关键词: OAuth, 网盘, HTTPS, RSA, 嵌入式

Abstract: Abstract: Nowadays, the developers can easily access the network disk by OAuth protocol interfaces provided by the major cloud storage service providers. But on embedded system, it’s hard to build a complete web browser using its limited hardware resource because that a full functioning web browser needs to support a wide variety of file formats and protocols. So, this article propose a method that achieves interaction with network disk using OAuth with smaller resources. First of all, this article build an Android application that implements the function of upload and download file to and from the Sina Vdisk using the API Sina provides for the developers. Secondly, using the Proxy component provided by Burp Suite, we fetched the HTTPS packets transferred between the Android application and Sina Vdisk server. Thirdly, we analyze the authorize process and the file upload and download process by those packets we crawled. Finally, we validate the authorize process in the Linux environment using C and then we get the access token and use it to implement the function of upload file and download file and list files on the network disk server.

Key words: OAuth, network disk, HTTPS, RSA, embedded system