diff --git a/src/main/java/me/zhyd/oauth/enums/scope/AuthBaiduScope.java b/src/main/java/me/zhyd/oauth/enums/scope/AuthBaiduScope.java index aaec676109542d246508ab47e7c41f52608a151f..1030a3e678f1db34e48855970118e41ff05c7585 100644 --- a/src/main/java/me/zhyd/oauth/enums/scope/AuthBaiduScope.java +++ b/src/main/java/me/zhyd/oauth/enums/scope/AuthBaiduScope.java @@ -6,6 +6,7 @@ import lombok.Getter; import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import java.util.stream.Collectors; /** * 边度平台 OAuth 授权范围 @@ -42,7 +43,7 @@ public enum AuthBaiduScope implements AuthScope { return defaultScopes; } - public static List listAll() { - return Arrays.asList(AuthBaiduScope.values()); + public static List listScope() { + return Arrays.stream(AuthBaiduScope.values()).map(AuthBaiduScope::getScope).collect(Collectors.toList()); } } diff --git a/src/main/java/me/zhyd/oauth/enums/scope/AuthCodingScope.java b/src/main/java/me/zhyd/oauth/enums/scope/AuthCodingScope.java index cbaa315b6d450d3250477afc95a3cca36a33b545..e7cf4240d7950a8c31ad269c1ed310c1a19faefd 100644 --- a/src/main/java/me/zhyd/oauth/enums/scope/AuthCodingScope.java +++ b/src/main/java/me/zhyd/oauth/enums/scope/AuthCodingScope.java @@ -6,6 +6,7 @@ import lombok.Getter; import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import java.util.stream.Collectors; /** * Coding平台 OAuth 授权范围 @@ -43,7 +44,7 @@ public enum AuthCodingScope implements AuthScope { return defaultScopes; } - public static List listAll() { - return Arrays.asList(AuthCodingScope.values()); + public static List listScope() { + return Arrays.stream(AuthCodingScope.values()).map(AuthCodingScope::getScope).collect(Collectors.toList()); } } diff --git a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java index fec4ae8449ce5f6ece9cd8130cb524640b324e0b..6c6b20459abca90204d26995490790b6c1073023 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java @@ -108,7 +108,7 @@ public class AuthBaiduRequest extends AuthDefaultRequest { .queryParam("client_id", config.getClientId()) .queryParam("redirect_uri", config.getRedirectUri()) .queryParam("display", "popup") - .queryParam("scope", this.getScopes(" ", false, AuthBaiduScope.getDefaultScopes())) + .queryParam("scope", this.getScopes(" ", true, AuthBaiduScope.getDefaultScopes())) .queryParam("state", getRealState(state)) .build(); } diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java index 86707fde3720f8c8233b11441e1e99eead9ecfb3..31cc22f79206b55f5af8a890c284fa34932082da 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java @@ -15,6 +15,7 @@ import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.*; +import java.util.ArrayList; import java.util.List; /** @@ -281,18 +282,17 @@ public abstract class AuthDefaultRequest implements AuthRequest { // 默认为空格 separator = " "; } - List scopes = config.getScopes(); + List scopes = config.getScopes(); if (null == scopes || scopes.isEmpty()) { if (null == defaultScopes || defaultScopes.isEmpty()) { - return null; + return ""; + } + scopes = new ArrayList<>(); + for (AuthScope defaultScope : defaultScopes) { + scopes.add(defaultScope.getScope()); } - scopes = defaultScopes; - } - StringBuilder res = new StringBuilder(); - for (AuthScope scope : scopes) { - res.append(scope.getScope()).append(separator); } - String scopeStr = res.deleteCharAt(res.length() - separator.length()).toString(); + String scopeStr = String.join(separator, scopes); return encode ? UrlUtil.urlEncode(scopeStr) : scopeStr; } diff --git a/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java b/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java index 6224629ef1640eeac4ff74696273d287709daac5..6981b2fb565a31a84bf424150c39de1cde2e279a 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java @@ -5,6 +5,7 @@ import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthDefaultSource; import me.zhyd.oauth.enums.AuthUserGender; +import me.zhyd.oauth.enums.scope.AuthFacebookScope; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthCallback; import me.zhyd.oauth.model.AuthToken; @@ -95,4 +96,18 @@ public class AuthFacebookRequest extends AuthDefaultRequest { throw new AuthException(object.getJSONObject("error").getString("message")); } } + + /** + * 返回带{@code state}参数的授权url,授权回调时会带上这个{@code state} + * + * @param state state 验证授权流程的参数,可以防止csrf + * @return 返回授权地址 + */ + @Override + public String authorize(String state) { + String authorizeUrl = super.authorize(state); + return UrlBuilder.fromBaseUrl(authorizeUrl) + .queryParam("scope", this.getScopes(",", false, AuthFacebookScope.getDefaultScopes())) + .build(); + } }