register)

Initialization

AuthnCenterSDK.Builder()
                .init(this)
                .setBaseUrl("https://xxx.xxx.com")      //Tenant domain name
                .addGlobalHeader("X-client-id", "xxxx") //Tenant backend application client-id
                .isCheckSSL(false) //Whether to check SSL certificate
                .logEnable(false).build(); //Whether to enable HTTP request logs
PlatformConfig.Builder().init(this).setWeiBoAppId("XXXX"); //Set Weibo APPID
PlatformConfig.Builder().init(this).setWeiBoRedirectUrl("XXX"); //Set Weibo Open Platform callback URL

Weibo Login (Custom Interface)

AuthnCenterLoginWeibo.Builder().loginByWeiBo(this, new WeiboLoginListener() {
    @Override
    public void success(String code, String data) {
//Based on the code return value here, navigate to your own interface to perform binding or registration operations.
        Intent intent = new Intent(MainActivity.this, WeiBoActivity.class);
        intent.putExtra(SocialType.STATETOKEN, data);
        intent.putExtra(SocialType.BINDTYPE, SocialType.WX);
        switch (code) {
   case "10002":   //Login successful
ToastUtils.ShowToast(MainActivity.this, "Login successful : " + data);
                return;
            case "10003":   //Bind user
               intent.putExtra(SocialType.ACTIONTYPE, ActionType.BIND);
                break;
            case "10004": //Register user
                intent.putExtra(SocialType.ACTIONTYPE, ActionType.REGISTER);
                break;
        }
        intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
        startActivity(intent);
    }

    @Override
    public void error(String code, String errorMessage) {
        ToastUtils.ShowToast(MainActivity.this, "SDK callback code : " + code + "---- msg " + errorMessage);
    }
}, LoginType.CUSTOM);

Here, judgment is made based on the returned code:

Code	Description
10001	AuthCenter server error
10002	Success
10003	User binding required
10004	User registration required

Return Codes

Status Code	Error Code (error_code)	Error Description (error_msg)	Action
400	IDAAS.SDK.COMMON.1001	Parameter {0} cannot be left blank
		Parameter {0} cannot be empty
400	IDAAS.SDK.COMMON.1002	The {0} parameter format is incorrect
		Parameter {0} format error
400	IDAAS.SDK.COMMON.1003	Device information is incomplete
		Incomplete device information
400	IDAAS.SDK.COMMON.1004	Signature decryption error
		Signature decryption error
400	IDAAS.SDK.COMMON.1005	The {0} has failed
		{0} has expired
400	IDAAS.SDK.COMMON.1006	The {0} parameter error
		{0} parameter error
400	IDAAS.SDK.COMMON.1007	The {0} parameter type error
		{0} parameter type error
500	IDAAS.SDK.COMMON.1008	The system is busy. Try again later
		System busy. Please try again later
400	IDAAS.SDK.COMMON.1009	Unknown authentication configuration
		Unknown authentication configuration
400	IDAAS.SDK.COMMON.1010	Failed to obtain the enterprise center global configuration
		Failed to obtain enterprise center global configuration
400	IDAAS.SDK.COMMON.1011	Failed to obtain the international area code configuration
		Failed to obtain international area code configuration
400	IDAAS.SDK.COMMON.1012	The x-client-ID is incorrect and the corresponding application cannot be found
		X-client-id error, corresponding application not found
400	IDAAS.SDK.COMMON.1013	The corresponding user is not found
		Corresponding user not found
400	IDAAS.SDK.COMMON.1014	Application private key not found
		Application private key not found
400	IDAAS.SDK.LOGIN.1001	Error calling interface {0}
		Error calling interface {0}
400	IDAAS.SDK.LOGIN.1002	User not bound
		User not bound
400	IDAAS.SDK.LOGIN.1003	The user has been locked due to too many unsuccessful login attempts. It will be unlocked in {0} minutes and {1} seconds
		The user has been locked due to too many unsuccessful login attempts. It will be unlocked in {0} minutes and {1} seconds
400	IDAAS.SDK.LOGIN.1004	Failed to obtain the password policy
		Failed to obtain password policy error
400	IDAAS.SDK.LOGIN.1005	Invalid username or password. Remaining login attempts: {0}
		Invalid username or password. Remaining login attempts: {0}
400	IDAAS.SDK.LOGIN.1006	Configuration error, unable to find wechat authentication source
		Configuration error, unable to find WeChat authentication source
400	IDAAS.SDK.LOGIN.1007	Configuration error, unable to find alipay authentication source
		Configuration error, unable to find Alipay authentication source
400	IDAAS.SDK.LOGIN.1008	The configuration is incorrect. The one-click login authentication source cannot be found
		Configuration error, unable to find one-click login authentication source
400	IDAAS.SDK.SMS.1001	{0} slide base map is not initialized successfully, please check the path
		{0} slide base map not initialized successfully, please check the path
400	IDAAS.SDK.SMS.1002	{0} verification code coordinate resolution failed
		{0} verification code coordinate resolution failed
400	IDAAS.SDK.SMS.1003	{0} verification code coordinate verification fails
		{0} verification code coordinate verification fails
400	IDAAS.SDK.SMS.1004	The graphic verification code is incorrect
		Graphic verification code verification error
400	IDAAS.SDK.SMS.1005	SMS verification code verification is incorrect
		SMS verification code verification error
400	IDAAS.SDK.SMS.1006	The email verification code is incorrect
		Email verification code verification error
400	IDAAS.SDK.SMS.1007	Sending scenario does not exist
		Sending scenario does not exist
400	IDAAS.SDK.SMS.1008	Failed to send the verification code
		Failed to send verification code
400	IDAAS.SDK.SOCIAL.1001	The social account is unbound incorrectly
		Social account unbinding error
400	IDAAS.SDK.SOCIAL.1002	The social account has been bound, please unbind it first
		Social account already bound, please unbind first
400	IDAAS.SDK.PWD.1001	The password length is incorrect
		Password length error
400	IDAAS.SDK.PWD.1002	The password cannot be the username
		Password cannot be username
400	IDAAS.SDK.PWD.1003	Your password complexity is low
		Your password complexity is low
400	IDAAS.SDK.PWD.1004	The password is weak
		Password is weak
400	IDAAS.SDK.PWD.1005	The password is used before, cannot be used again
		This password has been used before and cannot be used again
400	IDAAS.SDK.PWD.1006	Password cannot username in reverse order
		Password cannot be username in reverse order
400	IDAAS.SDK.PWD.1007	The number of repeated password characters exceeded the upper limit
		Number of repeated password characters exceeds limit
400	IDAAS.SDK.PWD.1008	Password cannot contain :username, phone number, email prefix, name in PinYing
		Password cannot contain: username, phone number, email prefix, name in Pinyin
400	IDAAS.SDK.MFA.1001	The mobile doesn't match the user
		Phone number does not match user
400	IDAAS.SDK.MFA.1002	The access control policy is incorrect
		Access control policy configuration error
400	IDAAS.SDK.MFA.1003	Access control authentication source type conversion error
		Access control authentication source type conversion error

Please provide the Markdown content you would like me to translate.