2019-01-31 17:44:42 +08:00
|
|
|
package me.zhyd.oauth.utils;
|
|
|
|
|
|
|
|
|
|
import me.zhyd.oauth.config.AuthConfig;
|
2019-06-20 10:10:18 +08:00
|
|
|
import me.zhyd.oauth.config.AuthSource;
|
2019-06-19 09:56:28 +08:00
|
|
|
import me.zhyd.oauth.exception.AuthException;
|
2019-07-16 17:59:36 +08:00
|
|
|
import me.zhyd.oauth.model.AuthResponseStatus;
|
2019-01-31 17:44:42 +08:00
|
|
|
|
|
|
|
|
/**
|
2019-05-23 09:06:13 +08:00
|
|
|
* 授权配置类的校验器
|
|
|
|
|
*
|
2019-01-31 17:44:42 +08:00
|
|
|
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
|
|
|
|
|
* @since 1.8
|
|
|
|
|
*/
|
2019-06-27 19:39:21 +08:00
|
|
|
public class AuthChecker {
|
2019-01-31 17:44:42 +08:00
|
|
|
|
|
|
|
|
/**
|
2019-02-19 14:49:59 +08:00
|
|
|
* 是否支持第三方登录
|
2019-01-31 17:44:42 +08:00
|
|
|
*
|
2019-03-29 15:27:27 +08:00
|
|
|
* @param config config
|
2019-06-19 09:56:28 +08:00
|
|
|
* @param source source
|
2019-01-31 17:44:42 +08:00
|
|
|
* @return true or false
|
|
|
|
|
*/
|
2019-06-19 09:56:28 +08:00
|
|
|
public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
|
|
|
|
|
boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
|
|
|
|
|
if (isSupported && AuthSource.ALIPAY == source) {
|
|
|
|
|
isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
|
|
|
|
|
}
|
2019-07-20 17:21:21 +08:00
|
|
|
if (isSupported && AuthSource.STACK_OVERFLOW == source) {
|
|
|
|
|
isSupported = StringUtils.isNotEmpty(config.getStackOverflowKey());
|
|
|
|
|
}
|
2019-06-19 09:56:28 +08:00
|
|
|
return isSupported;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://,而对于facebook平台, redirect uri 必须是https的链接
|
|
|
|
|
*
|
|
|
|
|
* @param config config
|
|
|
|
|
* @param source source
|
|
|
|
|
*/
|
2019-06-27 19:39:21 +08:00
|
|
|
public static void checkConfig(AuthConfig config, AuthSource source) {
|
2019-06-19 09:56:28 +08:00
|
|
|
String redirectUri = config.getRedirectUri();
|
|
|
|
|
if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
|
2019-07-16 17:59:36 +08:00
|
|
|
throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI);
|
2019-06-19 09:56:28 +08:00
|
|
|
}
|
2019-06-19 16:48:09 +08:00
|
|
|
// facebook的回调地址必须为https的链接
|
2019-06-19 09:56:28 +08:00
|
|
|
if (AuthSource.FACEBOOK == source && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
|
2019-07-16 17:59:36 +08:00
|
|
|
throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI);
|
2019-06-19 09:56:28 +08:00
|
|
|
}
|
2019-06-19 16:48:09 +08:00
|
|
|
// 支付宝在创建回调地址时,不允许使用localhost或者127.0.0.1
|
|
|
|
|
if (AuthSource.ALIPAY == source && GlobalAuthUtil.isLocalHost(redirectUri)) {
|
2019-07-16 17:59:36 +08:00
|
|
|
throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI);
|
2019-06-19 16:48:09 +08:00
|
|
|
}
|
2019-01-31 17:44:42 +08:00
|
|
|
}
|
2019-06-27 19:39:21 +08:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* 校验回调传回的code
|
|
|
|
|
*
|
|
|
|
|
* @param code 回调时传回的code
|
|
|
|
|
*/
|
|
|
|
|
public static void checkCode(String code) {
|
|
|
|
|
if (StringUtils.isEmpty(code)) {
|
2019-07-16 17:59:36 +08:00
|
|
|
throw new AuthException(AuthResponseStatus.ILLEGAL_CODE);
|
2019-06-27 19:39:21 +08:00
|
|
|
}
|
|
|
|
|
}
|
2019-01-31 17:44:42 +08:00
|
|
|
}
|
