提交 f5de7f93 编写于 作者: 智布道's avatar 智布道 👁

🍻 解决Issue #IY1QR 增加对Config属性的校验功能,主要校验redirect uri的合法性

上级 e534a4b6
......@@ -10,7 +10,7 @@ import java.util.Map;
/**
* 授权工厂类,负责创建指定平台的授权类获取授权地址
* <p>
* 使用策略模式 + 工厂模式 避免大量的if else(swatch)操作
* 使用策略模式 + 工厂模式 避免大量的if else(switch)操作
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
......
......@@ -23,9 +23,11 @@ public abstract class BaseAuthRequest implements AuthRequest {
public BaseAuthRequest(AuthConfig config, AuthSource source) {
this.config = config;
this.source = source;
if (!AuthConfigChecker.isSupportedAuth(config)) {
if (!AuthConfigChecker.isSupportedAuth(config, source)) {
throw new AuthException(ResponseStatus.PARAMETER_INCOMPLETE);
}
// 校验配置合法性
AuthConfigChecker.check(config, source);
}
protected abstract AuthToken getAccessToken(String code);
......
......@@ -13,6 +13,7 @@ public enum ResponseStatus {
UNSUPPORTED(5003, "Unsupported operation"),
NO_AUTH_SOURCE(5004, "AuthSource cannot be null"),
UNIDENTIFIED_PLATFORM(5005, "Unidentified platform"),
ILLEGAL_REDIRECT_URI(5006, "Illegal redirect uri"),
;
private int code;
......
package me.zhyd.oauth.utils;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.request.ResponseStatus;
/**
* 授权配置类的校验器
......@@ -15,9 +18,30 @@ public class AuthConfigChecker {
* 是否支持第三方登录
*
* @param config config
* @param source source
* @return true or false
*/
public static boolean isSupportedAuth(AuthConfig config) {
return StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
if (isSupported && AuthSource.ALIPAY == source) {
isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
}
return isSupported;
}
/**
* 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://,而对于facebook平台, redirect uri 必须是https的链接
*
* @param config config
* @param source source
*/
public static void check(AuthConfig config, AuthSource source) {
String redirectUri = config.getRedirectUri();
if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
}
if (AuthSource.FACEBOOK == source && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
}
}
}
......@@ -84,4 +84,18 @@ public class GlobalAuthUtil {
}
return res;
}
public static boolean isHttpProtocol(String url) {
if (StringUtils.isEmpty(url)) {
return false;
}
return url.startsWith("http://");
}
public static boolean isHttpsProtocol(String url) {
if (StringUtils.isEmpty(url)) {
return false;
}
return url.startsWith("https://");
}
}
### 2019/06/18
1. 解决Issue [#IY2HW](https://gitee.com/yadong.zhang/JustAuth/issues/IY2HW)
1. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH)
2. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH)
3. 解决Issue [#IY2FV](https://gitee.com/yadong.zhang/JustAuth/issues/IY2FV)
4. 修复部分注释、拼写错误
5. 解决Issue [#IY1QR](https://gitee.com/yadong.zhang/JustAuth/issues/IY1QR) 增加对Config属性的校验功能,主要校验redirect uri的合法性
### 2019/06/06
1. 增加今日头条的授权登陆
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册