diff --git a/pom.xml b/pom.xml index 576bbcdefec727c4946be17311af8aaa1b1bf4c8..7526eb7f917127f9f00b64e0a28b8cb6f1077670 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ me.zhyd.oauth JustAuth - 1.9.5 + 1.9.6-SNAPSHOT JustAuth https://gitee.com/yadong.zhang/JustAuth @@ -230,5 +230,36 @@ + + + nexus + + + + org.apache.maven.plugins + maven-gpg-plugin + ${maven-gpg-version} + + + verify + + sign + + + + + + + + + xkcoding-nexus + https://nexus.xkcoding.com/repository/maven-releases/ + + + xkcoding-nexus + https://nexus.xkcoding.com/repository/maven-snapshots/ + + + diff --git a/src/main/java/me/zhyd/oauth/cache/AuthCacheScheduler.java b/src/main/java/me/zhyd/oauth/cache/AuthCacheScheduler.java index fbdfa88783fc6384b686695500a47900d139b214..1cf7c01037c5601ee1e009c87dc76e4815755ffa 100644 --- a/src/main/java/me/zhyd/oauth/cache/AuthCacheScheduler.java +++ b/src/main/java/me/zhyd/oauth/cache/AuthCacheScheduler.java @@ -13,6 +13,9 @@ import java.util.concurrent.atomic.AtomicInteger; */ public enum AuthCacheScheduler { + /** + * 当前实例 + */ INSTANCE; private AtomicInteger cacheTaskNumber = new AtomicInteger(1); diff --git a/src/main/java/me/zhyd/oauth/cache/AuthDefaultStateCache.java b/src/main/java/me/zhyd/oauth/cache/AuthDefaultStateCache.java new file mode 100644 index 0000000000000000000000000000000000000000..eb0fe8302a98aadc1c9b42e7e7a9523440e3ffb4 --- /dev/null +++ b/src/main/java/me/zhyd/oauth/cache/AuthDefaultStateCache.java @@ -0,0 +1,65 @@ +package me.zhyd.oauth.cache; + +/** + * @author yadong.zhang (yadong.zhang0415(a)gmail.com) + * @version 1.0 + * @since 1.8 + */ +public enum AuthDefaultStateCache implements AuthStateCache { + + /** + * 当前实例 + */ + INSTANCE; + + private AuthCache authCache; + + AuthDefaultStateCache() { + authCache = new AuthDefaultCache(); + } + + /** + * 存入缓存 + * + * @param key 缓存key + * @param value 缓存内容 + */ + @Override + public void cache(String key, String value) { + authCache.set(key, value); + } + + /** + * 存入缓存 + * + * @param key 缓存key + * @param value 缓存内容 + * @param timeout 指定缓存过期时间(毫秒) + */ + @Override + public void cache(String key, String value, long timeout) { + authCache.set(key, value, timeout); + } + + /** + * 获取缓存内容 + * + * @param key 缓存key + * @return 缓存内容 + */ + @Override + public String get(String key) { + return authCache.get(key); + } + + /** + * 是否存在key,如果对应key的value值已过期,也返回false + * + * @param key 缓存key + * @return true:存在key,并且value没过期;false:key不存在或者已过期 + */ + @Override + public boolean containsKey(String key) { + return authCache.containsKey(key); + } +} diff --git a/src/main/java/me/zhyd/oauth/cache/AuthStateCache.java b/src/main/java/me/zhyd/oauth/cache/AuthStateCache.java index e667829dbd8ed7cf63cfc7e3f7b81870fe2b9ccf..77a11e292859d4e8b90f65de8bdccaea816e32c6 100644 --- a/src/main/java/me/zhyd/oauth/cache/AuthStateCache.java +++ b/src/main/java/me/zhyd/oauth/cache/AuthStateCache.java @@ -1,22 +1,21 @@ package me.zhyd.oauth.cache; /** - * @author yadong.zhang (yadong.zhang0415(a)gmail.com) - * @version 1.0 - * @since 1.8 + *

+ * State缓存接口,方便用户扩展 + *

+ * + * @author yangkai.shen + * @date Created in 2019-08-02 10:55 */ -public class AuthStateCache { - private static AuthCache authCache = new AuthDefaultCache(); - +public interface AuthStateCache { /** * 存入缓存 * * @param key 缓存key * @param value 缓存内容 */ - public static void cache(String key, String value) { - authCache.set(key, value); - } + void cache(String key, String value); /** * 存入缓存 @@ -25,9 +24,7 @@ public class AuthStateCache { * @param value 缓存内容 * @param timeout 指定缓存过期时间(毫秒) */ - public static void cache(String key, String value, long timeout) { - authCache.set(key, value, timeout); - } + void cache(String key, String value, long timeout); /** * 获取缓存内容 @@ -35,9 +32,7 @@ public class AuthStateCache { * @param key 缓存key * @return 缓存内容 */ - public static String get(String key) { - return authCache.get(key); - } + String get(String key); /** * 是否存在key,如果对应key的value值已过期,也返回false @@ -45,7 +40,5 @@ public class AuthStateCache { * @param key 缓存key * @return true:存在key,并且value没过期;false:key不存在或者已过期 */ - public static boolean containsKey(String key) { - return authCache.containsKey(key); - } + boolean containsKey(String key); } diff --git a/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java b/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java index 5f8fbbf1a657bfd14d9ee5dad60f514e523f67dd..bbae6b3be542e9ec0a90ebeb5342e8314bfe6192 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java @@ -7,6 +7,7 @@ import com.alipay.api.request.AlipaySystemOauthTokenRequest; import com.alipay.api.request.AlipayUserInfoShareRequest; import com.alipay.api.response.AlipaySystemOauthTokenResponse; import com.alipay.api.response.AlipayUserInfoShareResponse; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -33,6 +34,12 @@ public class AuthAlipayRequest extends AuthDefaultRequest { .getAlipayPublicKey(), "RSA2"); } + public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.ALIPAY, authStateCache); + this.alipayClient = new DefaultAlipayClient(AuthSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), "json", "UTF-8", config + .getAlipayPublicKey(), "RSA2"); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java index 29e64bfa5a895d31e2d4642f53f6b3825e880405..c0fd9f44285a5727d47461a3c80f90f0d53d84b6 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java @@ -3,12 +3,16 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; @@ -24,6 +28,10 @@ public class AuthBaiduRequest extends AuthDefaultRequest { super(config, AuthSource.BAIDU); } + public AuthBaiduRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.BAIDU, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java b/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java index 0ff52416e0c5906d1a3d13c6b715afa3b7f477de..20b17a8a0b31497b9e16a1be130450206aa14a56 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -23,6 +24,10 @@ public class AuthCodingRequest extends AuthDefaultRequest { super(config, AuthSource.CODING); } + public AuthCodingRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.CODING, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doGetAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java b/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java index a6c3776fadc19746b3989a4d39597e4bb8bcabc7..1ad85d82fe0e9af8064e0e29dbe1de66bf458211 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -23,6 +24,10 @@ public class AuthCsdnRequest extends AuthDefaultRequest { super(config, AuthSource.CSDN); } + public AuthCsdnRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.CSDN, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java index 63d1e73e0c404e456e24818746813e539fdb2304..71fe680fa971bc133a0bc1ff5a249cec4c943ea3 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java @@ -3,6 +3,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import lombok.extern.slf4j.Slf4j; +import me.zhyd.oauth.cache.AuthDefaultStateCache; import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; @@ -28,10 +29,16 @@ import me.zhyd.oauth.utils.UuidUtils; public abstract class AuthDefaultRequest implements AuthRequest { protected AuthConfig config; protected AuthSource source; + protected AuthStateCache authStateCache; public AuthDefaultRequest(AuthConfig config, AuthSource source) { + this(config, source, AuthDefaultStateCache.INSTANCE); + } + + public AuthDefaultRequest(AuthConfig config, AuthSource source, AuthStateCache authStateCache) { this.config = config; this.source = source; + this.authStateCache = authStateCache; if (!AuthChecker.isSupportedAuth(config, source)) { throw new AuthException(AuthResponseStatus.PARAMETER_INCOMPLETE); } @@ -69,7 +76,7 @@ public abstract class AuthDefaultRequest implements AuthRequest { public AuthResponse login(AuthCallback authCallback) { try { AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode()); - AuthChecker.checkState(authCallback.getState()); + this.checkState(authCallback.getState()); AuthToken authToken = this.getAccessToken(authCallback); AuthUser user = this.getUserInfo(authToken); @@ -151,12 +158,12 @@ public abstract class AuthDefaultRequest implements AuthRequest { protected String refreshTokenUrl(String refreshToken) { return UrlBuilder.fromBaseUrl(source.refresh()) .queryParam("client_id", config.getClientId()) - .queryParam("client_secret", config.getClientSecret()) - .queryParam("refresh_token", refreshToken) + .queryParam("client_secret", config.getClientSecret()) + .queryParam("refresh_token", refreshToken) .queryParam("grant_type", "refresh_token") .queryParam("redirect_uri", config.getRedirectUri()) - .build(); - } + .build(); +} /** * 返回获取userInfo的url @@ -189,7 +196,7 @@ public abstract class AuthDefaultRequest implements AuthRequest { state = UuidUtils.getUUID(); } // 缓存state - AuthStateCache.cache(state, state); + authStateCache.cache(state, state); return state; } @@ -254,4 +261,16 @@ public abstract class AuthDefaultRequest implements AuthRequest { protected HttpResponse doGetRevoke(AuthToken authToken) { return HttpRequest.get(revokeUrl(authToken)).execute(); } + + + /** + * 校验回调传回的state + * + * @param state {@code state}一定不为空 + */ + protected void checkState(String state) { + if (StringUtils.isEmpty(state) || !authStateCache.containsKey(state)) { + throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST); + } + } } diff --git a/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java index b01eea5396f4a5943094959986516ee2a8971299..1779975080f034076b22269500c0a35bdf6f6c84 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java @@ -4,6 +4,7 @@ import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -26,6 +27,10 @@ public class AuthDingTalkRequest extends AuthDefaultRequest { super(config, AuthSource.DINGTALK); } + public AuthDingTalkRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.DINGTALK, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return AuthToken.builder().accessCode(authCallback.getCode()).build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java index cd17db9744de4489c55df7f1b2a418b46343f204..916964ad315e8572932d139d78ba752fa1180d75 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java @@ -3,12 +3,16 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.UrlBuilder; @@ -24,6 +28,10 @@ public class AuthDouyinRequest extends AuthDefaultRequest { super(config, AuthSource.DOUYIN); } + public AuthDouyinRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.DOUYIN, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return this.getToken(accessTokenUrl(authCallback.getCode())); diff --git a/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java b/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java index 96e0463cadfc222319bf796e63447e21ec486f33..1e284ee195aaea058f9f0b4f4adfb6448acfc546 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -23,6 +24,10 @@ public class AuthFacebookRequest extends AuthDefaultRequest { super(config, AuthSource.FACEBOOK); } + public AuthFacebookRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.FACEBOOK, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java index 819e96c13068d4577b175716038099ce0ee15656..d65aa36aac91066012561129ef2be312f8c556ea 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -22,6 +23,10 @@ public class AuthGiteeRequest extends AuthDefaultRequest { super(config, AuthSource.GITEE); } + public AuthGiteeRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.GITEE, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java index 00d98798512f13286238175731d4f6b1673598a6..ab46afdf4cfd5e92b0e6ecc4d5f89f8fb7b69fc3 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -25,6 +26,10 @@ public class AuthGithubRequest extends AuthDefaultRequest { super(config, AuthSource.GITHUB); } + public AuthGithubRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.GITHUB, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java index 8af2c415e020f86cb94a52d760f9327add044e7a..345b71955a89da5b996a2deb162e9e0c91222ef0 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java @@ -3,6 +3,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -24,6 +25,10 @@ public class AuthGoogleRequest extends AuthDefaultRequest { super(config, AuthSource.GOOGLE); } + public AuthGoogleRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.GOOGLE, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java index 80959837eeea5ff2c04489f2f4dd7f5d417e6c7e..f801f06f7443895e5bc8976b318fa0ba49bdb55d 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java @@ -5,12 +5,16 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONPath; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; @@ -27,6 +31,10 @@ public class AuthLinkedinRequest extends AuthDefaultRequest { super(config, AuthSource.LINKEDIN); } + public AuthLinkedinRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.LINKEDIN, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return this.getToken(accessTokenUrl(authCallback.getCode())); diff --git a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java index d38f3d318aba4627ceee5ff75ffc8d703cfd872e..57b4960b298241c56f04a60a67ccc53a58ff27de 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java @@ -4,6 +4,7 @@ import cn.hutool.core.util.StrUtil; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; @@ -28,6 +29,10 @@ public class AuthMiRequest extends AuthDefaultRequest { super(config, AuthSource.MI); } + public AuthMiRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.MI, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return getToken(accessTokenUrl(authCallback.getCode())); diff --git a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java index 69aa58acd58fb70d1065398a550b51b8634d62be..60d901dfe4b905bcf851519a45e4bdaeed355654 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java @@ -3,12 +3,16 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.UrlBuilder; import static me.zhyd.oauth.utils.GlobalAuthUtil.parseQueryToMap; @@ -24,6 +28,10 @@ public class AuthMicrosoftRequest extends AuthDefaultRequest { super(config, AuthSource.MICROSOFT); } + public AuthMicrosoftRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.MICROSOFT, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return getToken(accessTokenUrl(authCallback.getCode())); diff --git a/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java b/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java index c67819dcdbac44a5aa621f29d5b61d542cf5a31f..205f2a823c2b64e5e4546555851e9339795817b0 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -23,6 +24,10 @@ public class AuthOschinaRequest extends AuthDefaultRequest { super(config, AuthSource.OSCHINA); } + public AuthOschinaRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.OSCHINA, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java index c537cff08b908a98b4c001c0fbd165f0bd7efccc..52ea765e9b8788453a165dc8fe668fbfa24e8f46 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java @@ -3,6 +3,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; @@ -29,6 +30,10 @@ public class AuthPinterestRequest extends AuthDefaultRequest { super(config, PINTEREST); } + public AuthPinterestRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, PINTEREST, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java index 8fa7b1a72e9fcf7974ff0e85a31cbea404e02243..e47314b9fbd087ae0773e5034507d2a71d65e86d 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java @@ -4,12 +4,16 @@ import cn.hutool.core.util.StrUtil; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.GlobalAuthUtil; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; @@ -28,6 +32,10 @@ public class AuthQqRequest extends AuthDefaultRequest { super(config, AuthSource.QQ); } + public AuthQqRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.QQ, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doGetAuthorizationCode(authCallback.getCode()); @@ -37,10 +45,7 @@ public class AuthQqRequest extends AuthDefaultRequest { @Override public AuthResponse refresh(AuthToken authToken) { HttpResponse response = HttpRequest.get(refreshTokenUrl(authToken.getRefreshToken())).execute(); - return AuthResponse.builder() - .code(AuthResponseStatus.SUCCESS.getCode()) - .data(getAuthToken(response)) - .build(); + return AuthResponse.builder().code(AuthResponseStatus.SUCCESS.getCode()).data(getAuthToken(response)).build(); } @Override diff --git a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java index 62cc116e365333ce2dfed7bb35f67ef7a59a03f0..9b05946bcfc052e89980fff750bb3143aac23bae 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java @@ -4,10 +4,14 @@ import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.UrlBuilder; import java.util.Objects; @@ -27,6 +31,10 @@ public class AuthRenrenRequest extends AuthDefaultRequest { super(config, RENREN); } + public AuthRenrenRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, RENREN, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return this.getToken(accessTokenUrl(authCallback.getCode())); diff --git a/src/main/java/me/zhyd/oauth/request/AuthStackOverflowRequest.java b/src/main/java/me/zhyd/oauth/request/AuthStackOverflowRequest.java index ab484533392102cd1060adefedbf982e361b5cd3..2b90159dcf029817e0dfff296e8923fe646665a0 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthStackOverflowRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthStackOverflowRequest.java @@ -3,6 +3,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; @@ -26,6 +27,10 @@ public class AuthStackOverflowRequest extends AuthDefaultRequest { super(config, STACK_OVERFLOW); } + public AuthStackOverflowRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, STACK_OVERFLOW, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { String accessTokenUrl = accessTokenUrl(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java b/src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java index 3fcdfdfe490e5b7fa556fe10ebc9ca90a79c5458..4241fedc880b0b1f75eee7601a62982e1c13b826 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -24,6 +25,10 @@ public class AuthTaobaoRequest extends AuthDefaultRequest { super(config, AuthSource.TAOBAO); } + public AuthTaobaoRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.TAOBAO, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { return AuthToken.builder().accessCode(authCallback.getCode()).build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java b/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java index 09c8f7b3c5db045cb4f840ee113b2f98257641c0..04e8f7202c53c3bb74f016e57efb6f6caa8f211b 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java @@ -3,12 +3,16 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; /** * Teambition授权登录 @@ -22,6 +26,10 @@ public class AuthTeambitionRequest extends AuthDefaultRequest { super(config, AuthSource.TEAMBITION); } + public AuthTeambitionRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.TEAMBITION, authStateCache); + } + /** * @param authCallback 回调返回的参数 * @return 所有信息 diff --git a/src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java b/src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java index 7401df8d13c8eb9e07642eb752e8eb31ae35019b..c7eb3c7eec6fe2c2679419743d391c719b72a9e4 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -23,6 +24,10 @@ public class AuthTencentCloudRequest extends AuthDefaultRequest { super(config, AuthSource.TENCENT_CLOUD); } + public AuthTencentCloudRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.TENCENT_CLOUD, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doGetAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java b/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java index 89926f360b7e54d73a80314049c38f1411632a0d..6b540161baa8e4c4aaab73f469fe770bd3b28d7b 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java @@ -2,6 +2,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthToutiaoErrorCode; @@ -24,6 +25,10 @@ public class AuthToutiaoRequest extends AuthDefaultRequest { super(config, AuthSource.TOUTIAO); } + public AuthToutiaoRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.TOUTIAO, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doGetAuthorizationCode(authCallback.getCode()); @@ -119,8 +124,7 @@ public class AuthToutiaoRequest extends AuthDefaultRequest { */ private void checkResponse(JSONObject object) { if (object.containsKey("error_code")) { - throw new AuthException(AuthToutiaoErrorCode.getErrorCode(object.getIntValue("error_code")) - .getDesc()); + throw new AuthException(AuthToutiaoErrorCode.getErrorCode(object.getIntValue("error_code")).getDesc()); } } } diff --git a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java index c10f24d956d622f7ac67037c6fb4e83fb056e7e2..c662995de12025290e905bab4cdcbef22e779515 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java @@ -3,12 +3,16 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.UrlBuilder; /** @@ -22,6 +26,10 @@ public class AuthWeChatRequest extends AuthDefaultRequest { super(config, AuthSource.WECHAT); } + public AuthWeChatRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.WECHAT, authStateCache); + } + /** * 微信的特殊性,此时返回的信息同时包含 openid 和 access_token * diff --git a/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java b/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java index 9f226d847876b189b2a9e79a4ed432c6024a7282..9e5d3776a58e02d320bfaa25f553ec16b3b9196a 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java @@ -3,6 +3,7 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; +import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.enums.AuthUserGender; @@ -27,6 +28,10 @@ public class AuthWeiboRequest extends AuthDefaultRequest { super(config, AuthSource.WEIBO); } + public AuthWeiboRequest(AuthConfig config, AuthStateCache authStateCache) { + super(config, AuthSource.WEIBO, authStateCache); + } + @Override protected AuthToken getAccessToken(AuthCallback authCallback) { HttpResponse response = doPostAuthorizationCode(authCallback.getCode()); diff --git a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java index b5942c1c57f9ffa0991c1c80e738c1355c6fd432..2b3b1deb742441913c4168382f9ec8634a38bfef 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java @@ -66,15 +66,4 @@ public class AuthChecker { throw new AuthException(AuthResponseStatus.ILLEGAL_CODE); } } - - /** - * 校验回调传回的state - * - * @param state {@code state}一定不为空 - */ - public static void checkState(String state) { - if (StringUtils.isEmpty(state) || !AuthStateCache.containsKey(state)) { - throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST); - } - } } diff --git a/src/test/java/me/zhyd/oauth/cache/AuthStateCacheTest.java b/src/test/java/me/zhyd/oauth/cache/AuthStateCacheTest.java index 9c6e1e04389e60473f97fea28924f0d587dd08e1..9ebb87cd30a6e1e6231e63a790bb216cd3b5db97 100644 --- a/src/test/java/me/zhyd/oauth/cache/AuthStateCacheTest.java +++ b/src/test/java/me/zhyd/oauth/cache/AuthStateCacheTest.java @@ -9,24 +9,24 @@ public class AuthStateCacheTest { @Test public void cache1() throws InterruptedException { - AuthStateCache.cache("key", "value"); - Assert.assertEquals(AuthStateCache.get("key"), "value"); + AuthDefaultStateCache.INSTANCE.cache("key", "value"); + Assert.assertEquals(AuthDefaultStateCache.INSTANCE.get("key"), "value"); TimeUnit.MILLISECONDS.sleep(4); - Assert.assertEquals(AuthStateCache.get("key"), "value"); + Assert.assertEquals(AuthDefaultStateCache.INSTANCE.get("key"), "value"); } @Test public void cache2() throws InterruptedException { - AuthStateCache.cache("key", "value", 10); - Assert.assertEquals(AuthStateCache.get("key"), "value"); + AuthDefaultStateCache.INSTANCE.cache("key", "value", 10); + Assert.assertEquals(AuthDefaultStateCache.INSTANCE.get("key"), "value"); // 没过期 TimeUnit.MILLISECONDS.sleep(5); - Assert.assertEquals(AuthStateCache.get("key"), "value"); + Assert.assertEquals(AuthDefaultStateCache.INSTANCE.get("key"), "value"); // 过期 TimeUnit.MILLISECONDS.sleep(6); - Assert.assertNull(AuthStateCache.get("key")); + Assert.assertNull(AuthDefaultStateCache.INSTANCE.get("key")); } }