📝 更新说明

Merge branch 'carldea/master' into dev
🐛 修复 alipay 登录失败的 BUG
2026-05-22 21:53:18 +00:00 · 2021-10-18 10:03:14 +08:00 · 2021-10-18 09:55:40 +08:00 · 2021-10-16 19:11:24 +08:00 · 2021-10-16 19:10:50 +08:00 · 2021-10-16 19:10:24 +08:00
60 changed files with 636 additions and 317 deletions
@@ -0,0 +1,12 @@
+# These are supported funding model platforms
+
+github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+patreon: # Replace with a single Patreon username
+open_collective: # Replace with a single Open Collective username
+ko_fi: # Replace with a single Ko-fi username
+tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+liberapay: # Replace with a single Liberapay username
+issuehunt: # Replace with a single IssueHunt username
+otechie: # Replace with a single Otechie username
+custom: ['https://justauth.wiki/sponsor.html']
@@ -1,4 +1,4 @@
-name: Deploy SNAPSHOT
+name: Deploy

 on: 
  push:
@@ -6,14 +6,9 @@ on:
    paths:
      - src/**
      - pom.xml
-  pull_request:
-    branches: [ dev ]
-    paths:
-      - src/**
-      - pom.xml

 jobs:
-  get-latest-tag:
+  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2.2.0
@@ -21,7 +16,27 @@ jobs:
        uses: actions/setup-java@v2
        with:
          java-version: '8'
-          distribution: 'adopt'
+          distribution: 'zulu'
+      - name: Cache m2 package
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - run: mvn test
+
+  deploy-snapshot:
+    needs: test
+    if: ${{ success() }}
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.2.0
+      - name: Set up Java and Maven
+        uses: actions/setup-java@v2
+        with:
+          java-version: '8'
+          distribution: 'zulu'
          server-id: ossrh
          server-username: MAVEN_USERNAME
          server-password: MAVEN_PASSWORD
@@ -32,13 +47,19 @@ jobs:
          key: ${{ runner.os }}-maven-${{ hashFiles('pom.xml') }}
          restore-keys: |
            ${{ runner.os }}-maven-
-      - name: get current project version to set env.VERSION
-        run: echo "VERSION=`mvn help:evaluate -Dexpression=project.version -q -DforceStdout`" >> $GITHUB_ENV
-      - name: set snapshot version
-        if: ${{ !endsWith( env.VERSION , '-SNAPSHOT') }} 
-        run: mvn versions:set -DnewVersion=${{ env.VERSION }}-SNAPSHOT
+      - name: setting snapshot version
+        run: |
+          import xml.etree.ElementTree as ET
+          tree = ET.parse("pom.xml")
+          version = tree.find("{http://maven.apache.org/POM/4.0.0}version")
+          print(version.text + "-SNAPSHOT")
+          if version.text.endswith("-SNAPSHOT") == False:
+            tree.find("{http://maven.apache.org/POM/4.0.0}version").text = version.text + "-SNAPSHOT"
+            ET.register_namespace("", "http://maven.apache.org/POM/4.0.0")
+            tree.write("pom.xml", "utf-8", True)
+        shell: python
      - name: deploy snapshot to ossrh repository
-        run: mvn -B deploy -P snapshot
+        run: mvn -B deploy -P snapshot -DskipTests
        env:
          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
@@ -0,0 +1,26 @@
+name: test pull_request
+
+on: 
+  pull_request:
+    paths:
+      - src/**
+      - pom.xml
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2.2.0
+      - name: Set up Java and Maven
+        uses: actions/setup-java@v2
+        with:
+          java-version: '8'
+          distribution: 'zulu'
+      - name: Cache m2 package
+        uses: actions/cache@v2
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+      - run: mvn test
@@ -1,3 +1,30 @@
+## 1.16.5
+
+### 2021/10/18
+
+- 合并 PR [Github #138](https://github.com/justauth/JustAuth/pull/138)
+- 升级alipay-sdk-version的依赖版本
+- 修改用户logo的尺寸
+- 修复 alipay 登录失败的 BUG [Gitee Issue #I4E4ML](https://gitee.com/yadong.zhang/JustAuth/issues/I4E4ML)
+
+
+## 1.16.4
+
+### 2021/9/22
+
+- 合并 PR 
+  - [Github #134](https://github.com/justauth/JustAuth/pull/134)
+  - [Github #133](https://github.com/justauth/JustAuth/pull/133)
+  - [Github #132](https://github.com/justauth/JustAuth/pull/132)
+  - [Github #131](https://github.com/justauth/JustAuth/pull/131)
+- 添加微软中国(世纪华联)第三方登录，新增微软方式登录的redirectUri校验。[Gitee PR #28](https://gitee.com/yadong.zhang/JustAuth/pulls/28)
+- 升级第三方的依赖
+  -  simple-http > 1.0.5 
+  -  lombok > 1.18.20
+  -  junit > 4.13.2
+  -  fastjson > 1.2.78
+  -  alipay-sdk > 4.16.38.ALL
+
 ## 1.16.3

 ### 2021/8/15
@@ -218,7 +218,11 @@ AuthRequest authRequest = AuthRequestBuilder.builder()

 ## JustAuth 的用户
 有很多公司、组织和个人把 JustAuth 用于学习、研究、生产环境和商业产品中，包括（但不限于）：
-![](docs/users/4ca0177c.png)
+
+[![](docs/users/col.png)](https://www.mochiwang.com "给作者提供云写作的一个工具")![](docs/users/bjgyol.png)![](docs/users/foresealife.png)![](docs/users/sevnce.png)
+
+![](docs/users/bladex.png)![](docs/users/gun.png)![](docs/users/sika.jpg)![](docs/users/maxkey.png)![](docs/users/shiroaction.png)![](docs/users/xkcoding.png)
+


 怎么没有我？[登记](https://gitee.com/yadong.zhang/JustAuth/issues/IZ2T7)
@@ -1 +1 @@
-1.16.3
+1.16.4
@@ -6,7 +6,7 @@

  <groupId>me.zhyd.oauth</groupId>
  <artifactId>JustAuth</artifactId>
-  <version>1.16.3</version>
+  <version>1.16.5</version>

  <name>JustAuth</name>
  <url>https://gitee.com/yadong.zhang/JustAuth</url>
@@ -57,11 +57,11 @@
    <maven-surefire-version>2.20</maven-surefire-version>
    <maven-gpg-version>1.6</maven-gpg-version>
    <maven.test.skip>false</maven.test.skip>
-    <simple-http.version>1.0.3</simple-http.version>
-    <lombok-version>1.18.10</lombok-version>
-    <junit-version>4.13.1</junit-version>
-    <fastjson-version>1.2.76</fastjson-version>
-    <alipay-sdk-version>4.8.10.ALL</alipay-sdk-version>
+    <simple-http.version>1.0.5</simple-http.version>
+    <lombok-version>1.18.20</lombok-version>
+    <junit-version>4.13.2</junit-version>
+    <fastjson-version>1.2.78</fastjson-version>
+    <alipay-sdk-version>4.17.5.ALL</alipay-sdk-version>
    <jacoco-version>0.8.2</jacoco-version>
  </properties>

@@ -38,7 +38,10 @@ public class AuthConfig {
    /**
     * 支付宝公钥：当选择支付宝登录时，该值可用
     * 对应“RSA2(SHA256)密钥”中的“支付宝公钥”
+     *
+     * @deprecated 请使用AuthAlipayRequest的构造方法设置"alipayPublicKey"
     */
+    @Deprecated
    private String alipayPublicKey;

    /**
@@ -515,6 +515,33 @@ public enum AuthDefaultSource implements AuthSource {
            return AuthMicrosoftRequest.class;
        }
    },
+    /**
+     * 微软中国(世纪互联)
+     */
+    MICROSOFT_CN {
+        @Override
+        public String authorize() {
+            return "https://login.partner.microsoftonline.cn/common/oauth2/v2.0/authorize";
+        }
+
+        @Override
+        public String accessToken() {
+            return "https://login.partner.microsoftonline.cn/common/oauth2/v2.0/token";
+        }
+
+        @Override
+        public String userInfo() {
+            return "https://microsoftgraph.chinacloudapi.cn/v1.0/me";
+        }
+
+        @Override
+        public String refresh() {
+            return "https://login.partner.microsoftonline.cn/common/oauth2/v2.0/token";
+        }
+
+        @Override
+        public Class<? extends AuthDefaultRequest> getTargetClass() { return AuthMicrosoftCnRequest.class; }
+    },
    /**
     * 小米
     */
@@ -43,7 +43,7 @@ public abstract class AbstractAuthDingtalkRequest extends AuthDefaultRequest {
        String code = authToken.getAccessCode();
        JSONObject param = new JSONObject();
        param.put("tmp_auth_code", code);
-        String response = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), param.toJSONString());
+        String response = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), param.toJSONString()).getBody();
        JSONObject object = JSON.parseObject(response);
        if (object.getIntValue("errcode") != 0) {
            throw new AuthException(object.getString("errmsg"));
@@ -0,0 +1,181 @@
+package me.zhyd.oauth.request;
+
+import com.alibaba.fastjson.JSONObject;
+import com.xkcoding.http.support.HttpHeader;
+import com.xkcoding.http.util.MapUtil;
+import me.zhyd.oauth.cache.AuthStateCache;
+import me.zhyd.oauth.config.AuthConfig;
+import me.zhyd.oauth.config.AuthSource;
+import me.zhyd.oauth.enums.AuthResponseStatus;
+import me.zhyd.oauth.enums.AuthUserGender;
+import me.zhyd.oauth.enums.scope.AuthMicrosoftScope;
+import me.zhyd.oauth.exception.AuthException;
+import me.zhyd.oauth.model.AuthCallback;
+import me.zhyd.oauth.model.AuthResponse;
+import me.zhyd.oauth.model.AuthToken;
+import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.utils.AuthScopeUtils;
+import me.zhyd.oauth.utils.HttpUtils;
+import me.zhyd.oauth.utils.UrlBuilder;
+
+import java.util.Map;
+
+/**
+ * 微软登录抽象类,负责处理使用微软国际和微软中国账号登录第三方网站的登录方式
+ *
+ * @author mroldx (xzfqq5201314@gmail.com)
+ * @since 1.16.4
+ */
+public abstract class AbstractAuthMicrosoftRequest extends AuthDefaultRequest {
+
+    public AbstractAuthMicrosoftRequest(AuthConfig config, AuthSource source) {
+        super(config, source);
+    }
+
+
+    public AbstractAuthMicrosoftRequest(AuthConfig config, AuthSource source, AuthStateCache authStateCache) {
+        super(config, source, authStateCache);
+    }
+
+    @Override
+    protected AuthToken getAccessToken(AuthCallback authCallback) {
+        return getToken(accessTokenUrl(authCallback.getCode()));
+    }
+
+    /**
+     * 获取token，适用于获取access_token和刷新token
+     *
+     * @param accessTokenUrl 实际请求token的地址
+     * @return token对象
+     */
+    private AuthToken getToken(String accessTokenUrl) {
+        HttpHeader httpHeader = new HttpHeader();
+
+        Map<String, String> form = MapUtil.parseStringToMap(accessTokenUrl, false);
+
+        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl, form, httpHeader, false).getBody();
+        JSONObject accessTokenObject = JSONObject.parseObject(response);
+
+        this.checkResponse(accessTokenObject);
+
+        return AuthToken.builder()
+            .accessToken(accessTokenObject.getString("access_token"))
+            .expireIn(accessTokenObject.getIntValue("expires_in"))
+            .scope(accessTokenObject.getString("scope"))
+            .tokenType(accessTokenObject.getString("token_type"))
+            .refreshToken(accessTokenObject.getString("refresh_token"))
+            .build();
+    }
+
+    /**
+     * 检查响应内容是否正确
+     *
+     * @param object 请求响应内容
+     */
+    private void checkResponse(JSONObject object) {
+        if (object.containsKey("error")) {
+            throw new AuthException(object.getString("error_description"));
+        }
+    }
+
+    @Override
+    protected AuthUser getUserInfo(AuthToken authToken) {
+        String token = authToken.getAccessToken();
+        String tokenType = authToken.getTokenType();
+        String jwt = tokenType + " " + token;
+
+        HttpHeader httpHeader = new HttpHeader();
+        httpHeader.add("Authorization", jwt);
+
+        String userInfo = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false).getBody();
+        JSONObject object = JSONObject.parseObject(userInfo);
+        this.checkResponse(object);
+        return AuthUser.builder()
+            .rawUserInfo(object)
+            .uuid(object.getString("id"))
+            .username(object.getString("userPrincipalName"))
+            .nickname(object.getString("displayName"))
+            .location(object.getString("officeLocation"))
+            .email(object.getString("mail"))
+            .gender(AuthUserGender.UNKNOWN)
+            .token(authToken)
+            .source(source.toString())
+            .build();
+    }
+
+    /**
+     * 刷新access token （续期）
+     *
+     * @param authToken 登录成功后返回的Token信息
+     * @return AuthResponse
+     */
+    @Override
+    public AuthResponse refresh(AuthToken authToken) {
+        return AuthResponse.builder()
+            .code(AuthResponseStatus.SUCCESS.getCode())
+            .data(getToken(refreshTokenUrl(authToken.getRefreshToken())))
+            .build();
+    }
+
+    /**
+     * 返回带{@code state}参数的授权url，授权回调时会带上这个{@code state}
+     *
+     * @param state state 验证授权流程的参数，可以防止csrf
+     * @return 返回授权地址
+     * @since 1.9.3
+     */
+    @Override
+    public String authorize(String state) {
+        return UrlBuilder.fromBaseUrl(super.authorize(state))
+            .queryParam("response_mode", "query")
+            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values())))
+            .build();
+    }
+
+    /**
+     * 返回获取accessToken的url
+     *
+     * @param code 授权code
+     * @return 返回获取accessToken的url
+     */
+    @Override
+    protected String accessTokenUrl(String code) {
+        return UrlBuilder.fromBaseUrl(source.accessToken())
+            .queryParam("code", code)
+            .queryParam("client_id", config.getClientId())
+            .queryParam("client_secret", config.getClientSecret())
+            .queryParam("grant_type", "authorization_code")
+            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values())))
+            .queryParam("redirect_uri", config.getRedirectUri())
+            .build();
+    }
+
+    /**
+     * 返回获取userInfo的url
+     *
+     * @param authToken 用户授权后的token
+     * @return 返回获取userInfo的url
+     */
+    @Override
+    protected String userInfoUrl(AuthToken authToken) {
+        return UrlBuilder.fromBaseUrl(source.userInfo()).build();
+    }
+
+    /**
+     * 返回获取accessToken的url
+     *
+     * @param refreshToken 用户授权后的token
+     * @return 返回获取accessToken的url
+     */
+    @Override
+    protected String refreshTokenUrl(String refreshToken) {
+        return UrlBuilder.fromBaseUrl(source.refresh())
+            .queryParam("client_id", config.getClientId())
+            .queryParam("client_secret", config.getClientSecret())
+            .queryParam("refresh_token", refreshToken)
+            .queryParam("grant_type", "refresh_token")
+            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values())))
+            .queryParam("redirect_uri", config.getRedirectUri())
+            .build();
+    }
+}
@@ -130,7 +130,7 @@ public abstract class AbstractAuthWeChatEnterpriseRequest extends AuthDefaultReq
            .queryParam("access_token", accessToken)
            .queryParam("userid", userId)
            .build();
-        return new HttpUtils(config.getHttpConfig()).get(userDetailUrl);
+        return new HttpUtils(config.getHttpConfig()).get(userDetailUrl).getBody();
    }

 }
@@ -18,6 +18,8 @@ import me.zhyd.oauth.model.AuthCallback;
 import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.utils.AuthChecker;
+import me.zhyd.oauth.utils.GlobalAuthUtils;
 import me.zhyd.oauth.utils.StringUtils;
 import me.zhyd.oauth.utils.UrlBuilder;

@@ -31,31 +33,117 @@ import java.net.InetSocketAddress;
 */
 public class AuthAlipayRequest extends AuthDefaultRequest {

-    private AlipayClient alipayClient;
+    /**
+     * 支付宝公钥：当选择支付宝登录时，该值可用
+     * 对应“RSA2(SHA256)密钥”中的“支付宝公钥”
+     */
+    private final String alipayPublicKey;

+    private final AlipayClient alipayClient;
+
+    private static final String GATEWAY = "https://openapi.alipay.com/gateway.do";
+
+    /**
+     * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, java.lang.String)
+     * @deprecated 请使用带有"alipayPublicKey"参数的构造方法
+     */
+    @Deprecated
    public AuthAlipayRequest(AuthConfig config) {
-        super(config, AuthDefaultSource.ALIPAY);
-        this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), "json", "UTF-8", config
-            .getAlipayPublicKey(), "RSA2");
+        this(config, (String) null);
    }

+    /**
+     * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, java.lang.String, me.zhyd.oauth.cache.AuthStateCache)
+     * @deprecated 请使用带有"alipayPublicKey"参数的构造方法
+     */
+    @Deprecated
    public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache) {
+        this(config, null, authStateCache);
+    }
+
+    /**
+     * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, java.lang.String, me.zhyd.oauth.cache.AuthStateCache, java.lang.String, java.lang.Integer)
+     * @deprecated 请使用带有"alipayPublicKey"参数的构造方法
+     */
+    @Deprecated
+    public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache, String proxyHost, Integer proxyPort) {
+        this(config, null, authStateCache, proxyHost, proxyPort);
+    }
+
+    /**
+     * 构造方法，需要设置"alipayPublicKey"
+     *
+     * @param config          公共的OAuth配置
+     * @param alipayPublicKey 支付宝公钥
+     * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig)
+     */
+    public AuthAlipayRequest(AuthConfig config, String alipayPublicKey) {
+        super(config, AuthDefaultSource.ALIPAY);
+        this.alipayPublicKey = determineAlipayPublicKey(alipayPublicKey, config);
+        check(config);
+        this.alipayClient = new DefaultAlipayClient(GATEWAY, config.getClientId(), config.getClientSecret(), "json", "UTF-8", this.alipayPublicKey, "RSA2");
+    }
+
+    /**
+     * 构造方法，需要设置"alipayPublicKey"
+     *
+     * @param config          公共的OAuth配置
+     * @param alipayPublicKey 支付宝公钥
+     * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, me.zhyd.oauth.cache.AuthStateCache)
+     */
+    public AuthAlipayRequest(AuthConfig config, String alipayPublicKey, AuthStateCache authStateCache) {
        super(config, AuthDefaultSource.ALIPAY, authStateCache);
+        this.alipayPublicKey = determineAlipayPublicKey(alipayPublicKey, config);
+        check(config);
        if (config.getHttpConfig() != null && config.getHttpConfig().getProxy() != null
            && config.getHttpConfig().getProxy().address() instanceof InetSocketAddress) {
            InetSocketAddress address = (InetSocketAddress) config.getHttpConfig().getProxy().address();
-            this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(),
-                "json", "UTF-8", config.getAlipayPublicKey(), "RSA2", address.getHostName(), address.getPort());
+            this.alipayClient = new DefaultAlipayClient(GATEWAY, config.getClientId(), config.getClientSecret(),
+                "json", "UTF-8", this.alipayPublicKey, "RSA2", address.getHostName(), address.getPort());
        } else {
-            this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(),
-                "json", "UTF-8", config.getAlipayPublicKey(), "RSA2");
+            this.alipayClient = new DefaultAlipayClient(GATEWAY, config.getClientId(), config.getClientSecret(),
+                "json", "UTF-8", this.alipayPublicKey, "RSA2");
        }
    }

-    public AuthAlipayRequest(AuthConfig config, AuthStateCache authStateCache, String proxyHost, Integer proxyPort) {
+    /**
+     * 构造方法，需要设置"alipayPublicKey"
+     *
+     * @param config          公共的OAuth配置
+     * @param alipayPublicKey 支付宝公钥
+     * @see AuthAlipayRequest#AuthAlipayRequest(me.zhyd.oauth.config.AuthConfig, me.zhyd.oauth.cache.AuthStateCache, java.lang.String, java.lang.Integer)
+     */
+    public AuthAlipayRequest(AuthConfig config, String alipayPublicKey, AuthStateCache authStateCache, String proxyHost, Integer proxyPort) {
        super(config, AuthDefaultSource.ALIPAY, authStateCache);
-        this.alipayClient = new DefaultAlipayClient(AuthDefaultSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(),
-            "json", "UTF-8", config.getAlipayPublicKey(), "RSA2", proxyHost, proxyPort);
+        this.alipayPublicKey = determineAlipayPublicKey(alipayPublicKey, config);
+        check(config);
+        this.alipayClient = new DefaultAlipayClient(GATEWAY, config.getClientId(), config.getClientSecret(),
+            "json", "UTF-8", this.alipayPublicKey, "RSA2", proxyHost, proxyPort);
+    }
+
+    private String determineAlipayPublicKey(String alipayPublicKey, AuthConfig config) {
+        return alipayPublicKey != null ? alipayPublicKey : config.getAlipayPublicKey();
+    }
+
+    protected void check(AuthConfig config) {
+        AuthChecker.checkConfig(config, AuthDefaultSource.ALIPAY);
+
+        if (!StringUtils.isNotEmpty(alipayPublicKey)) {
+            throw new AuthException(AuthResponseStatus.PARAMETER_INCOMPLETE, AuthDefaultSource.ALIPAY);
+        }
+
+        // 支付宝在创建回调地址时，不允许使用localhost或者127.0.0.1
+        if (GlobalAuthUtils.isLocalHost(config.getRedirectUri())) {
+            // The redirect uri of alipay is forbidden to use localhost or 127.0.0.1
+            throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, AuthDefaultSource.ALIPAY);
+        }
+    }
+
+    @Override
+    protected void checkCode(AuthCallback authCallback) {
+        if (StringUtils.isEmpty(authCallback.getAuth_code())) {
+            throw new AuthException(AuthResponseStatus.ILLEGAL_CODE, source);
+        }
    }

    @Override
@@ -111,7 +111,7 @@ public class AuthAmazonRequest extends AuthDefaultRequest {
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Host", "api.amazon.com");
        httpHeader.add(Constants.CONTENT_TYPE, "application/x-www-form-urlencoded;charset=UTF-8");
-        String response = new HttpUtils(config.getHttpConfig()).post(url, param, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(url, param, httpHeader, false).getBody();
        JSONObject jsonObject = JSONObject.parseObject(response);
        this.checkResponse(jsonObject);
        return AuthToken.builder()
@@ -147,7 +147,7 @@ public class AuthAmazonRequest extends AuthDefaultRequest {
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Host", "api.amazon.com");
        httpHeader.add("Authorization", "bearer " + accessToken);
-        String userInfo = new HttpUtils(config.getHttpConfig()).get(this.source.userInfo(), new HashMap<>(0), httpHeader, false);
+        String userInfo = new HttpUtils(config.getHttpConfig()).get(this.source.userInfo(), new HashMap<>(0), httpHeader, false).getBody();
        JSONObject jsonObject = JSONObject.parseObject(userInfo);
        this.checkResponse(jsonObject);

@@ -164,7 +164,7 @@ public class AuthAmazonRequest extends AuthDefaultRequest {
    }

    private void checkToken(String accessToken) {
-        String tokenInfo = new HttpUtils(config.getHttpConfig()).get("https://api.amazon.com/auth/o2/tokeninfo?access_token=" + UrlUtil.urlEncode(accessToken));
+        String tokenInfo = new HttpUtils(config.getHttpConfig()).get("https://api.amazon.com/auth/o2/tokeninfo?access_token=" + UrlUtil.urlEncode(accessToken)).getBody();
        JSONObject jsonObject = JSONObject.parseObject(tokenInfo);
        if (!config.getClientId().equals(jsonObject.getString("aud"))) {
            throw new AuthException(AuthResponseStatus.ILLEGAL_TOKEN);
@@ -88,7 +88,7 @@ public class AuthBaiduRequest extends AuthDefaultRequest {
            .queryParam("client_id", this.config.getClientId())
            .queryParam("client_secret", this.config.getClientSecret())
            .build();
-        String response = new HttpUtils(config.getHttpConfig()).get(refreshUrl);
+        String response = new HttpUtils(config.getHttpConfig()).get(refreshUrl).getBody();
        return AuthResponse.builder()
            .code(AuthResponseStatus.SUCCESS.getCode())
            .data(this.getAuthToken(response))
@@ -72,7 +72,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
    @Override
    public AuthResponse login(AuthCallback authCallback) {
        try {
-            AuthChecker.checkCode(source, authCallback);
+            checkCode(authCallback);
            if (!config.isIgnoreCheckState()) {
                AuthChecker.checkState(authCallback.getState(), source, authStateCache);
            }
@@ -86,6 +86,10 @@ public abstract class AuthDefaultRequest implements AuthRequest {
        }
    }

+    protected void checkCode(AuthCallback authCallback) {
+        AuthChecker.checkCode(source, authCallback);
+    }
+
    /**
     * 处理{@link AuthDefaultRequest#login(AuthCallback)} 发生异常的情况，统一响应参数
     *
@@ -211,7 +215,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
     * @return Response
     */
    protected String doPostAuthorizationCode(String code) {
-        return new HttpUtils(config.getHttpConfig()).post(accessTokenUrl(code));
+        return new HttpUtils(config.getHttpConfig()).post(accessTokenUrl(code)).getBody();
    }

    /**
@@ -221,7 +225,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
     * @return Response
     */
    protected String doGetAuthorizationCode(String code) {
-        return new HttpUtils(config.getHttpConfig()).get(accessTokenUrl(code));
+        return new HttpUtils(config.getHttpConfig()).get(accessTokenUrl(code)).getBody();
    }

    /**
@@ -232,7 +236,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
     */
    @Deprecated
    protected String doPostUserInfo(AuthToken authToken) {
-        return new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken));
+        return new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken)).getBody();
    }

    /**
@@ -242,7 +246,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
     * @return Response
     */
    protected String doGetUserInfo(AuthToken authToken) {
-        return new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken));
+        return new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken)).getBody();
    }

    /**
@@ -253,7 +257,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
     */
    @Deprecated
    protected String doPostRevoke(AuthToken authToken) {
-        return new HttpUtils(config.getHttpConfig()).post(revokeUrl(authToken));
+        return new HttpUtils(config.getHttpConfig()).post(revokeUrl(authToken)).getBody();
    }

    /**
@@ -263,7 +267,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
     * @return Response
     */
    protected String doGetRevoke(AuthToken authToken) {
-        return new HttpUtils(config.getHttpConfig()).get(revokeUrl(authToken));
+        return new HttpUtils(config.getHttpConfig()).get(revokeUrl(authToken)).getBody();
    }

    /**
@@ -87,7 +87,7 @@ public class AuthDouyinRequest extends AuthDefaultRequest {
     * @return token对象
     */
    private AuthToken getToken(String accessTokenUrl) {
-        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl);
+        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl).getBody();
        JSONObject object = JSONObject.parseObject(response);
        this.checkResponse(object);
        JSONObject dataObj = object.getJSONObject("data");
@@ -52,7 +52,7 @@ public class AuthElemeRequest extends AuthDefaultRequest {
        form.put("grant_type", "authorization_code");

        HttpHeader httpHeader = this.buildHeader(CONTENT_TYPE_FORM, this.getRequestId(), true);
-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, httpHeader, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -91,7 +91,7 @@ public class AuthElemeRequest extends AuthDefaultRequest {
        paramsMap.put("signature", signature);

        HttpHeader httpHeader = this.buildHeader(CONTENT_TYPE_JSON, requestId, false);
-        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), JSONObject.toJSONString(paramsMap), httpHeader);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), JSONObject.toJSONString(paramsMap), httpHeader).getBody();

        JSONObject object = JSONObject.parseObject(response);

@@ -123,7 +123,7 @@ public class AuthElemeRequest extends AuthDefaultRequest {
        form.put("grant_type", "refresh_token");

        HttpHeader httpHeader = this.buildHeader(CONTENT_TYPE_FORM, this.getRequestId(), true);
-        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, httpHeader, false).getBody();

        JSONObject object = JSONObject.parseObject(response);

@@ -56,7 +56,7 @@ public class AuthFeishuRequest extends AuthDefaultRequest {
        requestObject.put("app_id", config.getClientId());
        requestObject.put("app_secret", config.getClientSecret());
        String response = new HttpUtils(config.getHttpConfig()).post(url, requestObject.toJSONString(), new HttpHeader()
-            .add("Content-Type", "application/json"));
+            .add("Content-Type", "application/json")).getBody();
        JSONObject jsonObject = JSON.parseObject(response);
        this.checkResponse(jsonObject);
        String appAccessToken = jsonObject.getString("app_access_token");
@@ -80,7 +80,7 @@ public class AuthFeishuRequest extends AuthDefaultRequest {
        String accessToken = authToken.getAccessToken();
        String response = new HttpUtils(config.getHttpConfig()).get(source.userInfo(), null, new HttpHeader()
            .add("Content-Type", "application/json")
-            .add("Authorization", "Bearer " + accessToken), false);
+            .add("Authorization", "Bearer " + accessToken), false).getBody();
        JSONObject object = JSON.parseObject(response);
        this.checkResponse(object);
        JSONObject data = object.getJSONObject("data");
@@ -112,7 +112,7 @@ public class AuthFeishuRequest extends AuthDefaultRequest {

    private AuthToken getToken(JSONObject param, String url) {
        String response = new HttpUtils(config.getHttpConfig()).post(url, param.toJSONString(), new HttpHeader()
-            .add("Content-Type", "application/json"));
+            .add("Content-Type", "application/json")).getBody();
        JSONObject jsonObject = JSON.parseObject(response);
        this.checkResponse(jsonObject);
        JSONObject data = jsonObject.getJSONObject("data");
@@ -52,7 +52,7 @@ public class AuthGithubRequest extends AuthDefaultRequest {
    protected AuthUser getUserInfo(AuthToken authToken) {
        HttpHeader header = new HttpHeader();
        header.add("Authorization", "token " + authToken.getAccessToken());
-        String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl(source.userInfo()).build(), null, header, false);
+        String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl(source.userInfo()).build(), null, header, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object.containsKey("error"), object.getString("error_description"));
@@ -50,7 +50,7 @@ public class AuthGoogleRequest extends AuthDefaultRequest {
    protected AuthUser getUserInfo(AuthToken authToken) {
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Authorization", "Bearer " + authToken.getAccessToken());
-        String userInfo = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), null, httpHeader);
+        String userInfo = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), null, httpHeader).getBody();
        JSONObject object = JSONObject.parseObject(userInfo);
        this.checkResponse(object);
        return AuthUser.builder()
@@ -54,7 +54,7 @@ public class AuthHuaweiRequest extends AuthDefaultRequest {
        form.put("client_secret", config.getClientSecret());
        form.put("redirect_uri", config.getRedirectUri());

-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, false).getBody();
        return getAuthToken(response);
    }

@@ -73,7 +73,7 @@ public class AuthHuaweiRequest extends AuthDefaultRequest {
        form.put("nsp_fmt", "JS");
        form.put("nsp_svc", "OpenUP.User.getInfo");

-        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), form, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -106,7 +106,7 @@ public class AuthHuaweiRequest extends AuthDefaultRequest {
        form.put("refresh_token", authToken.getRefreshToken());
        form.put("grant_type", "refresh_token");

-        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, false).getBody();
        return AuthResponse.builder().code(SUCCESS.getCode()).data(getAuthToken(response)).build();
    }

@@ -46,7 +46,7 @@ public class AuthJdRequest extends AuthDefaultRequest {
        params.put("app_secret", config.getClientSecret());
        params.put("grant_type", "authorization_code");
        params.put("code", authCallback.getCode());
-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), params, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), params, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -70,7 +70,7 @@ public class AuthJdRequest extends AuthDefaultRequest {
            .queryParam("timestamp", LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")))
            .queryParam("v", "2.0");
        urlBuilder.queryParam("sign", GlobalAuthUtils.generateJdSignature(config.getClientSecret(), urlBuilder.getReadOnlyParams()));
-        String response = new HttpUtils(config.getHttpConfig()).post(urlBuilder.build(true));
+        String response = new HttpUtils(config.getHttpConfig()).post(urlBuilder.build(true)).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -109,7 +109,7 @@ public class AuthJdRequest extends AuthDefaultRequest {
        params.put("app_secret", config.getClientSecret());
        params.put("grant_type", "refresh_token");
        params.put("refresh_token", oldToken.getRefreshToken());
-        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), params, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), params, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -76,7 +76,7 @@ public class AuthKujialeRequest extends AuthDefaultRequest {
        String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl(source.userInfo())
            .queryParam("access_token", authToken.getAccessToken())
            .queryParam("open_id", openId)
-            .build());
+            .build()).getBody();
        JSONObject object = JSONObject.parseObject(response);
        if (!"0".equals(object.getString("c"))) {
            throw new AuthException(object.getString("m"));
@@ -103,14 +103,14 @@ public class AuthKujialeRequest extends AuthDefaultRequest {
    private String getOpenId(AuthToken authToken) {
        String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl("https://oauth.kujiale.com/oauth2/auth/user")
            .queryParam("access_token", authToken.getAccessToken())
-            .build());
+            .build()).getBody();
        JSONObject accessTokenObject = checkResponse(response);
        return accessTokenObject.getString("d");
    }

    @Override
    public AuthResponse refresh(AuthToken authToken) {
-        String response = new HttpUtils(config.getHttpConfig()).post(refreshTokenUrl(authToken.getRefreshToken()));
+        String response = new HttpUtils(config.getHttpConfig()).post(refreshTokenUrl(authToken.getRefreshToken())).getBody();
        return AuthResponse.builder().code(AuthResponseStatus.SUCCESS.getCode()).data(getAuthToken(response)).build();
    }
 }
@@ -43,7 +43,7 @@ public class AuthLineRequest extends AuthDefaultRequest {
        params.put("redirect_uri", config.getRedirectUri());
        params.put("client_id", config.getClientId());
        params.put("client_secret", config.getClientSecret());
-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), params, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), params, false).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        return AuthToken.builder()
            .accessToken(accessTokenObject.getString("access_token"))
@@ -59,7 +59,7 @@ public class AuthLineRequest extends AuthDefaultRequest {
    protected AuthUser getUserInfo(AuthToken authToken) {
        String userInfo = new HttpUtils(config.getHttpConfig()).get(source.userInfo(), null, new HttpHeader()
            .add("Content-Type", "application/x-www-form-urlencoded")
-            .add("Authorization", "Bearer ".concat(authToken.getAccessToken())), false);
+            .add("Authorization", "Bearer ".concat(authToken.getAccessToken())), false).getBody();
        JSONObject object = JSONObject.parseObject(userInfo);
        return AuthUser.builder()
            .rawUserInfo(object)
@@ -80,7 +80,7 @@ public class AuthLineRequest extends AuthDefaultRequest {
        params.put("access_token", authToken.getAccessToken());
        params.put("client_id", config.getClientId());
        params.put("client_secret", config.getClientSecret());
-        String userInfo = new HttpUtils(config.getHttpConfig()).post(source.revoke(), params, false);
+        String userInfo = new HttpUtils(config.getHttpConfig()).post(source.revoke(), params, false).getBody();
        JSONObject object = JSONObject.parseObject(userInfo);
        // 返回1表示取消授权成功，否则失败
        AuthResponseStatus status = object.getBooleanValue("revoked") ? AuthResponseStatus.SUCCESS : AuthResponseStatus.FAILURE;
@@ -94,7 +94,7 @@ public class AuthLineRequest extends AuthDefaultRequest {
        params.put("refresh_token", oldToken.getRefreshToken());
        params.put("client_id", config.getClientId());
        params.put("client_secret", config.getClientSecret());
-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), params, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), params, false).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        return AuthResponse.builder()
            .code(AuthResponseStatus.SUCCESS.getCode())
@@ -48,7 +48,7 @@ public class AuthLinkedinRequest extends AuthDefaultRequest {
        httpHeader.add("Connection", "Keep-Alive");
        httpHeader.add("Authorization", "Bearer " + accessToken);

-        String response = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false).getBody();
        JSONObject userInfoObject = JSONObject.parseObject(response);

        this.checkResponse(userInfoObject);
@@ -138,7 +138,9 @@ public class AuthLinkedinRequest extends AuthDefaultRequest {
        httpHeader.add("Connection", "Keep-Alive");
        httpHeader.add("Authorization", "Bearer " + accessToken);

-        String emailResponse = new HttpUtils(config.getHttpConfig()).get("https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))", null, httpHeader, false);
+        String emailResponse = new HttpUtils(config.getHttpConfig())
+            .get("https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))", null, httpHeader, false)
+            .getBody();
        JSONObject emailObj = JSONObject.parseObject(emailResponse);

        this.checkResponse(emailObj);
@@ -178,7 +180,7 @@ public class AuthLinkedinRequest extends AuthDefaultRequest {
        httpHeader.add("Host", "www.linkedin.com");
        httpHeader.add(Constants.CONTENT_TYPE, "application/x-www-form-urlencoded");

-        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl, null, httpHeader);
+        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl, null, httpHeader).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);

        this.checkResponse(accessTokenObject);
@@ -41,7 +41,7 @@ public class AuthMeituanRequest extends AuthDefaultRequest {
        form.put("code", authCallback.getCode());
        form.put("grant_type", "authorization_code");

-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -60,7 +60,7 @@ public class AuthMeituanRequest extends AuthDefaultRequest {
        form.put("secret", config.getClientSecret());
        form.put("access_token", authToken.getAccessToken());

-        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), form, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -85,7 +85,7 @@ public class AuthMeituanRequest extends AuthDefaultRequest {
        form.put("refresh_token", oldToken.getRefreshToken());
        form.put("grant_type", "refresh_token");

-        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -43,7 +43,7 @@ public class AuthMiRequest extends AuthDefaultRequest {
    }

    private AuthToken getToken(String accessTokenUrl) {
-        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl);
+        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl).getBody();
        String jsonStr = response.replace(PREFIX, Constants.EMPTY);
        JSONObject accessTokenObject = JSONObject.parseObject(jsonStr);

@@ -91,7 +91,7 @@ public class AuthMiRequest extends AuthDefaultRequest {
        String emailPhoneUrl = MessageFormat.format("{0}?clientId={1}&token={2}", "https://open.account.xiaomi.com/user/phoneAndEmail", config
            .getClientId(), authToken.getAccessToken());

-        String emailResponse = new HttpUtils(config.getHttpConfig()).get(emailPhoneUrl);
+        String emailResponse = new HttpUtils(config.getHttpConfig()).get(emailPhoneUrl).getBody();
        JSONObject userEmailPhone = JSONObject.parseObject(emailResponse);
        if (!"error".equalsIgnoreCase(userEmailPhone.getString("result"))) {
            JSONObject emailPhone = userEmailPhone.getJSONObject("data");
@@ -0,0 +1,23 @@
+package me.zhyd.oauth.request;
+
+import me.zhyd.oauth.cache.AuthStateCache;
+import me.zhyd.oauth.config.AuthConfig;
+import me.zhyd.oauth.config.AuthDefaultSource;
+
+/**
+ * 微软中国登录(世纪华联)
+ *
+ * @author mroldx (xzfqq5201314@gmail.com)
+ * @since 1.16.4
+ */
+public class AuthMicrosoftCnRequest extends AbstractAuthMicrosoftRequest {
+
+    public AuthMicrosoftCnRequest(AuthConfig config) {
+        super(config, AuthDefaultSource.MICROSOFT_CN);
+    }
+
+    public AuthMicrosoftCnRequest(AuthConfig config, AuthStateCache authStateCache) {
+        super(config, AuthDefaultSource.MICROSOFT_CN, authStateCache);
+    }
+
+}
@@ -1,32 +1,18 @@
 package me.zhyd.oauth.request;

-import com.alibaba.fastjson.JSONObject;
-import com.xkcoding.http.support.HttpHeader;
-import com.xkcoding.http.util.MapUtil;
 import me.zhyd.oauth.cache.AuthStateCache;
 import me.zhyd.oauth.config.AuthConfig;
 import me.zhyd.oauth.config.AuthDefaultSource;
-import me.zhyd.oauth.enums.AuthResponseStatus;
-import me.zhyd.oauth.enums.AuthUserGender;
-import me.zhyd.oauth.enums.scope.AuthMicrosoftScope;
-import me.zhyd.oauth.exception.AuthException;
-import me.zhyd.oauth.model.AuthCallback;
-import me.zhyd.oauth.model.AuthResponse;
-import me.zhyd.oauth.model.AuthToken;
-import me.zhyd.oauth.model.AuthUser;
-import me.zhyd.oauth.utils.AuthScopeUtils;
-import me.zhyd.oauth.utils.HttpUtils;
-import me.zhyd.oauth.utils.UrlBuilder;
-
-import java.util.Map;

 /**
 * 微软登录
 *
 * @author yangkai.shen (https://xkcoding.com)
+ * @update:2021-08-24  mroldx (xzfqq5201314@gmail.com)
 * @since 1.5.0
 */
-public class AuthMicrosoftRequest extends AuthDefaultRequest {
+public class AuthMicrosoftRequest extends AbstractAuthMicrosoftRequest {
+
    public AuthMicrosoftRequest(AuthConfig config) {
        super(config, AuthDefaultSource.MICROSOFT);
    }
@@ -35,145 +21,4 @@ public class AuthMicrosoftRequest extends AuthDefaultRequest {
        super(config, AuthDefaultSource.MICROSOFT, authStateCache);
    }

-    @Override
-    protected AuthToken getAccessToken(AuthCallback authCallback) {
-        return getToken(accessTokenUrl(authCallback.getCode()));
-    }
-
-    /**
-     * 获取token，适用于获取access_token和刷新token
-     *
-     * @param accessTokenUrl 实际请求token的地址
-     * @return token对象
-     */
-    private AuthToken getToken(String accessTokenUrl) {
-        HttpHeader httpHeader = new HttpHeader();
-
-        Map<String, String> form = MapUtil.parseStringToMap(accessTokenUrl, false);
-
-        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl, form, httpHeader, false);
-        JSONObject accessTokenObject = JSONObject.parseObject(response);
-
-        this.checkResponse(accessTokenObject);
-
-        return AuthToken.builder()
-            .accessToken(accessTokenObject.getString("access_token"))
-            .expireIn(accessTokenObject.getIntValue("expires_in"))
-            .scope(accessTokenObject.getString("scope"))
-            .tokenType(accessTokenObject.getString("token_type"))
-            .refreshToken(accessTokenObject.getString("refresh_token"))
-            .build();
-    }
-
-    /**
-     * 检查响应内容是否正确
-     *
-     * @param object 请求响应内容
-     */
-    private void checkResponse(JSONObject object) {
-        if (object.containsKey("error")) {
-            throw new AuthException(object.getString("error_description"));
-        }
-    }
-
-    @Override
-    protected AuthUser getUserInfo(AuthToken authToken) {
-        String token = authToken.getAccessToken();
-        String tokenType = authToken.getTokenType();
-        String jwt = tokenType + " " + token;
-
-        HttpHeader httpHeader = new HttpHeader();
-        httpHeader.add("Authorization", jwt);
-
-        String userInfo = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false);
-        JSONObject object = JSONObject.parseObject(userInfo);
-        this.checkResponse(object);
-        return AuthUser.builder()
-            .rawUserInfo(object)
-            .uuid(object.getString("id"))
-            .username(object.getString("userPrincipalName"))
-            .nickname(object.getString("displayName"))
-            .location(object.getString("officeLocation"))
-            .email(object.getString("mail"))
-            .gender(AuthUserGender.UNKNOWN)
-            .token(authToken)
-            .source(source.toString())
-            .build();
-    }
-
-    /**
-     * 刷新access token （续期）
-     *
-     * @param authToken 登录成功后返回的Token信息
-     * @return AuthResponse
-     */
-    @Override
-    public AuthResponse refresh(AuthToken authToken) {
-        return AuthResponse.builder()
-            .code(AuthResponseStatus.SUCCESS.getCode())
-            .data(getToken(refreshTokenUrl(authToken.getRefreshToken())))
-            .build();
-    }
-
-    /**
-     * 返回带{@code state}参数的授权url，授权回调时会带上这个{@code state}
-     *
-     * @param state state 验证授权流程的参数，可以防止csrf
-     * @return 返回授权地址
-     * @since 1.9.3
-     */
-    @Override
-    public String authorize(String state) {
-        return UrlBuilder.fromBaseUrl(super.authorize(state))
-            .queryParam("response_mode", "query")
-            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values())))
-            .build();
-    }
-
-    /**
-     * 返回获取accessToken的url
-     *
-     * @param code 授权code
-     * @return 返回获取accessToken的url
-     */
-    @Override
-    protected String accessTokenUrl(String code) {
-        return UrlBuilder.fromBaseUrl(source.accessToken())
-            .queryParam("code", code)
-            .queryParam("client_id", config.getClientId())
-            .queryParam("client_secret", config.getClientSecret())
-            .queryParam("grant_type", "authorization_code")
-            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values())))
-            .queryParam("redirect_uri", config.getRedirectUri())
-            .build();
-    }
-
-    /**
-     * 返回获取userInfo的url
-     *
-     * @param authToken 用户授权后的token
-     * @return 返回获取userInfo的url
-     */
-    @Override
-    protected String userInfoUrl(AuthToken authToken) {
-        return UrlBuilder.fromBaseUrl(source.userInfo()).build();
-    }
-
-    /**
-     * 返回获取accessToken的url
-     *
-     * @param refreshToken 用户授权后的token
-     * @return 返回获取accessToken的url
-     */
-    @Override
-    protected String refreshTokenUrl(String refreshToken) {
-        return UrlBuilder.fromBaseUrl(source.refresh())
-            .queryParam("client_id", config.getClientId())
-            .queryParam("client_secret", config.getClientSecret())
-            .queryParam("refresh_token", refreshToken)
-            .queryParam("grant_type", "refresh_token")
-            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values())))
-            .queryParam("redirect_uri", config.getRedirectUri())
-            .build();
-    }
 }
@@ -50,7 +50,7 @@ public class AuthOktaRequest extends AuthDefaultRequest {
            .add("accept", "application/json")
            .add("content-type", "application/x-www-form-urlencoded")
            .add("Authorization", "Basic " + Base64Utils.encode(config.getClientId().concat(":").concat(config.getClientSecret())));
-        String response = new HttpUtils(config.getHttpConfig()).post(tokenUrl, null, header, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(tokenUrl, null, header, false).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        this.checkResponse(accessTokenObject);
        return AuthToken.builder()
@@ -82,7 +82,7 @@ public class AuthOktaRequest extends AuthDefaultRequest {
    protected AuthUser getUserInfo(AuthToken authToken) {
        HttpHeader header = new HttpHeader()
            .add("Authorization", "Bearer " + authToken.getAccessToken());
-        String response = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), null, header, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), null, header, false).getBody();
        JSONObject object = JSONObject.parseObject(response);
        this.checkResponse(object);
        JSONObject address = object.getJSONObject("address");
@@ -50,7 +50,7 @@ public class AuthPinterestRequest extends AuthDefaultRequest {
    protected AuthUser getUserInfo(AuthToken authToken) {
        String userinfoUrl = userInfoUrl(authToken);
        // TODO: 是否需要 .setFollowRedirects(true)
-        String response = new HttpUtils(config.getHttpConfig()).get(userinfoUrl);
+        String response = new HttpUtils(config.getHttpConfig()).get(userinfoUrl).getBody();
        JSONObject object = JSONObject.parseObject(response);
        this.checkResponse(object);
        JSONObject userObj = object.getJSONObject("data");
@@ -41,7 +41,7 @@ public class AuthProginnRequest extends AuthDefaultRequest {
        params.put("client_secret", config.getClientSecret());
        params.put("grant_type", "authorization_code");
        params.put("redirect_uri", config.getRedirectUri());
-        String response = new HttpUtils(config.getHttpConfig()).post(AuthDefaultSource.PROGINN.accessToken(), params, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(AuthDefaultSource.PROGINN.accessToken(), params, false).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        this.checkResponse(accessTokenObject);
        return AuthToken.builder()
@@ -40,7 +40,7 @@ public class AuthQqRequest extends AuthDefaultRequest {

    @Override
    public AuthResponse refresh(AuthToken authToken) {
-        String response = new HttpUtils(config.getHttpConfig()).get(refreshTokenUrl(authToken.getRefreshToken()));
+        String response = new HttpUtils(config.getHttpConfig()).get(refreshTokenUrl(authToken.getRefreshToken())).getBody();
        return AuthResponse.builder().code(AuthResponseStatus.SUCCESS.getCode()).data(getAuthToken(response)).build();
    }

@@ -82,7 +82,7 @@ public class AuthQqRequest extends AuthDefaultRequest {
        String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl("https://graph.qq.com/oauth2.0/me")
            .queryParam("access_token", authToken.getAccessToken())
            .queryParam("unionid", config.isUnionId() ? 1 : 0)
-            .build());
+            .build()).getBody();
        String removePrefix = response.replace("callback(", "");
        String removeSuffix = removePrefix.replace(");", "");
        String openId = removeSuffix.trim();
@@ -68,7 +68,7 @@ public class AuthRenrenRequest extends AuthDefaultRequest {
    }

    private AuthToken getToken(String url) {
-        String response = new HttpUtils(config.getHttpConfig()).post(url);
+        String response = new HttpUtils(config.getHttpConfig()).post(url).getBody();
        JSONObject jsonObject = JSONObject.parseObject(response);
        if (jsonObject.containsKey("error")) {
            throw new AuthException("Failed to get token from Renren: " + jsonObject);
@@ -38,7 +38,8 @@ public class AuthSlackRequest extends AuthDefaultRequest {
    protected AuthToken getAccessToken(AuthCallback authCallback) {
        HttpHeader header = new HttpHeader()
            .add("Content-Type", "application/x-www-form-urlencoded");
-        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl(authCallback.getCode()), null, header, false);
+        String response = new HttpUtils(config.getHttpConfig())
+            .get(accessTokenUrl(authCallback.getCode()), null, header, false).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        this.checkResponse(accessTokenObject);
        return AuthToken.builder()
@@ -54,7 +55,8 @@ public class AuthSlackRequest extends AuthDefaultRequest {
        HttpHeader header = new HttpHeader()
            .add("Content-Type", "application/x-www-form-urlencoded")
            .add("Authorization", "Bearer ".concat(authToken.getAccessToken()));
-        String userInfo = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, header, false);
+        String userInfo = new HttpUtils(config.getHttpConfig())
+            .get(userInfoUrl(authToken), null, header, false).getBody();
        JSONObject object = JSONObject.parseObject(userInfo);
        this.checkResponse(object);
        JSONObject user = object.getJSONObject("user");
@@ -77,7 +79,8 @@ public class AuthSlackRequest extends AuthDefaultRequest {
        HttpHeader header = new HttpHeader()
            .add("Content-Type", "application/x-www-form-urlencoded")
            .add("Authorization", "Bearer ".concat(authToken.getAccessToken()));
-        String userInfo = new HttpUtils(config.getHttpConfig()).get(source.revoke(), null, header, false);
+        String userInfo = new HttpUtils(config.getHttpConfig())
+            .get(source.revoke(), null, header, false).getBody();
        JSONObject object = JSONObject.parseObject(userInfo);
        this.checkResponse(object);
        // 返回1表示取消授权成功，否则失败
@@ -42,7 +42,7 @@ public class AuthStackOverflowRequest extends AuthDefaultRequest {
        Map<String, String> form = MapUtil.parseStringToMap(accessTokenUrl, false);
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add(Constants.CONTENT_TYPE, "application/x-www-form-urlencoded");
-        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl, form, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(accessTokenUrl, form, httpHeader, false).getBody();

        JSONObject accessTokenObject = JSONObject.parseObject(response);
        this.checkResponse(accessTokenObject);
@@ -60,7 +60,7 @@ public class AuthStackOverflowRequest extends AuthDefaultRequest {
            .queryParam("site", "stackoverflow")
            .queryParam("key", this.config.getStackOverflowKey())
            .build();
-        String response = new HttpUtils(config.getHttpConfig()).get(userInfoUrl);
+        String response = new HttpUtils(config.getHttpConfig()).get(userInfoUrl).getBody();
        JSONObject object = JSONObject.parseObject(response);
        this.checkResponse(object);
        JSONObject userObj = object.getJSONArray("items").getJSONObject(0);
@@ -81,7 +81,7 @@ public class AuthTaobaoRequest extends AuthDefaultRequest {
    @Override
    public AuthResponse refresh(AuthToken oldToken) {
        String tokenUrl = refreshTokenUrl(oldToken.getRefreshToken());
-        String response = new HttpUtils(config.getHttpConfig()).post(tokenUrl);
+        String response = new HttpUtils(config.getHttpConfig()).post(tokenUrl).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        return AuthResponse.builder()
            .code(AuthResponseStatus.SUCCESS.getCode())
@@ -45,7 +45,7 @@ public class AuthTeambitionRequest extends AuthDefaultRequest {
        form.put("code", authCallback.getCode());
        form.put("grant_type", "code");

-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, false).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);

        this.checkResponse(accessTokenObject);
@@ -63,7 +63,8 @@ public class AuthTeambitionRequest extends AuthDefaultRequest {
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Authorization", "OAuth2 " + accessToken);

-        String response = new HttpUtils(config.getHttpConfig()).get(source.userInfo(), null, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig())
+            .get(source.userInfo(), null, httpHeader, false).getBody();
        JSONObject object = JSONObject.parseObject(response);

        this.checkResponse(object);
@@ -93,7 +94,7 @@ public class AuthTeambitionRequest extends AuthDefaultRequest {
        Map<String, String> form = new HashMap<>(4);
        form.put("_userId", uid);
        form.put("refresh_token", refreshToken);
-        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, false).getBody();
        JSONObject refreshTokenObject = JSONObject.parseObject(response);

        this.checkResponse(refreshTokenObject);
@@ -72,7 +72,7 @@ public class AuthTwitterRequest extends AuthDefaultRequest {
        httpHeader.add("User-Agent", "themattharris' HTTP Client");
        httpHeader.add("Host", "api.twitter.com");
        httpHeader.add("Accept", "*/*");
-        String requestToken = new HttpUtils(config.getHttpConfig()).post(baseUrl, null, httpHeader);
+        String requestToken = new HttpUtils(config.getHttpConfig()).post(baseUrl, null, httpHeader).getBody();

        Map<String, String> res = MapUtil.parseStringToMap(requestToken, false);

@@ -104,7 +104,7 @@ public class AuthTwitterRequest extends AuthDefaultRequest {

        Map<String, String> form = new HashMap<>(3);
        form.put("oauth_verifier", authCallback.getOauth_verifier());
-        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, httpHeader, false).getBody();

        Map<String, String> requestToken = MapUtil.parseStringToMap(response, false);

@@ -132,7 +132,8 @@ public class AuthTwitterRequest extends AuthDefaultRequest {

        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Authorization", header);
-        String response = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false);
+        String response = new HttpUtils(config.getHttpConfig())
+            .get(userInfoUrl(authToken), null, httpHeader, false).getBody();
        JSONObject userInfo = JSONObject.parseObject(response);

        return AuthUser.builder()
@@ -75,7 +75,7 @@ public class AuthWeChatEnterpriseThirdQrcodeRequest extends AbstractAuthWeChatEn
        JSONObject data = new JSONObject();
        data.put("corpid", config.getClientId());
        data.put("provider_secret", config.getClientSecret());
-        return new HttpUtils(config.getHttpConfig()).post(accessTokenUrl(code), data.toJSONString());
+        return new HttpUtils(config.getHttpConfig()).post(accessTokenUrl(code), data.toJSONString()).getBody();
    }

    /**
@@ -96,13 +96,15 @@ public class AuthWeChatEnterpriseThirdQrcodeRequest extends AbstractAuthWeChatEn
            .build();
    }

+    @Override
    protected String doGetUserInfo(AuthToken authToken) {
        JSONObject data = new JSONObject();
        data.put("auth_code", authToken.getCode());
        return new HttpUtils(config.getHttpConfig())
-            .post(userInfoUrl(authToken), data.toJSONString());
+            .post(userInfoUrl(authToken), data.toJSONString()).getBody();
    }

+    @Override
    protected String userInfoUrl(AuthToken authToken) {
        return UrlBuilder.fromBaseUrl(source.userInfo())
            .queryParam("access_token", authToken.getAccessToken()).
@@ -97,7 +97,7 @@ public class AuthWeChatMpRequest extends AuthDefaultRequest {
     * @return token对象
     */
    private AuthToken getToken(String accessTokenUrl) {
-        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl);
+        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);

        this.checkResponse(accessTokenObject);
@@ -94,7 +94,7 @@ public class AuthWeChatOpenRequest extends AuthDefaultRequest {
     * @return token对象
     */
    private AuthToken getToken(String accessTokenUrl) {
-        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl);
+        String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);

        this.checkResponse(accessTokenObject);
@@ -56,7 +56,8 @@ public class AuthWeiboRequest extends AuthDefaultRequest {
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Authorization", "OAuth2 " + oauthParam);
        httpHeader.add("API-RemoteIP", IpUtils.getLocalIp());
-        String userInfo = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false);
+        String userInfo = new HttpUtils(config.getHttpConfig())
+            .get(userInfoUrl(authToken), null, httpHeader, false).getBody();
        JSONObject object = JSONObject.parseObject(userInfo);
        if (object.containsKey("error")) {
            throw new AuthException(object.getString("error"));
@@ -50,7 +50,7 @@ public class AuthXmlyRequest extends AuthDefaultRequest {
        map.put("device_id", config.getDeviceId());
        map.put("grant_type", "authorization_code");
        map.put("redirect_uri", config.getRedirectUri());
-        String response = HttpUtil.post(source.accessToken(), map, true);
+        String response = HttpUtil.post(source.accessToken(), map, true).getBody();
        JSONObject accessTokenObject = JSONObject.parseObject(response);
        this.checkResponse(accessTokenObject);

@@ -97,7 +97,7 @@ public class AuthXmlyRequest extends AuthDefaultRequest {
        map.put("pack_id", config.getPackId());
        map.put("access_token", authToken.getAccessToken());
        map.put("sig", GlobalAuthUtils.generateXmlySignature(map, config.getClientSecret()));
-        String rawUserInfo = HttpUtil.get(source.userInfo(), map, false);
+        String rawUserInfo = HttpUtil.get(source.userInfo(), map, false).getBody();
        JSONObject object = JSONObject.parseObject(rawUserInfo);
        checkResponse(object);
        return AuthUser.builder()
@@ -27,9 +27,6 @@ public class AuthChecker {
    public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
        boolean isSupported = StringUtils.isNotEmpty(config.getClientId())
            && StringUtils.isNotEmpty(config.getClientSecret());
-        if (isSupported && AuthDefaultSource.ALIPAY == source) {
-            isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
-        }
        if (isSupported && AuthDefaultSource.STACK_OVERFLOW == source) {
            isSupported = StringUtils.isNotEmpty(config.getStackOverflowKey());
        }
@@ -71,9 +68,14 @@ public class AuthChecker {
            // Facebook's redirect uri must use the HTTPS protocol
            throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
        }
-        // 支付宝在创建回调地址时，不允许使用localhost或者127.0.0.1
-        if (AuthDefaultSource.ALIPAY == source && GlobalAuthUtils.isLocalHost(redirectUri)) {
-            // The redirect uri of alipay is forbidden to use localhost or 127.0.0.1
+        // 微软的回调地址必须为https的链接或者localhost,不允许使用http
+        if (AuthDefaultSource.MICROSOFT == source && !GlobalAuthUtils.isHttpsProtocolOrLocalHost(redirectUri)) {
+            // Microsoft's redirect uri must use the HTTPS or localhost
+            throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
+        }
+        // 微软中国的回调地址必须为https的链接或者localhost,不允许使用http
+        if (AuthDefaultSource.MICROSOFT_CN == source && !GlobalAuthUtils.isHttpsProtocolOrLocalHost(redirectUri)) {
+            // Microsoft's redirect uri must use the HTTPS or localhost
            throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
        }
    }
@@ -93,9 +95,7 @@ public class AuthChecker {
            return;
        }
        String code = callback.getCode();
-        if (source == AuthDefaultSource.ALIPAY) {
-            code = callback.getAuth_code();
-        } else if (source == AuthDefaultSource.HUAWEI) {
+        if (source == AuthDefaultSource.HUAWEI) {
            code = callback.getAuthorization_code();
        }
        if (StringUtils.isEmpty(code)) {
@@ -175,6 +175,19 @@ public class GlobalAuthUtils {
        return StringUtils.isEmpty(url) || url.contains("127.0.0.1") || url.contains("localhost");
    }

+    /**
+     * 是否为https协议或本地主机（域名）
+     *
+     * @param url 待验证的url
+     * @return true: https协议或本地主机 false: 非https协议或本机主机
+     */
+    public static boolean isHttpsProtocolOrLocalHost(String url) {
+        if (StringUtils.isEmpty(url)) {
+            return false;
+        }
+        return isHttpsProtocol(url) || isLocalHost(url);
+    }
+

    /**
     * Generate nonce with given length
@@ -3,17 +3,22 @@ package me.zhyd.oauth.utils;
 import com.xkcoding.http.HttpUtil;
 import com.xkcoding.http.config.HttpConfig;
 import com.xkcoding.http.support.HttpHeader;
+import com.xkcoding.http.support.SimpleHttpResponse;
+import me.zhyd.oauth.exception.AuthException;

 import java.util.Map;

 /**
 * HttpUtil 工具，统一处理 http 请求，方便对 simple-http 做定制
+ *
 * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
 * @version 1.0.0
 * @since 1.0.0
 */
 public class HttpUtils {

+    private SimpleHttpResponse httpResponse;
+
    public HttpUtils(HttpConfig config) {
        HttpUtil.setConfig(config);
    }
@@ -26,10 +31,11 @@ public class HttpUtils {
     * GET 请求
     *
     * @param url URL
-     * @return 结果
+     * @return HttpUtils
     */
-    public String get(String url) {
-        return HttpUtil.get(url);
+    public HttpUtils get(String url) {
+        this.httpResponse = HttpUtil.get(url, null, null, false);
+        return this;
    }

    /**
@@ -39,20 +45,22 @@ public class HttpUtils {
     * @param params 参数
     * @param header 请求头
     * @param encode 是否需要 url encode
-     * @return 结果
+     * @return HttpUtils
     */
-    public String get(String url, Map<String, String> params, HttpHeader header, boolean encode) {
-        return HttpUtil.get(url, params, header, encode);
+    public HttpUtils get(String url, Map<String, String> params, HttpHeader header, boolean encode) {
+        this.httpResponse = HttpUtil.get(url, params, header, encode);
+        return this;
    }

    /**
     * POST 请求
     *
     * @param url URL
-     * @return 结果
+     * @return HttpUtils
     */
-    public String post(String url) {
-        return HttpUtil.post(url);
+    public HttpUtils post(String url) {
+        this.httpResponse = HttpUtil.post(url);
+        return this;
    }

    /**
@@ -60,10 +68,11 @@ public class HttpUtils {
     *
     * @param url  URL
     * @param data JSON 参数
-     * @return 结果
+     * @return HttpUtils
     */
-    public String post(String url, String data) {
-        return HttpUtil.post(url, data);
+    public HttpUtils post(String url, String data) {
+        this.httpResponse = HttpUtil.post(url, data);
+        return this;
    }

    /**
@@ -72,10 +81,11 @@ public class HttpUtils {
     * @param url    URL
     * @param data   JSON 参数
     * @param header 请求头
-     * @return 结果
+     * @return HttpUtils
     */
-    public String post(String url, String data, HttpHeader header) {
-        return HttpUtil.post(url, data, header);
+    public HttpUtils post(String url, String data, HttpHeader header) {
+        this.httpResponse = HttpUtil.post(url, data, header);
+        return this;
    }

    /**
@@ -84,10 +94,11 @@ public class HttpUtils {
     * @param url    URL
     * @param params form 参数
     * @param encode 是否需要 url encode
-     * @return 结果
+     * @return HttpUtils
     */
-    public String post(String url, Map<String, String> params, boolean encode) {
-        return HttpUtil.post(url, params, encode);
+    public HttpUtils post(String url, Map<String, String> params, boolean encode) {
+        this.httpResponse = HttpUtil.post(url, params, encode);
+        return this;
    }

    /**
@@ -97,9 +108,28 @@ public class HttpUtils {
     * @param params form 参数
     * @param header 请求头
     * @param encode 是否需要 url encode
-     * @return 结果
+     * @return HttpUtils
     */
-    public String post(String url, Map<String, String> params, HttpHeader header, boolean encode) {
-        return HttpUtil.post(url, params, header, encode);
+    public HttpUtils post(String url, Map<String, String> params, HttpHeader header, boolean encode) {
+        this.httpResponse = HttpUtil.post(url, params, header, encode);
+        return this;
+    }
+
+    private HttpUtils check() {
+        if (null == httpResponse) {
+            throw new AuthException("Invalid SimpleHttpResponse.");
+        }
+        if (!httpResponse.isSuccess()) {
+            throw new AuthException(httpResponse.getError());
+        }
+        return this;
+    }
+
+    public String getBody() {
+        return this.check().getHttpResponse().getBody();
+    }
+
+    public SimpleHttpResponse getHttpResponse() {
+        return httpResponse;
    }
 }
@@ -3,10 +3,7 @@ package me.zhyd.oauth;
 import me.zhyd.oauth.config.AuthConfig;
 import me.zhyd.oauth.config.AuthDefaultSource;
 import me.zhyd.oauth.config.AuthExtendSource;
-import me.zhyd.oauth.request.AuthExtendRequest;
-import me.zhyd.oauth.request.AuthGiteeRequest;
-import me.zhyd.oauth.request.AuthGithubRequest;
-import me.zhyd.oauth.request.AuthRequest;
+import me.zhyd.oauth.request.*;
 import me.zhyd.oauth.utils.AuthStateUtils;
 import org.junit.Assert;
 import org.junit.Test;
@@ -75,31 +72,39 @@ public class AuthRequestBuilderTest {
     */
    @Test
    public void build4() {
+        AuthConfig config = AuthConfig.builder()
+            .clientId("a")
+            .clientSecret("a")
+            .redirectUri("https://www.justauth.cn")
+            .authServerId("asd")
+            .agentId("asd")
+            .domainPrefix("asd")
+            .stackOverflowKey("asd")
+            .deviceId("asd")
+            .clientOsType(3)
+            .build();
+
        for (AuthDefaultSource value : AuthDefaultSource.values()) {
-            if (value == AuthDefaultSource.TWITTER) {
-                System.out.println(value.getTargetClass());
-                System.out.println("忽略 twitter");
-                continue;
+            switch (value) {
+                case TWITTER:
+                    System.out.println(value.getTargetClass());
+                    System.out.println("忽略 twitter");
+                    continue;
+                case ALIPAY: {
+                    // 单独给Alipay执行测试
+                    AuthRequest authRequest = new AuthAlipayRequest(config, "asd");
+                    System.out.println(value.getTargetClass());
+                    System.out.println(authRequest.authorize(AuthStateUtils.createState()));
+                    continue;
+                }
+                default:
+                    AuthRequest authRequest = AuthRequestBuilder.builder()
+                        .source(value.getName())
+                        .authConfig(config)
+                        .build();
+                    System.out.println(value.getTargetClass());
+                    System.out.println(authRequest.authorize(AuthStateUtils.createState()));
            }
-            AuthRequest authRequest = AuthRequestBuilder.builder()
-                .source(value.getName())
-                .authConfig(AuthConfig.builder()
-                    .clientId("a")
-                    .clientSecret("a")
-                    .redirectUri("https://www.justauth.cn")
-                    .alipayPublicKey("asd")
-                    .authServerId("asd")
-                    .agentId("asd")
-                    .domainPrefix("asd")
-                    .stackOverflowKey("asd")
-
-                    .deviceId("asd")
-                    .clientOsType(3)
-                    .build())
-                .build();
-            System.out.println(value.getTargetClass());
-            System.out.println(authRequest.authorize(AuthStateUtils.createState()));
        }
-
    }
 }
Author	SHA1	Message	Date
yadong.zhang	02674049d0	📝 更新说明	2021-10-18 10:03:14 +08:00
yadong.zhang	f1714726f5	Merge branch 'carldea/master' into dev	2021-10-18 09:55:40 +08:00
yadong.zhang	a3108caccf	🐛 修复 alipay 登录失败的 BUG	2021-10-16 19:11:24 +08:00
yadong.zhang	e134dd06b0	⬆️ 升级alipay-sdk-version的依赖版本	2021-10-16 19:10:50 +08:00
yadong.zhang	172ba7be55	💩 修改用户logo的尺寸	2021-10-16 19:10:24 +08:00
Carl Dea	f9e3053ecc	Using TCK Tested JDK builds of OpenJDK The AdoptOpenJDK has been discontinued since July 2021. When using Zulu you get all the latest updated (TCK Tested) builds for all versions of OpenJDK included archived major fixed versions.	2021-09-27 14:37:10 -04:00
Carl Dea	99c9ba2854	Using TCK Tested JDK builds of OpenJDK The AdoptOpenJDK has been discontinued since July 2021. When using Zulu you get all the latest updated (TCK Tested) builds for all versions of OpenJDK included archived major fixed versions.	2021-09-27 14:36:33 -04:00
yadong.zhang	544ffd5372	💩 修复s一样的代码	2021-09-22 17:47:12 +08:00
yadong.zhang	522ebbfa7f	📝 编写文档	2021-09-22 17:16:43 +08:00
yadong.zhang	497498dbf4	Merge pull request #134 from verils/remove-provider-specific-properties 把Alipay独有的配置从AuthConfig里提取出来	2021-09-20 07:51:16 -05:00
yadong.zhang	62cd7af619	Merge pull request #133 from kang8/test refactor: 重构 workflow	2021-09-20 07:43:28 -05:00
yadong.zhang	3a3f69692c	📝 编写文档	2021-09-20 20:39:49 +08:00
yadong.zhang	c87015e34f	📝 编写文档	2021-09-20 20:37:24 +08:00
yadong.zhang	96773dd92d	⬆️ 升级第三方的依赖	2021-09-20 20:37:10 +08:00
yadong.zhang	644ef02264	⬆️ 升级 simple-http 到 1.0.5	2021-09-18 00:35:42 +08:00
verils	4c205a9957	把第三方服务独有的配置从AuthConfig里提取出来	2021-09-01 12:42:41 +08:00
kang	ea70c5fc81	ci: 快照版本切换，使用 python 脚本替换 maven 插件	2021-08-27 08:12:41 +08:00
kang	9ced525309	refactor: 重构流水线构建	2021-08-27 08:05:24 +08:00
yadong.zhang	2de0ad5013	!28 添加微软中国(世纪互联)第三方登录,新增微软方式登录的redirectUri校验 Merge pull request !28 from mroldx/dev	2021-08-26 12:06:43 +00:00
974751082@qq.com	23b7bcf43d	添加微软中国(世纪华联)第三方登录,新增微软方式登录的redirectUri校验	2021-08-25 23:06:29 +08:00
yadong.zhang	976b7d8b2b	Create FUNDING.yml	2021-08-16 12:09:01 +08:00
@@ -1 +1 @@
 .16.3
 .16.4