未验证 提交 f71fce68 编写于 作者: 智布道's avatar 智布道 👁 提交者: GitHub

Merge pull request #31 from xkcoding/refactor-1.9.3

调整部分代码
...@@ -72,6 +72,7 @@ public abstract class AuthDefaultRequest implements AuthRequest { ...@@ -72,6 +72,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST); throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
} }
AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode()); AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode());
AuthChecker.checkState(authCallback);
AuthToken authToken = this.getAccessToken(authCallback); AuthToken authToken = this.getAccessToken(authCallback);
AuthUser user = this.getUserInfo(authToken); AuthUser user = this.getUserInfo(authToken);
......
...@@ -3,7 +3,8 @@ package me.zhyd.oauth.utils; ...@@ -3,7 +3,8 @@ package me.zhyd.oauth.utils;
import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponseStatus;
/** /**
* 授权配置类的校验器 * 授权配置类的校验器
...@@ -65,4 +66,15 @@ public class AuthChecker { ...@@ -65,4 +66,15 @@ public class AuthChecker {
throw new AuthException(AuthResponseStatus.ILLEGAL_CODE); throw new AuthException(AuthResponseStatus.ILLEGAL_CODE);
} }
} }
/**
* 校验回调传回的state
*
* @param authCallback 回调
*/
public static void checkState(AuthCallback authCallback) {
if (!authCallback.checkState()) {
throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
}
}
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册