package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; /** * 百度账号登录 * * @author yadong.zhang (yadong.zhang0415(a)gmail.com) * @version 1.0 * @since 1.8 */ public class AuthBaiduRequest extends AuthDefaultRequest { public AuthBaiduRequest(AuthConfig config) { super(config, AuthSource.BAIDU); } @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); return getAuthToken(response); } @Override protected AuthUser getUserInfo(AuthToken authToken) { HttpResponse response = doGetUserInfo(authToken); String userInfo = response.body(); JSONObject object = JSONObject.parseObject(userInfo); this.checkResponse(object); return AuthUser.builder() .uuid(object.getString("userid")) .username(object.getString("username")) .nickname(object.getString("username")) .avatar(getAvatar(object)) .remark(object.getString("userdetail")) .gender(AuthUserGender.getRealGender(object.getString("sex"))) .token(authToken) .source(source) .build(); } private String getAvatar(JSONObject object) { String protrait = object.getString("portrait"); return StringUtils.isEmpty(protrait) ? null : String.format("http://himg.bdimg.com/sys/portrait/item/%s.jpg", protrait); } @Override public AuthResponse revoke(AuthToken authToken) { HttpResponse response = doGetRevoke(authToken); JSONObject object = JSONObject.parseObject(response.body()); this.checkResponse(object); // 返回1表示取消授权成功,否则失败 AuthResponseStatus status = object.getIntValue("result") == 1 ? AuthResponseStatus.SUCCESS : AuthResponseStatus.FAILURE; return AuthResponse.builder().code(status.getCode()).msg(status.getMsg()).build(); } @Override public AuthResponse refresh(AuthToken authToken) { String refreshUrl = UrlBuilder.fromBaseUrl(this.source.refresh()) .queryParam("grant_type", "refresh_token") .queryParam("refresh_token", authToken.getRefreshToken()) .queryParam("client_id", this.config.getClientId()) .queryParam("client_secret", this.config.getClientSecret()) .build(); HttpResponse response = HttpRequest.get(refreshUrl).execute(); return AuthResponse.builder() .code(AuthResponseStatus.SUCCESS.getCode()) .data(this.getAuthToken(response)) .build(); } /** * 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state} * * @param state state 验证授权流程的参数,可以防止csrf * @return 返回授权地址 */ @Override public String authorize(String state) { return UrlBuilder.fromBaseUrl(source.authorize()) .queryParam("response_type", "code") .queryParam("client_id", config.getClientId()) .queryParam("redirect_uri", config.getRedirectUri()) .queryParam("display", "popup") .queryParam("state", getRealState(state)) .build(); } /** * 检查响应内容是否正确 * * @param object 请求响应内容 */ private void checkResponse(JSONObject object) { if (object.containsKey("error") || object.containsKey("error_code")) { String msg = object.containsKey("error_description") ? object.getString("error_description") : object.getString("error_msg"); throw new AuthException(msg); } } private AuthToken getAuthToken(HttpResponse response) { JSONObject accessTokenObject = JSONObject.parseObject(response.body()); this.checkResponse(accessTokenObject); return AuthToken.builder() .accessToken(accessTokenObject.getString("access_token")) .refreshToken(accessTokenObject.getString("refresh_token")) .scope(accessTokenObject.getString("scope")) .expireIn(accessTokenObject.getIntValue("expires_in")) .build(); } }