src/main/java/me/zhyd/oauth/request/AuthMiRequest.java

package me.zhyd.oauth.request;

import cn.hutool.core.util.StrUtil;
import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.enums.AuthResponseStatus;
import me.zhyd.oauth.enums.AuthUserGender;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;

import java.text.MessageFormat;

/**
 * 小米登录
 *
 * @author yangkai.shen (https://xkcoding.com)
 * @since 1.5.0
 */
@Slf4j
public class AuthMiRequest extends AuthDefaultRequest {
    private static final String PREFIX = "&&&START&&&";

    public AuthMiRequest(AuthConfig config) {
        super(config, AuthSource.MI);
    }

    @Override
    protected AuthToken getAccessToken(AuthCallback authCallback) {
        return getToken(accessTokenUrl(authCallback.getCode()));
    }

    private AuthToken getToken(String accessTokenUrl) {
        HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
        String jsonStr = StrUtil.replace(response.body(), PREFIX, StrUtil.EMPTY);
        JSONObject accessTokenObject = JSONObject.parseObject(jsonStr);

        if (accessTokenObject.containsKey("error")) {
            throw new AuthException(accessTokenObject.getString("error_description"));
        }

        return AuthToken.builder()
            .accessToken(accessTokenObject.getString("access_token"))
            .expireIn(accessTokenObject.getIntValue("expires_in"))
            .scope(accessTokenObject.getString("scope"))
            .tokenType(accessTokenObject.getString("token_type"))
            .refreshToken(accessTokenObject.getString("refresh_token"))
            .openId(accessTokenObject.getString("openId"))
            .macAlgorithm(accessTokenObject.getString("mac_algorithm"))
            .macKey(accessTokenObject.getString("mac_key"))
            .build();
    }

    @Override
    protected AuthUser getUserInfo(AuthToken authToken) {
        // 获取用户信息
        HttpResponse userResponse = doGetUserInfo(authToken);

        JSONObject userProfile = JSONObject.parseObject(userResponse.body());
        if ("error".equalsIgnoreCase(userProfile.getString("result"))) {
            throw new AuthException(userProfile.getString("description"));
        }

        JSONObject user = userProfile.getJSONObject("data");

        AuthUser authUser = AuthUser.builder()
            .uuid(authToken.getOpenId())
            .username(user.getString("miliaoNick"))
            .nickname(user.getString("miliaoNick"))
            .avatar(user.getString("miliaoIcon"))
            .email(user.getString("mail"))
            .gender(AuthUserGender.UNKNOWN)
            .token(authToken)
            .source(source)
            .build();

        // 获取用户邮箱手机号等信息
        String emailPhoneUrl = MessageFormat.format("{0}?clientId={1}&token={2}", "https://open.account.xiaomi.com/user/phoneAndEmail", config
            .getClientId(), authToken.getAccessToken());

        HttpResponse emailResponse = HttpRequest.get(emailPhoneUrl).execute();
        JSONObject userEmailPhone = JSONObject.parseObject(emailResponse.body());
        if (!"error".equalsIgnoreCase(userEmailPhone.getString("result"))) {
            JSONObject emailPhone = userEmailPhone.getJSONObject("data");
            authUser.setEmail(emailPhone.getString("email"));
        } else {
            log.warn("小米开发平台暂时不对外开放用户手机及邮箱信息的获取");
        }

        return authUser;
    }

    /**
     * 刷新access token （续期）
     *
     * @param authToken 登录成功后返回的Token信息
     * @return AuthResponse
     */
    @Override
    public AuthResponse refresh(AuthToken authToken) {
        return AuthResponse.builder()
            .code(AuthResponseStatus.SUCCESS.getCode())
            .data(getToken(refreshTokenUrl(authToken.getRefreshToken())))
            .build();
    }

    /**
     * 返回带{@code state}参数的授权url，授权回调时会带上这个{@code state}
     *
     * @param state state 验证授权流程的参数，可以防止csrf
     * @return 返回授权地址
     * @since 1.9.3
     */
    @Override
    public String authorize(String state) {
        return UrlBuilder.fromBaseUrl(source.authorize())
            .queryParam("response_type", "code")
            .queryParam("client_id", config.getClientId())
            .queryParam("redirect_uri", config.getRedirectUri())
            .queryParam("scope", "user/profile%20user/openIdV2%20user/phoneAndEmail")
            .queryParam("skip_confirm", "false")
            .queryParam("state", getRealState(state))
            .build();
    }

    /**
     * 返回获取userInfo的url
     *
     * @param authToken 用户授权后的token
     * @return 返回获取userInfo的url
     */
    @Override
    protected String userInfoUrl(AuthToken authToken) {
        return UrlBuilder.fromBaseUrl(source.userInfo())
            .queryParam("clientId", config.getClientId())
            .queryParam("token", authToken.getAccessToken())
            .build();
    }
}
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`package me.zhyd.oauth.request;`

			`import cn.hutool.core.util.StrUtil;`
			`import cn.hutool.http.HttpRequest;`
			`import cn.hutool.http.HttpResponse;`
			`import com.alibaba.fastjson.JSONObject;`
🔀 手动合并PR #18 到dev分支 2019-07-16 19:49:18 +08:00			`import lombok.extern.slf4j.Slf4j;`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`import me.zhyd.oauth.config.AuthConfig;`
🔀 合并github中的pr 2019-06-20 10:10:18 +08:00			`import me.zhyd.oauth.config.AuthSource;`
🍻 升级hutool，alipay-sdk改为provided，添加注释，state校验 2019-07-30 21:10:00 +08:00			`import me.zhyd.oauth.enums.AuthResponseStatus;`
🍻 优化代码 2019-07-19 14:26:42 +08:00			`import me.zhyd.oauth.enums.AuthUserGender;`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`import me.zhyd.oauth.exception.AuthException;`
👽 修改login方法的参数为AuthCallback，封装回调返回的参数、支持state参数、增加code和state参数校验 2019-06-27 19:39:21 +08:00			`import me.zhyd.oauth.model.*;`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`import me.zhyd.oauth.utils.UrlBuilder;`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00
			`import java.text.MessageFormat;`

			`/**`
			`* 小米登录`
			`*`
			`* @author yangkai.shen (https://xkcoding.com)`
💡 规范注释 2019-07-27 07:55:52 +08:00			`* @since 1.5.0`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`*/`
🔀 手动合并PR #18 到dev分支 2019-07-16 19:49:18 +08:00			`@Slf4j`
♻️ rename 2019-07-16 17:59:36 +08:00			`public class AuthMiRequest extends AuthDefaultRequest {`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`private static final String PREFIX = "&&&START&&&";`

			`public AuthMiRequest(AuthConfig config) {`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`super(config, AuthSource.MI);`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`}`

			`@Override`
👽 修改login方法的参数为AuthCallback，封装回调返回的参数、支持state参数、增加code和state参数校验 2019-06-27 19:39:21 +08:00			`protected AuthToken getAccessToken(AuthCallback authCallback) {`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`return getToken(accessTokenUrl(authCallback.getCode()));`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`}`

			`private AuthToken getToken(String accessTokenUrl) {`
			`HttpResponse response = HttpRequest.get(accessTokenUrl).execute();`
			`String jsonStr = StrUtil.replace(response.body(), PREFIX, StrUtil.EMPTY);`
✨ 全面开启state校验 2019-06-28 22:58:34 +08:00			`JSONObject accessTokenObject = JSONObject.parseObject(jsonStr);`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00
✨ 全面开启state校验 2019-06-28 22:58:34 +08:00			`if (accessTokenObject.containsKey("error")) {`
			`throw new AuthException(accessTokenObject.getString("error_description"));`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`}`

			`return AuthToken.builder()`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`.accessToken(accessTokenObject.getString("access_token"))`
			`.expireIn(accessTokenObject.getIntValue("expires_in"))`
			`.scope(accessTokenObject.getString("scope"))`
			`.tokenType(accessTokenObject.getString("token_type"))`
			`.refreshToken(accessTokenObject.getString("refresh_token"))`
			`.openId(accessTokenObject.getString("openId"))`
			`.macAlgorithm(accessTokenObject.getString("mac_algorithm"))`
			`.macKey(accessTokenObject.getString("mac_key"))`
			`.build();`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`}`

			`@Override`
			`protected AuthUser getUserInfo(AuthToken authToken) {`
			`// 获取用户信息`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`HttpResponse userResponse = doGetUserInfo(authToken);`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00
			`JSONObject userProfile = JSONObject.parseObject(userResponse.body());`
♻️ 去除工具类方法，使用原生方法 2019-06-21 15:36:41 +08:00			`if ("error".equalsIgnoreCase(userProfile.getString("result"))) {`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`throw new AuthException(userProfile.getString("description"));`
			`}`

			`JSONObject user = userProfile.getJSONObject("data");`

			`AuthUser authUser = AuthUser.builder()`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`.uuid(authToken.getOpenId())`
			`.username(user.getString("miliaoNick"))`
			`.nickname(user.getString("miliaoNick"))`
			`.avatar(user.getString("miliaoIcon"))`
			`.email(user.getString("mail"))`
			`.gender(AuthUserGender.UNKNOWN)`
			`.token(authToken)`
⚡ 优化代码、修复google获取用户信息失败的问题 2019-07-19 22:00:07 +08:00			`.source(source)`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`.build();`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00
			`// 获取用户邮箱手机号等信息`
			`String emailPhoneUrl = MessageFormat.format("{0}?clientId={1}&token={2}", "https://open.account.xiaomi.com/user/phoneAndEmail", config`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`.getClientId(), authToken.getAccessToken());`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00
			`HttpResponse emailResponse = HttpRequest.get(emailPhoneUrl).execute();`
			`JSONObject userEmailPhone = JSONObject.parseObject(emailResponse.body());`
♻️ 去除工具类方法，使用原生方法 2019-06-21 15:36:41 +08:00			`if (!"error".equalsIgnoreCase(userEmailPhone.getString("result"))) {`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`JSONObject emailPhone = userEmailPhone.getJSONObject("data");`
			`authUser.setEmail(emailPhone.getString("email"));`
🔀 手动合并PR #18 到dev分支 2019-07-16 19:49:18 +08:00			`} else {`
			`log.warn("小米开发平台暂时不对外开放用户手机及邮箱信息的获取");`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`}`

			`return authUser;`
			`}`

			`/**`
			`* 刷新access token （续期）`
			`*`
			`* @param authToken 登录成功后返回的Token信息`
			`* @return AuthResponse`
			`*/`
			`@Override`
			`public AuthResponse refresh(AuthToken authToken) {`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`return AuthResponse.builder()`
			`.code(AuthResponseStatus.SUCCESS.getCode())`
			`.data(getToken(refreshTokenUrl(authToken.getRefreshToken())))`
			`.build();`
			`}`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`/**`
🔖 v1.9.3,详细更新内容参考update.md 2019-07-30 09:12:28 +08:00			`* 返回带{@code state}参数的授权url，授权回调时会带上这个{@code state}`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`*`
State优化第一步：去掉AuthState工具类 2019-07-25 22:32:55 +08:00			`* @param state state 验证授权流程的参数，可以防止csrf`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`* @return 返回授权地址`
💡 优化注释 2019-07-27 07:34:01 +08:00			`* @since 1.9.3`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`*/`
			`@Override`
State优化第一步：去掉AuthState工具类 2019-07-25 22:32:55 +08:00			`public String authorize(String state) {`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`return UrlBuilder.fromBaseUrl(source.authorize())`
			`.queryParam("response_type", "code")`
			`.queryParam("client_id", config.getClientId())`
			`.queryParam("redirect_uri", config.getRedirectUri())`
			`.queryParam("scope", "user/profile%20user/openIdV2%20user/phoneAndEmail")`
			`.queryParam("skip_confirm", "false")`
State优化第一步：去掉AuthState工具类 2019-07-25 22:32:55 +08:00			`.queryParam("state", getRealState(state))`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`.build();`
			`}`

			`/**`
			`* 返回获取userInfo的url`
			`*`
🔖 增加`stackoverflow`参数校验、解决`Pinterest`获取用户失败的问题，发布v1.9.1 2019-07-20 17:21:21 +08:00			`* @param authToken 用户授权后的token`
♻️ 移除 UrlBuilder 2019-07-18 20:37:41 +08:00			`* @return 返回获取userInfo的url`
			`*/`
			`@Override`
			`protected String userInfoUrl(AuthToken authToken) {`
			`return UrlBuilder.fromBaseUrl(source.userInfo())`
			`.queryParam("clientId", config.getClientId())`
			`.queryParam("token", authToken.getAccessToken())`
			`.build();`
✨ 增加小米登录支持 2019-05-28 19:26:10 +08:00			`}`
			`}`