From 4c205a99579d522ae478c8b09107d422d63024dc Mon Sep 17 00:00:00 2001 From: verils Date: Wed, 1 Sep 2021 12:42:41 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8A=8A=E7=AC=AC=E4=B8=89=E6=96=B9=E6=9C=8D?= =?UTF-8?q?=E5=8A=A1=E7=8B=AC=E6=9C=89=E7=9A=84=E9=85=8D=E7=BD=AE=E4=BB=8E?= =?UTF-8?q?AuthConfig=E9=87=8C=E6=8F=90=E5=8F=96=E5=87=BA=E6=9D=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/me/zhyd/oauth/config/AuthConfig.java | 3 + .../zhyd/oauth/request/AuthAlipayRequest.java | 102 ++++++++++++++++-- .../oauth/request/AuthDefaultRequest.java | 6 +- .../java/me/zhyd/oauth/utils/AuthChecker.java | 16 +-- .../me/zhyd/oauth/AuthRequestBuilderTest.java | 59 +++++----- 5 files changed, 137 insertions(+), 49 deletions(-) diff --git a/src/main/java/me/zhyd/oauth/config/AuthConfig.java b/src/main/java/me/zhyd/oauth/config/AuthConfig.java index 752464b..85aa25c 100644 --- a/src/main/java/me/zhyd/oauth/config/AuthConfig.java +++ b/src/main/java/me/zhyd/oauth/config/AuthConfig.java @@ -38,7 +38,10 @@ public class AuthConfig { /** * 支付宝公钥:当选择支付宝登录时,该值可用 * 对应“RSA2(SHA256)密钥”中的“支付宝公钥” + * + * @deprecated 请使用AuthAlipayRequest的构造方法设置"alipayPublicKey" */ + @Deprecated private String alipayPublicKey; /** diff --git a/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java b/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java index e411645..5b6de86 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java @@ -18,6 +18,8 @@ import me.zhyd.oauth.model.AuthCallback; import me.zhyd.oauth.model.AuthResponse; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.utils.AuthChecker; +import me.zhyd.oauth.utils.GlobalAuthUtils; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; @@ -31,31 +33,115 @@ import java.net.InetSocketAddress; */ public class AuthAlipayRequest extends AuthDefaultRequest { - private AlipayClient alipayClient; + /** + * 支付宝公钥:当选择支付宝登录时,该值可用 + * 对应“RSA2(SHA256)密钥”中的“支付宝公钥” + */ + private final String alipayPublicKey; + + private final AlipayClient alipayClient; + /** + * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, java.lang.String) + * @deprecated 请使用带有"alipayPublicKey"参数的构造方法 + */ + @Deprecated public AuthAlipayRequest(AuthConfig config) { - super(config, AuthDefaultSource.ALIPAY); - this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), "json", "UTF-8", config - .getAlipayPublicKey(), "RSA2"); + this(config, (String) null); } + /** + * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, java.lang.String, me.zhyd.oauth.cache.AuthStateCache) + * @deprecated 请使用带有"alipayPublicKey"参数的构造方法 + */ + @Deprecated public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache) { + this(config, null, authStateCache); + } + + /** + * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, java.lang.String, me.zhyd.oauth.cache.AuthStateCache, java.lang.String, java.lang.Integer) + * @deprecated 请使用带有"alipayPublicKey"参数的构造方法 + */ + @Deprecated + public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache, String proxyHost, Integer proxyPort) { + this(config, null, authStateCache, proxyHost, proxyPort); + } + + /** + * 构造方法,需要设置"alipayPublicKey" + * + * @param config 公共的OAuth配置 + * @param alipayPublicKey 支付宝公钥 + * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig) + */ + public AuthAlipayRequest(AuthConfig config, String alipayPublicKey) { + super(config, AuthDefaultSource.ALIPAY); + this.alipayPublicKey = determineAlipayPublicKey(alipayPublicKey, config); + this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), "json", "UTF-8", alipayPublicKey, "RSA2"); + check(config); + } + + /** + * 构造方法,需要设置"alipayPublicKey" + * + * @param config 公共的OAuth配置 + * @param alipayPublicKey 支付宝公钥 + * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, me.zhyd.oauth.cache.AuthStateCache) + */ + public AuthAlipayRequest(AuthConfig config, String alipayPublicKey, AuthStateCache authStateCache) { super(config, AuthDefaultSource.ALIPAY, authStateCache); + this.alipayPublicKey = determineAlipayPublicKey(alipayPublicKey, config); if (config.getHttpConfig() != null && config.getHttpConfig().getProxy() != null && config.getHttpConfig().getProxy().address() instanceof InetSocketAddress) { InetSocketAddress address = (InetSocketAddress) config.getHttpConfig().getProxy().address(); this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), - "json", "UTF-8", config.getAlipayPublicKey(), "RSA2", address.getHostName(), address.getPort()); + "json", "UTF-8", alipayPublicKey, "RSA2", address.getHostName(), address.getPort()); } else { this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), - "json", "UTF-8", config.getAlipayPublicKey(), "RSA2"); + "json", "UTF-8", alipayPublicKey, "RSA2"); } + check(config); } - public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache, String proxyHost, Integer proxyPort) { + /** + * 构造方法,需要设置"alipayPublicKey" + * + * @param config 公共的OAuth配置 + * @param alipayPublicKey 支付宝公钥 + * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, me.zhyd.oauth.cache.AuthStateCache, java.lang.String, java.lang.Integer) + */ + public AuthAlipayRequest(AuthConfig config, String alipayPublicKey, AuthStateCache authStateCache, String proxyHost, Integer proxyPort) { super(config, AuthDefaultSource.ALIPAY, authStateCache); + this.alipayPublicKey = determineAlipayPublicKey(alipayPublicKey, config); this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), - "json", "UTF-8", config.getAlipayPublicKey(), "RSA2", proxyHost, proxyPort); + "json", "UTF-8", alipayPublicKey, "RSA2", proxyHost, proxyPort); + check(config); + } + + private String determineAlipayPublicKey(String alipayPublicKey, AuthConfig config) { + return alipayPublicKey != null ? alipayPublicKey : config.getAlipayPublicKey(); + } + + protected void check(AuthConfig config) { + AuthChecker.checkConfig(config, AuthDefaultSource.ALIPAY); + + if (!StringUtils.isNotEmpty(alipayPublicKey)) { + throw new AuthException(AuthResponseStatus.PARAMETER_INCOMPLETE, AuthDefaultSource.ALIPAY); + } + + // 支付宝在创建回调地址时,不允许使用localhost或者127.0.0.1 + if (GlobalAuthUtils.isLocalHost(config.getRedirectUri())) { + // The redirect uri of alipay is forbidden to use localhost or 127.0.0.1 + throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, AuthDefaultSource.ALIPAY); + } + } + + @Override + protected void checkCode(AuthCallback authCallback) { + if (StringUtils.isEmpty(authCallback.getAuth_code())) { + throw new AuthException(AuthResponseStatus.ILLEGAL_CODE, source); + } } @Override diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java index 8a949fa..7282cde 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java @@ -72,7 +72,7 @@ public abstract class AuthDefaultRequest implements AuthRequest { @Override public AuthResponse login(AuthCallback authCallback) { try { - AuthChecker.checkCode(source, authCallback); + checkCode(authCallback); if (!config.isIgnoreCheckState()) { AuthChecker.checkState(authCallback.getState(), source, authStateCache); } @@ -86,6 +86,10 @@ public abstract class AuthDefaultRequest implements AuthRequest { } } + protected void checkCode(AuthCallback authCallback) { + AuthChecker.checkCode(source, authCallback); + } + /** * 处理{@link AuthDefaultRequest#login(AuthCallback)} 发生异常的情况,统一响应参数 * diff --git a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java index b8ce6f7..2737d4c 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java @@ -27,9 +27,6 @@ public class AuthChecker { public static boolean isSupportedAuth(AuthConfig config, AuthSource source) { boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()); - if (isSupported && AuthDefaultSource.ALIPAY == source) { - isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey()); - } if (isSupported && AuthDefaultSource.STACK_OVERFLOW == source) { isSupported = StringUtils.isNotEmpty(config.getStackOverflowKey()); } @@ -71,18 +68,13 @@ public class AuthChecker { // Facebook's redirect uri must use the HTTPS protocol throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); } - // 支付宝在创建回调地址时,不允许使用localhost或者127.0.0.1 - if (AuthDefaultSource.ALIPAY == source && GlobalAuthUtils.isLocalHost(redirectUri)) { - // The redirect uri of alipay is forbidden to use localhost or 127.0.0.1 - throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); - } // 微软的回调地址必须为https的链接或者localhost,不允许使用http - if(AuthDefaultSource.MICROSOFT== source && !GlobalAuthUtils.isHttpsProtocolOrLocalHost(redirectUri) ){ + if (AuthDefaultSource.MICROSOFT == source && !GlobalAuthUtils.isHttpsProtocolOrLocalHost(redirectUri)) { // Microsoft's redirect uri must use the HTTPS or localhost throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); } // 微软中国的回调地址必须为https的链接或者localhost,不允许使用http - if(AuthDefaultSource.MICROSOFT_CN== source && !GlobalAuthUtils.isHttpsProtocolOrLocalHost(redirectUri) ){ + if (AuthDefaultSource.MICROSOFT_CN == source && !GlobalAuthUtils.isHttpsProtocolOrLocalHost(redirectUri)) { // Microsoft's redirect uri must use the HTTPS or localhost throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source); } @@ -103,9 +95,7 @@ public class AuthChecker { return; } String code = callback.getCode(); - if (source == AuthDefaultSource.ALIPAY) { - code = callback.getAuth_code(); - } else if (source == AuthDefaultSource.HUAWEI) { + if (source == AuthDefaultSource.HUAWEI) { code = callback.getAuthorization_code(); } if (StringUtils.isEmpty(code)) { diff --git a/src/test/java/me/zhyd/oauth/AuthRequestBuilderTest.java b/src/test/java/me/zhyd/oauth/AuthRequestBuilderTest.java index 253e365..127e665 100644 --- a/src/test/java/me/zhyd/oauth/AuthRequestBuilderTest.java +++ b/src/test/java/me/zhyd/oauth/AuthRequestBuilderTest.java @@ -3,10 +3,7 @@ package me.zhyd.oauth; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthDefaultSource; import me.zhyd.oauth.config.AuthExtendSource; -import me.zhyd.oauth.request.AuthExtendRequest; -import me.zhyd.oauth.request.AuthGiteeRequest; -import me.zhyd.oauth.request.AuthGithubRequest; -import me.zhyd.oauth.request.AuthRequest; +import me.zhyd.oauth.request.*; import me.zhyd.oauth.utils.AuthStateUtils; import org.junit.Assert; import org.junit.Test; @@ -75,31 +72,39 @@ public class AuthRequestBuilderTest { */ @Test public void build4() { + AuthConfig config = AuthConfig.builder() + .clientId("a") + .clientSecret("a") + .redirectUri("https://www.justauth.cn") + .authServerId("asd") + .agentId("asd") + .domainPrefix("asd") + .stackOverflowKey("asd") + .deviceId("asd") + .clientOsType(3) + .build(); + for (AuthDefaultSource value : AuthDefaultSource.values()) { - if (value == AuthDefaultSource.TWITTER) { - System.out.println(value.getTargetClass()); - System.out.println("忽略 twitter"); - continue; + switch (value) { + case TWITTER: + System.out.println(value.getTargetClass()); + System.out.println("忽略 twitter"); + continue; + case ALIPAY: { + // 单独给Alipay执行测试 + AuthRequest authRequest = new AuthAlipayRequest(config, "asd"); + System.out.println(value.getTargetClass()); + System.out.println(authRequest.authorize(AuthStateUtils.createState())); + continue; + } + default: + AuthRequest authRequest = AuthRequestBuilder.builder() + .source(value.getName()) + .authConfig(config) + .build(); + System.out.println(value.getTargetClass()); + System.out.println(authRequest.authorize(AuthStateUtils.createState())); } - AuthRequest authRequest = AuthRequestBuilder.builder() - .source(value.getName()) - .authConfig(AuthConfig.builder() - .clientId("a") - .clientSecret("a") - .redirectUri("https://www.justauth.cn") - .alipayPublicKey("asd") - .authServerId("asd") - .agentId("asd") - .domainPrefix("asd") - .stackOverflowKey("asd") - - .deviceId("asd") - .clientOsType(3) - .build()) - .build(); - System.out.println(value.getTargetClass()); - System.out.println(authRequest.authorize(AuthStateUtils.createState())); } - } } -- GitLab