diff --git a/README.md b/README.md
index 75469ba2c9d01b51af134642ea46201332271bab..e9758b9251ede406a02bd7c8c29a82b67ba4b226 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@
- 
+ 
@@ -15,7 +15,7 @@
- 
+ 
@@ -76,7 +76,7 @@ JustAuth,如你所见,它仅仅是一个**第三方授权登录**的**工具
me.zhyd.oauth
JustAuth
- 1.9.0
+ 1.9.1
```
- 调用api
@@ -148,7 +148,7 @@ _请知悉:经咨询CSDN官方客服得知,CSDN的授权开放平台已经
2. 把fork过去的项目也就是你仓库中的项目clone到你的本地
3. 修改代码
4. commit后push到自己的库
-5. 发起PR(pull request) 请求
+5. 发起PR(pull request) 请求,提交到`dev`分支
6. 等待作者合并
## 致谢
diff --git a/pom.xml b/pom.xml
index e7a80e86069e6fff9b09fb826e0281e702afe562..32f3962c0ebca271de06e9dca506f188fbe63f82 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
me.zhyd.oauth
JustAuth
- 1.9.0
+ 1.9.1
JustAuth
https://gitee.com/yadong.zhang/JustAuth
@@ -190,4 +190,4 @@
-
\ No newline at end of file
+
diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
index ca0491dab7e33b0e681f21882717d3d72cde5691..1774a159d1a3b2f439878650c2386d1a0cce7ec9 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
@@ -80,6 +80,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
/**
* 返回获取accessToken的url
*
+ * @param code 授权码
* @return 返回获取accessToken的url
*/
protected String accessTokenUrl(String code) {
@@ -95,6 +96,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
/**
* 返回获取accessToken的url
*
+ * @param refreshToken refreshToken
* @return 返回获取accessToken的url
*/
protected String refreshTokenUrl(String refreshToken) {
@@ -110,6 +112,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
/**
* 返回获取userInfo的url
*
+ * @param authToken token
* @return 返回获取userInfo的url
*/
protected String userInfoUrl(AuthToken authToken) {
@@ -119,6 +122,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
/**
* 返回获取revoke authorization的url
*
+ * @param authToken token
* @return 返回获取revoke authorization的url
*/
protected String revokeUrl(AuthToken authToken) {
diff --git a/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
index 1b2d9a4d609b914f8ec7a913e17b0c8c9a3fd467..ce0f52fdde8ef4be657b9cd660edb7c425ea4ab8 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
@@ -76,7 +76,7 @@ public class AuthDingTalkRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
index bb648d35d20324720e1ab4df8d283b1d866e076a..61b4f7fba2c0bf88139e33ccf5a38e86c2b9d281 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
@@ -80,7 +80,7 @@ public class AuthGoogleRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
index 7a636acb1b2144e394c77ce3300c7e48d7672bd5..e22a7417c0360f7ecdae406a4ba3206b89bd4612 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
@@ -200,7 +200,7 @@ public class AuthLinkedinRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
index 8d7edb6251d939211aee7feb76c2309719298aeb..0ac9e00882d8a718cafc85e06e6caebf438b6b42 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
@@ -128,7 +128,7 @@ public class AuthMiRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
index 0fc34b8dc3c83f63f322a1ad6ca44ce545dd931f..addd187ede4c37328f6e7896b8b0ccb879abc795 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
@@ -139,7 +139,7 @@ public class AuthMicrosoftRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
@@ -150,7 +150,7 @@ public class AuthMicrosoftRequest extends AuthDefaultRequest {
/**
* 返回获取accessToken的url
*
- * @param refreshToken
+ * @param refreshToken 用户授权后的token
* @return 返回获取accessToken的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java b/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
index 0766de19e9f22bc159d1efde36646d5eb3694853..58cc74367bb3dc819e3cd2639387a4ff1115e19a 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
@@ -77,7 +77,7 @@ public class AuthOschinaRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java
index 17ec8e25c0bce1527e1c2cd3e397dc53dc4a6b86..a8f5c3835e3348196ef8ee3b8fe4d69bf2f08545 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java
@@ -43,10 +43,8 @@ public class AuthPinterestRequest extends AuthDefaultRequest {
@Override
protected AuthUser getUserInfo(AuthToken authToken) {
- String userinfoUrl = UrlBuilder.fromBaseUrl(userInfoUrl(authToken))
- .queryParam("fields", "id,username,first_name,last_name,bio,image")
- .build();
- HttpResponse response = HttpRequest.post(userinfoUrl).execute();
+ String userinfoUrl = userInfoUrl(authToken);
+ HttpResponse response = HttpRequest.get(userinfoUrl).setFollowRedirects(true).execute();
JSONObject object = JSONObject.parseObject(response.body());
this.checkResponse(object);
JSONObject userObj = object.getJSONObject("data");
@@ -82,6 +80,19 @@ public class AuthPinterestRequest extends AuthDefaultRequest {
.build();
}
+ /**
+ * 返回获取userInfo的url
+ *
+ * @param authToken token
+ * @return 返回获取userInfo的url
+ */
+ protected String userInfoUrl(AuthToken authToken) {
+ return UrlBuilder.fromBaseUrl(source.userInfo())
+ .queryParam("access_token", authToken.getAccessToken())
+ .queryParam("fields", "id,username,first_name,last_name,bio,image")
+ .build();
+ }
+
/**
* 检查响应内容是否正确
*
diff --git a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java
index c1fb3b69f61e9568cac829158aaf1d0394c668b0..6888764dc40b2737ce31cfce93819562b3509a54 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java
@@ -100,7 +100,7 @@ public class AuthRenrenRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken 用户授权后的token
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java b/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
index 0297ba771ec40eb9316ae0de54b28bf1b35302a5..cf1df17d290a0902397e729209149f6ff97f7e4b 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
@@ -76,7 +76,7 @@ public class AuthWeiboRequest extends AuthDefaultRequest {
/**
* 返回获取userInfo的url
*
- * @param authToken
+ * @param authToken authToken
* @return 返回获取userInfo的url
*/
@Override
diff --git a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
index b4e36551ceb85cf34e50545a82df81a90eea7345..33b59c3556bb3686a7644e0f24746d8462517ce6 100644
--- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
+++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
@@ -26,6 +26,9 @@ public class AuthChecker {
if (isSupported && AuthSource.ALIPAY == source) {
isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
}
+ if (isSupported && AuthSource.STACK_OVERFLOW == source) {
+ isSupported = StringUtils.isNotEmpty(config.getStackOverflowKey());
+ }
return isSupported;
}
diff --git a/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java b/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java
index 634463f914e619b1ecc3916c765c5f85fbc65f42..88928c15f54c2a68fa84358a424ba25273bde0d6 100644
--- a/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java
+++ b/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java
@@ -45,7 +45,7 @@ public class GlobalAuthUtil {
}
}
- private static String urlEncode(String value) {
+ public static String urlEncode(String value) {
if (value == null) {
return "";
}
diff --git a/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java b/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
index f34be27d57403fa4bb5348de961bee1eab0ef662..e392f059e1225dc9fb19d6841c12b7e8966f8282 100644
--- a/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
+++ b/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
@@ -14,7 +14,6 @@ import java.util.Map;
*
*
* @author yangkai.shen (https://xkcoding.com)
- * @date Created in 2019-07-18 15:47
* @version 1.0
* @since 1.8
*/
diff --git a/update.md b/update.md
index 70d7689da4036cbbaa0e3e7507024f6c9796e29b..d4ba6fd287dfa8ca4335910ab188bcfc7b73dd1c 100644
--- a/update.md
+++ b/update.md
@@ -1,5 +1,11 @@
### 2019/07/19
+1. 增加`stackoverflow`参数校验
+2. 解决`Pinterest`获取用户失败的问题
+3. 添加注释
+
+### 2019/07/19
+
1. 合并github上[@dyc12ii](https://github.com/dyc12ii) 的[pr#25](https://github.com/zhangyd-c/JustAuth/pull/25),升级fastjson版本至1.2.58,避免安全漏洞
2. `AuthUserGender`枚举类挪到`enums`包下
3. 删除`AuthBaiduErrorCode`和`AuthDingTalkErrorCode`枚举类