iSharkFly-Open/JustAuth
1
0
Fork 0
mirror of synced 2026-05-22 21:53:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: iSharkFly-Open/JustAuth:v1.6.0-beta
Branches Tags
iSharkFly-Open/JustAuth:master iSharkFly-Open/JustAuth:dependabot/maven/org.bouncycastle-bcpkix-jdk18on-1.84 iSharkFly-Open/JustAuth:dev iSharkFly-Open/JustAuth:v1.15.9
iSharkFly-Open/JustAuth:v1.16.7 iSharkFly-Open/JustAuth:v1.16.6 iSharkFly-Open/JustAuth:v1.16.5 iSharkFly-Open/JustAuth:v1.16.4 iSharkFly-Open/JustAuth:v1.16.3 iSharkFly-Open/JustAuth:v1.16.2 iSharkFly-Open/JustAuth:v1.16.1 iSharkFly-Open/JustAuth:v1.16.0 iSharkFly-Open/JustAuth:v1.15.9 iSharkFly-Open/JustAuth:v1.15.8 iSharkFly-Open/JustAuth:v1.15.7 iSharkFly-Open/JustAuth:v1.15.7-beta.3 iSharkFly-Open/JustAuth:v1.15.7-beta.2 iSharkFly-Open/JustAuth:v1.15.7-beta.1 iSharkFly-Open/JustAuth:1.15.6 iSharkFly-Open/JustAuth:1.15.5 iSharkFly-Open/JustAuth:1.15.4-alpha iSharkFly-Open/JustAuth:1.15.3-alpha iSharkFly-Open/JustAuth:1.15.2-alpha iSharkFly-Open/JustAuth:v.1.15.1 iSharkFly-Open/JustAuth:v1.14.0 iSharkFly-Open/JustAuth:v1.13.2 iSharkFly-Open/JustAuth:v1.13.1 iSharkFly-Open/JustAuth:v1.13.0 iSharkFly-Open/JustAuth:v1.12.0 iSharkFly-Open/JustAuth:v1.11.0 iSharkFly-Open/JustAuth:v1.10.1 iSharkFly-Open/JustAuth:v1.10.0 iSharkFly-Open/JustAuth:v1.9.5 iSharkFly-Open/JustAuth:v1.9.4 iSharkFly-Open/JustAuth:v1.9.3 iSharkFly-Open/JustAuth:v1.9.2 iSharkFly-Open/JustAuth:v1.9.1 iSharkFly-Open/JustAuth:v1.9.0 iSharkFly-Open/JustAuth:v1.8.1 iSharkFly-Open/JustAuth:v1.8.0 iSharkFly-Open/JustAuth:v1.7.1 iSharkFly-Open/JustAuth:v1.7.0 iSharkFly-Open/JustAuth:v1.6.1-beta iSharkFly-Open/JustAuth:v1.6.0-beta iSharkFly-Open/JustAuth:v1.5.1 iSharkFly-Open/JustAuth:v1.4.0 iSharkFly-Open/JustAuth:v1.3.3 iSharkFly-Open/JustAuth:v1.3.1 iSharkFly-Open/JustAuth:v1.3.0 iSharkFly-Open/JustAuth:v1.2.0 iSharkFly-Open/JustAuth:v1.1.0 iSharkFly-Open/JustAuth:v1.0.1 iSharkFly-Open/JustAuth:v1.0.0
...
compare: iSharkFly-Open/JustAuth:v1.8.1
Branches Tags
iSharkFly-Open/JustAuth:dependabot/maven/org.bouncycastle-bcpkix-jdk18on-1.84 iSharkFly-Open/JustAuth:master iSharkFly-Open/JustAuth:dev iSharkFly-Open/JustAuth:v1.15.9
iSharkFly-Open/JustAuth:v1.16.7 iSharkFly-Open/JustAuth:v1.16.6 iSharkFly-Open/JustAuth:v1.16.5 iSharkFly-Open/JustAuth:v1.16.4 iSharkFly-Open/JustAuth:v1.16.3 iSharkFly-Open/JustAuth:v1.16.2 iSharkFly-Open/JustAuth:v1.16.1 iSharkFly-Open/JustAuth:v1.16.0 iSharkFly-Open/JustAuth:v1.15.9 iSharkFly-Open/JustAuth:v1.15.8 iSharkFly-Open/JustAuth:v1.15.7 iSharkFly-Open/JustAuth:v1.15.7-beta.3 iSharkFly-Open/JustAuth:v1.15.7-beta.2 iSharkFly-Open/JustAuth:v1.15.7-beta.1 iSharkFly-Open/JustAuth:1.15.6 iSharkFly-Open/JustAuth:1.15.5 iSharkFly-Open/JustAuth:1.15.4-alpha iSharkFly-Open/JustAuth:1.15.3-alpha iSharkFly-Open/JustAuth:1.15.2-alpha iSharkFly-Open/JustAuth:v.1.15.1 iSharkFly-Open/JustAuth:v1.14.0 iSharkFly-Open/JustAuth:v1.13.2 iSharkFly-Open/JustAuth:v1.13.1 iSharkFly-Open/JustAuth:v1.13.0 iSharkFly-Open/JustAuth:v1.12.0 iSharkFly-Open/JustAuth:v1.11.0 iSharkFly-Open/JustAuth:v1.10.1 iSharkFly-Open/JustAuth:v1.10.0 iSharkFly-Open/JustAuth:v1.9.5 iSharkFly-Open/JustAuth:v1.9.4 iSharkFly-Open/JustAuth:v1.9.3 iSharkFly-Open/JustAuth:v1.9.2 iSharkFly-Open/JustAuth:v1.9.1 iSharkFly-Open/JustAuth:v1.9.0 iSharkFly-Open/JustAuth:v1.8.1 iSharkFly-Open/JustAuth:v1.8.0 iSharkFly-Open/JustAuth:v1.7.1 iSharkFly-Open/JustAuth:v1.7.0 iSharkFly-Open/JustAuth:v1.6.1-beta iSharkFly-Open/JustAuth:v1.6.0-beta iSharkFly-Open/JustAuth:v1.5.1 iSharkFly-Open/JustAuth:v1.4.0 iSharkFly-Open/JustAuth:v1.3.3 iSharkFly-Open/JustAuth:v1.3.1 iSharkFly-Open/JustAuth:v1.3.0 iSharkFly-Open/JustAuth:v1.2.0 iSharkFly-Open/JustAuth:v1.1.0 iSharkFly-Open/JustAuth:v1.0.1 iSharkFly-Open/JustAuth:v1.0.0

50 Commits
v1.6.0-beta ... v1.8.1

Author SHA1 Message Date
yadong.zhang 3b80e11824 💡 添加源码注释 2019-07-15 19:17:22 +08:00
yadong.zhang 44bb03d63f 新增AuthState类,内置默认的state生成规则和校验规则 2019-07-15 17:46:37 +08:00
yadong.zhang bfe2122962 🎨 将枚举类移到enums包下 2019-07-15 10:40:42 +08:00
yadong.zhang fa2b9114d1 📝 编写文档 2019-07-15 10:25:41 +08:00
yadong.zhang 93bee4f5d9 🔀 合并Braavos96提交的github PR #16 2019-07-12 09:47:03 +08:00
yadong.zhang 5c0b8eb94a Merge pull request #16 from Diffblue-benchmarks/add-diffblue-tests 
Add unit tests for me.zhyd.oauth.utils.GlobalAuthUtil
 2019-07-12 09:29:25 +08:00
Eric Hettiaratchi e03088a9b4 Add unit tests for me.zhyd.oauth.utils.GlobalAuthUtil 
These tests were written using Diffblue Cover.
 2019-07-10 14:29:21 +01:00
yadong.zhang 41a52767b3 📝 编写文档 2019-06-29 15:52:50 +08:00
yadong.zhang 88048b7637 📝 编写文档 2019-06-29 15:12:49 +08:00
yadong.zhang 186ee58b72 修改测试代码 2019-06-29 07:36:08 +08:00
yadong.zhang fa51358072 📌 升级hutool版本 2019-06-28 23:08:09 +08:00
yadong.zhang 80329c2496 全面开启state校验 2019-06-28 22:58:34 +08:00
yadong.zhang 78988555b0 🍻 完善百度登录,增加gitee登录的state校验 2019-06-28 21:33:49 +08:00
yadong.zhang ac4ede74bf 👽 修改login方法的参数为AuthCallback,封装回调返回的参数、支持state参数、增加code和state参数校验 2019-06-27 19:39:21 +08:00
yadong.zhang 9941ce7e2a Merge branch 'master' of https://gitee.com/yadong.zhang/JustAuth 2019-06-26 21:53:28 +08:00
yadong.zhang 4f594a4178 📝 更新githubapi文档 2019-06-26 21:52:16 +08:00
yadong.zhang b9268f296b Merge remote-tracking branch 'origin/master' 2019-06-25 19:33:27 +08:00
yadong.zhang 1c30f6ab2f 🎨 适配qq授权登录时开发者账号没有申请unionId权限而导致报错的问题 2019-06-25 19:32:18 +08:00
yadong.zhang af7baa924c 📝 Writing docs. 2019-06-22 08:10:09 +08:00
yadong.zhang 9902e7eb0d !4 优化微博登录 
Merge pull request !4 from skqing/master
 2019-06-22 07:43:45 +08:00
yadong.zhang 739fa786ce Merge pull request #15 from xkcoding/patch-4 
调整部分代码
 2019-06-22 07:34:23 +08:00
Yangkai.Shen 6f1cead802 ♻️ 枚举类使用==替换equals,提高性能 
参考:https://github.com/giantray/stackoverflow-java-top-qa/blob/master/contents/comparing-java-enum-members-or-equals.md
 2019-06-21 15:37:42 +08:00
Yangkai.Shen 374b71e5fe ♻️ 去除工具类方法,使用原生方法 2019-06-21 15:36:41 +08:00
Yangkai.Shen 9d1ab36e21 ♻️ 使用 StandardCharsets.UTF_8 替换 字符串UTF-8 
1. 字符串形式的 utf-8 会抛异常
2. Charset 的性能要好
 2019-06-21 15:34:38 +08:00
Yangkai.Shen b8d9f2ebc9 🐛 修复小米 scope 错误 2019-06-21 15:32:30 +08:00
skqing c201a9ac90 优化微博登录: 
1.remind_in:该参数即将废弃,开发者请使用expires_in
2.uid作为openid,否则openid为空,理论上uid也是可以作为openid的
 2019-06-21 11:29:20 +08:00
yadong.zhang 12ec6226bc 📝 编写文档 2019-06-20 10:28:29 +08:00
yadong.zhang 9a62332f30 📝 编写文档 2019-06-20 10:25:22 +08:00
yadong.zhang a962c96a2c Merge pull request #14 from xkcoding/refactor-v1.6.0-beta 
🏗️ 架构调整,简化代码
 2019-06-20 10:24:07 +08:00
yadong.zhang d442018c02 Merge branch 'master' into refactor-v1.6.0-beta 2019-06-20 10:23:41 +08:00
yadong.zhang 8d6d4533e4 🔀 合并Gitee上的pr 2019-06-20 10:19:20 +08:00
yadong.zhang 2f88c23405 🔀 合并github中的pr 2019-06-20 10:10:18 +08:00
yadong.zhang cf74f811fa 📝 编写文档 2019-06-19 20:01:03 +08:00
Yangkai.Shen bb613010dc 🏗️ 架构调整,简化代码 2019-06-19 18:16:13 +08:00
skqing 7ace410351 解决抖音登录问题: 
1.抖音的client_id换成client_key了
2.抖音的地址后面必须加上/否则报错
 2019-06-19 17:14:14 +08:00
yadong.zhang 65daa0592a 🚑 增加alipay授权参数的验证,修改部分命名 2019-06-19 16:48:09 +08:00
yadong.zhang 25424023c4 🔀 合并代码 2019-06-19 10:10:20 +08:00
yadong.zhang 67579bfb07 🍻 qq登录时根据openid和unionid选择合适的值作为uuid 2019-06-19 10:06:15 +08:00
yadong.zhang 458de3840d Merge remote-tracking branch 'origin/master' 
# Conflicts:
#	src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java
#	src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
 2019-06-19 10:04:47 +08:00
yadong.zhang 1c1d2dc9db !2 修复最近提出一些问题和BUG 
Merge pull request !2 from skqing/master
 2019-06-19 10:01:59 +08:00
yadong.zhang f5de7f93b5 🍻 解决Issue #IY1QR 增加对Config属性的校验功能,主要校验redirect uri的合法性 2019-06-19 09:56:28 +08:00
skqing dcf5f30e61 修复以下问题: 
QQ登录未获取真正的uuid
部分Request封装AuthUser时缺少gender属性
location属性设置方式不一致
钉钉登录获取用户信息忽略了openid
钉钉登录回调报错 bug
 2019-06-19 09:51:43 +08:00
yadong.zhang e534a4b62e 🍻 解决Issue #IY2FV 2019-06-18 19:56:00 +08:00
yadong.zhang 42ede32fc5 🍻 醉酒写代码 2019-06-18 19:51:53 +08:00
yadong.zhang c0dd700b0a 🎨 解决Issue #IY2OH 2019-06-18 19:27:11 +08:00
yadong.zhang f32c341b63 🎨 解决Issue #IY2HW 2019-06-18 19:21:05 +08:00
yadong.zhang 82358cbddb !1 修复钉钉回调JSON解析用户信息异常问题 
Merge pull request !1 from skqing/master
 2019-06-18 19:04:18 +08:00
skqing 56df9bc1b0 针对钉钉登录增加AuthToken属性 2019-06-18 14:55:28 +08:00
skqing 438660621e 解决钉钉回调异常问题 https://gitee.com/yadong.zhang/JustAuth/issues/IY1Z3 2019-06-18 14:20:05 +08:00
yadong.zhang 937fba37f5 📝 编写文档 2019-06-06 19:35:58 +08:00
69 changed files with 1452 additions and 1103 deletions
Expand all files Collapse all files
README.md
+22 -10
View File
@@ -6,7 +6,7 @@
</p>
<p align="center">
<a target="_blank" href="https://search.maven.org/search?q=JustAuth">
<img src="https://img.shields.io/badge/Maven Central-1.5.1-blue.svg" ></img>
<img src="https://img.shields.io/badge/Maven Central-1.8.1-blue.svg" ></img>
</a>
<a target="_blank" href="https://gitee.com/yadong.zhang/JustAuth/blob/master/LICENSE">
<img src="https://img.shields.io/apm/l/vim-mode.svg?color=yellow" ></img>
@@ -14,6 +14,9 @@
<a target="_blank" href="https://www.oracle.com/technetwork/java/javase/downloads/index.html">
<img src="https://img.shields.io/badge/JDK-1.8+-green.svg" ></img>
</a>
<a target="_blank" href="https://apidoc.gitee.com/yadong.zhang/JustAuth/">
<img src="https://img.shields.io/badge/Docs-1.8.1-orange.svg" ></img>
</a>
</p>
<center>
@@ -42,6 +45,7 @@
</tr>
</table>
</center>
-------------------------------------------------------------------------------
@@ -64,7 +68,7 @@ JustAuth,如你所见,它仅仅是一个**第三方授权登录**的**工具
<dependency>
<groupId>me.zhyd.oauth</groupId>
<artifactId>JustAuth</artifactId>
<version>1.6.0-beta</version>
<version>1.8.1</version>
</dependency>
```
- 调用api
@@ -74,38 +78,42 @@ AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder()
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 生成授权页面
authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的参数
authRequest.login(callback);
```
注:`1.8.0`版本后,增加了`state`参数校验,用于防止[CSRF](https://zh.wikipedia.org/wiki/%E8%B7%A8%E7%AB%99%E8%AF%B7%E6%B1%82%E4%BC%AA%E9%80%A0)。强烈建议,保证单次流程内`state`的唯一性,且每个`state`只可用一次。
**配套Demo**[JustAuth-demo](https://gitee.com/yadong.zhang/JustAuth-demo)
具体的例子可以参考:
- [实现Gitee授权登录](http://t.cn/ExDKxQs)
- [实现Github授权登录](http://t.cn/EJ0Fxqo)
- [Spring Boot 快速集成第三方登录功能](http://t.cn/AiWWx5kH)
#### API列表
| :computer: 平台 | :coffee: API类 | :page_facing_up: SDK |
|:------:|:-------:|:-------:|
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/gitee.png" width="20"> | [AuthGiteeRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java) | <a href="https://gitee.com/api/v5/oauth_doc#list_1" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/github.png" width="20"> | [AuthGithubRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java) | <a href="https://github.com/settings/developers" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/weibo.png" width="20"> | [AuthWeiboRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java) | <a href="https://open.weibo.com/wiki/%E5%BE%AE%E5%8D%9AAPI" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/github.png" width="20"> | [AuthGithubRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java) | <a href="https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/weibo.png" width="20"> | [AuthWeiboRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java) | <a href="https://open.weibo.com/wiki/%E6%8E%88%E6%9D%83%E6%9C%BA%E5%88%B6%E8%AF%B4%E6%98%8E" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/dingtalk.png" width="20"> | [AuthDingTalkRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java) | <a href="https://open-doc.dingtalk.com/microapp/serverapi2/kymkv6" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/baidu.png" width="20"> | [AuthBaiduRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java) | <a href="https://developer.baidu.com/" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/baidu.png" width="20"> | [AuthBaiduRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java) | <a href="http://developer.baidu.com/wiki/index.php?title=docs/oauth" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/coding.png" width="25"> | [AuthCodingRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java) | <a href="https://open.coding.net/references/oauth/" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/tencentCloud.png" width="25"> | [AuthTencentCloudRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java) | <a href="https://dev.tencent.com/help/doc/faq/b4e5b7aee786/oauth" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/oschina.png" width="20"> | [AuthOschinaRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java) | <a href="https://www.oschina.net/openapi/docs/openapi_user" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/oschina.png" width="20"> | [AuthOschinaRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java) | <a href="https://www.oschina.net/openapi/docs/oauth2_authorize" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/alipay.png" width="20"> | [AuthAlipayRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java) | <a href="https://alipay.open.taobao.com/docs/doc.htm?spm=a219a.7629140.0.0.336d4b70GUKXOl&treeId=193&articleId=105809&docType=1" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/qq.png" width="20"> | [AuthQqRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java) | <a href="http://wiki.connect.qq.com/" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/qq.png" width="20"> | [AuthQqRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java) | <a href="https://wiki.connect.qq.com/%E4%BD%BF%E7%94%A8authorization_code%E8%8E%B7%E5%8F%96access_token" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/wechat.png" width="20"> | [AuthWeChatRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java) | <a href="https://open.weixin.qq.com/cgi-bin/showdocument?action=dir_list&t=resource/res_list&verify=1&id=open1419316505&token=&lang=zh_CN" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/taobao.png" width="20"> | [AuthTaobaoRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java) | <a href="https://open.taobao.com/doc.htm?spm=a219a.7386797.0.0.4e00669acnkQy6&source=search&docId=105590&docType=1" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/google.png" width="20"> | [AuthGoogleRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java) | <a href="https://developers.google.com/identity/protocols/OpenIDConnect" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/facebook.png" width="20"> | [AuthFacebookRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java) | <a href="https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/douyin.png" width="20"> | [AuthDouyinRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java) | <a href="https://www.douyin.com/platform/doc" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/douyin.png" width="20"> | [AuthDouyinRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java) | <a href="https://www.douyin.com/platform/doc/m-2-1-1" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/linkedin.png" width="20"> | [AuthLinkedinRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java) | <a href="https://docs.microsoft.com/zh-cn/linkedin/shared/authentication/authorization-code-flow?context=linkedin/context" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/microsoft.png" width="20"> | [AuthMicrosoftRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java) | <a href="https://docs.microsoft.com/zh-cn/graph/auth/" target="_blank">参考文档</a> |
| <img src="https://gitee.com/yadong.zhang/static/raw/master/JustAuth/mi.png" width="20"> | [AuthMiRequest](https://gitee.com/yadong.zhang/JustAuth/blob/master/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java) | <a href="https://dev.mi.com/console/doc/detail?pId=711" target="_blank">参考文档</a> |
@@ -137,6 +145,10 @@ _请知悉:经咨询CSDN官方客服得知,CSDN的授权开放平台已经
[阿里妈妈MUX倾力打造的矢量图标库-iconfont](https://www.iconfont.cn/search/index): 本文档中的图标大部分取自该平台
## 关于OAuth
[The OAuth 2.0 Authorization Framework](https://tools.ietf.org/html/rfc6749)
## 关注&交流
| 公众号 | 微信(备注:加群) |
developer.md
+1
View File
@@ -2,4 +2,5 @@
- <img src="https://avatar.gitee.com/uploads/99/784199_yadong.zhang.png!avatar100?1462325358" width="20"> · yadong.zhang : <a href="https://github.com/zhangyd-c" target="_blank">[Github]</a> | <a href="https://gitee.com/yadong.zhang" target="_blank">[Gitee]</a> | <a href="https://www.zhyd.me" target="_blank">[个人网站]</a>
- <img src="https://avatars0.githubusercontent.com/u/10429917?s=460&v=4" width="20"> · yangkai.shen : <a href="https://github.com/xkcoding" target="_blank">[Github]</a> | <a href="https://xkcoding.com" target="_blank">[个人网站]</a>
- <img src="https://avatar.gitee.com/uploads/51/1651_dolphinboy.png!avatar100?1479346570" width="20"> · skqing : <a href="https://gitee.com/skqing" target="_blank">[Gitee]</a> | <a href="https://my.oschina.net/dolphinboy" target="_blank">[个人网站]</a>
- 千年等一回,我只为等你...
example.md
+10 -1
View File
@@ -40,7 +40,7 @@ _注:非全部平台,部分平台可能不存在图例_
#### 授权qq
待续
暂无
#### 授权微信
@@ -61,6 +61,7 @@ _注:非全部平台,部分平台可能不存在图例_
#### 授权抖音
暂无
#### 授权领英
@@ -69,10 +70,18 @@ _注:非全部平台,部分平台可能不存在图例_
#### 授权微软
暂无
#### 授权小米
暂无
#### 授权今日头条
暂无
#### 授权csdn
暂无
_请知悉:经咨询CSDN官方客服得知,CSDN的授权开放平台已经下线。如果以前申请过的应用,可以继续使用,但是不再支持申请新的应用。so, 本项目中的CSDN登录只能针对少部分用户使用了_
pom.xml
+8 -4
View File
@@ -6,7 +6,7 @@
<groupId>me.zhyd.oauth</groupId>
<artifactId>JustAuth</artifactId>
<version>1.6.0-beta</version>
<version>1.8.1</version>
<name>JustAuth</name>
<url>https://gitee.com/yadong.zhang/JustAuth</url>
@@ -49,13 +49,12 @@
<maven-source.version>2.2.1</maven-source.version>
<maven-compiler.version>3.7.0</maven-compiler.version>
<maven.test.skip>true</maven.test.skip>
<hutool-version>4.1.21</hutool-version>
<hutool-version>4.5.15</hutool-version>
<lombok-version>1.18.4</lombok-version>
<junit-version>4.11</junit-version>
<fastjson-version>1.2.44</fastjson-version>
<google-api-version>1.28.0</google-api-version>
<guava-version>27.1-jre</guava-version>
<alipay-sdk-version>3.7.4.ALL</alipay-sdk-version>
<slf4j-version>1.7.25</slf4j-version>
</properties>
<dependencies>
@@ -86,6 +85,11 @@
<version>${alipay-sdk-version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<version>${slf4j-version}</version>
</dependency>
</dependencies>
<build>
src/main/java/me/zhyd/oauth/authorization/AlipayAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 支付宝授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class AlipayAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getAlipayAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/Authorization.java
-21
View File
@@ -1,21 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
/**
* 授权接口,用来获取具体第三方平台的授权地址
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public interface Authorization {
/**
* 获取授权页面地址
*
* @param config 授权基础配置
* @return 授权页面地址
*/
String getAuthorizeUrl(AuthConfig config);
}
src/main/java/me/zhyd/oauth/authorization/AuthorizationFactory.java
-81
View File
@@ -1,81 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.request.ResponseStatus;
import java.util.HashMap;
import java.util.Map;
/**
* 授权工厂类,负责创建指定平台的授权类获取授权地址
* <p>
* 使用策略模式 + 工厂模式 避免大量的if elseswatch)操作
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class AuthorizationFactory {
private static Map<String, Authorization> authorizationMap = new HashMap<>();
private static boolean loader = false;
private AuthorizationFactory() {
}
/**
* 根据第三方平台,获取具体的授权工具
*
* @param source 平台
* @return 具体的Authorization
*/
public static Authorization getAuthorize(AuthSource source) {
if (null == source) {
throw new AuthException(ResponseStatus.NO_AUTH_SOURCE);
}
registerAllAuthorize();
Authorization authorization = authorizationMap.get(source.toString());
if (null == authorization) {
throw new AuthException(ResponseStatus.UNIDENTIFIED_PLATFORM);
}
return authorization;
}
/**
* 将所有Authorize的实现类注册到authorizeMap中,
* 每次增加新的平台都需要在这儿添加注册代码
*/
private static void registerAllAuthorize() {
if (loader) {
return;
}
AuthorizationFactory.register(AuthSource.ALIPAY, new AlipayAuthorization());
AuthorizationFactory.register(AuthSource.BAIDU, new BaiduAuthorization());
AuthorizationFactory.register(AuthSource.CODING, new CodingAuthorization());
AuthorizationFactory.register(AuthSource.CSDN, new CsdnAuthorization());
AuthorizationFactory.register(AuthSource.DINGTALK, new DingTalkAuthorization());
AuthorizationFactory.register(AuthSource.GITEE, new GiteeAuthorization());
AuthorizationFactory.register(AuthSource.GITHUB, new GithubAuthorization());
AuthorizationFactory.register(AuthSource.GOOGLE, new GoogleAuthorization());
AuthorizationFactory.register(AuthSource.OSCHINA, new OschinaAuthorization());
AuthorizationFactory.register(AuthSource.QQ, new QqAuthorization());
AuthorizationFactory.register(AuthSource.TAOBAO, new TaobaoAuthorization());
AuthorizationFactory.register(AuthSource.TENCENT_CLOUD, new TencentCloudAuthorization());
AuthorizationFactory.register(AuthSource.WECHAT, new WeChatAuthorization());
AuthorizationFactory.register(AuthSource.WEIBO, new WeiboAuthorization());
AuthorizationFactory.register(AuthSource.FACEBOOK, new FacebookAuthorization());
AuthorizationFactory.register(AuthSource.DOUYIN, new DouyinAuthorization());
AuthorizationFactory.register(AuthSource.LINKEDIN, new LinkedinAuthorization());
AuthorizationFactory.register(AuthSource.MICROSOFT, new MicrosoftAuthorization());
AuthorizationFactory.register(AuthSource.MI, new MiAuthorization());
AuthorizationFactory.register(AuthSource.TOUTIAO, new ToutiaoAuthorization());
loader = true;
}
private static void register(AuthSource authSource, Authorization authorization) {
authorizationMap.put(authSource.toString(), authorization);
}
}
src/main/java/me/zhyd/oauth/authorization/BaiduAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 百度授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class BaiduAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getBaiduAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/CodingAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* Coding授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class CodingAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getCodingAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/CsdnAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* CSDN授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class CsdnAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getCsdnAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/DingTalkAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 钉钉授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class DingTalkAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getDingTalkQrConnectUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/DouyinAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 抖音授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class DouyinAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getDouyinAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/FacebookAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* Facebook授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.3
* @since 1.3
*/
public class FacebookAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getFacebookAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/GiteeAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 码云授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class GiteeAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getGiteeAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/GithubAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* Github授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class GithubAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getGithubAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/GoogleAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* Google授权
*
* @author yangkai.shen (https://xkcoding.com)
* @version 1.3
* @since 1.3
*/
public class GoogleAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getGoogleAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/LinkedinAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 领英授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class LinkedinAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getLinkedinAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/MiAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 小米授权
*
* @author yangkai.shen (https://xkcoding.com)
* @version 1.5
* @since 1.5
*/
public class MiAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getMiAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/MicrosoftAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 微软授权
*
* @author yangkai.shen (https://xkcoding.com)
* @version 1.5
* @since 1.5
*/
public class MicrosoftAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getMicrosoftAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/OschinaAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 开源中国授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class OschinaAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getOschinaAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/QqAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* QQ授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class QqAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getQqAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/TaobaoAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 淘宝授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class TaobaoAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getTaobaoAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/TencentCloudAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 腾讯云授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class TencentCloudAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getTencentCloudAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/ToutiaoAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 今日头条授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class ToutiaoAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getToutiaoAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/WeChatAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 微信授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class WeChatAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getWeChatAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/authorization/WeiboAuthorization.java
-19
View File
@@ -1,19 +0,0 @@
package me.zhyd.oauth.authorization;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 微博授权
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class WeiboAuthorization implements Authorization {
@Override
public String getAuthorizeUrl(AuthConfig config) {
return UrlBuilder.getWeiboAuthorizeUrl(config.getClientId(), config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/config/AuthConfig.java
+16
View File
@@ -35,4 +35,20 @@ public class AuthConfig {
* 支付宝公钥:当选择支付宝登录时,该值可用
*/
private String alipayPublicKey;
/**
* 是否需要申请unionid,目前只针对qq登录
* 注:qq授权登录时,获取unionid需要单独发送邮件申请权限。如果个人开发者账号中申请了该权限,可以将该值置为true,在获取openId时就会同步获取unionId
* 参考链接:http://wiki.connect.qq.com/unionid%E4%BB%8B%E7%BB%8D
* <p>
* 1.7.1版本新增参数
*/
private boolean unionId;
/**
* 一个神奇的参数,最好使用随机的不可测的内容,可以用来防止CSRF攻击
* <p>
* 1.8.0版本新增参数
*/
private String state;
}
src/main/java/me/zhyd/oauth/consts/ApiUrl.java → src/main/java/me/zhyd/oauth/config/AuthSource.java
+13 -179
View File
@@ -1,4 +1,4 @@
package me.zhyd.oauth.consts;
package me.zhyd.oauth.config;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.request.ResponseStatus;
@@ -10,7 +10,7 @@ import me.zhyd.oauth.request.ResponseStatus;
* @version 1.0
* @since 1.0
*/
public enum ApiUrl {
public enum AuthSource {
/**
* Github
*/
@@ -29,16 +29,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://api.github.com/user";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 新浪微博
@@ -58,16 +48,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://api.weibo.com/2/users/show.json";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* gitee
@@ -87,16 +67,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://gitee.com/api/v5/user";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 钉钉
@@ -116,16 +86,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://oapi.dingtalk.com/sns/getuserinfo_bycode";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 百度
@@ -150,11 +110,6 @@ public enum ApiUrl {
public String revoke() {
return "https://openapi.baidu.com/rest/2.0/passport/auth/revokeAuthorization";
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* csdn
@@ -174,16 +129,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://api.csdn.net/user/getinfo";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* Coding
@@ -203,21 +148,11 @@ public enum ApiUrl {
public String userInfo() {
return "https://coding.net/api/account/current_user";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 腾讯云开发者平台coding升级后就变成腾讯云开发者平台了
*/
TENCENTCLOUD {
TENCENT_CLOUD {
@Override
public String authorize() {
return "https://dev.tencent.com/oauth_authorize.html";
@@ -232,16 +167,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://dev.tencent.com/api/account/current_user";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* oschina 开源中国
@@ -261,16 +186,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://www.oschina.net/action/openapi/user";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 支付宝
@@ -290,16 +205,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://openapi.alipay.com/gateway.do";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* QQ
@@ -319,16 +224,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://graph.qq.com/user/get_user_info";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 微信
@@ -349,11 +244,6 @@ public enum ApiUrl {
return "https://api.weixin.qq.com/sns/userinfo";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
return "https://api.weixin.qq.com/sns/oauth2/refresh_token";
@@ -377,16 +267,6 @@ public enum ApiUrl {
public String userInfo() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* Google
@@ -406,16 +286,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://oauth2.googleapis.com/tokeninfo";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* Facebook
@@ -435,16 +305,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://graph.facebook.com/v3.3/me";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
},
/**
* 抖音
@@ -457,22 +317,17 @@ public enum ApiUrl {
@Override
public String accessToken() {
return "https://open.douyin.com/oauth/access_token";
return "https://open.douyin.com/oauth/access_token/";
}
@Override
public String userInfo() {
return "https://open.douyin.com/oauth/userinfo";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
return "https://open.douyin.com/oauth/userinfo/";
}
@Override
public String refresh() {
return "https://open.douyin.com/oauth/refresh_token";
return "https://open.douyin.com/oauth/refresh_token/";
}
},
/**
@@ -494,11 +349,6 @@ public enum ApiUrl {
return "https://api.linkedin.com/v2/me";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
return "https://www.linkedin.com/oauth/v2/accessToken";
@@ -523,11 +373,6 @@ public enum ApiUrl {
return "https://graph.microsoft.com/v1.0/me";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
return "https://login.microsoftonline.com/common/oauth2/v2.0/token";
@@ -552,11 +397,6 @@ public enum ApiUrl {
return "https://open.account.xiaomi.com/user/profile";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
return "https://account.xiaomi.com/oauth2/token";
@@ -580,16 +420,6 @@ public enum ApiUrl {
public String userInfo() {
return "https://open.snssdk.com/data/user_profile";
}
@Override
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
@Override
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
};
/**
@@ -618,13 +448,17 @@ public enum ApiUrl {
*
* @return url
*/
public abstract String revoke();
public String revoke() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
/**
* 刷新授权的api
*
* @return url
*/
public abstract String refresh();
public String refresh() {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
}
}
src/main/java/me/zhyd/oauth/model/AuthBaiduErrorCode.java → src/main/java/me/zhyd/oauth/enums/AuthBaiduErrorCode.java
+1 -1
View File
@@ -1,4 +1,4 @@
package me.zhyd.oauth.model;
package me.zhyd.oauth.enums;
import me.zhyd.oauth.utils.StringUtils;
src/main/java/me/zhyd/oauth/model/AuthDingTalkErrorCode.java → src/main/java/me/zhyd/oauth/enums/AuthDingTalkErrorCode.java
+1 -1
View File
@@ -1,4 +1,4 @@
package me.zhyd.oauth.model;
package me.zhyd.oauth.enums;
/**
* 钉钉授权登录时的异常状态码
src/main/java/me/zhyd/oauth/model/AuthToutiaoErrorCode.java → src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java
+1 -1
View File
@@ -1,4 +1,4 @@
package me.zhyd.oauth.model;
package me.zhyd.oauth.enums;
/**
* 今日头条授权登录时的异常状态码
src/main/java/me/zhyd/oauth/model/AuthCallback.java
+31
View File
@@ -0,0 +1,31 @@
package me.zhyd.oauth.model;
import lombok.Getter;
import lombok.Setter;
/**
* 授权回调时的参数类
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
@Getter
@Setter
public class AuthCallback {
/**
* 访问AuthorizeUrl后回调时带的参数code
*/
private String code;
/**
* 访问AuthorizeUrl后回调时带的参数auth_code,该参数目前只使用于支付宝登录
*/
private String auth_code;
/**
* 访问AuthorizeUrl后回调时带的参数state,用于和请求AuthorizeUrl前的state比较,防止CSRF攻击
*/
private String state;
}
src/main/java/me/zhyd/oauth/model/AuthResponse.java
+4 -2
View File
@@ -1,7 +1,8 @@
package me.zhyd.oauth.model;
import lombok.Builder;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
import me.zhyd.oauth.request.ResponseStatus;
/**
@@ -11,8 +12,9 @@ import me.zhyd.oauth.request.ResponseStatus;
* @version 1.0
* @since 1.8
*/
@Getter
@Setter
@Builder
@Data
public class AuthResponse<T> {
/**
* 授权响应状态码
src/main/java/me/zhyd/oauth/model/AuthSource.java
-31
View File
@@ -1,31 +0,0 @@
package me.zhyd.oauth.model;
/**
* 授权来源(平台)
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public enum AuthSource {
GITHUB,
GITEE,
WEIBO,
DINGTALK,
BAIDU,
CSDN,
CODING,
OSCHINA,
TENCENT_CLOUD,
ALIPAY,
TAOBAO,
QQ,
WECHAT,
GOOGLE,
FACEBOOK,
DOUYIN,
LINKEDIN,
MICROSOFT,
MI,
TOUTIAO
}
src/main/java/me/zhyd/oauth/model/AuthToken.java
+5 -1
View File
@@ -2,6 +2,8 @@ package me.zhyd.oauth.model;
import lombok.Builder;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
/**
* 授权所需的token
@@ -10,7 +12,8 @@ import lombok.Data;
* @version 1.0
* @since 1.8
*/
@Data
@Getter
@Setter
@Builder
public class AuthToken {
private String accessToken;
@@ -19,6 +22,7 @@ public class AuthToken {
private String uid;
private String openId;
private String accessCode;
private String unionId;
/**
* Google附带属性
src/main/java/me/zhyd/oauth/model/AuthUser.java
+9 -5
View File
@@ -2,6 +2,9 @@ package me.zhyd.oauth.model;
import lombok.Builder;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
import me.zhyd.oauth.config.AuthSource;
/**
* 授权成功后的用户信息,根据授权平台的不同,获取的数据完整性也不同
@@ -10,9 +13,14 @@ import lombok.Data;
* @version 1.0
* @since 1.8
*/
@Getter
@Setter
@Builder
@Data
public class AuthUser {
/**
* 用户第三方系统的唯一id。在调用方集成改组件时,可以用uuid + source唯一确定一个用户
*/
private String uuid;
/**
* 用户名
*/
@@ -57,8 +65,4 @@ public class AuthUser {
* 用户授权的token信息
*/
private AuthToken token;
/**
* 用户第三方系统的唯一id。在调用方集成改组件时,可以用uuid + source唯一确定一个用户
*/
private String uuid;
}
src/main/java/me/zhyd/oauth/model/AuthUserGender.java
+1 -1
View File
@@ -10,7 +10,7 @@ import java.util.Arrays;
* @since 1.8
*/
public enum AuthUserGender {
MALE(1, ""), FEMALE(0, ""), UNKNOW(-1, "");
MALE(1, ""), FEMALE(0, ""), UNKNOW(-1, "未知");
private int code;
private String desc;
src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java
+22 -7
View File
@@ -8,13 +8,14 @@ import com.alipay.api.request.AlipayUserInfoShareRequest;
import com.alipay.api.response.AlipaySystemOauthTokenResponse;
import com.alipay.api.response.AlipayUserInfoShareResponse;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.consts.ApiUrl;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
import me.zhyd.oauth.utils.StringUtils;
import me.zhyd.oauth.utils.UrlBuilder;
/**
* 支付宝登录
@@ -29,19 +30,20 @@ public class AuthAlipayRequest extends BaseAuthRequest {
public AuthAlipayRequest(AuthConfig config) {
super(config, AuthSource.ALIPAY);
this.alipayClient = new DefaultAlipayClient(ApiUrl.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), "json", "UTF-8", config.getAlipayPublicKey(), "RSA2");
this.alipayClient = new DefaultAlipayClient(AuthSource.ALIPAY.accessToken(), config.getClientId(), config.getClientSecret(), "json", "UTF-8", config
.getAlipayPublicKey(), "RSA2");
}
@Override
protected AuthToken getAccessToken(String code) {
protected AuthToken getAccessToken(AuthCallback authCallback) {
AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest();
request.setGrantType("authorization_code");
request.setCode(code);
request.setCode(authCallback.getAuth_code());
AlipaySystemOauthTokenResponse response = null;
try {
response = this.alipayClient.execute(request);
} catch (Exception e) {
throw new AuthException("Unable to get token from alipay using code [" + code + "]", e);
throw new AuthException("Unable to get token from alipay using code [" + authCallback.getAuth_code() + "]", e);
}
if (!response.isSuccess()) {
throw new AuthException(response.getSubMsg());
@@ -67,17 +69,30 @@ public class AuthAlipayRequest extends BaseAuthRequest {
if (!response.isSuccess()) {
throw new AuthException(response.getSubMsg());
}
String province = response.getProvince(),
city = response.getCity();
String location = String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city);
return AuthUser.builder()
.uuid(response.getUserId())
.username(StringUtils.isEmpty(response.getUserName()) ? response.getNickName() : response.getUserName())
.nickname(response.getNickName())
.avatar(response.getAvatar())
.location(String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city))
.location(location)
.gender(AuthUserGender.getRealGender(response.getGender()))
.token(authToken)
.source(AuthSource.ALIPAY)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getAlipayAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java
+21 -6
View File
@@ -3,8 +3,9 @@ package me.zhyd.oauth.request;
import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.enums.AuthBaiduErrorCode;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -23,16 +24,20 @@ public class AuthBaiduRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getBaiduAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getBaiduAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config
.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
AuthBaiduErrorCode errorCode = AuthBaiduErrorCode.getErrorCode(accessTokenObject.getString("error"));
if (!AuthBaiduErrorCode.OK.equals(errorCode)) {
if (AuthBaiduErrorCode.OK != errorCode) {
throw new AuthException(errorCode.getDesc());
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("access_token"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.scope(accessTokenObject.getString("scope"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.build();
}
@@ -43,7 +48,7 @@ public class AuthBaiduRequest extends BaseAuthRequest {
String userInfo = response.body();
JSONObject object = JSONObject.parseObject(userInfo);
AuthBaiduErrorCode errorCode = AuthBaiduErrorCode.getErrorCode(object.getString("error"));
if (!AuthBaiduErrorCode.OK.equals(errorCode)) {
if (AuthBaiduErrorCode.OK != errorCode) {
throw new AuthException(errorCode.getDesc());
}
return AuthUser.builder()
@@ -56,13 +61,23 @@ public class AuthBaiduRequest extends BaseAuthRequest {
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getBaiduAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
@Override
public AuthResponse revoke(AuthToken authToken) {
String accessToken = authToken.getAccessToken();
HttpResponse response = HttpRequest.get(UrlBuilder.getBaiduRevokeUrl(accessToken)).execute();
String userInfo = response.body();
JSONObject object = JSONObject.parseObject(userInfo);
if(object.containsKey("error_code")) {
if (object.containsKey("error_code")) {
return AuthResponse.builder()
.code(ResponseStatus.FAILURE.getCode())
.msg(object.getString("error_msg"))
src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java
+18 -4
View File
@@ -4,8 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -25,15 +26,17 @@ public class AuthCodingRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getCodingAccessTokenUrl(config.getClientId(), config.getClientSecret(), code);
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getCodingAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (accessTokenObject.getIntValue("code") != 0) {
throw new AuthException("Unable to get token from coding using code [" + code + "]");
throw new AuthException("Unable to get token from coding using code [" + authCallback.getCode() + "]");
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.build();
}
@@ -45,6 +48,7 @@ public class AuthCodingRequest extends BaseAuthRequest {
if (object.getIntValue("code") != 0) {
throw new AuthException(object.getString("msg"));
}
object = object.getJSONObject("data");
return AuthUser.builder()
.uuid(object.getString("id"))
@@ -61,4 +65,14 @@ public class AuthCodingRequest extends BaseAuthRequest {
.source(AuthSource.CODING)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getCodingAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java
+19 -7
View File
@@ -4,10 +4,12 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
import me.zhyd.oauth.utils.UrlBuilder;
/**
@@ -24,16 +26,15 @@ public class AuthCsdnRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getCsdnAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getCsdnAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config
.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (accessTokenObject.containsKey("error_code")) {
throw new AuthException("Unable to get token from csdn using code [" + code + "]");
throw new AuthException("Unable to get token from csdn using code [" + authCallback.getCode() + "]");
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("access_token"))
.build();
return AuthToken.builder().accessToken(accessTokenObject.getString("access_token")).build();
}
@Override
@@ -49,8 +50,19 @@ public class AuthCsdnRequest extends BaseAuthRequest {
.username(object.getString("username"))
.remark(object.getString("description"))
.blog(object.getString("website"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.CSDN)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getCsdnAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java
+35 -22
View File
@@ -2,18 +2,16 @@ package me.zhyd.oauth.request;
import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import cn.hutool.json.JSONObject;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.enums.AuthDingTalkErrorCode;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthDingTalkErrorCode;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.GlobalAuthUtil;
import me.zhyd.oauth.utils.UrlBuilder;
import java.util.Objects;
/**
* 钉钉登录
*
@@ -28,33 +26,48 @@ public class AuthDingTalkRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
return AuthToken.builder()
.accessCode(code)
.build();
protected AuthToken getAccessToken(AuthCallback authCallback) {
return AuthToken.builder().accessCode(authCallback.getCode()).build();
}
@Override
protected AuthUser getUserInfo(AuthToken authToken) {
String code = authToken.getAccessCode();
// 根据timestamp, appSecret计算签名值
String stringToSign = System.currentTimeMillis() + "";
String urlEncodeSignature = GlobalAuthUtil.generateDingTalkSignature(config.getClientSecret(), stringToSign);
HttpResponse response = HttpRequest.post(UrlBuilder.getDingTalkUserInfoUrl(urlEncodeSignature, stringToSign, config.getClientId()))
.body(Objects.requireNonNull(new JSONObject().put("tmp_auth_code", code)))
.execute();
String timestamp = System.currentTimeMillis() + "";
String urlEncodeSignature = GlobalAuthUtil.generateDingTalkSignature(config.getClientSecret(), timestamp);
JSONObject param = new JSONObject();
param.put("tmp_auth_code", code);
HttpResponse response = HttpRequest.post(UrlBuilder.getDingTalkUserInfoUrl(urlEncodeSignature, timestamp, config
.getClientId())).body(param.toJSONString()).execute();
String userInfo = response.body();
JSONObject object = new JSONObject(userInfo);
AuthDingTalkErrorCode errorCode = AuthDingTalkErrorCode.getErrorCode(object.getInt("errcode"));
if (!AuthDingTalkErrorCode.EC0.equals(errorCode)) {
JSONObject object = JSON.parseObject(userInfo);
AuthDingTalkErrorCode errorCode = AuthDingTalkErrorCode.getErrorCode(object.getIntValue("errcode"));
if (AuthDingTalkErrorCode.EC0 != errorCode) {
throw new AuthException(errorCode.getDesc());
}
object = object.getJSONObject("user_info");
AuthToken token = AuthToken.builder()
.openId(object.getString("openid"))
.unionId(object.getString("unionid"))
.build();
return AuthUser.builder()
.uuid(object.getStr("openid"))
.nickname(object.getStr("nick"))
.username(object.getStr("nick"))
.uuid(object.getString("unionid"))
.nickname(object.getString("nick"))
.username(object.getString("nick"))
.gender(AuthUserGender.UNKNOW)
.source(AuthSource.DINGTALK)
.token(token)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getDingTalkQrConnectUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java
+19 -8
View File
@@ -4,11 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -26,8 +24,8 @@ public class AuthDouyinRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getDouyinAccessTokenUrl(config.getClientId(), config.getClientSecret(), code);
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getDouyinAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
return this.getToken(accessTokenUrl);
}
@@ -35,21 +33,34 @@ public class AuthDouyinRequest extends BaseAuthRequest {
protected AuthUser getUserInfo(AuthToken authToken) {
String accessToken = authToken.getAccessToken();
String openId = authToken.getOpenId();
HttpResponse response = HttpRequest.get(UrlBuilder.getDouyinUserInfoUrl(accessToken, openId)).execute();
String url = UrlBuilder.getDouyinUserInfoUrl(accessToken, openId);
HttpResponse response = HttpRequest.get(url).execute();
JSONObject object = JSONObject.parseObject(response.body());
JSONObject userInfoObject = this.checkResponse(object);
return AuthUser.builder()
.uuid(userInfoObject.getString("open_id"))
.uuid(userInfoObject.getString("union_id"))
.username(userInfoObject.getString("nickname"))
.nickname(userInfoObject.getString("nickname"))
.avatar(userInfoObject.getString("avatar"))
.remark(userInfoObject.getString("description"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.DOUYIN)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getDouyinAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
@Override
public AuthResponse refresh(AuthToken oldToken) {
String refreshTokenUrl = UrlBuilder.getDouyinRefreshUrl(config.getClientId(), oldToken.getRefreshToken());
src/main/java/me/zhyd/oauth/request/AuthFacebookRequest.java
+21 -9
View File
@@ -4,8 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -25,19 +26,20 @@ public class AuthFacebookRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getFacebookAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getFacebookAccessTokenUrl(config.getClientId(), config.getClientSecret(),
authCallback.getCode(), config.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
JSONObject object = JSONObject.parseObject(response.body());
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (object.containsKey("error")) {
throw new AuthException(object.getJSONObject("error").getString("message"));
if (accessTokenObject.containsKey("error")) {
throw new AuthException(accessTokenObject.getJSONObject("error").getString("message"));
}
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.expireIn(object.getIntValue("expires_in"))
.tokenType(object.getString("token_type"))
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.tokenType(accessTokenObject.getString("token_type"))
.build();
}
@@ -70,4 +72,14 @@ public class AuthFacebookRequest extends BaseAuthRequest {
.source(AuthSource.FACEBOOK)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getFacebookAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java
+19 -7
View File
@@ -4,10 +4,12 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
import me.zhyd.oauth.utils.UrlBuilder;
/**
@@ -24,16 +26,15 @@ public class AuthGiteeRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getGiteeAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getGiteeAccessTokenUrl(config.getClientId(), config.getClientSecret(),
authCallback.getCode(), config.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (accessTokenObject.containsKey("error")) {
throw new AuthException("Unable to get token from gitee using code [" + code + "]");
throw new AuthException("Unable to get token from gitee using code [" + authCallback.getCode() + "]");
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("access_token"))
.build();
return AuthToken.builder().accessToken(accessTokenObject.getString("access_token")).build();
}
@Override
@@ -52,8 +53,19 @@ public class AuthGiteeRequest extends BaseAuthRequest {
.location(object.getString("address"))
.email(object.getString("email"))
.remark(object.getString("bio"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.GITEE)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getGiteeAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java
+17 -6
View File
@@ -4,10 +4,12 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
import me.zhyd.oauth.utils.GlobalAuthUtil;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -27,16 +29,14 @@ public class AuthGithubRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getGithubAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getGithubAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
Map<String, String> res = GlobalAuthUtil.parseStringToMap(response.body());
if (res.containsKey("error")) {
throw new AuthException(res.get("error") + ":" + res.get("error_description"));
}
return AuthToken.builder()
.accessToken(res.get("access_token"))
.build();
return AuthToken.builder().accessToken(res.get("access_token")).build();
}
@Override
@@ -55,8 +55,19 @@ public class AuthGithubRequest extends BaseAuthRequest {
.location(object.getString("location"))
.email(object.getString("email"))
.remark(object.getString("bio"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.GITHUB)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getGithubAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java
+24 -11
View File
@@ -4,10 +4,12 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
import me.zhyd.oauth.utils.UrlBuilder;
/**
@@ -24,23 +26,23 @@ public class AuthGoogleRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getGoogleAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getGoogleAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config
.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
JSONObject object = JSONObject.parseObject(response.body());
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (object.containsKey("error") || object.containsKey("error_description")) {
throw new AuthException("get google access_token has error:[" + object.getString("error") + "], error_description:[" + object
if (accessTokenObject.containsKey("error") || accessTokenObject.containsKey("error_description")) {
throw new AuthException("get google access_token has error:[" + accessTokenObject.getString("error") + "], error_description:[" + accessTokenObject
.getString("error_description") + "]");
}
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.expireIn(object.getIntValue("expires_in"))
.scope(object.getString("scope"))
.tokenType(object.getString("token_type"))
.idToken(object.getString("id_token"))
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.scope(accessTokenObject.getString("scope"))
.tokenType(accessTokenObject.getString("token_type"))
.idToken(accessTokenObject.getString("id_token"))
.build();
}
@@ -57,8 +59,19 @@ public class AuthGoogleRequest extends BaseAuthRequest {
.nickname(object.getString("name"))
.location(object.getString("locale"))
.email(object.getString("email"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.GOOGLE)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getGoogleAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java
+24 -9
View File
@@ -5,11 +5,9 @@ import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.StringUtils;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -28,8 +26,9 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getLinkedinAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getLinkedinAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config
.getRedirectUri());
return this.getToken(accessTokenUrl);
}
@@ -65,7 +64,8 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
String avatar = null;
JSONObject profilePictureObject = userInfoObject.getJSONObject("profilePicture");
if (profilePictureObject.containsKey("displayImage~")) {
JSONArray displayImageElements = profilePictureObject.getJSONObject("displayImage~").getJSONArray("elements");
JSONArray displayImageElements = profilePictureObject.getJSONObject("displayImage~")
.getJSONArray("elements");
if (null != displayImageElements && displayImageElements.size() > 0) {
JSONObject largestImageObj = displayImageElements.getJSONObject(displayImageElements.size() - 1);
avatar = largestImageObj.getJSONArray("identifiers").getJSONObject(0).getString("identifier");
@@ -81,10 +81,21 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
.avatar(avatar)
.email(email)
.token(authToken)
.gender(AuthUserGender.UNKNOW)
.source(AuthSource.LINKEDIN)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getLinkedinAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
private String getUserEmail(String accessToken) {
String email = null;
HttpResponse emailResponse = HttpRequest.get("https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))")
@@ -95,7 +106,10 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
System.out.println(emailResponse.body());
JSONObject emailObj = JSONObject.parseObject(emailResponse.body());
if (emailObj.containsKey("elements")) {
email = emailObj.getJSONArray("elements").getJSONObject(0).getJSONObject("handle~").getString("emailAddress");
email = emailObj.getJSONArray("elements")
.getJSONObject(0)
.getJSONObject("handle~")
.getString("emailAddress");
}
return email;
}
@@ -114,7 +128,8 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
if (StringUtils.isEmpty(oldToken.getRefreshToken())) {
throw new AuthException(ResponseStatus.UNSUPPORTED);
}
String refreshTokenUrl = UrlBuilder.getLinkedinRefreshUrl(config.getClientId(), config.getClientSecret(), oldToken.getRefreshToken());
String refreshTokenUrl = UrlBuilder.getLinkedinRefreshUrl(config.getClientId(), config.getClientSecret(), oldToken
.getRefreshToken());
return AuthResponse.builder()
.code(ResponseStatus.SUCCESS.getCode())
.data(this.getToken(refreshTokenUrl))
src/main/java/me/zhyd/oauth/request/AuthMiRequest.java
+28 -19
View File
@@ -5,11 +5,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;
import java.text.MessageFormat;
@@ -29,29 +27,29 @@ public class AuthMiRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getMiAccessTokenUrl(config.getClientId(), config.getClientSecret(), config.getRedirectUri(), code);
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getMiAccessTokenUrl(config.getClientId(), config.getClientSecret(), config.getRedirectUri(), authCallback.getCode());
return getToken(accessTokenUrl);
}
private AuthToken getToken(String accessTokenUrl) {
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
String jsonStr = StrUtil.replace(response.body(), PREFIX, StrUtil.EMPTY);
JSONObject object = JSONObject.parseObject(jsonStr);
JSONObject accessTokenObject = JSONObject.parseObject(jsonStr);
if (object.containsKey("error")) {
throw new AuthException(object.getString("error_description"));
if (accessTokenObject.containsKey("error")) {
throw new AuthException(accessTokenObject.getString("error_description"));
}
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.expireIn(object.getIntValue("expires_in"))
.scope(object.getString("scope"))
.tokenType(object.getString("token_type"))
.refreshToken(object.getString("refresh_token"))
.openId(object.getString("openId"))
.macAlgorithm(object.getString("mac_algorithm"))
.macKey(object.getString("mac_key"))
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.scope(accessTokenObject.getString("scope"))
.tokenType(accessTokenObject.getString("token_type"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.openId(accessTokenObject.getString("openId"))
.macAlgorithm(accessTokenObject.getString("mac_algorithm"))
.macKey(accessTokenObject.getString("mac_key"))
.build();
}
@@ -62,7 +60,7 @@ public class AuthMiRequest extends BaseAuthRequest {
.execute();
JSONObject userProfile = JSONObject.parseObject(userResponse.body());
if (StrUtil.equalsIgnoreCase(userProfile.getString("result"), "error")) {
if ("error".equalsIgnoreCase(userProfile.getString("result"))) {
throw new AuthException(userProfile.getString("description"));
}
@@ -74,6 +72,7 @@ public class AuthMiRequest extends BaseAuthRequest {
.nickname(user.getString("miliaoNick"))
.avatar(user.getString("miliaoIcon"))
.email(user.getString("mail"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.MI)
.build();
@@ -84,7 +83,7 @@ public class AuthMiRequest extends BaseAuthRequest {
HttpResponse emailResponse = HttpRequest.get(emailPhoneUrl).execute();
JSONObject userEmailPhone = JSONObject.parseObject(emailResponse.body());
if (!StrUtil.equalsIgnoreCase(userEmailPhone.getString("result"), "error")) {
if (!"error".equalsIgnoreCase(userEmailPhone.getString("result"))) {
JSONObject emailPhone = userEmailPhone.getJSONObject("data");
authUser.setEmail(emailPhone.getString("email"));
}
@@ -92,6 +91,16 @@ public class AuthMiRequest extends BaseAuthRequest {
return authUser;
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getMiAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
/**
* 刷新access token (续期)
*
src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java
+22 -13
View File
@@ -5,11 +5,9 @@ import cn.hutool.http.HttpResponse;
import cn.hutool.http.HttpUtil;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;
import java.util.HashMap;
@@ -28,9 +26,9 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getMicrosoftAccessTokenUrl(config.getClientId(), config.getClientSecret(), config
.getRedirectUri(), code);
.getRedirectUri(), authCallback.getCode());
return getToken(accessTokenUrl);
}
@@ -50,16 +48,16 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
.form(paramMap)
.execute();
String accessTokenStr = response.body();
JSONObject object = JSONObject.parseObject(accessTokenStr);
JSONObject accessTokenObject = JSONObject.parseObject(accessTokenStr);
this.checkResponse(object);
this.checkResponse(accessTokenObject);
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.expireIn(object.getIntValue("expires_in"))
.scope(object.getString("scope"))
.tokenType(object.getString("token_type"))
.refreshToken(object.getString("refresh_token"))
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.scope(accessTokenObject.getString("scope"))
.tokenType(accessTokenObject.getString("token_type"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.build();
}
@@ -85,11 +83,22 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
.nickname(object.getString("displayName"))
.location(object.getString("officeLocation"))
.email(object.getString("mail"))
.gender(AuthUserGender.UNKNOW)
.token(authToken)
.source(AuthSource.MICROSOFT)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getMicrosoftAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
/**
* 刷新access token (续期)
*
src/main/java/me/zhyd/oauth/request/AuthOschinaRequest.java
+19 -4
View File
@@ -4,8 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -25,15 +26,19 @@ public class AuthOschinaRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getOschinaAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getOschinaAccessTokenUrl(config.getClientId(), config.getClientSecret(),
authCallback.getCode(), config.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (accessTokenObject.containsKey("error")) {
throw new AuthException("Unable to get token from oschina using code [" + code + "]");
throw new AuthException("Unable to get token from oschina using code [" + authCallback.getCode() + "]");
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("access_token"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.uid(accessTokenObject.getString("uid"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.build();
}
@@ -58,4 +63,14 @@ public class AuthOschinaRequest extends BaseAuthRequest {
.source(AuthSource.OSCHINA)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getOschinaAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthQqRequest.java
+32 -13
View File
@@ -5,8 +5,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -30,13 +31,13 @@ public class AuthQqRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getQqAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config
.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getQqAccessTokenUrl(config.getClientId(), config.getClientSecret(),
authCallback.getCode(), config.getRedirectUri());
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
Map<String, String> accessTokenObject = GlobalAuthUtil.parseStringToMap(response.body());
if (!accessTokenObject.containsKey("access_token")) {
throw new AuthException("Unable to get token from qq using code [" + code + "]");
throw new AuthException("Unable to get token from qq using code [" + authCallback.getCode() + "]");
}
return AuthToken.builder()
.accessToken(accessTokenObject.get("access_token"))
@@ -48,7 +49,7 @@ public class AuthQqRequest extends BaseAuthRequest {
@Override
protected AuthUser getUserInfo(AuthToken authToken) {
String accessToken = authToken.getAccessToken();
String openId = this.getOpenId(accessToken);
String openId = this.getOpenId(authToken);
HttpResponse response = HttpRequest.get(UrlBuilder.getQqUserInfoUrl(config.getClientId(), accessToken, openId))
.execute();
JSONObject object = JSONObject.parseObject(response.body());
@@ -59,11 +60,13 @@ public class AuthQqRequest extends BaseAuthRequest {
if (StringUtils.isEmpty(avatar)) {
avatar = object.getString("figureurl_qq_1");
}
String location = String.format("%s-%s", object.getString("province"), object.getString("city"));
return AuthUser.builder()
.username(object.getString("nickname"))
.nickname(object.getString("nickname"))
.avatar(avatar)
.location(object.getString("province") + "-" + object.getString("city"))
.location(location)
.uuid(openId)
.gender(AuthUserGender.getRealGender(object.getString("gender")))
.token(authToken)
@@ -71,8 +74,19 @@ public class AuthQqRequest extends BaseAuthRequest {
.build();
}
private String getOpenId(String accessToken) {
HttpResponse response = HttpRequest.get(UrlBuilder.getQqOpenidUrl("https://graph.qq.com/oauth2.0/me", accessToken))
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getQqAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
private String getOpenId(AuthToken authToken) {
String accessToken = authToken.getAccessToken();
HttpResponse response = HttpRequest.get(UrlBuilder.getQqOpenidUrl("https://graph.qq.com/oauth2.0/me", accessToken, config.isUnionId()))
.execute();
if (response.isOk()) {
String body = response.body();
@@ -80,11 +94,16 @@ public class AuthQqRequest extends BaseAuthRequest {
String removeSuffix = StrUtil.replace(removePrefix, ");", "");
String openId = StrUtil.trim(removeSuffix);
JSONObject object = JSONObject.parseObject(openId);
if (object.containsKey("openid")) {
return object.getString("openid");
if (object.containsKey("error")) {
throw new AuthException(object.get("error") + ":" + object.get("error_description"));
}
throw new AuthException("Invalid openId");
authToken.setOpenId(object.getString("openid"));
if (object.containsKey("unionid")) {
authToken.setUnionId(object.getString("unionid"));
}
return StringUtils.isEmpty(authToken.getUnionId()) ? authToken.getOpenId() : authToken.getUnionId();
}
throw new AuthException("Invalid openId");
throw new AuthException("request error");
}
}
src/main/java/me/zhyd/oauth/request/AuthRequest.java
+3 -2
View File
@@ -1,6 +1,7 @@
package me.zhyd.oauth.request;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthToken;
@@ -23,10 +24,10 @@ public interface AuthRequest {
/**
* 第三方登录
*
* @param code 通过authorize换回的code
* @param authCallback 用于接收回调参数的实体
* @return 返回登录成功后的用户信息
*/
default AuthResponse login(String code) {
default AuthResponse login(AuthCallback authCallback) {
throw new AuthException(ResponseStatus.NOT_IMPLEMENTED);
}
src/main/java/me/zhyd/oauth/request/AuthTaobaoRequest.java
+26 -16
View File
@@ -4,8 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -26,29 +27,28 @@ public class AuthTaobaoRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
return AuthToken.builder()
.accessCode(code)
.build();
protected AuthToken getAccessToken(AuthCallback authCallback) {
return AuthToken.builder().accessCode(authCallback.getCode()).build();
}
@Override
protected AuthUser getUserInfo(AuthToken authToken) {
String accessCode = authToken.getAccessCode();
HttpResponse response = HttpRequest.post(UrlBuilder.getTaobaoAccessTokenUrl(this.config.getClientId(), this.config.getClientSecret(), accessCode, this.config.getRedirectUri())).execute();
JSONObject object = JSONObject.parseObject(response.body());
if (object.containsKey("error")) {
throw new AuthException(ResponseStatus.FAILURE + ":" + object.getString("error_description"));
HttpResponse response = HttpRequest.post(UrlBuilder.getTaobaoAccessTokenUrl(this.config.getClientId(), this.config
.getClientSecret(), accessCode, this.config.getRedirectUri())).execute();
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (accessTokenObject.containsKey("error")) {
throw new AuthException(ResponseStatus.FAILURE + ":" + accessTokenObject.getString("error_description"));
}
authToken.setAccessToken(object.getString("access_token"));
authToken.setRefreshToken(object.getString("refresh_token"));
authToken.setExpireIn(object.getIntValue("expires_in"));
authToken.setUid(object.getString("taobao_user_id"));
authToken.setOpenId(object.getString("taobao_open_uid"));
authToken.setAccessToken(accessTokenObject.getString("access_token"));
authToken.setRefreshToken(accessTokenObject.getString("refresh_token"));
authToken.setExpireIn(accessTokenObject.getIntValue("expires_in"));
authToken.setUid(accessTokenObject.getString("taobao_user_id"));
authToken.setOpenId(accessTokenObject.getString("taobao_open_uid"));
String nick = GlobalAuthUtil.urlDecode(object.getString("taobao_user_nick"));
String nick = GlobalAuthUtil.urlDecode(accessTokenObject.getString("taobao_user_nick"));
return AuthUser.builder()
.uuid(object.getString("taobao_user_id"))
.uuid(accessTokenObject.getString("taobao_user_id"))
.username(nick)
.nickname(nick)
.gender(AuthUserGender.UNKNOW)
@@ -56,4 +56,14 @@ public class AuthTaobaoRequest extends BaseAuthRequest {
.source(AuthSource.TAOBAO)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getTaobaoAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthTencentCloudRequest.java
+20 -7
View File
@@ -4,8 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -25,15 +26,17 @@ public class AuthTencentCloudRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getTencentCloudAccessTokenUrl(config.getClientId(), config.getClientSecret(), code);
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getTencentCloudAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
JSONObject object = JSONObject.parseObject(response.body());
if (object.getIntValue("code") != 0) {
throw new AuthException("Unable to get token from tencent cloud using code [" + code + "]: " + object.get("msg"));
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (accessTokenObject.getIntValue("code") != 0) {
throw new AuthException("Unable to get token from tencent cloud using code [" + authCallback.getCode() + "]: " + accessTokenObject.get("msg"));
}
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.build();
}
@@ -61,4 +64,14 @@ public class AuthTencentCloudRequest extends BaseAuthRequest {
.source(AuthSource.TENCENT_CLOUD)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getTencentCloudAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java
+20 -8
View File
@@ -4,6 +4,8 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.enums.AuthToutiaoErrorCode;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -22,19 +24,19 @@ public class AuthToutiaoRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getToutiaoAccessTokenUrl(config.getClientId(), config.getClientSecret(), code);
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getToutiaoAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
JSONObject object = JSONObject.parseObject(response.body());
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
if (object.containsKey("error_code")) {
throw new AuthException(AuthToutiaoErrorCode.getErrorCode(object.getIntValue("error_code")).getDesc());
if (accessTokenObject.containsKey("error_code")) {
throw new AuthException(AuthToutiaoErrorCode.getErrorCode(accessTokenObject.getIntValue("error_code")).getDesc());
}
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.expireIn(object.getIntValue("expires_in"))
.openId(object.getString("open_id"))
.accessToken(accessTokenObject.getString("access_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.openId(accessTokenObject.getString("open_id"))
.build();
}
@@ -64,4 +66,14 @@ public class AuthToutiaoRequest extends BaseAuthRequest {
.source(AuthSource.TOUTIAO)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getToutiaoAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java
+23 -10
View File
@@ -4,6 +4,7 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.*;
import me.zhyd.oauth.utils.UrlBuilder;
@@ -23,12 +24,12 @@ public class AuthWeChatRequest extends BaseAuthRequest {
/**
* 微信的特殊性,此时返回的信息同时包含 openid 和 access_token
*
* @param code 授权码
* @param authCallback 回调返回的参数
* @return 所有信息
*/
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getWeChatAccessTokenUrl(config.getClientId(), config.getClientSecret(), code);
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getWeChatAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
return this.getToken(accessTokenUrl);
}
@@ -42,11 +43,12 @@ public class AuthWeChatRequest extends BaseAuthRequest {
this.checkResponse(object);
String location = String.format("%s-%s-%s", object.getString("country"), object.getString("province"), object.getString("city"));
return AuthUser.builder()
.username(object.getString("nickname"))
.nickname(object.getString("nickname"))
.avatar(object.getString("headimgurl"))
.location(object.getString("country") + "-" + object.getString("province") + "-" + object.getString("city"))
.location(location)
.uuid(openId)
.gender(AuthUserGender.getRealGender(object.getString("sex")))
.token(authToken)
@@ -54,6 +56,16 @@ public class AuthWeChatRequest extends BaseAuthRequest {
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getWeChatAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
@Override
public AuthResponse refresh(AuthToken oldToken) {
String refreshTokenUrl = UrlBuilder.getWeChatRefreshUrl(config.getClientId(), oldToken.getRefreshToken());
@@ -73,6 +85,7 @@ public class AuthWeChatRequest extends BaseAuthRequest {
throw new AuthException(object.getIntValue("errcode"), object.getString("errmsg"));
}
}
/**
* 获取token,适用于获取access_token和刷新token
*
@@ -81,15 +94,15 @@ public class AuthWeChatRequest extends BaseAuthRequest {
*/
private AuthToken getToken(String accessTokenUrl) {
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
JSONObject object = JSONObject.parseObject(response.body());
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
this.checkResponse(object);
this.checkResponse(accessTokenObject);
return AuthToken.builder()
.accessToken(object.getString("access_token"))
.refreshToken(object.getString("refresh_token"))
.expireIn(object.getIntValue("expires_in"))
.openId(object.getString("openid"))
.accessToken(accessTokenObject.getString("access_token"))
.refreshToken(accessTokenObject.getString("refresh_token"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.openId(accessTokenObject.getString("openid"))
.build();
}
}
src/main/java/me/zhyd/oauth/request/AuthWeiboRequest.java
+20 -6
View File
@@ -4,8 +4,9 @@ import cn.hutool.http.HttpRequest;
import cn.hutool.http.HttpResponse;
import com.alibaba.fastjson.JSONObject;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.model.AuthUserGender;
@@ -28,18 +29,20 @@ public class AuthWeiboRequest extends BaseAuthRequest {
}
@Override
protected AuthToken getAccessToken(String code) {
String accessTokenUrl = UrlBuilder.getWeiboAccessTokenUrl(config.getClientId(), config.getClientSecret(), code, config.getRedirectUri());
protected AuthToken getAccessToken(AuthCallback authCallback) {
String accessTokenUrl = UrlBuilder.getWeiboAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config
.getRedirectUri());
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
String accessTokenStr = response.body();
JSONObject accessTokenObject = JSONObject.parseObject(accessTokenStr);
if (accessTokenObject.containsKey("error")) {
throw new AuthException("Unable to get token from weibo using code [" + code + "]:" + accessTokenObject.getString("error_description"));
throw new AuthException("Unable to get token from weibo using code [" + authCallback.getCode() + "]:" + accessTokenObject.getString("error_description"));
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("access_token"))
.uid(accessTokenObject.getString("uid"))
.expireIn(accessTokenObject.getIntValue("remind_in"))
.openId(accessTokenObject.getString("uid"))
.expireIn(accessTokenObject.getIntValue("expires_in"))
.build();
}
@@ -61,7 +64,8 @@ public class AuthWeiboRequest extends BaseAuthRequest {
.uuid(object.getString("id"))
.username(object.getString("name"))
.avatar(object.getString("profile_image_url"))
.blog(StringUtils.isEmpty(object.getString("url")) ? "https://weibo.com/" + object.getString("profile_url") : object.getString("url"))
.blog(StringUtils.isEmpty(object.getString("url")) ? "https://weibo.com/" + object.getString("profile_url") : object
.getString("url"))
.nickname(object.getString("screen_name"))
.location(object.getString("location"))
.remark(object.getString("description"))
@@ -70,4 +74,14 @@ public class AuthWeiboRequest extends BaseAuthRequest {
.source(AuthSource.WEIBO)
.build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return UrlBuilder.getWeiboAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
}
}
src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java
+18 -10
View File
@@ -1,14 +1,14 @@
package me.zhyd.oauth.request;
import lombok.Data;
import me.zhyd.oauth.authorization.AuthorizationFactory;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthSource;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.utils.AuthConfigChecker;
import me.zhyd.oauth.utils.AuthChecker;
/**
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
@@ -23,19 +23,24 @@ public abstract class BaseAuthRequest implements AuthRequest {
public BaseAuthRequest(AuthConfig config, AuthSource source) {
this.config = config;
this.source = source;
if (!AuthConfigChecker.isSupportedAuth(config)) {
if (!AuthChecker.isSupportedAuth(config, source)) {
throw new AuthException(ResponseStatus.PARAMETER_INCOMPLETE);
}
// 校验配置合法性
AuthChecker.checkConfig(config, source);
}
protected abstract AuthToken getAccessToken(String code);
protected abstract AuthToken getAccessToken(AuthCallback authCallback);
protected abstract AuthUser getUserInfo(AuthToken authToken);
@Override
public AuthResponse login(String code) {
public AuthResponse login(AuthCallback authCallback) {
try {
AuthToken authToken = this.getAccessToken(code);
AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode());
AuthChecker.checkState(authCallback.getState(), config.getState());
AuthToken authToken = this.getAccessToken(authCallback);
AuthUser user = this.getUserInfo(authToken);
return AuthResponse.builder().code(ResponseStatus.SUCCESS.getCode()).data(user).build();
} catch (Exception e) {
@@ -51,8 +56,11 @@ public abstract class BaseAuthRequest implements AuthRequest {
return AuthResponse.builder().code(errorCode).msg(e.getMessage()).build();
}
/**
* 返回认证url,可自行跳转页面
*
* @return 返回授权地址
*/
@Override
public String authorize() {
return AuthorizationFactory.getAuthorize(source).getAuthorizeUrl(config);
}
public abstract String authorize();
}
src/main/java/me/zhyd/oauth/request/ResponseStatus.java
+3
View File
@@ -13,6 +13,9 @@ public enum ResponseStatus {
UNSUPPORTED(5003, "Unsupported operation"),
NO_AUTH_SOURCE(5004, "AuthSource cannot be null"),
UNIDENTIFIED_PLATFORM(5005, "Unidentified platform"),
ILLEGAL_REDIRECT_URI(5006, "Illegal redirect uri"),
ILLEGAL_REQUEST(5007, "Illegal request"),
ILLEGAL_CODE(5008, "Illegal code"),
;
private int code;
src/main/java/me/zhyd/oauth/utils/AuthChecker.java
+84
View File
@@ -0,0 +1,84 @@
package me.zhyd.oauth.utils;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthSource;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.request.ResponseStatus;
/**
* 授权配置类的校验器
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class AuthChecker {
/**
* 是否支持第三方登录
*
* @param config config
* @param source source
* @return true or false
*/
public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
if (isSupported && AuthSource.ALIPAY == source) {
isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
}
return isSupported;
}
/**
* 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://,而对于facebook平台, redirect uri 必须是https的链接
*
* @param config config
* @param source source
*/
public static void checkConfig(AuthConfig config, AuthSource source) {
String redirectUri = config.getRedirectUri();
if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
}
// facebook的回调地址必须为https的链接
if (AuthSource.FACEBOOK == source && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) {
throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
}
// 支付宝在创建回调地址时,不允许使用localhost或者127.0.0.1
if (AuthSource.ALIPAY == source && GlobalAuthUtil.isLocalHost(redirectUri)) {
throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI);
}
}
/**
* 校验回调传回的code
*
* @param code 回调时传回的code
*/
public static void checkCode(String code) {
if (StringUtils.isEmpty(code)) {
throw new AuthException(ResponseStatus.ILLEGAL_CODE);
}
}
/**
* 校验state的合法性防止被CSRF
*
* @param newState 新的state,一般为回调时传回的state(可能被篡改)
* @param originalState 原始的state,发起授权时向第三方平台传递的state
*/
public static void checkState(String newState, String originalState) {
// 如果原始state为空,表示当前平台未使用state
if (StringUtils.isEmpty(originalState)) {
return;
}
// 如果授权之前使用了state,但是回调时未返回state,则表示当前请求为非法的请求,可能正在被CSRF攻击
if (StringUtils.isEmpty(newState)) {
throw new AuthException(ResponseStatus.ILLEGAL_REQUEST);
}
// 如果授权前后的state不一致,则表示当前请求为非法的请求,新的state可能为伪造
if (!newState.equals(originalState)) {
throw new AuthException(ResponseStatus.ILLEGAL_REQUEST);
}
}
}
src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java
-23
View File
@@ -1,23 +0,0 @@
package me.zhyd.oauth.utils;
import me.zhyd.oauth.config.AuthConfig;
/**
* 授权配置类的校验器
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
public class AuthConfigChecker {
/**
* 是否支持第三方登录
*
* @param config config
* @return true or false
*/
public static boolean isSupportedAuth(AuthConfig config) {
return StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
}
}
src/main/java/me/zhyd/oauth/utils/AuthState.java
+165
View File
@@ -0,0 +1,165 @@
package me.zhyd.oauth.utils;
import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.RandomUtil;
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.request.ResponseStatus;
import java.nio.charset.Charset;
import java.util.concurrent.ConcurrentHashMap;
/**
* state工具,负责创建、获取和删除state
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0
* @since 1.8
*/
@Slf4j
public class AuthState {
/**
* 空字符串
*/
private static final String EMPTY_STR = "";
/**
* state存储器
*/
private static ConcurrentHashMap<String, String> stateBucket = new ConcurrentHashMap<>();
/**
* 生成随机的state
*
* @param source oauth平台
* @return state
*/
public static String create(String source) {
return create(source, RandomUtil.randomString(4));
}
/**
* 创建state
*
* @param source oauth平台
* @param body 希望加密到state的消息体
* @return state
*/
public static String create(String source, Object body) {
return create(source, JSON.toJSONString(body));
}
/**
* 创建state
*
* @param source oauth平台
* @param body 希望加密到state的消息体
* @return state
*/
public static String create(String source, String body) {
String currentIp = getCurrentIp();
String simpleKey = ((source + currentIp));
String key = Base64.encode(simpleKey.getBytes(Charset.forName("UTF-8")));
log.debug("Create the state: ip={}, platform={}, simpleKey={}, key={}, body={}", currentIp, source, simpleKey, key, body);
if (stateBucket.containsKey(key)) {
log.debug("Get from bucket: {}", stateBucket.get(key));
return stateBucket.get(key);
}
String simpleState = source + "_" + currentIp + "_" + body;
String state = Base64.encode(simpleState.getBytes(Charset.forName("UTF-8")));
log.debug("Create a new state: {}", state, simpleState);
stateBucket.put(key, state);
return state;
}
/**
* 获取state
*
* @param source oauth平台
* @return state
*/
public static String get(String source) {
String currentIp = getCurrentIp();
String simpleKey = ((source + currentIp));
String key = Base64.encode(simpleKey.getBytes(Charset.forName("UTF-8")));
log.debug("Get state by the key[{}], current ip[{}]", key, currentIp);
return stateBucket.get(key);
}
/**
* 获取state中保存的body内容
*
* @param source oauth平台
* @param state 加密后的state
* @param clazz body的实际类型
* @param <T> 需要转换的具体的class类型
* @return state
*/
public static <T> T getBody(String source, String state, Class<T> clazz) {
if (StringUtils.isEmpty(state) || null == clazz) {
return null;
}
log.debug("Get body from the state[{}] of the {} and convert it to {}", state, source, clazz.toString());
String currentIp = getCurrentIp();
String decodedState = Base64.decodeStr(state);
log.debug("The decoded state is [{}]", decodedState);
if (!decodedState.startsWith(source)) {
return null;
}
String noneSourceState = decodedState.substring(source.length() + 1);
if (!noneSourceState.startsWith(currentIp)) {
// ip不相同,可能为非法的请求
throw new AuthException(ResponseStatus.ILLEGAL_REQUEST);
}
String body = noneSourceState.substring(currentIp.length() + 1);
log.debug("body is [{}]", body);
if (clazz == String.class) {
return (T) body;
}
if (clazz == Integer.class) {
return (T) Integer.valueOf(Integer.parseInt(body));
}
if (clazz == Long.class) {
return (T) Long.valueOf(Long.parseLong(body));
}
if (clazz == Short.class) {
return (T) Short.valueOf(Short.parseShort(body));
}
if (clazz == Double.class) {
return (T) Double.valueOf(Double.parseDouble(body));
}
if (clazz == Float.class) {
return (T) Float.valueOf(Float.parseFloat(body));
}
if (clazz == Boolean.class) {
return (T) Boolean.valueOf(Boolean.parseBoolean(body));
}
if (clazz == Byte.class) {
return (T) Byte.valueOf(Byte.parseByte(body));
}
return JSON.parseObject(body, clazz);
}
/**
* 登录成功后,清除state
*
* @param source oauth平台
*/
public static void delete(String source) {
String currentIp = getCurrentIp();
String simpleKey = ((source + currentIp));
String key = Base64.encode(simpleKey.getBytes(Charset.forName("UTF-8")));
log.debug("Delete used state[{}] by the key[{}], current ip[{}]", stateBucket.get(key), key, currentIp);
stateBucket.remove(key);
}
private static String getCurrentIp() {
String currentIp = IpUtils.getIp();
return StringUtils.isEmpty(currentIp) ? EMPTY_STR : currentIp;
}
}
src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java
+28 -12
View File
@@ -8,6 +8,8 @@ import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
@@ -22,16 +24,12 @@ import java.util.Map;
* @since 1.8
*/
public class GlobalAuthUtil {
private static final String DEFAULT_ENCODING = "UTF-8";
private static final Charset DEFAULT_ENCODING = StandardCharsets.UTF_8;
private static final String ALGORITHM = "HmacSHA256";
public static String generateDingTalkSignature(String canonicalString, String secret) {
try {
byte[] signData = sign(canonicalString.getBytes(DEFAULT_ENCODING), secret.getBytes(DEFAULT_ENCODING));
return urlEncode(new String(Base64.encode(signData, false)));
} catch (UnsupportedEncodingException ex) {
throw new AuthException("Unsupported algorithm: " + DEFAULT_ENCODING, ex);
}
public static String generateDingTalkSignature(String secretKey, String timestamp) {
byte[] signData = sign(secretKey.getBytes(DEFAULT_ENCODING), timestamp.getBytes(DEFAULT_ENCODING));
return urlEncode(new String(Base64.encode(signData, false)));
}
private static byte[] sign(byte[] key, byte[] data) {
@@ -52,9 +50,8 @@ public class GlobalAuthUtil {
}
try {
String encoded = URLEncoder.encode(value, GlobalAuthUtil.DEFAULT_ENCODING);
return encoded.replace("+", "%20").replace("*", "%2A")
.replace("~", "%7E").replace("/", "%2F");
String encoded = URLEncoder.encode(value, GlobalAuthUtil.DEFAULT_ENCODING.displayName());
return encoded.replace("+", "%20").replace("*", "%2A").replace("~", "%7E").replace("/", "%2F");
} catch (UnsupportedEncodingException e) {
throw new AuthException("Failed To Encode Uri", e);
}
@@ -65,7 +62,7 @@ public class GlobalAuthUtil {
return "";
}
try {
return URLDecoder.decode(value, GlobalAuthUtil.DEFAULT_ENCODING);
return URLDecoder.decode(value, GlobalAuthUtil.DEFAULT_ENCODING.displayName());
} catch (UnsupportedEncodingException e) {
throw new AuthException("Failed To Decode Uri", e);
}
@@ -84,4 +81,23 @@ public class GlobalAuthUtil {
}
return res;
}
public static boolean isHttpProtocol(String url) {
if (StringUtils.isEmpty(url)) {
return false;
}
return url.startsWith("http://");
}
public static boolean isHttpsProtocol(String url) {
if (StringUtils.isEmpty(url)) {
return false;
}
return url.startsWith("https://");
}
public static boolean isLocalHost(String url) {
return StringUtils.isEmpty(url) || url.contains("127.0.0.1") || url.contains("localhost");
}
}
src/main/java/me/zhyd/oauth/utils/UrlBuilder.java
+130 -103
View File
@@ -1,6 +1,6 @@
package me.zhyd.oauth.utils;
import me.zhyd.oauth.consts.ApiUrl;
import me.zhyd.oauth.config.AuthSource;
import java.text.MessageFormat;
@@ -15,7 +15,7 @@ public class UrlBuilder {
private static final String GITHUB_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&code={3}&redirect_uri={4}";
private static final String GITHUB_USER_INFO_PATTERN = "{0}?access_token={1}";
private static final String GITHUB_AUTHORIZE_PATTERN = "{0}?client_id={1}&state=1&redirect_uri={2}";
private static final String GITHUB_AUTHORIZE_PATTERN = "{0}?client_id={1}&redirect_uri={2}&state={3}";
private static final String GOOGLE_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&scope=openid%20email%20profile&redirect_uri={2}&state={3}";
private static final String GOOGLE_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&code={3}&redirect_uri={4}&grant_type=authorization_code";
@@ -23,42 +23,42 @@ public class UrlBuilder {
private static final String WEIBO_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
private static final String WEIBO_USER_INFO_PATTERN = "{0}?{1}";
private static final String WEIBO_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}";
private static final String WEIBO_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
private static final String GITEE_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
private static final String GITEE_USER_INFO_PATTERN = "{0}?access_token={1}";
private static final String GITEE_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}";
private static final String GITEE_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
private static final String DING_TALK_QRCONNECT_PATTERN = "{0}?appid={1}&response_type=code&scope=snsapi_login&state=STATE&redirect_uri={2}";
private static final String DING_TALK_QRCONNECT_PATTERN = "{0}?appid={1}&response_type=code&scope=snsapi_login&redirect_uri={2}&state={3}";
private static final String DING_TALK_USER_INFO_PATTERN = "{0}?signature={1}&timestamp={2}&accessKey={3}";
private static final String BAIDU_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
private static final String BAIDU_USER_INFO_PATTERN = "{0}?access_token={1}";
private static final String BAIDU_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&display=popup";
private static final String BAIDU_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&display=popup&state={3}";
private static final String BAIDU_REVOKE_PATTERN = "{0}?access_token={1}";
private static final String CSDN_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
private static final String CSDN_USER_INFO_PATTERN = "{0}?access_token={1}";
private static final String CSDN_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}";
private static final String CSDN_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
private static final String CODING_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}";
private static final String CODING_USER_INFO_PATTERN = "{0}?access_token={1}";
private static final String CODING_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user";
private static final String CODING_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user&state={3}";
private static final String TENCENT_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}";
private static final String TENCENT_USER_INFO_PATTERN = "{0}?access_token={1}";
private static final String TENCENT_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user";
private static final String TENCENT_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user&state={3}";
private static final String OSCHINA_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}&dataType=json";
private static final String OSCHINA_USER_INFO_PATTERN = "{0}?access_token={1}&dataType=json";
private static final String OSCHINA_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}";
private static final String OSCHINA_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
private static final String ALIPAY_AUTHORIZE_PATTERN = "{0}?app_id={1}&scope=auth_user&redirect_uri={2}&state=init";
private static final String ALIPAY_AUTHORIZE_PATTERN = "{0}?app_id={1}&scope=auth_user&redirect_uri={2}&state={3}";
private static final String QQ_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
private static final String QQ_USER_INFO_PATTERN = "{0}?oauth_consumer_key={1}&access_token={2}&openid={3}";
private static final String QQ_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
private static final String QQ_OPENID_PATTERN = "{0}?access_token={1}";
private static final String QQ_OPENID_PATTERN = "{0}?access_token={1}&unionid={2}";
private static final String WECHAT_AUTHORIZE_PATTERN = "{0}?appid={1}&redirect_uri={2}&response_type=code&scope=snsapi_login&state={3}#wechat_redirect";
private static final String WECHAT_ACCESS_TOKEN_PATTERN = "{0}?appid={1}&secret={2}&code={3}&grant_type=authorization_code";
@@ -73,7 +73,7 @@ public class UrlBuilder {
private static final String FACEBOOK_USER_INFO_PATTERN = "{0}?access_token={1}&fields=id,name,birthday,gender,hometown,email,devices,picture.width(400)";
private static final String DOUYIN_AUTHORIZE_PATTERN = "{0}?client_key={1}&redirect_uri={2}&state={3}&response_type=code&scope=user_info";
private static final String DOUYIN_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&code={3}&grant_type=authorization_code";
private static final String DOUYIN_ACCESS_TOKEN_PATTERN = "{0}?client_key={1}&client_secret={2}&code={3}&grant_type=authorization_code";
private static final String DOUYIN_USER_INFO_PATTERN = "{0}?access_token={1}&open_id={2}";
private static final String DOUYIN_REFRESH_TOKEN_PATTERN = "{0}?client_key={1}&refresh_token={2}&grant_type=refresh_token";
@@ -87,7 +87,7 @@ public class UrlBuilder {
private static final String MICROSOFT_USER_INFO_PATTERN = "{0}";
private static final String MICROSOFT_REFRESH_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&scope=user.read%20mail.read&redirect_uri={3}&refresh_token={4}&grant_type=refresh_token";
private static final String MI_AUTHORIZE_PATTERN = "{0}?client_id={1}&redirect_uri={2}&response_type=code&scope=user/profile%20user/openIdV2%20user/phoneAndEmail&state={3}&skip_confirm=false";
private static final String MI_AUTHORIZE_PATTERN = "{0}?client_id={1}&redirect_uri={2}&response_type=code&scope=1%203%204%206&state={3}&skip_confirm=false";
private static final String MI_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&redirect_uri={3}&code={4}&grant_type=authorization_code";
private static final String MI_USER_INFO_PATTERN = "{0}?clientId={1}&token={2}";
private static final String MI_REFRESH_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&redirect_uri={3}&refresh_token={4}&grant_type=refresh_token";
@@ -96,6 +96,15 @@ public class UrlBuilder {
private static final String TOUTIAO_USER_INFO_PATTERN = "{0}?client_key={1}&access_token={2}";
private static final String TOUTIAO_AUTHORIZE_PATTERN = "{0}?client_key={1}&redirect_uri={2}&state={3}&response_type=code&auth_only=1&display=0";
/**
* 获取state,如果为空, 则默认去当前日期的时间戳
*
* @param state state
*/
private static Object getState(String state) {
return StringUtils.isEmpty(state) ? String.valueOf(System.currentTimeMillis()) : state;
}
/**
* 获取githubtoken的接口地址
*
@@ -106,7 +115,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getGithubAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(GITHUB_ACCESS_TOKEN_PATTERN, ApiUrl.GITHUB.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(GITHUB_ACCESS_TOKEN_PATTERN, AuthSource.GITHUB.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -116,7 +125,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getGithubUserInfoUrl(String token) {
return MessageFormat.format(GITHUB_USER_INFO_PATTERN, ApiUrl.GITHUB.userInfo(), token);
return MessageFormat.format(GITHUB_USER_INFO_PATTERN, AuthSource.GITHUB.userInfo(), token);
}
/**
@@ -124,10 +133,11 @@ public class UrlBuilder {
*
* @param clientId github 应用的Client ID
* @param redirectUrl github 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getGithubAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(GITHUB_AUTHORIZE_PATTERN, ApiUrl.GITHUB.authorize(), clientId, redirectUrl);
public static String getGithubAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(GITHUB_AUTHORIZE_PATTERN, AuthSource.GITHUB.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -140,7 +150,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getWeiboAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(WEIBO_ACCESS_TOKEN_PATTERN, ApiUrl.WEIBO.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(WEIBO_ACCESS_TOKEN_PATTERN, AuthSource.WEIBO.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -150,7 +160,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getWeiboUserInfoUrl(String token) {
return MessageFormat.format(WEIBO_USER_INFO_PATTERN, ApiUrl.WEIBO.userInfo(), token);
return MessageFormat.format(WEIBO_USER_INFO_PATTERN, AuthSource.WEIBO.userInfo(), token);
}
/**
@@ -158,10 +168,11 @@ public class UrlBuilder {
*
* @param clientId weibo 应用的Client ID
* @param redirectUrl weibo 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getWeiboAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(WEIBO_AUTHORIZE_PATTERN, ApiUrl.WEIBO.authorize(), clientId, redirectUrl);
public static String getWeiboAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(WEIBO_AUTHORIZE_PATTERN, AuthSource.WEIBO.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -174,7 +185,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getGiteeAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(GITEE_ACCESS_TOKEN_PATTERN, ApiUrl.GITEE.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(GITEE_ACCESS_TOKEN_PATTERN, AuthSource.GITEE.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -184,7 +195,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getGiteeUserInfoUrl(String token) {
return MessageFormat.format(GITEE_USER_INFO_PATTERN, ApiUrl.GITEE.userInfo(), token);
return MessageFormat.format(GITEE_USER_INFO_PATTERN, AuthSource.GITEE.userInfo(), token);
}
/**
@@ -192,10 +203,11 @@ public class UrlBuilder {
*
* @param clientId gitee 应用的Client ID
* @param redirectUrl gitee 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return json
*/
public static String getGiteeAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(GITEE_AUTHORIZE_PATTERN, ApiUrl.GITEE.authorize(), clientId, redirectUrl);
public static String getGiteeAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(GITEE_AUTHORIZE_PATTERN, AuthSource.GITEE.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -203,10 +215,11 @@ public class UrlBuilder {
*
* @param clientId 钉钉 应用的App Id
* @param redirectUrl 钉钉 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getDingTalkQrConnectUrl(String clientId, String redirectUrl) {
return MessageFormat.format(DING_TALK_QRCONNECT_PATTERN, ApiUrl.DINGTALK.authorize(), clientId, redirectUrl);
public static String getDingTalkQrConnectUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(DING_TALK_QRCONNECT_PATTERN, AuthSource.DINGTALK.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -218,7 +231,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getDingTalkUserInfoUrl(String signature, String timestamp, String accessKey) {
return MessageFormat.format(DING_TALK_USER_INFO_PATTERN, ApiUrl.DINGTALK.userInfo(), signature, timestamp, accessKey);
return MessageFormat.format(DING_TALK_USER_INFO_PATTERN, AuthSource.DINGTALK.userInfo(), signature, timestamp, accessKey);
}
/**
@@ -231,7 +244,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getBaiduAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(BAIDU_ACCESS_TOKEN_PATTERN, ApiUrl.BAIDU.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(BAIDU_ACCESS_TOKEN_PATTERN, AuthSource.BAIDU.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -241,7 +254,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getBaiduUserInfoUrl(String token) {
return MessageFormat.format(BAIDU_USER_INFO_PATTERN, ApiUrl.BAIDU.userInfo(), token);
return MessageFormat.format(BAIDU_USER_INFO_PATTERN, AuthSource.BAIDU.userInfo(), token);
}
/**
@@ -249,10 +262,11 @@ public class UrlBuilder {
*
* @param clientId baidu 应用的API Key
* @param redirectUrl baidu 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return json
*/
public static String getBaiduAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(BAIDU_AUTHORIZE_PATTERN, ApiUrl.BAIDU.authorize(), clientId, redirectUrl);
public static String getBaiduAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(BAIDU_AUTHORIZE_PATTERN, AuthSource.BAIDU.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -262,7 +276,7 @@ public class UrlBuilder {
* @return json
*/
public static String getBaiduRevokeUrl(String accessToken) {
return MessageFormat.format(BAIDU_REVOKE_PATTERN, ApiUrl.BAIDU.revoke(), accessToken);
return MessageFormat.format(BAIDU_REVOKE_PATTERN, AuthSource.BAIDU.revoke(), accessToken);
}
/**
@@ -275,7 +289,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getCsdnAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(CSDN_ACCESS_TOKEN_PATTERN, ApiUrl.CSDN.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(CSDN_ACCESS_TOKEN_PATTERN, AuthSource.CSDN.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -285,7 +299,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getCsdnUserInfoUrl(String token) {
return MessageFormat.format(CSDN_USER_INFO_PATTERN, ApiUrl.CSDN.userInfo(), token);
return MessageFormat.format(CSDN_USER_INFO_PATTERN, AuthSource.CSDN.userInfo(), token);
}
/**
@@ -293,10 +307,11 @@ public class UrlBuilder {
*
* @param clientId csdn 应用的Client ID
* @param redirectUrl csdn 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getCsdnAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(CSDN_AUTHORIZE_PATTERN, ApiUrl.CSDN.authorize(), clientId, redirectUrl);
public static String getCsdnAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(CSDN_AUTHORIZE_PATTERN, AuthSource.CSDN.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -308,7 +323,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getCodingAccessTokenUrl(String clientId, String clientSecret, String code) {
return MessageFormat.format(CODING_ACCESS_TOKEN_PATTERN, ApiUrl.CODING.accessToken(), clientId, clientSecret, code);
return MessageFormat.format(CODING_ACCESS_TOKEN_PATTERN, AuthSource.CODING.accessToken(), clientId, clientSecret, code);
}
/**
@@ -318,7 +333,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getCodingUserInfoUrl(String token) {
return MessageFormat.format(CODING_USER_INFO_PATTERN, ApiUrl.CODING.userInfo(), token);
return MessageFormat.format(CODING_USER_INFO_PATTERN, AuthSource.CODING.userInfo(), token);
}
/**
@@ -326,10 +341,11 @@ public class UrlBuilder {
*
* @param clientId coding 应用的Client ID
* @param redirectUrl coding 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getCodingAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(CODING_AUTHORIZE_PATTERN, ApiUrl.CODING.authorize(), clientId, redirectUrl);
public static String getCodingAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(CODING_AUTHORIZE_PATTERN, AuthSource.CODING.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -341,7 +357,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getTencentCloudAccessTokenUrl(String clientId, String clientSecret, String code) {
return MessageFormat.format(TENCENT_ACCESS_TOKEN_PATTERN, ApiUrl.TENCENTCLOUD.accessToken(), clientId, clientSecret, code);
return MessageFormat.format(TENCENT_ACCESS_TOKEN_PATTERN, AuthSource.TENCENT_CLOUD.accessToken(), clientId, clientSecret, code);
}
/**
@@ -351,7 +367,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getTencentCloudUserInfoUrl(String token) {
return MessageFormat.format(TENCENT_USER_INFO_PATTERN, ApiUrl.TENCENTCLOUD.userInfo(), token);
return MessageFormat.format(TENCENT_USER_INFO_PATTERN, AuthSource.TENCENT_CLOUD.userInfo(), token);
}
/**
@@ -359,10 +375,11 @@ public class UrlBuilder {
*
* @param clientId coding 应用的Client ID
* @param redirectUrl coding 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getTencentCloudAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(TENCENT_AUTHORIZE_PATTERN, ApiUrl.TENCENTCLOUD.authorize(), clientId, redirectUrl);
public static String getTencentCloudAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(TENCENT_AUTHORIZE_PATTERN, AuthSource.TENCENT_CLOUD.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -375,7 +392,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getOschinaAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(OSCHINA_ACCESS_TOKEN_PATTERN, ApiUrl.OSCHINA.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(OSCHINA_ACCESS_TOKEN_PATTERN, AuthSource.OSCHINA.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -385,7 +402,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getOschinaUserInfoUrl(String token) {
return MessageFormat.format(OSCHINA_USER_INFO_PATTERN, ApiUrl.OSCHINA.userInfo(), token);
return MessageFormat.format(OSCHINA_USER_INFO_PATTERN, AuthSource.OSCHINA.userInfo(), token);
}
/**
@@ -393,10 +410,11 @@ public class UrlBuilder {
*
* @param clientId oschina 应用的Client ID
* @param redirectUrl oschina 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getOschinaAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(OSCHINA_AUTHORIZE_PATTERN, ApiUrl.OSCHINA.authorize(), clientId, redirectUrl);
public static String getOschinaAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(OSCHINA_AUTHORIZE_PATTERN, AuthSource.OSCHINA.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -409,7 +427,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getQqAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(QQ_ACCESS_TOKEN_PATTERN, ApiUrl.QQ.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(QQ_ACCESS_TOKEN_PATTERN, AuthSource.QQ.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -421,7 +439,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getQqUserInfoUrl(String clientId, String token, String openId) {
return MessageFormat.format(QQ_USER_INFO_PATTERN, ApiUrl.QQ.userInfo(), clientId, token, openId);
return MessageFormat.format(QQ_USER_INFO_PATTERN, AuthSource.QQ.userInfo(), clientId, token, openId);
}
/**
@@ -429,21 +447,23 @@ public class UrlBuilder {
*
* @param clientId qq 应用的Client ID
* @param redirectUrl qq 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getQqAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(QQ_AUTHORIZE_PATTERN, ApiUrl.QQ.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getQqAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(QQ_AUTHORIZE_PATTERN, AuthSource.QQ.authorize(), clientId, redirectUrl, getState(state));
}
/**
* 获取qq授权地址
*
* @param url 获取qqopenid的api接口地址
* @param token qq 应用授权的token
* @param url 获取qqopenid的api接口地址
* @param token qq 应用授权的token
* @param unionid 是否需要获取unionid,默认为false。注:获取unionid需要单独发送邮件申请权限,请个人视情况而定。参考链接:http://wiki.connect.qq.com/unionid%E4%BB%8B%E7%BB%8D
* @return full url
*/
public static String getQqOpenidUrl(String url, String token) {
return MessageFormat.format(QQ_OPENID_PATTERN, url, token);
public static String getQqOpenidUrl(String url, String token, boolean unionid) {
return MessageFormat.format(QQ_OPENID_PATTERN, url, token, unionid ? 1 : 0);
}
/**
@@ -451,10 +471,11 @@ public class UrlBuilder {
*
* @param clientId alipay 应用的Client ID
* @param redirectUrl alipay 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getAlipayAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(ALIPAY_AUTHORIZE_PATTERN, ApiUrl.ALIPAY.authorize(), clientId, redirectUrl);
public static String getAlipayAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(ALIPAY_AUTHORIZE_PATTERN, AuthSource.ALIPAY.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -462,10 +483,11 @@ public class UrlBuilder {
*
* @param clientId 微信 应用的appid
* @param redirectUrl 微信 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getWeChatAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(WECHAT_AUTHORIZE_PATTERN, ApiUrl.WECHAT.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getWeChatAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(WECHAT_AUTHORIZE_PATTERN, AuthSource.WECHAT.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -477,7 +499,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getWeChatAccessTokenUrl(String clientId, String clientSecret, String code) {
return MessageFormat.format(WECHAT_ACCESS_TOKEN_PATTERN, ApiUrl.WECHAT.accessToken(), clientId, clientSecret, code);
return MessageFormat.format(WECHAT_ACCESS_TOKEN_PATTERN, AuthSource.WECHAT.accessToken(), clientId, clientSecret, code);
}
/**
@@ -488,7 +510,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getWeChatUserInfoUrl(String token, String openId) {
return MessageFormat.format(WECHAT_USER_INFO_PATTERN, ApiUrl.WECHAT.userInfo(), token, openId);
return MessageFormat.format(WECHAT_USER_INFO_PATTERN, AuthSource.WECHAT.userInfo(), token, openId);
}
/**
@@ -499,7 +521,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getWeChatRefreshUrl(String clientId, String refreshToken) {
return MessageFormat.format(WECHAT_REFRESH_TOKEN_PATTERN, ApiUrl.WECHAT.refresh(), clientId, refreshToken);
return MessageFormat.format(WECHAT_REFRESH_TOKEN_PATTERN, AuthSource.WECHAT.refresh(), clientId, refreshToken);
}
/**
@@ -512,7 +534,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getTaobaoAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(TAOBAO_ACCESS_TOKEN_PATTERN, ApiUrl.TAOBAO.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(TAOBAO_ACCESS_TOKEN_PATTERN, AuthSource.TAOBAO.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -520,10 +542,11 @@ public class UrlBuilder {
*
* @param clientId Taobao 应用的Client ID
* @param redirectUrl Taobao 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getTaobaoAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(TAOBAO_AUTHORIZE_PATTERN, ApiUrl.TAOBAO.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getTaobaoAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(TAOBAO_AUTHORIZE_PATTERN, AuthSource.TAOBAO.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -531,10 +554,11 @@ public class UrlBuilder {
*
* @param clientId google 应用的Client ID
* @param redirectUrl google 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getGoogleAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(GOOGLE_AUTHORIZE_PATTERN, ApiUrl.GOOGLE.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getGoogleAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(GOOGLE_AUTHORIZE_PATTERN, AuthSource.GOOGLE.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -547,7 +571,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getGoogleAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(GOOGLE_ACCESS_TOKEN_PATTERN, ApiUrl.GOOGLE.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(GOOGLE_ACCESS_TOKEN_PATTERN, AuthSource.GOOGLE.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -557,7 +581,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getGoogleUserInfoUrl(String token) {
return MessageFormat.format(GOOGLE_USER_INFO_PATTERN, ApiUrl.GOOGLE.userInfo(), token);
return MessageFormat.format(GOOGLE_USER_INFO_PATTERN, AuthSource.GOOGLE.userInfo(), token);
}
/**
@@ -565,11 +589,11 @@ public class UrlBuilder {
*
* @param clientId Facebook 应用的Client ID
* @param redirectUrl Facebook 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getFacebookAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(FACEBOOK_AUTHORIZE_PATTERN, ApiUrl.FACEBOOK.authorize(), clientId, redirectUrl, System
.currentTimeMillis());
public static String getFacebookAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(FACEBOOK_AUTHORIZE_PATTERN, AuthSource.FACEBOOK.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -582,7 +606,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getFacebookAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUri) {
return MessageFormat.format(FACEBOOK_ACCESS_TOKEN_PATTERN, ApiUrl.FACEBOOK.accessToken(), clientId, clientSecret, code, redirectUri);
return MessageFormat.format(FACEBOOK_ACCESS_TOKEN_PATTERN, AuthSource.FACEBOOK.accessToken(), clientId, clientSecret, code, redirectUri);
}
/**
@@ -592,7 +616,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getFacebookUserInfoUrl(String token) {
return MessageFormat.format(FACEBOOK_USER_INFO_PATTERN, ApiUrl.FACEBOOK.userInfo(), token);
return MessageFormat.format(FACEBOOK_USER_INFO_PATTERN, AuthSource.FACEBOOK.userInfo(), token);
}
/**
@@ -600,10 +624,11 @@ public class UrlBuilder {
*
* @param clientId Douyin 应用的Client ID
* @param redirectUrl Douyin 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getDouyinAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(DOUYIN_AUTHORIZE_PATTERN, ApiUrl.DOUYIN.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getDouyinAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(DOUYIN_AUTHORIZE_PATTERN, AuthSource.DOUYIN.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -615,7 +640,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getDouyinAccessTokenUrl(String clientId, String clientSecret, String code) {
return MessageFormat.format(DOUYIN_ACCESS_TOKEN_PATTERN, ApiUrl.DOUYIN.accessToken(), clientId, clientSecret, code);
return MessageFormat.format(DOUYIN_ACCESS_TOKEN_PATTERN, AuthSource.DOUYIN.accessToken(), clientId, clientSecret, code);
}
/**
@@ -626,7 +651,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getDouyinUserInfoUrl(String token, String openId) {
return MessageFormat.format(DOUYIN_USER_INFO_PATTERN, ApiUrl.DOUYIN.userInfo(), token, openId);
return MessageFormat.format(DOUYIN_USER_INFO_PATTERN, AuthSource.DOUYIN.userInfo(), token, openId);
}
/**
@@ -637,7 +662,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getDouyinRefreshUrl(String clientId, String refreshToken) {
return MessageFormat.format(DOUYIN_REFRESH_TOKEN_PATTERN, ApiUrl.DOUYIN.refresh(), clientId, refreshToken);
return MessageFormat.format(DOUYIN_REFRESH_TOKEN_PATTERN, AuthSource.DOUYIN.refresh(), clientId, refreshToken);
}
/**
@@ -645,11 +670,11 @@ public class UrlBuilder {
*
* @param clientId Linkedin 应用的Client ID
* @param redirectUrl Linkedin 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getLinkedinAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(LINKEDIN_AUTHORIZE_PATTERN, ApiUrl.LINKEDIN.authorize(), clientId, redirectUrl, System
.currentTimeMillis());
public static String getLinkedinAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(LINKEDIN_AUTHORIZE_PATTERN, AuthSource.LINKEDIN.authorize(), clientId, redirectUrl, state);
}
/**
@@ -662,7 +687,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getLinkedinAccessTokenUrl(String clientId, String clientSecret, String code, String redirectUrl) {
return MessageFormat.format(LINKEDIN_ACCESS_TOKEN_PATTERN, ApiUrl.LINKEDIN.accessToken(), clientId, clientSecret, code, redirectUrl);
return MessageFormat.format(LINKEDIN_ACCESS_TOKEN_PATTERN, AuthSource.LINKEDIN.accessToken(), clientId, clientSecret, code, redirectUrl);
}
/**
@@ -671,7 +696,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getLinkedinUserInfoUrl() {
return MessageFormat.format(LINKEDIN_USER_INFO_PATTERN, ApiUrl.LINKEDIN.userInfo());
return MessageFormat.format(LINKEDIN_USER_INFO_PATTERN, AuthSource.LINKEDIN.userInfo());
}
/**
@@ -683,7 +708,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getLinkedinRefreshUrl(String clientId, String clientSecret, String refreshToken) {
return MessageFormat.format(LINKEDIN_REFRESH_TOKEN_PATTERN, ApiUrl.LINKEDIN.refresh(), clientId, clientSecret, refreshToken);
return MessageFormat.format(LINKEDIN_REFRESH_TOKEN_PATTERN, AuthSource.LINKEDIN.refresh(), clientId, clientSecret, refreshToken);
}
/**
@@ -691,11 +716,11 @@ public class UrlBuilder {
*
* @param clientId 微软 应用的Client ID
* @param redirectUrl 微软 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getMicrosoftAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(MICROSOFT_AUTHORIZE_PATTERN, ApiUrl.MICROSOFT.authorize(), clientId, redirectUrl, System
.currentTimeMillis());
public static String getMicrosoftAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(MICROSOFT_AUTHORIZE_PATTERN, AuthSource.MICROSOFT.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -708,7 +733,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getMicrosoftAccessTokenUrl(String clientId, String clientSecret, String redirectUrl, String code) {
return MessageFormat.format(MICROSOFT_ACCESS_TOKEN_PATTERN, ApiUrl.MICROSOFT.accessToken(), clientId, clientSecret, redirectUrl, code);
return MessageFormat.format(MICROSOFT_ACCESS_TOKEN_PATTERN, AuthSource.MICROSOFT.accessToken(), clientId, clientSecret, redirectUrl, code);
}
/**
@@ -717,7 +742,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getMicrosoftUserInfoUrl() {
return MessageFormat.format(MICROSOFT_USER_INFO_PATTERN, ApiUrl.MICROSOFT.userInfo());
return MessageFormat.format(MICROSOFT_USER_INFO_PATTERN, AuthSource.MICROSOFT.userInfo());
}
/**
@@ -730,7 +755,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getMicrosoftRefreshUrl(String clientId, String clientSecret, String redirectUrl, String refreshToken) {
return MessageFormat.format(MICROSOFT_REFRESH_TOKEN_PATTERN, ApiUrl.MICROSOFT.refresh(), clientId, clientSecret, redirectUrl, refreshToken);
return MessageFormat.format(MICROSOFT_REFRESH_TOKEN_PATTERN, AuthSource.MICROSOFT.refresh(), clientId, clientSecret, redirectUrl, refreshToken);
}
/**
@@ -738,10 +763,11 @@ public class UrlBuilder {
*
* @param clientId 小米 应用的Client ID
* @param redirectUrl 小米 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getMiAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(MI_AUTHORIZE_PATTERN, ApiUrl.MI.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getMiAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(MI_AUTHORIZE_PATTERN, AuthSource.MI.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -754,7 +780,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getMiAccessTokenUrl(String clientId, String clientSecret, String redirectUrl, String code) {
return MessageFormat.format(MI_ACCESS_TOKEN_PATTERN, ApiUrl.MI.accessToken(), clientId, clientSecret, redirectUrl, code);
return MessageFormat.format(MI_ACCESS_TOKEN_PATTERN, AuthSource.MI.accessToken(), clientId, clientSecret, redirectUrl, code);
}
/**
@@ -765,7 +791,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getMiUserInfoUrl(String clientId, String token) {
return MessageFormat.format(MI_USER_INFO_PATTERN, ApiUrl.MI.userInfo(), clientId, token);
return MessageFormat.format(MI_USER_INFO_PATTERN, AuthSource.MI.userInfo(), clientId, token);
}
/**
@@ -778,7 +804,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getMiRefreshUrl(String clientId, String clientSecret, String redirectUrl, String refreshToken) {
return MessageFormat.format(MI_REFRESH_TOKEN_PATTERN, ApiUrl.MI.refresh(), clientId, clientSecret, redirectUrl, refreshToken);
return MessageFormat.format(MI_REFRESH_TOKEN_PATTERN, AuthSource.MI.refresh(), clientId, clientSecret, redirectUrl, refreshToken);
}
/**
@@ -786,10 +812,11 @@ public class UrlBuilder {
*
* @param clientId 今日头条 应用的Client ID
* @param redirectUrl 今日头条 应用授权成功后的回调地址
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
* @return full url
*/
public static String getToutiaoAuthorizeUrl(String clientId, String redirectUrl) {
return MessageFormat.format(TOUTIAO_AUTHORIZE_PATTERN, ApiUrl.TOUTIAO.authorize(), clientId, redirectUrl, System.currentTimeMillis());
public static String getToutiaoAuthorizeUrl(String clientId, String redirectUrl, String state) {
return MessageFormat.format(TOUTIAO_AUTHORIZE_PATTERN, AuthSource.TOUTIAO.authorize(), clientId, redirectUrl, getState(state));
}
/**
@@ -801,7 +828,7 @@ public class UrlBuilder {
* @return full url
*/
public static String getToutiaoAccessTokenUrl(String clientId, String clientSecret, String code) {
return MessageFormat.format(TOUTIAO_ACCESS_TOKEN_PATTERN, ApiUrl.TOUTIAO.accessToken(), clientId, clientSecret, code);
return MessageFormat.format(TOUTIAO_ACCESS_TOKEN_PATTERN, AuthSource.TOUTIAO.accessToken(), clientId, clientSecret, code);
}
/**
@@ -812,6 +839,6 @@ public class UrlBuilder {
* @return full url
*/
public static String getToutiaoUserInfoUrl(String clientId, String token) {
return MessageFormat.format(TOUTIAO_USER_INFO_PATTERN, ApiUrl.TOUTIAO.userInfo(), clientId, token);
return MessageFormat.format(TOUTIAO_USER_INFO_PATTERN, AuthSource.TOUTIAO.userInfo(), clientId, token);
}
}
src/test/java/me/zhyd/oauth/AuthRequestTest.java
+127 -42
View File
@@ -1,6 +1,7 @@
package me.zhyd.oauth;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.request.*;
import org.junit.Test;
@@ -18,11 +19,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -31,11 +33,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -45,10 +48,10 @@ public class AuthRequestTest {
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -57,11 +60,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -70,11 +74,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -83,11 +88,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -96,11 +102,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
@@ -109,11 +116,27 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
authRequest.login(new AuthCallback());
}
@Test
public void alipayTest() {
AuthRequest authRequest = new AuthAlipayRequest(AuthConfig.builder()
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.alipayPublicKey("publicKey")
.state("state")
.build());
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
@@ -122,11 +145,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
AuthResponse login = authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
@@ -135,11 +159,26 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
AuthResponse login = authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
public void taobaoTest() {
AuthRequest authRequest = new AuthTaobaoRequest(AuthConfig.builder()
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
@@ -148,11 +187,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
AuthResponse login = authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
@@ -161,11 +201,40 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
AuthResponse login = authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
public void douyinTest() {
AuthRequest authRequest = new AuthDouyinRequest(AuthConfig.builder()
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
public void linkedinTest() {
AuthRequest authRequest = new AuthLinkedinRequest(AuthConfig.builder()
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
@@ -174,11 +243,12 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
AuthResponse login = authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
@@ -187,10 +257,25 @@ public class AuthRequestTest {
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行调整
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回一个code,用这个code进行登录
AuthResponse login = authRequest.login("code");
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
@Test
public void toutiaoTest() {
AuthRequest authRequest = new AuthToutiaoRequest(AuthConfig.builder()
.clientId("clientId")
.clientSecret("clientSecret")
.redirectUri("redirectUri")
.state("state")
.build());
// 返回授权页面,可自行跳转
String url = authRequest.authorize();
// 授权登录后会返回code(auth_code(仅限支付宝))、state1.8.0版本后,可以用AuthCallback类作为回调接口的入参
AuthResponse login = authRequest.login(new AuthCallback());
}
}
src/test/java/me/zhyd/oauth/utils/AuthStateTest.java
+231
View File
@@ -0,0 +1,231 @@
package me.zhyd.oauth.utils;
import cn.hutool.core.date.DatePattern;
import cn.hutool.core.date.DateUtil;
import me.zhyd.oauth.config.AuthConfig;
import org.junit.Assert;
import org.junit.Test;
import java.util.*;
public class AuthStateTest {
/**
* step1 生成state: 预期创建一个新的state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9yM3ll
*
* step2 重复生成state: 预期从bucket中返回一个可用的state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9yM3ll
*
* step3 获取state: 预期获取上面生成的state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9yM3ll
*
* step4 删除state: 预期删除掉上面创建的state...
*
* step5 重新获取state: 预期返回null...
* null
*/
@Test
public void test() {
String source = "github";
System.out.println("\nstep1 生成state: 预期创建一个新的state...");
String state = AuthState.create(source);
System.out.println(state);
System.out.println("\nstep2 重复生成state: 预期从bucket中返回一个可用的state...");
String recreateState = AuthState.create(source);
System.out.println(recreateState);
Assert.assertEquals(state, recreateState);
System.out.println("\nstep3 获取state: 预期获取上面生成的state...");
String stateByBucket = AuthState.get(source);
System.out.println(stateByBucket);
Assert.assertEquals(state, stateByBucket);
System.out.println("\nstep4 删除state: 预期删除掉上面创建的state...");
AuthState.delete(source);
System.out.println("\nstep5 重新获取state: 预期返回null...");
String deletedState = AuthState.get(source);
System.out.println(deletedState);
Assert.assertNull(deletedState);
}
/**
* 通过随机字符串生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9wdnAy
*
* 通过传入自定义的字符串生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV/ov5nmmK/kuIDkuKrlrZfnrKbkuLI=
*
* 通过传入数字生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xMTE=
*
* 通过传入日期生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xNTQ2MzE1OTMyMDAw
*
* 通过传入map生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV97InVzZXJUb2tlbiI6Inh4eHh4IiwidXNlcklkIjoxfQ==
*
* 通过传入List生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9bInh4eHgiLCJ4eHh4eHh4eCJd
*
* 通过传入实体类生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV97ImNsaWVudElkIjoieHh4eHgiLCJjbGllbnRTZWNyZXQiOiJ4eHh4eCIsInVuaW9uSWQiOmZhbHNlfQ==
*/
@Test
public void create() {
String source = "github";
System.out.println("\n通过随机字符串生成state...");
String state = AuthState.create(source);
System.out.println(state);
AuthState.delete(source);
System.out.println("\n通过传入自定义的字符串生成state...");
String stringBody = "这是一个字符串";
String stringState = AuthState.create(source, stringBody);
System.out.println(stringState);
AuthState.delete(source);
System.out.println("\n通过传入数字生成state...");
Integer numberBody = 111;
String numberState = AuthState.create(source, numberBody);
System.out.println(numberState);
AuthState.delete(source);
System.out.println("\n通过传入日期生成state...");
Date dateBody = DateUtil.parse("2019-01-01 12:12:12", DatePattern.NORM_DATETIME_PATTERN);
String dateState = AuthState.create(source, dateBody);
System.out.println(dateState);
AuthState.delete(source);
System.out.println("\n通过传入map生成state...");
Map<String, Object> mapBody = new HashMap<>();
mapBody.put("userId", 1);
mapBody.put("userToken", "xxxxx");
String mapState = AuthState.create(source, mapBody);
System.out.println(mapState);
AuthState.delete(source);
System.out.println("\n通过传入List生成state...");
List<String> listBody = new ArrayList<>();
listBody.add("xxxx");
listBody.add("xxxxxxxx");
String listState = AuthState.create(source, listBody);
System.out.println(listState);
AuthState.delete(source);
System.out.println("\n通过传入实体类生成state...");
AuthConfig entityBody = AuthConfig.builder()
.clientId("xxxxx")
.clientSecret("xxxxx")
.build();
String entityState = AuthState.create(source, entityBody);
System.out.println(entityState);
AuthState.delete(source);
}
/**
* 通过随机字符串生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9kaWNn
* dicg
*
* 通过传入自定义的字符串生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV/ov5nmmK/kuIDkuKrlrZfnrKbkuLI=
* 这是一个字符串
*
* 通过传入数字生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xMTE=
* 111
*
* 通过传入日期生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xNTQ2MzE1OTMyMDAw
* Tue Jan 01 12:12:12 CST 2019
*
* 通过传入map生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV97InVzZXJUb2tlbiI6Inh4eHh4IiwidXNlcklkIjoxfQ==
* {userToken=xxxxx, userId=1}
*
* 通过传入List生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV9bInh4eHgiLCJ4eHh4eHh4eCJd
* [xxxx, xxxxxxxx]
*
* 通过传入实体类生成state...
* Z2l0aHViXzE5Mi4xNjguMTkuMV97ImNsaWVudElkIjoieHh4eHgiLCJjbGllbnRTZWNyZXQiOiJ4eHh4eCIsInVuaW9uSWQiOmZhbHNlfQ==
* me.zhyd.oauth.config.AuthConfig@725bef66
*/
@Test
public void getBody() {
String source = "github";
System.out.println("\n通过随机字符串生成state...");
String state = AuthState.create(source);
System.out.println(state);
String body = AuthState.getBody(source, state, String.class);
System.out.println(body);
AuthState.delete(source);
System.out.println("\n通过传入自定义的字符串生成state...");
String stringBody = "这是一个字符串";
String stringState = AuthState.create(source, stringBody);
System.out.println(stringState);
stringBody = AuthState.getBody(source, stringState, String.class);
System.out.println(stringBody);
AuthState.delete(source);
System.out.println("\n通过传入数字生成state...");
Integer numberBody = 111;
String numberState = AuthState.create(source, numberBody);
System.out.println(numberState);
numberBody = AuthState.getBody(source, numberState, Integer.class);
System.out.println(numberBody);
AuthState.delete(source);
System.out.println("\n通过传入日期生成state...");
Date dateBody = DateUtil.parse("2019-01-01 12:12:12", DatePattern.NORM_DATETIME_PATTERN);
String dateState = AuthState.create(source, dateBody);
System.out.println(dateState);
dateBody = AuthState.getBody(source, dateState, Date.class);
System.out.println(dateBody);
AuthState.delete(source);
System.out.println("\n通过传入map生成state...");
Map<String, Object> mapBody = new HashMap<>();
mapBody.put("userId", 1);
mapBody.put("userToken", "xxxxx");
String mapState = AuthState.create(source, mapBody);
System.out.println(mapState);
mapBody = AuthState.getBody(source, mapState, Map.class);
System.out.println(mapBody);
AuthState.delete(source);
System.out.println("\n通过传入List生成state...");
List<String> listBody = new ArrayList<>();
listBody.add("xxxx");
listBody.add("xxxxxxxx");
String listState = AuthState.create(source, listBody);
System.out.println(listState);
listBody = AuthState.getBody(source, listState, List.class);
System.out.println(listBody);
AuthState.delete(source);
System.out.println("\n通过传入实体类生成state...");
AuthConfig entityBody = AuthConfig.builder()
.clientId("xxxxx")
.clientSecret("xxxxx")
.build();
String entityState = AuthState.create(source, entityBody);
System.out.println(entityState);
entityBody = AuthState.getBody(source, entityState, AuthConfig.class);
System.out.println(entityBody);
AuthState.delete(source);
}
@Test
public void getErrorStateBody() {
String source = "github";
String state = "1111111111111111111111111111111";
String body = AuthState.getBody(source, state, String.class);
System.out.println(body);
AuthState.delete(source);
}
}
src/test/java/me/zhyd/oauth/utils/GlobalAuthUtilTest.java
+61
View File
@@ -0,0 +1,61 @@
package me.zhyd.oauth.utils;
import org.junit.Assert;
import org.junit.Test;
import java.util.HashMap;
import java.util.Map;
public class GlobalAuthUtilTest {
@Test
public void testGenerateDingTalkSignature() {
Assert.assertEquals("mLTZEMqIlpAA3xtJ43KcRT0EDLwgSamFe%2FNis5lq9ik%3D",
GlobalAuthUtil.generateDingTalkSignature(
"SHA-256", "1562325753000 "));
}
@Test
public void testUrlDecode() {
Assert.assertEquals("", GlobalAuthUtil.urlDecode(null));
Assert.assertEquals("https://www.foo.bar",
GlobalAuthUtil.urlDecode("https://www.foo.bar"));
Assert.assertEquals("mLTZEMqIlpAA3xtJ43KcRT0EDLwgSamFe/Nis5lq9ik=",
GlobalAuthUtil.urlDecode(
"mLTZEMqIlpAA3xtJ43KcRT0EDLwgSamFe%2FNis5lq9ik%3D"));
}
@Test
public void testParseStringToMap() {
Map expected = new HashMap();
expected.put("bar", "baz");
Assert.assertEquals(expected,
GlobalAuthUtil.parseStringToMap("foo&bar=baz"));
}
@Test
public void testIsHttpProtocol() {
Assert.assertFalse(GlobalAuthUtil.isHttpProtocol(""));
Assert.assertFalse(GlobalAuthUtil.isHttpProtocol("foo"));
Assert.assertTrue(GlobalAuthUtil.isHttpProtocol("http://www.foo.bar"));
}
@Test
public void testIsHttpsProtocol() {
Assert.assertFalse(GlobalAuthUtil.isHttpsProtocol(""));
Assert.assertFalse(GlobalAuthUtil.isHttpsProtocol("foo"));
Assert.assertTrue(
GlobalAuthUtil.isHttpsProtocol("https://www.foo.bar"));
}
@Test
public void testIsLocalHost() {
Assert.assertFalse(GlobalAuthUtil.isLocalHost("foo"));
Assert.assertTrue(GlobalAuthUtil.isLocalHost(""));
Assert.assertTrue(GlobalAuthUtil.isLocalHost("127.0.0.1"));
Assert.assertTrue(GlobalAuthUtil.isLocalHost("localhost"));
}
}
update.md
+30
View File
@@ -1,3 +1,33 @@
### 2019/07/15
1. 新增 `AuthState` 类,内置默认的state生成规则和校验规则
### 2019/07/12
1. 合并[Braavos96](https://github.com/Braavos96)提交的[PR#16](https://github.com/zhangyd-c/JustAuth/pull/16)
### 2019/06/28
1. 修复百度登录获取不到token失效时间的问题
2. 增加state参数校验,预防CSRF。**强烈建议启用state**
### 2019/06/27
1. 修改login方法的参数为AuthCallback,封装回调返回的参数
2. 支持state参数
3. 增加code和state参数校验
### 2019/06/25
qq授权登录时,需要获取`openId`作为`uuid`,在`1.6.1-beta``1.7.0`版本中,引入了`unionId`这一属性。获取`unionid`需要单独向qq团队**发送邮件**申请权限,鉴于这一申请权限的步骤比较麻烦(需要填写的内容比较多),所以在`AuthConfig`中增加了一个`unionId`属性,当为**true**时才会获取unionid,当为false时只获取openId。如果你需要该功能, 则在自行申请了相关权限后,将该属性置为true即可。关于unionId的参考链接:[UnionID介绍](http://wiki.connect.qq.com/unionid%E4%BB%8B%E7%BB%8D)
### 2019/06/19
1. 合并[xkcoding](https://github.com/xkcoding)提交的[PR](https://github.com/zhangyd-c/JustAuth/pull/14),重构了部分代码,jar包由原来的`130+kb`优化到现在的`110+kb`
2. 合并[skqing](https://gitee.com/skqing)提交的[PR](https://gitee.com/yadong.zhang/JustAuth/pulls/3) 解决抖音登录失败问题
### 2019/06/18
1. 解决Issue [#IY2HW](https://gitee.com/yadong.zhang/JustAuth/issues/IY2HW)
2. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH)
3. 解决Issue [#IY2FV](https://gitee.com/yadong.zhang/JustAuth/issues/IY2FV)
4. 修复部分注释、拼写错误
5. 解决Issue [#IY1QR](https://gitee.com/yadong.zhang/JustAuth/issues/IY1QR) 增加对Config属性的校验功能,主要校验redirect uri的合法性
6. 合并[skqing](https://gitee.com/skqing)提交的[PR](https://gitee.com/yadong.zhang/JustAuth/pulls/2),解决一些BUG
### 2019/06/06
1. 增加今日头条的授权登陆
2. 发布1.6.0-beta版本,今日头条开发者暂时不能认证, 所以无法做测试,等测试通过后,正式发布release版本