diff --git a/src/main/java/me/zhyd/oauth/authorization/AuthorizationFactory.java b/src/main/java/me/zhyd/oauth/authorization/AuthorizationFactory.java index c95cdc998894425ba21e3b426f30c65611e3f3c2..9a5cc3eb8a50b3f8e0b6478a08e5dcb1fd6ca54b 100644 --- a/src/main/java/me/zhyd/oauth/authorization/AuthorizationFactory.java +++ b/src/main/java/me/zhyd/oauth/authorization/AuthorizationFactory.java @@ -10,7 +10,7 @@ import java.util.Map; /** * 授权工厂类,负责创建指定平台的授权类获取授权地址 *

- * 使用策略模式 + 工厂模式 避免大量的if else(swatch)操作 + * 使用策略模式 + 工厂模式 避免大量的if else(switch)操作 * * @author yadong.zhang (yadong.zhang0415(a)gmail.com) * @version 1.0 diff --git a/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java b/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java index 6a418f15307cc656b584f8544ee8a0cfab3a83b6..b0f6f82b66997403a3446156d5b1a8747e572e8e 100644 --- a/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java +++ b/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java @@ -23,9 +23,11 @@ public abstract class BaseAuthRequest implements AuthRequest { public BaseAuthRequest(AuthConfig config, AuthSource source) { this.config = config; this.source = source; - if (!AuthConfigChecker.isSupportedAuth(config)) { + if (!AuthConfigChecker.isSupportedAuth(config, source)) { throw new AuthException(ResponseStatus.PARAMETER_INCOMPLETE); } + // 校验配置合法性 + AuthConfigChecker.check(config, source); } protected abstract AuthToken getAccessToken(String code); diff --git a/src/main/java/me/zhyd/oauth/request/ResponseStatus.java b/src/main/java/me/zhyd/oauth/request/ResponseStatus.java index 378669b52ba9a0aeeaa27d966e20f4cfbd38ba1c..41052ab8bcf49f352a3a425f8a1e785838df180b 100644 --- a/src/main/java/me/zhyd/oauth/request/ResponseStatus.java +++ b/src/main/java/me/zhyd/oauth/request/ResponseStatus.java @@ -13,6 +13,7 @@ public enum ResponseStatus { UNSUPPORTED(5003, "Unsupported operation"), NO_AUTH_SOURCE(5004, "AuthSource cannot be null"), UNIDENTIFIED_PLATFORM(5005, "Unidentified platform"), + ILLEGAL_REDIRECT_URI(5006, "Illegal redirect uri"), ; private int code; diff --git a/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java index ca58d14cacd45db7ad85495e67e9e63854c46cbc..ca2d425bcbd9d4a9d07d6534fc7c73d1e8622e07 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java @@ -1,6 +1,9 @@ package me.zhyd.oauth.utils; import me.zhyd.oauth.config.AuthConfig; +import me.zhyd.oauth.exception.AuthException; +import me.zhyd.oauth.model.AuthSource; +import me.zhyd.oauth.request.ResponseStatus; /** * 授权配置类的校验器 @@ -15,9 +18,30 @@ public class AuthConfigChecker { * 是否支持第三方登录 * * @param config config + * @param source source * @return true or false */ - public static boolean isSupportedAuth(AuthConfig config) { - return StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri()); + public static boolean isSupportedAuth(AuthConfig config, AuthSource source) { + boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri()); + if (isSupported && AuthSource.ALIPAY == source) { + isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey()); + } + return isSupported; + } + + /** + * 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://,而对于facebook平台, redirect uri 必须是https的链接 + * + * @param config config + * @param source source + */ + public static void check(AuthConfig config, AuthSource source) { + String redirectUri = config.getRedirectUri(); + if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) { + throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI); + } + if (AuthSource.FACEBOOK == source && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) { + throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI); + } } } diff --git a/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java b/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java index 5bf022e764d716868bdfbaeec38bf2ef0185ea8b..5bf697d92cc4030c5295834258807787fc0b6935 100644 --- a/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java +++ b/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java @@ -84,4 +84,18 @@ public class GlobalAuthUtil { } return res; } + + public static boolean isHttpProtocol(String url) { + if (StringUtils.isEmpty(url)) { + return false; + } + return url.startsWith("http://"); + } + + public static boolean isHttpsProtocol(String url) { + if (StringUtils.isEmpty(url)) { + return false; + } + return url.startsWith("https://"); + } } diff --git a/update.md b/update.md index c9966bc1957215cb0ee6ccc99d9381453505ad11..7e27d0ec9bef5fd89b019b5f3ff72dc237e3e85d 100644 --- a/update.md +++ b/update.md @@ -1,6 +1,9 @@ ### 2019/06/18 1. 解决Issue [#IY2HW](https://gitee.com/yadong.zhang/JustAuth/issues/IY2HW) -1. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH) +2. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH) +3. 解决Issue [#IY2FV](https://gitee.com/yadong.zhang/JustAuth/issues/IY2FV) +4. 修复部分注释、拼写错误 +5. 解决Issue [#IY1QR](https://gitee.com/yadong.zhang/JustAuth/issues/IY1QR) 增加对Config属性的校验功能,主要校验redirect uri的合法性 ### 2019/06/06 1. 增加今日头条的授权登陆