diff --git a/README.md b/README.md
index 06bddb1d45223e272b03d1d24f190378e6705094..fad79e2894e4eb6bf5f6292cd4976f6b58f96a6a 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@
- 
+ 
@@ -15,7 +15,7 @@
- 
+ 
@@ -76,7 +76,7 @@ JustAuth,如你所见,它仅仅是一个**第三方授权登录**的**工具
me.zhyd.oauth
JustAuth
- 1.9.3
+ 1.9.4
```
- 调用api
@@ -90,7 +90,6 @@ AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder()
// 生成授权页面
authRequest.authorize();
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的参数
-// 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(callback);
```
diff --git a/pom.xml b/pom.xml
index 5a25860446a8a18a620b3a3628643372d24c8fe0..22ef9cbb3ab6a47e3ea65d17f46baf4c7566ad3b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
me.zhyd.oauth
JustAuth
- 1.9.3
+ 1.9.4
JustAuth
https://gitee.com/yadong.zhang/JustAuth
@@ -54,7 +54,7 @@
2.2.1
3.7.0
true
- 4.6.0
+ 4.6.1
1.18.4
4.11
1.2.58
@@ -89,7 +89,7 @@
com.alipay.sdk
alipay-sdk-java
${alipay-sdk-version}
- compile
+ provided
org.slf4j
diff --git a/src/main/java/me/zhyd/oauth/config/AuthSource.java b/src/main/java/me/zhyd/oauth/config/AuthSource.java
index a9a0a617ab392c430d309be62da857986c27851d..00e0ec2114bd18f895e3bd2827ba46a6ef0f726d 100644
--- a/src/main/java/me/zhyd/oauth/config/AuthSource.java
+++ b/src/main/java/me/zhyd/oauth/config/AuthSource.java
@@ -1,7 +1,7 @@
package me.zhyd.oauth.config;
import me.zhyd.oauth.exception.AuthException;
-import me.zhyd.oauth.model.AuthResponseStatus;
+import me.zhyd.oauth.enums.AuthResponseStatus;
/**
* 各api需要的url, 用枚举类分平台类型管理
diff --git a/src/main/java/me/zhyd/oauth/model/AuthResponseStatus.java b/src/main/java/me/zhyd/oauth/enums/AuthResponseStatus.java
similarity index 80%
rename from src/main/java/me/zhyd/oauth/model/AuthResponseStatus.java
rename to src/main/java/me/zhyd/oauth/enums/AuthResponseStatus.java
index 28247f9fda13728c122cdecdb6e82c48a9bcac72..bc277368367cd03db0bfef472e93bea3789bfe14 100644
--- a/src/main/java/me/zhyd/oauth/model/AuthResponseStatus.java
+++ b/src/main/java/me/zhyd/oauth/enums/AuthResponseStatus.java
@@ -1,15 +1,21 @@
-package me.zhyd.oauth.model;
+package me.zhyd.oauth.enums;
import lombok.AllArgsConstructor;
import lombok.Getter;
/**
+ * JustAuth通用的状态码对照表
+ *
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @since 1.8
*/
@Getter
@AllArgsConstructor
public enum AuthResponseStatus {
+ /**
+ * 2000:正常;
+ * other:调用异常,具体异常内容见{@code msg}
+ */
SUCCESS(2000, "Success"),
FAILURE(5000, "Failure"),
NOT_IMPLEMENTED(5001, "Not Implemented"),
diff --git a/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java b/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java
index 18df6eeb8833303faba215b1fbddbf25f35ec733..b2e7497e7607e6fd0e5d5bde8c3b266239bfe65d 100644
--- a/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java
+++ b/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java
@@ -12,6 +12,10 @@ import lombok.Getter;
@Getter
@AllArgsConstructor
public enum AuthToutiaoErrorCode {
+ /**
+ * 0:正常;
+ * other:调用异常,具体异常内容见{@code desc}
+ */
EC0(0, "接口调用成功"),
EC1(1, "API配置错误,未传入Client Key"),
EC2(2, "API配置错误,Client Key错误,请检查是否和开放平台的ClientKey一致"),
diff --git a/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java b/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java
index 4a4d4021789341b5b212c3fb7f9175ec6d6664f5..af3bd1a21a5db500a04af64e751a8e5f72a96be9 100644
--- a/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java
+++ b/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java
@@ -14,7 +14,14 @@ import java.util.Arrays;
@Getter
@AllArgsConstructor
public enum AuthUserGender {
- MALE(1, "男"), FEMALE(0, "女"), UNKNOWN(-1, "未知");
+ /**
+ * MALE/FAMALE为正常值,通过{@link AuthUserGender#getRealGender(String)}方法获取真实的性别
+ * UNKNOWN为容错值,部分平台不会返回用户性别,为了方便统一,使用UNKNOWN标记所有未知或不可测的用户性别信息
+ */
+ MALE(1, "男"),
+ FEMALE(0, "女"),
+ UNKNOWN(-1, "未知");
+
private int code;
private String desc;
diff --git a/src/main/java/me/zhyd/oauth/exception/AuthException.java b/src/main/java/me/zhyd/oauth/exception/AuthException.java
index c64b0f865e4053ed0c5ad31eb25375b1512c4c83..e5d3bc3b262da2f80d6358031b47b835a402ef9f 100644
--- a/src/main/java/me/zhyd/oauth/exception/AuthException.java
+++ b/src/main/java/me/zhyd/oauth/exception/AuthException.java
@@ -1,8 +1,10 @@
package me.zhyd.oauth.exception;
-import me.zhyd.oauth.model.AuthResponseStatus;
+import me.zhyd.oauth.enums.AuthResponseStatus;
/**
+ * JustAuth通用异常类
+ *
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @since 1.8
*/
diff --git a/src/main/java/me/zhyd/oauth/model/AuthCallback.java b/src/main/java/me/zhyd/oauth/model/AuthCallback.java
index 4a6fbeefc416a5feaa4a1b8a9aaa642a229b1768..810ebea036d3ad5c16f69e1c271c697f00484679 100644
--- a/src/main/java/me/zhyd/oauth/model/AuthCallback.java
+++ b/src/main/java/me/zhyd/oauth/model/AuthCallback.java
@@ -2,7 +2,6 @@ package me.zhyd.oauth.model;
import lombok.Getter;
import lombok.Setter;
-import me.zhyd.oauth.cache.AuthStateCache;
/**
* 授权回调时的参数类
@@ -28,14 +27,4 @@ public class AuthCallback {
* 访问AuthorizeUrl后回调时带的参数state,用于和请求AuthorizeUrl前的state比较,防止CSRF攻击
*/
private String state;
-
- /**
- * 内置的检验state合法性的方法
- *
- * @return true: state正常;false:state不正常,可能授权时间过长导致state失效
- * @since 1.9.3
- */
- public boolean checkState() {
- return AuthStateCache.containsKey(this.state);
- }
}
diff --git a/src/main/java/me/zhyd/oauth/model/AuthResponse.java b/src/main/java/me/zhyd/oauth/model/AuthResponse.java
index 3d682d5cff0c5d4430ddbcb1375e88246d96ff67..ab2100620be55100137ea0ff1b13e9a48fb5e47a 100644
--- a/src/main/java/me/zhyd/oauth/model/AuthResponse.java
+++ b/src/main/java/me/zhyd/oauth/model/AuthResponse.java
@@ -2,7 +2,7 @@ package me.zhyd.oauth.model;
import lombok.Builder;
import lombok.Getter;
-import lombok.Setter;
+import me.zhyd.oauth.enums.AuthResponseStatus;
/**
* JustAuth统一授权响应类
diff --git a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
index 43796fe3be23235c52547ec4b6ee1a192f957109..29e64bfa5a895d31e2d4642f53f6b3825e880405 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
@@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
index 7af5f9e5da92e55fd80b8b1f4d18ead36322546a..7ca3e81022ba14c4ad8066288f0e6c9539752372 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
@@ -6,8 +6,12 @@ import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.cache.AuthStateCache;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.exception.AuthException;
-import me.zhyd.oauth.model.*;
+import me.zhyd.oauth.model.AuthCallback;
+import me.zhyd.oauth.model.AuthResponse;
+import me.zhyd.oauth.model.AuthToken;
+import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.utils.AuthChecker;
import me.zhyd.oauth.utils.StringUtils;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -35,13 +39,38 @@ public abstract class AuthDefaultRequest implements AuthRequest {
AuthChecker.checkConfig(config, source);
}
+ /**
+ * 获取access token
+ *
+ * @param authCallback 授权成功后的回调参数
+ * @return token
+ * @see AuthDefaultRequest#authorize()
+ * @see AuthDefaultRequest#authorize(String)
+ */
protected abstract AuthToken getAccessToken(AuthCallback authCallback);
+ /**
+ * 使用token换取用户信息
+ *
+ * @param authToken token信息
+ * @return 用户信息
+ * @see AuthDefaultRequest#getAccessToken(AuthCallback)
+ */
protected abstract AuthUser getUserInfo(AuthToken authToken);
+ /**
+ * 统一的登录入口。当通过{@link AuthDefaultRequest#authorize(String)}授权成功后,会跳转到调用方的相关回调方法中
+ * 方法的入参可以使用{@code AuthCallback},{@code AuthCallback}类中封装好了OAuth2授权回调所需要的参数
+ *
+ * @param authCallback 用于接收回调参数的实体
+ * @return AuthResponse
+ */
@Override
public AuthResponse login(AuthCallback authCallback) {
try {
+ if (!AuthStateCache.containsKey(authCallback.getState())) {
+ throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
+ }
AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode());
AuthToken authToken = this.getAccessToken(authCallback);
@@ -53,6 +82,12 @@ public abstract class AuthDefaultRequest implements AuthRequest {
}
}
+ /**
+ * 处理{@link AuthDefaultRequest#login(AuthCallback)} 发生异常的情况,统一响应参数
+ *
+ * @param e 具体的异常
+ * @return AuthResponse
+ */
private AuthResponse responseError(Exception e) {
int errorCode = AuthResponseStatus.FAILURE.getCode();
if (e instanceof AuthException) {
diff --git a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
index cdab6aeac58a68356d792f50c99f817862717eaa..cd17db9744de4489c55df7f1b2a418b46343f204 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
@@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
index adbb7e67078302f2c7544df822be5ddff387b2bd..80959837eeea5ff2c04489f2f4dd7f5d417e6c7e 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
@@ -7,6 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.JSONPath;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
@@ -112,7 +113,6 @@ public class AuthLinkedinRequest extends AuthDefaultRequest {
* @return 用户的邮箱地址
*/
private String getUserEmail(String accessToken) {
- String email = null;
HttpResponse emailResponse = HttpRequest.get("https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))")
.header("Host", "api.linkedin.com")
.header("Connection", "Keep-Alive")
diff --git a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
index 3b241e91c96ea11bb98d5c3d4ca22a23bfdb3a55..46f13c5b110a114559ad2466c8820aca7e5641d5 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
@@ -7,6 +7,7 @@ import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
index 963d6d850175812f48d73e0d09d57d43fd3d81ab..69aa58acd58fb70d1065398a550b51b8634d62be 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
@@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java
index 31151d51e07ee37807f41b6e7b8ece2070762484..c537cff08b908a98b4c001c0fbd165f0bd7efccc 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java
@@ -92,6 +92,7 @@ public class AuthPinterestRequest extends AuthDefaultRequest {
* @param authToken token
* @return 返回获取userInfo的url
*/
+ @Override
protected String userInfoUrl(AuthToken authToken) {
return UrlBuilder.fromBaseUrl(source.userInfo())
.queryParam("access_token", authToken.getAccessToken())
diff --git a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
index 274ccc24f405e37c04fe78ad4a62b9c768a4e0c2..8fa7b1a72e9fcf7974ff0e85a31cbea404e02243 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
@@ -6,6 +6,7 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java
index 4b1186fd9114d2e0575b7ed4ebb4047f11762221..62cc116e365333ce2dfed7bb35f67ef7a59a03f0 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java
@@ -13,7 +13,7 @@ import me.zhyd.oauth.utils.UrlBuilder;
import java.util.Objects;
import static me.zhyd.oauth.config.AuthSource.RENREN;
-import static me.zhyd.oauth.model.AuthResponseStatus.SUCCESS;
+import static me.zhyd.oauth.enums.AuthResponseStatus.SUCCESS;
/**
* 人人登录
diff --git a/src/main/java/me/zhyd/oauth/request/AuthRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRequest.java
index 6ceca1ee70b34f95e3d12ccca19b243f5a79c7b6..53e6b38d0b6e0b6b079f3fe89b89d2489b1231d2 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthRequest.java
@@ -3,7 +3,7 @@ package me.zhyd.oauth.request;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponse;
-import me.zhyd.oauth.model.AuthResponseStatus;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.model.AuthToken;
/**
diff --git a/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java b/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java
index 50c1b7f35621eecfc74574d64afe4e9e27eca1d2..09c8f7b3c5db045cb4f840ee113b2f98257641c0 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java
@@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
index cf87013c457376fc7d48008c319cb3e9f0bb224b..c10f24d956d622f7ac67037c6fb4e83fb056e7e2 100644
--- a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
@@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
diff --git a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
index 3cbd6adc0d71886fa11f35998f6f95e3dd7b5b13..a62eedc7c66d7e0befe9e53c0a4e72b0d62eeec8 100644
--- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
+++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
@@ -3,7 +3,7 @@ package me.zhyd.oauth.utils;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
-import me.zhyd.oauth.model.AuthResponseStatus;
+import me.zhyd.oauth.enums.AuthResponseStatus;
/**
* 授权配置类的校验器
diff --git a/src/test/java/me/zhyd/oauth/AuthRequestTest.java b/src/test/java/me/zhyd/oauth/AuthRequestTest.java
index 9b50f536e624490b6cb5ad8814df2645a23b7a02..74ffa3966edf946a3e5e4c18b138bf88ad97d11a 100644
--- a/src/test/java/me/zhyd/oauth/AuthRequestTest.java
+++ b/src/test/java/me/zhyd/oauth/AuthRequestTest.java
@@ -21,7 +21,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -36,7 +35,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -51,7 +49,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -66,7 +63,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -81,7 +77,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -96,7 +91,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -111,7 +105,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -126,7 +119,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
authRequest.login(new AuthCallback());
}
@@ -142,7 +134,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -157,7 +148,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -172,7 +162,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -187,7 +176,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -202,7 +190,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -217,7 +204,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -232,7 +218,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -247,7 +232,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -262,7 +246,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -277,7 +260,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
@@ -292,7 +274,6 @@ public class AuthRequestTest {
// 返回授权页面,可自行跳转
authRequest.authorize("state");
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
- // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性
// 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state
AuthResponse login = authRequest.login(new AuthCallback());
}
diff --git a/update.md b/update.md
index 62887cbb20fdfc87f649d53bab6a7001d459bf42..af8ac5caf8bf998259b443a592edbbf3fc3b69df 100644
--- a/update.md
+++ b/update.md
@@ -1,3 +1,10 @@
+### 2019/07/30 ([v1.9.4](https://gitee.com/yadong.zhang/JustAuth/releases/v1.9.4))
+
+1. 升级`hutool-http`版本到`v4.6.1`
+2. 去除`AuthCallback`中增加的默认的校验state的方法,挪到`AuthDefaultRequest`中做统一处理
+3. `alipay-sdk-java`依赖改为`provided`,如果需要使用支付宝登录,需要使用方手动引入相关依赖,具体操作方式,见项目WIKI;
+4. 规范注释
+
### 2019/07/30 ([v1.9.3](https://gitee.com/yadong.zhang/JustAuth/releases/v1.9.3))
1. 规范注释