Merge branch 'master' into refactor-v1.6.0-beta

README.md

@@ -6,7 +6,7 @@
 </p>
 <p align="center">
 	<a target="_blank" href="https://search.maven.org/search?q=JustAuth">
-		<img src="https://img.shields.io/badge/Maven Central-1.6.0_beta-blue.svg" ></img>
+		<img src="https://img.shields.io/badge/Maven Central-1.7.0-blue.svg" ></img>
 	</a>
 	<a target="_blank" href="https://gitee.com/yadong.zhang/JustAuth/blob/master/LICENSE">
 		<img src="https://img.shields.io/apm/l/vim-mode.svg?color=yellow" ></img>
@@ -64,7 +64,7 @@ JustAuth，如你所见，它仅仅是一个**第三方授权登录**的**工具
 <dependency>
     <groupId>me.zhyd.oauth</groupId>
     <artifactId>JustAuth</artifactId>
-    <version>1.6.0-beta</version>
+    <version>1.7.0</version>
 </dependency>
 ```
 - 调用api

pom.xml

@@ -6,7 +6,7 @@
 
     <groupId>me.zhyd.oauth</groupId>
     <artifactId>JustAuth</artifactId>
-    <version>1.6.0-beta</version>
+    <version>1.7.0</version>
 
     <name>JustAuth</name>
     <url>https://gitee.com/yadong.zhang/JustAuth</url>

src/main/java/me/zhyd/oauth/config/AuthSource.java

@@ -317,12 +317,12 @@ public enum AuthSource {
 
         @Override
         public String accessToken() {
-            return "https://open.douyin.com/oauth/access_token";
+            return "https://open.douyin.com/oauth/access_token/";
         }
 
         @Override
         public String userInfo() {
-            return "https://open.douyin.com/oauth/userinfo";
+            return "https://open.douyin.com/oauth/userinfo/";
         }
 
         @Override

src/main/java/me/zhyd/oauth/model/AuthToken.java

@@ -19,6 +19,7 @@ public class AuthToken {
     private String uid;
     private String openId;
     private String accessCode;
+    private String unionId;
 
     /**
      * Google附带属性

src/main/java/me/zhyd/oauth/model/AuthUserGender.java

@@ -10,7 +10,7 @@ import java.util.Arrays;
  * @since 1.8
  */
 public enum AuthUserGender {
-    MALE(1, "男"), FEMALE(0, "女"), UNKNOW(-1, "");
+    MALE(1, "男"), FEMALE(0, "女"), UNKNOW(-1, "未知");
     private int code;
     private String desc;
 

src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java

@@ -68,13 +68,17 @@ public class AuthAlipayRequest extends BaseAuthRequest {
         if (!response.isSuccess()) {
             throw new AuthException(response.getSubMsg());
         }
-        String province = response.getProvince(), city = response.getCity();
+
+        String province = response.getProvince(),
+                city = response.getCity();
+        String location = String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city);
+
         return AuthUser.builder()
                 .uuid(response.getUserId())
                 .username(StringUtils.isEmpty(response.getUserName()) ? response.getNickName() : response.getUserName())
                 .nickname(response.getNickName())
                 .avatar(response.getAvatar())
-                .location(String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city))
+                .location(location)
                 .gender(AuthUserGender.getRealGender(response.getGender()))
                 .token(authToken)
                 .source(AuthSource.ALIPAY)

src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java

@@ -43,6 +43,7 @@ public class AuthCodingRequest extends BaseAuthRequest {
         if (object.getIntValue("code") != 0) {
             throw new AuthException(object.getString("msg"));
         }
+
         object = object.getJSONObject("data");
         return AuthUser.builder()
                 .uuid(object.getString("id"))

src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java

@@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource;
 import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 /**
@@ -48,6 +49,7 @@ public class AuthCsdnRequest extends BaseAuthRequest {
                 .username(object.getString("username"))
                 .remark(object.getString("description"))
                 .blog(object.getString("website"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.CSDN)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java

@@ -2,18 +2,18 @@ package me.zhyd.oauth.request;
 
 import cn.hutool.http.HttpRequest;
 import cn.hutool.http.HttpResponse;
-import cn.hutool.json.JSONObject;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import me.zhyd.oauth.config.AuthConfig;
 import me.zhyd.oauth.config.AuthSource;
 import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthDingTalkErrorCode;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.GlobalAuthUtil;
 import me.zhyd.oauth.utils.UrlBuilder;
 
-import java.util.Objects;
-
 /**
  * 钉钉登录
  *
@@ -36,22 +36,31 @@ public class AuthDingTalkRequest extends BaseAuthRequest {
     protected AuthUser getUserInfo(AuthToken authToken) {
         String code = authToken.getAccessCode();
         // 根据timestamp, appSecret计算签名值
-        String stringToSign = System.currentTimeMillis() + "";
-        String urlEncodeSignature = GlobalAuthUtil.generateDingTalkSignature(config.getClientSecret(), stringToSign);
-        HttpResponse response = HttpRequest.post(UrlBuilder.getDingTalkUserInfoUrl(urlEncodeSignature, stringToSign, config
-                .getClientId())).body(Objects.requireNonNull(new JSONObject().put("tmp_auth_code", code))).execute();
+        String timestamp = System.currentTimeMillis() + "";
+        String urlEncodeSignature = GlobalAuthUtil.generateDingTalkSignature(config.getClientSecret(), timestamp);
+        JSONObject param = new JSONObject();
+        param.put("tmp_auth_code", code);
+        HttpResponse response = HttpRequest.post(UrlBuilder.getDingTalkUserInfoUrl(urlEncodeSignature, timestamp, config.getClientId()))
+                .body(param.toJSONString())
+                .execute();
         String userInfo = response.body();
-        JSONObject object = new JSONObject(userInfo);
-        AuthDingTalkErrorCode errorCode = AuthDingTalkErrorCode.getErrorCode(object.getInt("errcode"));
+        JSONObject object = JSON.parseObject(userInfo);
+        AuthDingTalkErrorCode errorCode = AuthDingTalkErrorCode.getErrorCode(object.getIntValue("errcode"));
         if (!AuthDingTalkErrorCode.EC0.equals(errorCode)) {
             throw new AuthException(errorCode.getDesc());
         }
         object = object.getJSONObject("user_info");
+        AuthToken token = AuthToken.builder()
+                .openId(object.getString("openid"))
+                .unionId(object.getString("unionid"))
+                .build();
         return AuthUser.builder()
-                .uuid(object.getStr("openid"))
-                .nickname(object.getStr("nick"))
-                .username(object.getStr("nick"))
+                .uuid(object.getString("unionid"))
+                .nickname(object.getString("nick"))
+                .username(object.getString("nick"))
+                .gender(AuthUserGender.UNKNOW)
                 .source(AuthSource.DINGTALK)
+                .token(token)
                 .build();
     }
 

src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java

@@ -9,6 +9,7 @@ import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 
@@ -35,16 +36,19 @@ public class AuthDouyinRequest extends BaseAuthRequest {
     protected AuthUser getUserInfo(AuthToken authToken) {
         String accessToken = authToken.getAccessToken();
         String openId = authToken.getOpenId();
-        HttpResponse response = HttpRequest.get(UrlBuilder.getDouyinUserInfoUrl(accessToken, openId)).execute();
+        String url = UrlBuilder.getDouyinUserInfoUrl(accessToken, openId);
+        HttpResponse response = HttpRequest.get(url).execute();
         JSONObject object = JSONObject.parseObject(response.body());
 
         JSONObject userInfoObject = this.checkResponse(object);
 
         return AuthUser.builder()
-                .uuid(userInfoObject.getString("open_id"))
+                .uuid(userInfoObject.getString("union_id"))
                 .username(userInfoObject.getString("nickname"))
                 .nickname(userInfoObject.getString("nickname"))
                 .avatar(userInfoObject.getString("avatar"))
+                .remark(userInfoObject.getString("description"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.DOUYIN)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java

@@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource;
 import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 /**
@@ -51,6 +52,7 @@ public class AuthGiteeRequest extends BaseAuthRequest {
                 .location(object.getString("address"))
                 .email(object.getString("email"))
                 .remark(object.getString("bio"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.GITEE)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java

@@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource;
 import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.GlobalAuthUtil;
 import me.zhyd.oauth.utils.UrlBuilder;
 
@@ -54,6 +55,7 @@ public class AuthGithubRequest extends BaseAuthRequest {
                 .location(object.getString("location"))
                 .email(object.getString("email"))
                 .remark(object.getString("bio"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.GITHUB)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java

@@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource;
 import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 /**
@@ -57,6 +58,7 @@ public class AuthGoogleRequest extends BaseAuthRequest {
                 .nickname(object.getString("name"))
                 .location(object.getString("locale"))
                 .email(object.getString("email"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.GOOGLE)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java

@@ -10,6 +10,7 @@ import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.StringUtils;
 import me.zhyd.oauth.utils.UrlBuilder;
 
@@ -83,6 +84,7 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
                 .avatar(avatar)
                 .email(email)
                 .token(authToken)
+                .gender(AuthUserGender.UNKNOW)
                 .source(AuthSource.LINKEDIN)
                 .build();
     }

src/main/java/me/zhyd/oauth/request/AuthMiRequest.java

@@ -10,6 +10,7 @@ import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 import java.text.MessageFormat;
@@ -74,6 +75,7 @@ public class AuthMiRequest extends BaseAuthRequest {
                 .nickname(user.getString("miliaoNick"))
                 .avatar(user.getString("miliaoIcon"))
                 .email(user.getString("mail"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.MI)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java

@@ -10,6 +10,7 @@ import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 import java.util.HashMap;
@@ -85,6 +86,7 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
                 .nickname(object.getString("displayName"))
                 .location(object.getString("officeLocation"))
                 .email(object.getString("mail"))
+                .gender(AuthUserGender.UNKNOW)
                 .token(authToken)
                 .source(AuthSource.MICROSOFT)
                 .build();

src/main/java/me/zhyd/oauth/request/AuthQqRequest.java

@@ -48,7 +48,7 @@ public class AuthQqRequest extends BaseAuthRequest {
     @Override
     protected AuthUser getUserInfo(AuthToken authToken) {
         String accessToken = authToken.getAccessToken();
-        String openId = this.getOpenId(accessToken);
+        String openId = this.getOpenId(authToken);
         HttpResponse response = HttpRequest.get(UrlBuilder.getQqUserInfoUrl(config.getClientId(), accessToken, openId))
                 .execute();
         JSONObject object = JSONObject.parseObject(response.body());
@@ -59,11 +59,13 @@ public class AuthQqRequest extends BaseAuthRequest {
         if (StringUtils.isEmpty(avatar)) {
             avatar = object.getString("figureurl_qq_1");
         }
+
+        String location = String.format("%s-%s", object.getString("province"), object.getString("city"));
         return AuthUser.builder()
                 .username(object.getString("nickname"))
                 .nickname(object.getString("nickname"))
                 .avatar(avatar)
-                .location(object.getString("province") + "-" + object.getString("city"))
+                .location(location)
                 .uuid(openId)
                 .gender(AuthUserGender.getRealGender(object.getString("gender")))
                 .token(authToken)
@@ -81,7 +83,8 @@ public class AuthQqRequest extends BaseAuthRequest {
         return UrlBuilder.getQqAuthorizeUrl(config.getClientId(), config.getRedirectUri());
     }
 
-    private String getOpenId(String accessToken) {
+    private String getOpenId(AuthToken authToken) {
+        String accessToken = authToken.getAccessToken();
         HttpResponse response = HttpRequest.get(UrlBuilder.getQqOpenidUrl("https://graph.qq.com/oauth2.0/me", accessToken))
                 .execute();
         if (response.isOk()) {
@@ -90,11 +93,14 @@ public class AuthQqRequest extends BaseAuthRequest {
             String removeSuffix = StrUtil.replace(removePrefix, ");", "");
             String openId = StrUtil.trim(removeSuffix);
             JSONObject object = JSONObject.parseObject(openId);
-            if (object.containsKey("openid")) {
-                return object.getString("openid");
+            if (object.containsKey("error")) {
+                throw new AuthException(object.get("error") + ":" + object.get("error_description"));
             }
-            throw new AuthException("Invalid openId");
+            authToken.setOpenId(object.getString("openid"));
+            authToken.setUnionId(object.getString("unionid"));
+            return StringUtils.isEmpty(authToken.getUnionId()) ? authToken.getOpenId() : authToken.getUnionId();
         }
-        throw new AuthException("Invalid openId");
+
+        throw new AuthException("request error");
     }
 }

src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java

@@ -6,7 +6,10 @@ import com.alibaba.fastjson.JSONObject;
 import me.zhyd.oauth.config.AuthConfig;
 import me.zhyd.oauth.config.AuthSource;
 import me.zhyd.oauth.exception.AuthException;
-import me.zhyd.oauth.model.*;
+import me.zhyd.oauth.model.AuthToken;
+import me.zhyd.oauth.model.AuthToutiaoErrorCode;
+import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.model.AuthUserGender;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 /**

src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java

@@ -46,11 +46,12 @@ public class AuthWeChatRequest extends BaseAuthRequest {
 
         this.checkResponse(object);
 
+        String location = String.format("%s-%s-%s", object.getString("country"), object.getString("province"), object.getString("city"));
         return AuthUser.builder()
                 .username(object.getString("nickname"))
                 .nickname(object.getString("nickname"))
                 .avatar(object.getString("headimgurl"))
-                .location(object.getString("country") + "-" + object.getString("province") + "-" + object.getString("city"))
+                .location(location)
                 .uuid(openId)
                 .gender(AuthUserGender.getRealGender(object.getString("sex")))
                 .token(authToken)

src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java

@@ -22,9 +22,11 @@ public abstract class BaseAuthRequest implements AuthRequest {
     public BaseAuthRequest(AuthConfig config, AuthSource source) {
         this.config = config;
         this.source = source;
-        if (!AuthConfigChecker.isSupportedAuth(config)) {
+        if (!AuthConfigChecker.isSupportedAuth(config, source)) {
             throw new AuthException(ResponseStatus.PARAMETER_INCOMPLETE);
         }
+        // 校验配置合法性
+        AuthConfigChecker.check(config, source);
     }
 
     protected abstract AuthToken getAccessToken(String code);

src/main/java/me/zhyd/oauth/request/ResponseStatus.java

@@ -13,6 +13,7 @@ public enum ResponseStatus {
     UNSUPPORTED(5003, "Unsupported operation"),
     NO_AUTH_SOURCE(5004, "AuthSource cannot be null"),
     UNIDENTIFIED_PLATFORM(5005, "Unidentified platform"),
+    ILLEGAL_REDIRECT_URI(5006, "Illegal redirect uri"),
     ;
 
     private int code;

src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java

 package me.zhyd.oauth.utils;
 
 import me.zhyd.oauth.config.AuthConfig;
+import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.exception.AuthException;
+import me.zhyd.oauth.request.ResponseStatus;
 
 /**
  * 授权配置类的校验器
@@ -15,9 +18,35 @@ public class AuthConfigChecker {
      * 是否支持第三方登录
      *
      * @param config config
+     * @param source source
      * @return true or false
      */
-    public static boolean isSupportedAuth(AuthConfig config) {
-        return StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
+    public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
+        boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
+        if (isSupported && AuthSource.ALIPAY == source) {
+            isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
+        }
+        return isSupported;
+    }
+
+    /**
+     * 检查配置合法性。针对部分平台， 对redirect uri有特定要求。一般来说redirect uri都是http://，而对于facebook平台， redirect uri 必须是https的链接
+     *
+     * @param config config
+     * @param source source
+     */
+    public static void check(AuthConfig config, AuthSource source) {
+        String redirectUri = config.getRedirectUri();
+        if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
+            throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
+        }
+        // facebook的回调地址必须为https的链接
+        if (AuthSource.FACEBOOK == source && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
+            throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
+        }
+        // 支付宝在创建回调地址时，不允许使用localhost或者127.0.0.1
+        if (AuthSource.ALIPAY == source && GlobalAuthUtil.isLocalHost(redirectUri)) {
+            throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
+        }
     }
 }

src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java

@@ -25,9 +25,9 @@ public class GlobalAuthUtil {
     private static final String DEFAULT_ENCODING = "UTF-8";
     private static final String ALGORITHM = "HmacSHA256";
 
-    public static String generateDingTalkSignature(String canonicalString, String secret) {
+    public static String generateDingTalkSignature(String secretKey, String timestamp) {
         try {
-            byte[] signData = sign(canonicalString.getBytes(DEFAULT_ENCODING), secret.getBytes(DEFAULT_ENCODING));
+            byte[] signData = sign(secretKey.getBytes(DEFAULT_ENCODING), timestamp.getBytes(DEFAULT_ENCODING));
             return urlEncode(new String(Base64.encode(signData, false)));
         } catch (UnsupportedEncodingException ex) {
             throw new AuthException("Unsupported algorithm: " + DEFAULT_ENCODING, ex);
@@ -84,4 +84,23 @@ public class GlobalAuthUtil {
         }
         return res;
     }
+
+    public static boolean isHttpProtocol(String url) {
+        if (StringUtils.isEmpty(url)) {
+            return false;
+        }
+        return url.startsWith("http://");
+    }
+
+    public static boolean isHttpsProtocol(String url) {
+        if (StringUtils.isEmpty(url)) {
+            return false;
+        }
+        return url.startsWith("https://");
+    }
+
+    public static boolean isLocalHost(String url) {
+        return StringUtils.isEmpty(url) || url.contains("127.0.0.1") || url.contains("localhost");
+    }
+
 }

src/main/java/me/zhyd/oauth/utils/UrlBuilder.java

@@ -58,7 +58,7 @@ public class UrlBuilder {
     private static final String QQ_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
     private static final String QQ_USER_INFO_PATTERN = "{0}?oauth_consumer_key={1}&access_token={2}&openid={3}";
     private static final String QQ_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
-    private static final String QQ_OPENID_PATTERN = "{0}?access_token={1}";
+    private static final String QQ_OPENID_PATTERN = "{0}?access_token={1}&unionid=1";
 
     private static final String WECHAT_AUTHORIZE_PATTERN = "{0}?appid={1}&redirect_uri={2}&response_type=code&scope=snsapi_login&state={3}#wechat_redirect";
     private static final String WECHAT_ACCESS_TOKEN_PATTERN = "{0}?appid={1}&secret={2}&code={3}&grant_type=authorization_code";
@@ -73,7 +73,7 @@ public class UrlBuilder {
     private static final String FACEBOOK_USER_INFO_PATTERN = "{0}?access_token={1}&fields=id,name,birthday,gender,hometown,email,devices,picture.width(400)";
 
     private static final String DOUYIN_AUTHORIZE_PATTERN = "{0}?client_key={1}&redirect_uri={2}&state={3}&response_type=code&scope=user_info";
-    private static final String DOUYIN_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&code={3}&grant_type=authorization_code";
+    private static final String DOUYIN_ACCESS_TOKEN_PATTERN = "{0}?client_key={1}&client_secret={2}&code={3}&grant_type=authorization_code";
     private static final String DOUYIN_USER_INFO_PATTERN = "{0}?access_token={1}&open_id={2}";
     private static final String DOUYIN_REFRESH_TOKEN_PATTERN = "{0}?client_key={1}&refresh_token={2}&grant_type=refresh_token";
 

update.md

+### 2019/06/19
+1. 合并[xkcoding](https://github.com/xkcoding)提交的[PR](https://github.com/zhangyd-c/JustAuth/pull/14)，重构了部分代码，jar包由原来的`130+kb`优化到现在的`110+kb`
+2. 合并[skqing](https://gitee.com/skqing)提交的[PR](https://gitee.com/yadong.zhang/JustAuth/pulls/3)， 解决抖音登录失败问题 
+
+### 2019/06/18 
+1. 解决Issue [#IY2HW](https://gitee.com/yadong.zhang/JustAuth/issues/IY2HW)
+2. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH)
+3. 解决Issue [#IY2FV](https://gitee.com/yadong.zhang/JustAuth/issues/IY2FV)
+4. 修复部分注释、拼写错误
+5. 解决Issue [#IY1QR](https://gitee.com/yadong.zhang/JustAuth/issues/IY1QR) 增加对Config属性的校验功能，主要校验redirect uri的合法性
+6. 合并[skqing](https://gitee.com/skqing)提交的[PR](https://gitee.com/yadong.zhang/JustAuth/pulls/2)，解决一些BUG
+
 ### 2019/06/06
 1. 增加今日头条的授权登陆
 2. 发布1.6.0-beta版本，今日头条开发者暂时不能认证， 所以无法做测试，等测试通过后，正式发布release版本