Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
justauth
JustAuth
提交
ac4ede74
J
JustAuth
项目概览
justauth
/
JustAuth
1 年多 前同步成功
通知
394
Star
15212
Fork
2708
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
JustAuth
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
ac4ede74
编写于
6月 27, 2019
作者:
智布道
👁
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
👽
修改login方法的参数为AuthCallback,封装回调返回的参数、支持state参数、增加code和state参数校验
上级
9941ce7e
变更
31
隐藏空白更改
内联
并排
Showing
31 changed file
with
187 addition
and
107 deletion
+187
-107
pom.xml
pom.xml
+1
-1
src/main/java/me/zhyd/oauth/config/AuthConfig.java
src/main/java/me/zhyd/oauth/config/AuthConfig.java
+9
-0
src/main/java/me/zhyd/oauth/model/AuthCallback.java
src/main/java/me/zhyd/oauth/model/AuthCallback.java
+31
-0
src/main/java/me/zhyd/oauth/model/AuthResponse.java
src/main/java/me/zhyd/oauth/model/AuthResponse.java
+4
-2
src/main/java/me/zhyd/oauth/model/AuthToken.java
src/main/java/me/zhyd/oauth/model/AuthToken.java
+4
-1
src/main/java/me/zhyd/oauth/model/AuthUser.java
src/main/java/me/zhyd/oauth/model/AuthUser.java
+4
-1
src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java
src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java
+4
-3
src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
+2
-2
src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java
src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java
+4
-3
src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java
src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java
+4
-3
src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java
src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java
+4
-3
src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java
src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java
+5
-4
src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java
src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java
+4
-4
src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
+3
-2
src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
...main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
+5
-4
src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
+5
-4
src/main/java/me/zhyd/oauth/request/AuthRequest.java
src/main/java/me/zhyd/oauth/request/AuthRequest.java
+3
-2
src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java
src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java
+3
-2
src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java
...n/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java
+4
-3
src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java
src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
+3
-6
src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
+5
-4
src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java
src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java
+10
-6
src/main/java/me/zhyd/oauth/request/ResponseStatus.java
src/main/java/me/zhyd/oauth/request/ResponseStatus.java
+2
-0
src/main/java/me/zhyd/oauth/utils/AuthChecker.java
src/main/java/me/zhyd/oauth/utils/AuthChecker.java
+34
-2
src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
+12
-9
未找到文件。
pom.xml
浏览文件 @
ac4ede74
...
...
@@ -6,7 +6,7 @@
<groupId>
me.zhyd.oauth
</groupId>
<artifactId>
JustAuth
</artifactId>
<version>
1.
7.1
</version>
<version>
1.
8.0
</version>
<name>
JustAuth
</name>
<url>
https://gitee.com/yadong.zhang/JustAuth
</url>
...
...
src/main/java/me/zhyd/oauth/config/AuthConfig.java
浏览文件 @
ac4ede74
...
...
@@ -40,6 +40,15 @@ public class AuthConfig {
* 是否需要申请unionid,目前只针对qq登录
* 注:qq授权登录时,获取unionid需要单独发送邮件申请权限。如果个人开发者账号中申请了该权限,可以将该值置为true,在获取openId时就会同步获取unionId
* 参考链接:http://wiki.connect.qq.com/unionid%E4%BB%8B%E7%BB%8D
* <p>
* 1.7.1版本新增参数
*/
private
boolean
unionId
;
/**
* 一个神奇的参数,最好使用随机的不可测的内容,可以用来防止CSRF攻击
* <p>
* 1.8.0版本新增参数
*/
private
String
state
;
}
src/main/java/me/zhyd/oauth/model/AuthCallback.java
0 → 100644
浏览文件 @
ac4ede74
package
me.zhyd.oauth.model
;
import
lombok.Getter
;
import
lombok.Setter
;
/**
* 授权回调时的参数类
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
@Getter
@Setter
public
class
AuthCallback
{
/**
* 访问AuthorizeUrl后回调时带的参数code
*/
private
String
code
;
/**
* 访问AuthorizeUrl后回调时带的参数auth_code,该参数目前只使用于支付宝登录
*/
private
String
auth_code
;
/**
* 访问AuthorizeUrl后回调时带的参数state,用于和请求AuthorizeUrl前的state比较,防止CSRF攻击
*/
private
String
state
;
}
src/main/java/me/zhyd/oauth/model/AuthResponse.java
浏览文件 @
ac4ede74
package
me.zhyd.oauth.model
;
import
lombok.Builder
;
import
lombok.Data
;
import
lombok.Getter
;
import
lombok.Setter
;
import
me.zhyd.oauth.request.ResponseStatus
;
/**
...
...
@@ -11,8 +12,9 @@ import me.zhyd.oauth.request.ResponseStatus;
* @version 1.0
* @since 1.8
*/
@Getter
@Setter
@Builder
@Data
public
class
AuthResponse
<
T
>
{
/**
* 授权响应状态码
...
...
src/main/java/me/zhyd/oauth/model/AuthToken.java
浏览文件 @
ac4ede74
...
...
@@ -2,6 +2,8 @@ package me.zhyd.oauth.model;
import
lombok.Builder
;
import
lombok.Data
;
import
lombok.Getter
;
import
lombok.Setter
;
/**
* 授权所需的token
...
...
@@ -10,7 +12,8 @@ import lombok.Data;
* @version 1.0
* @since 1.8
*/
@Data
@Getter
@Setter
@Builder
public
class
AuthToken
{
private
String
accessToken
;
...
...
src/main/java/me/zhyd/oauth/model/AuthUser.java
浏览文件 @
ac4ede74
...
...
@@ -2,6 +2,8 @@ package me.zhyd.oauth.model;
import
lombok.Builder
;
import
lombok.Data
;
import
lombok.Getter
;
import
lombok.Setter
;
import
me.zhyd.oauth.config.AuthSource
;
/**
...
...
@@ -11,8 +13,9 @@ import me.zhyd.oauth.config.AuthSource;
* @version 1.0
* @since 1.8
*/
@Getter
@Setter
@Builder
@Data
public
class
AuthUser
{
/**
* 用户名
...
...
src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java
浏览文件 @
ac4ede74
...
...
@@ -10,6 +10,7 @@ import com.alipay.api.response.AlipayUserInfoShareResponse;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -34,15 +35,15 @@ public class AuthAlipayRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
AlipaySystemOauthTokenRequest
request
=
new
AlipaySystemOauthTokenRequest
();
request
.
setGrantType
(
"authorization_code"
);
request
.
setCode
(
code
);
request
.
setCode
(
authCallback
.
getCode
()
);
AlipaySystemOauthTokenResponse
response
=
null
;
try
{
response
=
this
.
alipayClient
.
execute
(
request
);
}
catch
(
Exception
e
)
{
throw
new
AuthException
(
"Unable to get token from alipay using code ["
+
code
+
"]"
,
e
);
throw
new
AuthException
(
"Unable to get token from alipay using code ["
+
authCallback
.
getCode
()
+
"]"
,
e
);
}
if
(!
response
.
isSuccess
())
{
throw
new
AuthException
(
response
.
getSubMsg
());
...
...
src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
浏览文件 @
ac4ede74
...
...
@@ -23,8 +23,8 @@ public class AuthBaiduRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getBaiduAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getBaiduAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
,
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
JSONObject
accessTokenObject
=
JSONObject
.
parseObject
(
response
.
body
());
...
...
src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,12 +26,12 @@ public class AuthCodingRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getCodingAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
);
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getCodingAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
);
HttpResponse
response
=
HttpRequest
.
get
(
accessTokenUrl
).
execute
();
JSONObject
accessTokenObject
=
JSONObject
.
parseObject
(
response
.
body
());
if
(
accessTokenObject
.
getIntValue
(
"code"
)
!=
0
)
{
throw
new
AuthException
(
"Unable to get token from coding using code ["
+
code
+
"]"
);
throw
new
AuthException
(
"Unable to get token from coding using code ["
+
authCallback
.
getCode
()
+
"]"
);
}
return
AuthToken
.
builder
().
accessToken
(
accessTokenObject
.
getString
(
"access_token"
)).
build
();
}
...
...
src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,13 +26,13 @@ public class AuthCsdnRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getCsdnAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getCsdnAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
,
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
JSONObject
accessTokenObject
=
JSONObject
.
parseObject
(
response
.
body
());
if
(
accessTokenObject
.
containsKey
(
"error_code"
))
{
throw
new
AuthException
(
"Unable to get token from csdn using code ["
+
code
+
"]"
);
throw
new
AuthException
(
"Unable to get token from csdn using code ["
+
authCallback
.
getCode
()
+
"]"
);
}
return
AuthToken
.
builder
().
accessToken
(
accessTokenObject
.
getString
(
"access_token"
)).
build
();
}
...
...
src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
浏览文件 @
ac4ede74
...
...
@@ -7,10 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthDingTalkErrorCode
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.GlobalAuthUtil
;
import
me.zhyd.oauth.utils.UrlBuilder
;
...
...
@@ -28,8 +25,8 @@ public class AuthDingTalkRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
return
AuthToken
.
builder
().
accessCode
(
code
).
build
();
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
return
AuthToken
.
builder
().
accessCode
(
authCallback
.
getCode
()
).
build
();
}
@Override
...
...
src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,10 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.UrlBuilder
;
...
...
@@ -27,8 +24,8 @@ public class AuthDouyinRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getDouyinAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
);
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getDouyinAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
);
return
this
.
getToken
(
accessTokenUrl
);
}
...
...
src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,9 +26,9 @@ public class AuthFacebookRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getFacebookAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
.
getRedirectUri
());
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getFacebookAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
(),
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
JSONObject
object
=
JSONObject
.
parseObject
(
response
.
body
());
...
...
src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,13 +26,13 @@ public class AuthGiteeRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getGiteeAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
.
getRedirectUri
());
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getGiteeAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
(),
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
JSONObject
accessTokenObject
=
JSONObject
.
parseObject
(
response
.
body
());
if
(
accessTokenObject
.
containsKey
(
"error"
))
{
throw
new
AuthException
(
"Unable to get token from gitee using code ["
+
code
+
"]"
);
throw
new
AuthException
(
"Unable to get token from gitee using code ["
+
authCallback
.
getCode
()
+
"]"
);
}
return
AuthToken
.
builder
().
accessToken
(
accessTokenObject
.
getString
(
"access_token"
)).
build
();
}
...
...
src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -28,9 +29,8 @@ public class AuthGithubRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getGithubAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
.
getRedirectUri
());
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getGithubAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
(),
config
.
getRedirectUri
(),
config
.
getState
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
Map
<
String
,
String
>
res
=
GlobalAuthUtil
.
parseStringToMap
(
response
.
body
());
if
(
res
.
containsKey
(
"error"
))
{
...
...
@@ -68,6 +68,6 @@ public class AuthGithubRequest extends BaseAuthRequest {
*/
@Override
public
String
authorize
()
{
return
UrlBuilder
.
getGithubAuthorizeUrl
(
config
.
getClientId
(),
config
.
getRedirectUri
());
return
UrlBuilder
.
getGithubAuthorizeUrl
(
config
.
getClientId
(),
config
.
getRedirectUri
()
,
config
.
getState
()
);
}
}
src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,8 +26,8 @@ public class AuthGoogleRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getGoogleAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getGoogleAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
,
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
JSONObject
object
=
JSONObject
.
parseObject
(
response
.
body
());
...
...
src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
浏览文件 @
ac4ede74
...
...
@@ -7,10 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.StringUtils
;
import
me.zhyd.oauth.utils.UrlBuilder
;
...
...
@@ -29,8 +26,8 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getLinkedinAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getLinkedinAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
,
config
.
getRedirectUri
());
return
this
.
getToken
(
accessTokenUrl
);
}
...
...
src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
浏览文件 @
ac4ede74
...
...
@@ -7,10 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.UrlBuilder
;
import
java.text.MessageFormat
;
...
...
@@ -30,8 +27,8 @@ public class AuthMiRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getMiAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
config
.
getRedirectUri
(),
code
);
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getMiAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
config
.
getRedirectUri
(),
authCallback
.
getCode
()
);
return
getToken
(
accessTokenUrl
);
}
...
...
src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
浏览文件 @
ac4ede74
...
...
@@ -7,10 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.UrlBuilder
;
import
java.util.HashMap
;
...
...
@@ -29,9 +26,9 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getMicrosoftAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
config
.
getRedirectUri
(),
code
);
.
getRedirectUri
(),
authCallback
.
getCode
()
);
return
getToken
(
accessTokenUrl
);
}
...
...
src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,13 +26,13 @@ public class AuthOschinaRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getOschinaAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
.
getRedirectUri
());
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getOschinaAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
(),
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
JSONObject
accessTokenObject
=
JSONObject
.
parseObject
(
response
.
body
());
if
(
accessTokenObject
.
containsKey
(
"error"
))
{
throw
new
AuthException
(
"Unable to get token from oschina using code ["
+
code
+
"]"
);
throw
new
AuthException
(
"Unable to get token from oschina using code ["
+
authCallback
.
getCode
()
+
"]"
);
}
return
AuthToken
.
builder
().
accessToken
(
accessTokenObject
.
getString
(
"access_token"
)).
build
();
}
...
...
src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
浏览文件 @
ac4ede74
...
...
@@ -7,6 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -30,13 +31,13 @@ public class AuthQqRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getQqAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
.
getRedirectUri
());
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getQqAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
(),
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
get
(
accessTokenUrl
).
execute
();
Map
<
String
,
String
>
accessTokenObject
=
GlobalAuthUtil
.
parseStringToMap
(
response
.
body
());
if
(!
accessTokenObject
.
containsKey
(
"access_token"
))
{
throw
new
AuthException
(
"Unable to get token from qq using code ["
+
code
+
"]"
);
throw
new
AuthException
(
"Unable to get token from qq using code ["
+
authCallback
.
getCode
()
+
"]"
);
}
return
AuthToken
.
builder
()
.
accessToken
(
accessTokenObject
.
get
(
"access_token"
))
...
...
src/main/java/me/zhyd/oauth/request/AuthRequest.java
浏览文件 @
ac4ede74
package
me.zhyd.oauth.request
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
...
...
@@ -23,10 +24,10 @@ public interface AuthRequest {
/**
* 第三方登录
*
* @param
code 通过authorize换回的code
* @param
authCallback 用于接收回调参数的实体
* @return 返回登录成功后的用户信息
*/
default
AuthResponse
login
(
String
code
)
{
default
AuthResponse
login
(
AuthCallback
authCallback
)
{
throw
new
AuthException
(
ResponseStatus
.
NOT_IMPLEMENTED
);
}
...
...
src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -26,8 +27,8 @@ public class AuthTaobaoRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
return
AuthToken
.
builder
().
accessCode
(
code
).
build
();
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
return
AuthToken
.
builder
().
accessCode
(
authCallback
.
getCode
()
).
build
();
}
@Override
...
...
src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -25,12 +26,12 @@ public class AuthTencentCloudRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getTencentCloudAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
);
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getTencentCloudAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
);
HttpResponse
response
=
HttpRequest
.
get
(
accessTokenUrl
).
execute
();
JSONObject
object
=
JSONObject
.
parseObject
(
response
.
body
());
if
(
object
.
getIntValue
(
"code"
)
!=
0
)
{
throw
new
AuthException
(
"Unable to get token from tencent cloud using code ["
+
code
+
"]: "
+
object
.
get
(
"msg"
));
throw
new
AuthException
(
"Unable to get token from tencent cloud using code ["
+
authCallback
.
getCode
()
+
"]: "
+
object
.
get
(
"msg"
));
}
return
AuthToken
.
builder
().
accessToken
(
object
.
getString
(
"access_token"
)).
build
();
}
...
...
src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,10 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthToutiaoErrorCode
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.UrlBuilder
;
/**
...
...
@@ -26,8 +23,8 @@ public class AuthToutiaoRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getToutiaoAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
);
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getToutiaoAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
);
HttpResponse
response
=
HttpRequest
.
get
(
accessTokenUrl
).
execute
();
JSONObject
object
=
JSONObject
.
parseObject
(
response
.
body
());
...
...
src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,10 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
import
me.zhyd.oauth.model.*
;
import
me.zhyd.oauth.utils.UrlBuilder
;
/**
...
...
@@ -31,8 +28,8 @@ public class AuthWeChatRequest extends BaseAuthRequest {
* @return 所有信息
*/
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getWeChatAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
);
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getWeChatAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
);
return
this
.
getToken
(
accessTokenUrl
);
}
...
...
src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
浏览文件 @
ac4ede74
...
...
@@ -6,6 +6,7 @@ import com.alibaba.fastjson.JSONObject;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.model.AuthUserGender
;
...
...
@@ -28,14 +29,14 @@ public class AuthWeiboRequest extends BaseAuthRequest {
}
@Override
protected
AuthToken
getAccessToken
(
String
code
)
{
String
accessTokenUrl
=
UrlBuilder
.
getWeiboAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
code
,
config
protected
AuthToken
getAccessToken
(
AuthCallback
authCallback
)
{
String
accessTokenUrl
=
UrlBuilder
.
getWeiboAccessTokenUrl
(
config
.
getClientId
(),
config
.
getClientSecret
(),
authCallback
.
getCode
()
,
config
.
getRedirectUri
());
HttpResponse
response
=
HttpRequest
.
post
(
accessTokenUrl
).
execute
();
String
accessTokenStr
=
response
.
body
();
JSONObject
accessTokenObject
=
JSONObject
.
parseObject
(
accessTokenStr
);
if
(
accessTokenObject
.
containsKey
(
"error"
))
{
throw
new
AuthException
(
"Unable to get token from weibo using code ["
+
code
+
"]:"
+
accessTokenObject
.
getString
(
"error_description"
));
throw
new
AuthException
(
"Unable to get token from weibo using code ["
+
authCallback
.
getCode
()
+
"]:"
+
accessTokenObject
.
getString
(
"error_description"
));
}
return
AuthToken
.
builder
()
.
accessToken
(
accessTokenObject
.
getString
(
"access_token"
))
...
...
@@ -81,6 +82,6 @@ public class AuthWeiboRequest extends BaseAuthRequest {
*/
@Override
public
String
authorize
()
{
return
UrlBuilder
.
getWeiboAuthorizeUrl
(
config
.
getClientId
(),
config
.
getRedirectUri
());
return
UrlBuilder
.
getWeiboAuthorizeUrl
(
config
.
getClientId
(),
config
.
getRedirectUri
()
,
config
.
getState
()
);
}
}
src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java
浏览文件 @
ac4ede74
...
...
@@ -4,10 +4,11 @@ import lombok.Data;
import
me.zhyd.oauth.config.AuthConfig
;
import
me.zhyd.oauth.config.AuthSource
;
import
me.zhyd.oauth.exception.AuthException
;
import
me.zhyd.oauth.model.AuthCallback
;
import
me.zhyd.oauth.model.AuthResponse
;
import
me.zhyd.oauth.model.AuthToken
;
import
me.zhyd.oauth.model.AuthUser
;
import
me.zhyd.oauth.utils.AuthC
onfigC
hecker
;
import
me.zhyd.oauth.utils.AuthChecker
;
/**
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
...
...
@@ -22,21 +23,24 @@ public abstract class BaseAuthRequest implements AuthRequest {
public
BaseAuthRequest
(
AuthConfig
config
,
AuthSource
source
)
{
this
.
config
=
config
;
this
.
source
=
source
;
if
(!
AuthC
onfigC
hecker
.
isSupportedAuth
(
config
,
source
))
{
if
(!
AuthChecker
.
isSupportedAuth
(
config
,
source
))
{
throw
new
AuthException
(
ResponseStatus
.
PARAMETER_INCOMPLETE
);
}
// 校验配置合法性
AuthC
onfigChecker
.
check
(
config
,
source
);
AuthC
hecker
.
checkConfig
(
config
,
source
);
}
protected
abstract
AuthToken
getAccessToken
(
String
code
);
protected
abstract
AuthToken
getAccessToken
(
AuthCallback
authCallback
);
protected
abstract
AuthUser
getUserInfo
(
AuthToken
authToken
);
@Override
public
AuthResponse
login
(
String
code
)
{
public
AuthResponse
login
(
AuthCallback
authCallback
)
{
try
{
AuthToken
authToken
=
this
.
getAccessToken
(
code
);
AuthChecker
.
checkCode
(
authCallback
.
getCode
());
AuthChecker
.
checkState
(
authCallback
.
getState
(),
config
.
getState
());
AuthToken
authToken
=
this
.
getAccessToken
(
authCallback
);
AuthUser
user
=
this
.
getUserInfo
(
authToken
);
return
AuthResponse
.
builder
().
code
(
ResponseStatus
.
SUCCESS
.
getCode
()).
data
(
user
).
build
();
}
catch
(
Exception
e
)
{
...
...
src/main/java/me/zhyd/oauth/request/ResponseStatus.java
浏览文件 @
ac4ede74
...
...
@@ -14,6 +14,8 @@ public enum ResponseStatus {
NO_AUTH_SOURCE
(
5004
,
"AuthSource cannot be null"
),
UNIDENTIFIED_PLATFORM
(
5005
,
"Unidentified platform"
),
ILLEGAL_REDIRECT_URI
(
5006
,
"Illegal redirect uri"
),
ILLEGAL_REQUEST
(
5007
,
"Illegal request"
),
ILLEGAL_CODE
(
5008
,
"Illegal code"
),
;
private
int
code
;
...
...
src/main/java/me/zhyd/oauth/utils/AuthC
onfigC
hecker.java
→
src/main/java/me/zhyd/oauth/utils/AuthChecker.java
浏览文件 @
ac4ede74
...
...
@@ -12,7 +12,7 @@ import me.zhyd.oauth.request.ResponseStatus;
* @version 1.0
* @since 1.8
*/
public
class
AuthC
onfigC
hecker
{
public
class
AuthChecker
{
/**
* 是否支持第三方登录
...
...
@@ -35,7 +35,7 @@ public class AuthConfigChecker {
* @param config config
* @param source source
*/
public
static
void
check
(
AuthConfig
config
,
AuthSource
source
)
{
public
static
void
check
Config
(
AuthConfig
config
,
AuthSource
source
)
{
String
redirectUri
=
config
.
getRedirectUri
();
if
(!
GlobalAuthUtil
.
isHttpProtocol
(
redirectUri
)
&&
!
GlobalAuthUtil
.
isHttpsProtocol
(
redirectUri
))
{
throw
new
AuthException
(
ResponseStatus
.
ILLEGAL_REDIRECT_URI
);
...
...
@@ -49,4 +49,36 @@ public class AuthConfigChecker {
throw
new
AuthException
(
ResponseStatus
.
ILLEGAL_REDIRECT_URI
);
}
}
/**
* 校验回调传回的code
*
* @param code 回调时传回的code
*/
public
static
void
checkCode
(
String
code
)
{
if
(
StringUtils
.
isEmpty
(
code
))
{
throw
new
AuthException
(
ResponseStatus
.
ILLEGAL_CODE
);
}
}
/**
* 校验state的合法性防止被CSRF
*
* @param newState 新的state,一般为回调时传回的state(可能被篡改)
* @param originalState 原始的state,发起授权时向第三方平台传递的state
*/
public
static
void
checkState
(
String
newState
,
String
originalState
)
{
// 如果原始state为空,表示当前平台未使用state
if
(
StringUtils
.
isEmpty
(
originalState
))
{
return
;
}
// 如果授权之前使用了state,但是回调时未返回state,则表示当前请求为非法的请求,可能正在被CSRF攻击
if
(
StringUtils
.
isEmpty
(
newState
))
{
throw
new
AuthException
(
ResponseStatus
.
ILLEGAL_REQUEST
);
}
// 如果授权前后的state不一致,则表示当前请求为非法的请求,新的state可能为伪造
if
(!
newState
.
equals
(
originalState
))
{
throw
new
AuthException
(
ResponseStatus
.
ILLEGAL_REQUEST
);
}
}
}
src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
浏览文件 @
ac4ede74
...
...
@@ -13,9 +13,9 @@ import java.text.MessageFormat;
*/
public
class
UrlBuilder
{
private
static
final
String
GITHUB_ACCESS_TOKEN_PATTERN
=
"{0}?client_id={1}&client_secret={2}&code={3}&redirect_uri={4}"
;
private
static
final
String
GITHUB_ACCESS_TOKEN_PATTERN
=
"{0}?client_id={1}&client_secret={2}&code={3}&redirect_uri={4}
&state={5}
"
;
private
static
final
String
GITHUB_USER_INFO_PATTERN
=
"{0}?access_token={1}"
;
private
static
final
String
GITHUB_AUTHORIZE_PATTERN
=
"{0}?client_id={1}&
state=1&redirect_uri={2
}"
;
private
static
final
String
GITHUB_AUTHORIZE_PATTERN
=
"{0}?client_id={1}&
redirect_uri={2}&state={3
}"
;
private
static
final
String
GOOGLE_AUTHORIZE_PATTERN
=
"{0}?client_id={1}&response_type=code&scope=openid%20email%20profile&redirect_uri={2}&state={3}"
;
private
static
final
String
GOOGLE_ACCESS_TOKEN_PATTERN
=
"{0}?client_id={1}&client_secret={2}&code={3}&redirect_uri={4}&grant_type=authorization_code"
;
...
...
@@ -23,7 +23,7 @@ public class UrlBuilder {
private
static
final
String
WEIBO_ACCESS_TOKEN_PATTERN
=
"{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}"
;
private
static
final
String
WEIBO_USER_INFO_PATTERN
=
"{0}?{1}"
;
private
static
final
String
WEIBO_AUTHORIZE_PATTERN
=
"{0}?client_id={1}&response_type=code&redirect_uri={2}"
;
private
static
final
String
WEIBO_AUTHORIZE_PATTERN
=
"{0}?client_id={1}&response_type=code&redirect_uri={2}
&state={3}
"
;
private
static
final
String
GITEE_ACCESS_TOKEN_PATTERN
=
"{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}"
;
private
static
final
String
GITEE_USER_INFO_PATTERN
=
"{0}?access_token={1}"
;
...
...
@@ -103,10 +103,11 @@ public class UrlBuilder {
* @param clientSecret github 应用的Client Secret
* @param code github 授权前的code,用来换token
* @param redirectUri 待跳转的页面
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public
static
String
getGithubAccessTokenUrl
(
String
clientId
,
String
clientSecret
,
String
code
,
String
redirectUri
)
{
return
MessageFormat
.
format
(
GITHUB_ACCESS_TOKEN_PATTERN
,
AuthSource
.
GITHUB
.
accessToken
(),
clientId
,
clientSecret
,
code
,
redirectUri
);
public
static
String
getGithubAccessTokenUrl
(
String
clientId
,
String
clientSecret
,
String
code
,
String
redirectUri
,
String
state
)
{
return
MessageFormat
.
format
(
GITHUB_ACCESS_TOKEN_PATTERN
,
AuthSource
.
GITHUB
.
accessToken
(),
clientId
,
clientSecret
,
code
,
redirectUri
,
StringUtils
.
isEmpty
(
state
)
?
System
.
currentTimeMillis
()
:
state
);
}
/**
...
...
@@ -124,10 +125,11 @@ public class UrlBuilder {
*
* @param clientId github 应用的Client ID
* @param redirectUrl github 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public
static
String
getGithubAuthorizeUrl
(
String
clientId
,
String
redirectUrl
)
{
return
MessageFormat
.
format
(
GITHUB_AUTHORIZE_PATTERN
,
AuthSource
.
GITHUB
.
authorize
(),
clientId
,
redirectUrl
);
public
static
String
getGithubAuthorizeUrl
(
String
clientId
,
String
redirectUrl
,
String
state
)
{
return
MessageFormat
.
format
(
GITHUB_AUTHORIZE_PATTERN
,
AuthSource
.
GITHUB
.
authorize
(),
clientId
,
redirectUrl
,
StringUtils
.
isEmpty
(
state
)
?
System
.
currentTimeMillis
()
:
state
);
}
/**
...
...
@@ -158,10 +160,11 @@ public class UrlBuilder {
*
* @param clientId weibo 应用的Client ID
* @param redirectUrl weibo 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public
static
String
getWeiboAuthorizeUrl
(
String
clientId
,
String
redirectUrl
)
{
return
MessageFormat
.
format
(
WEIBO_AUTHORIZE_PATTERN
,
AuthSource
.
WEIBO
.
authorize
(),
clientId
,
redirectUrl
);
public
static
String
getWeiboAuthorizeUrl
(
String
clientId
,
String
redirectUrl
,
String
state
)
{
return
MessageFormat
.
format
(
WEIBO_AUTHORIZE_PATTERN
,
AuthSource
.
WEIBO
.
authorize
(),
clientId
,
redirectUrl
,
StringUtils
.
isEmpty
(
state
)
?
System
.
currentTimeMillis
()
:
state
);
}
/**
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录