diff --git a/src/main/java/me/zhyd/oauth/config/AuthConfig.java b/src/main/java/me/zhyd/oauth/config/AuthConfig.java index 85aa25c..084649c 100644 --- a/src/main/java/me/zhyd/oauth/config/AuthConfig.java +++ b/src/main/java/me/zhyd/oauth/config/AuthConfig.java @@ -181,4 +181,9 @@ public class AuthConfig { public String getAuthServerId() { return StringUtils.isEmpty(authServerId) ? "default" : authServerId; } + + /** + * Microsoft Entra ID(原微软 AAD)中的租户 ID + */ + private String tenantId; } diff --git a/src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java b/src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java index e115bfc..35b835a 100644 --- a/src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java +++ b/src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java @@ -410,17 +410,17 @@ public enum AuthDefaultSource implements AuthSource { FACEBOOK { @Override public String authorize() { - return "https://www.facebook.com/v10.0/dialog/oauth"; + return "https://www.facebook.com/v18.0/dialog/oauth"; } @Override public String accessToken() { - return "https://graph.facebook.com/v10.0/oauth/access_token"; + return "https://graph.facebook.com/v18.0/oauth/access_token"; } @Override public String userInfo() { - return "https://graph.facebook.com/v10.0/me"; + return "https://graph.facebook.com/v18.0/me"; } @Override @@ -492,12 +492,12 @@ public enum AuthDefaultSource implements AuthSource { MICROSOFT { @Override public String authorize() { - return "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; + return "https://login.microsoftonline.com/%s/oauth2/v2.0/authorize"; } @Override public String accessToken() { - return "https://login.microsoftonline.com/common/oauth2/v2.0/token"; + return "https://login.microsoftonline.com/%s/oauth2/v2.0/token"; } @Override @@ -507,7 +507,7 @@ public enum AuthDefaultSource implements AuthSource { @Override public String refresh() { - return "https://login.microsoftonline.com/common/oauth2/v2.0/token"; + return "https://login.microsoftonline.com/%s/oauth2/v2.0/token"; } @Override @@ -521,12 +521,12 @@ public enum AuthDefaultSource implements AuthSource { MICROSOFT_CN { @Override public String authorize() { - return "https://login.partner.microsoftonline.cn/common/oauth2/v2.0/authorize"; + return "https://login.partner.microsoftonline.cn/%s/oauth2/v2.0/authorize"; } @Override public String accessToken() { - return "https://login.partner.microsoftonline.cn/common/oauth2/v2.0/token"; + return "https://login.partner.microsoftonline.cn/%s/oauth2/v2.0/token"; } @Override @@ -536,7 +536,7 @@ public enum AuthDefaultSource implements AuthSource { @Override public String refresh() { - return "https://login.partner.microsoftonline.cn/common/oauth2/v2.0/token"; + return "https://login.partner.microsoftonline.cn/%s/oauth2/v2.0/token"; } @Override diff --git a/src/main/java/me/zhyd/oauth/request/AbstractAuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AbstractAuthMicrosoftRequest.java index 2195d5e..cfd25b1 100644 --- a/src/main/java/me/zhyd/oauth/request/AbstractAuthMicrosoftRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AbstractAuthMicrosoftRequest.java @@ -16,6 +16,7 @@ import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.AuthScopeUtils; import me.zhyd.oauth.utils.HttpUtils; +import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; import java.util.Map; @@ -126,9 +127,16 @@ public abstract class AbstractAuthMicrosoftRequest extends AuthDefaultRequest { */ @Override public String authorize(String state) { - return UrlBuilder.fromBaseUrl(super.authorize(state)) + // 兼容 Microsoft Entra ID 登录(原微软 AAD) + // @since 1.16.6 + String tenantId = StringUtils.isEmpty(config.getTenantId()) ? "common" : config.getTenantId(); + return UrlBuilder.fromBaseUrl(String.format(source.authorize(), tenantId)) + .queryParam("response_type", "code") + .queryParam("client_id", config.getClientId()) + .queryParam("redirect_uri", config.getRedirectUri()) + .queryParam("state", getRealState(state)) .queryParam("response_mode", "query") - .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values()))) + .queryParam("scope", this.getScopes(" ", false, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values()))) .build(); } @@ -140,12 +148,13 @@ public abstract class AbstractAuthMicrosoftRequest extends AuthDefaultRequest { */ @Override protected String accessTokenUrl(String code) { - return UrlBuilder.fromBaseUrl(source.accessToken()) + String tenantId = StringUtils.isEmpty(config.getTenantId()) ? "common" : config.getTenantId(); + return UrlBuilder.fromBaseUrl(String.format(source.accessToken(), tenantId)) .queryParam("code", code) .queryParam("client_id", config.getClientId()) .queryParam("client_secret", config.getClientSecret()) .queryParam("grant_type", "authorization_code") - .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values()))) + .queryParam("scope", this.getScopes(" ", false, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values()))) .queryParam("redirect_uri", config.getRedirectUri()) .build(); } @@ -169,12 +178,13 @@ public abstract class AbstractAuthMicrosoftRequest extends AuthDefaultRequest { */ @Override protected String refreshTokenUrl(String refreshToken) { - return UrlBuilder.fromBaseUrl(source.refresh()) + String tenantId = StringUtils.isEmpty(config.getTenantId()) ? "common" : config.getTenantId(); + return UrlBuilder.fromBaseUrl(String.format(source.refresh(), tenantId)) .queryParam("client_id", config.getClientId()) .queryParam("client_secret", config.getClientSecret()) .queryParam("refresh_token", refreshToken) .queryParam("grant_type", "refresh_token") - .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values()))) + .queryParam("scope", this.getScopes(" ", false, AuthScopeUtils.getDefaultScopes(AuthMicrosoftScope.values()))) .queryParam("redirect_uri", config.getRedirectUri()) .build(); }