integrate twitter login
This commit is contained in:
Hongwei Peng
@@ -672,6 +672,28 @@ public enum AuthDefaultSource implements AuthSource {
|
||||
public String refresh() {
|
||||
return "https://open-api.shop.ele.me/token";
|
||||
}
|
||||
},
|
||||
|
||||
/**
|
||||
* Twitter
|
||||
*
|
||||
* @since 1.12.0
|
||||
*/
|
||||
TWITTER {
|
||||
@Override
|
||||
public String authorize() {
|
||||
return "https://api.twitter.com/oauth/authenticate";
|
||||
}
|
||||
|
||||
@Override
|
||||
public String accessToken() {
|
||||
return "https://api.twitter.com/oauth/access_token";
|
||||
}
|
||||
|
||||
@Override
|
||||
public String userInfo() {
|
||||
return "https://api.twitter.com/1.1/users/show.json";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package me.zhyd.oauth.model;
|
||||
|
||||
import lombok.Builder;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
|
||||
@@ -11,6 +12,7 @@ import lombok.Setter;
|
||||
*/
|
||||
@Getter
|
||||
@Setter
|
||||
@Builder
|
||||
public class AuthCallback {
|
||||
|
||||
/**
|
||||
@@ -34,4 +36,18 @@ public class AuthCallback {
|
||||
* @since 1.10.0
|
||||
*/
|
||||
private String authorization_code;
|
||||
|
||||
/**
|
||||
* Twitter回调后返回的oauth_token
|
||||
*
|
||||
* @since 1.12.0
|
||||
*/
|
||||
private String oauthToken;
|
||||
|
||||
/**
|
||||
* Twitter回调后返回的oauth_verifier
|
||||
*
|
||||
* @since 1.12.0
|
||||
*/
|
||||
private String oauthVerifier;
|
||||
}
|
||||
|
||||
@@ -42,4 +42,15 @@ public class AuthToken {
|
||||
*/
|
||||
private String code;
|
||||
|
||||
/**
|
||||
* Twitter附带属性
|
||||
*
|
||||
* @since 1.12.0
|
||||
*/
|
||||
private String oauthToken;
|
||||
private String oauthTokenSecret;
|
||||
private String userId;
|
||||
private String screenName;
|
||||
private Boolean oauthCallbackConfirmed;
|
||||
|
||||
}
|
||||
|
||||
156
src/main/java/me/zhyd/oauth/request/AuthTwitterRequest.java
Normal file
156
src/main/java/me/zhyd/oauth/request/AuthTwitterRequest.java
Normal file
@@ -0,0 +1,156 @@
|
||||
package me.zhyd.oauth.request;
|
||||
|
||||
import cn.hutool.http.HttpRequest;
|
||||
import cn.hutool.http.HttpResponse;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import me.zhyd.oauth.cache.AuthStateCache;
|
||||
import me.zhyd.oauth.config.AuthConfig;
|
||||
import me.zhyd.oauth.exception.AuthException;
|
||||
import me.zhyd.oauth.model.AuthCallback;
|
||||
import me.zhyd.oauth.model.AuthToken;
|
||||
import me.zhyd.oauth.model.AuthUser;
|
||||
import me.zhyd.oauth.utils.GlobalAuthUtil;
|
||||
import me.zhyd.oauth.utils.UrlBuilder;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import static me.zhyd.oauth.config.AuthDefaultSource.TWITTER;
|
||||
import static me.zhyd.oauth.utils.GlobalAuthUtil.generateTwitterSignature;
|
||||
import static me.zhyd.oauth.utils.GlobalAuthUtil.urlEncode;
|
||||
|
||||
/**
|
||||
* Twitter登录
|
||||
*
|
||||
* @author hongwei.peng (pengisgood(at)gmail(dot)com)
|
||||
* @since 1.12.0
|
||||
*/
|
||||
public class AuthTwitterRequest extends AuthDefaultRequest {
|
||||
|
||||
public AuthTwitterRequest(AuthConfig config) {
|
||||
super(config, TWITTER);
|
||||
}
|
||||
|
||||
public AuthTwitterRequest(AuthConfig config, AuthStateCache authStateCache) {
|
||||
super(config, TWITTER, authStateCache);
|
||||
}
|
||||
|
||||
/**
|
||||
* Obtaining a request token
|
||||
* https://developer.twitter.com/en/docs/twitter-for-websites/log-in-with-twitter/guides/implementing-sign-in-with-twitter
|
||||
*
|
||||
* @return request token
|
||||
*/
|
||||
public AuthToken getRequestToken() {
|
||||
String baseUrl = "https://api.twitter.com/oauth/request_token";
|
||||
|
||||
Map<String, Object> oauthParams = buildOauthParams();
|
||||
oauthParams.put("oauth_callback", config.getRedirectUri());
|
||||
oauthParams.put("oauth_signature", generateTwitterSignature(oauthParams, "POST", baseUrl, config.getClientSecret(), null));
|
||||
oauthParams.forEach((k, v) -> oauthParams.put(k, "\"" + urlEncode(v.toString()) + "\""));
|
||||
|
||||
HttpResponse requestToken = HttpRequest.post(baseUrl)
|
||||
.header("Authorization", "OAuth " + GlobalAuthUtil.parseMapToString(oauthParams, false).replaceAll("&", ", "))
|
||||
.execute();
|
||||
checkResponse(requestToken);
|
||||
|
||||
Map<String, Object> res = GlobalAuthUtil.parseQueryToMap(requestToken.body());
|
||||
|
||||
return AuthToken.builder()
|
||||
.oauthToken(res.get("oauth_token").toString())
|
||||
.oauthTokenSecret(res.get("oauth_token_secret").toString())
|
||||
.oauthCallbackConfirmed(Boolean.valueOf(res.get("oauth_callback_confirmed").toString()))
|
||||
.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Convert request token to access token
|
||||
* https://developer.twitter.com/en/docs/twitter-for-websites/log-in-with-twitter/guides/implementing-sign-in-with-twitter
|
||||
*
|
||||
* @return access token
|
||||
*/
|
||||
@Override
|
||||
protected AuthToken getAccessToken(AuthCallback authCallback) {
|
||||
Map<String, Object> oauthParams = buildOauthParams();
|
||||
oauthParams.put("oauth_token", authCallback.getOauthToken());
|
||||
oauthParams.put("oauth_verifier", authCallback.getOauthVerifier());
|
||||
oauthParams.put("oauth_signature", generateTwitterSignature(oauthParams, "POST", source.accessToken(), config.getClientSecret(), authCallback.getOauthToken()));
|
||||
oauthParams.forEach((k, v) -> oauthParams.put(k, "\"" + urlEncode(v.toString()) + "\""));
|
||||
|
||||
HttpResponse response = HttpRequest.post(source.accessToken())
|
||||
.header("Authorization", "OAuth " + GlobalAuthUtil.parseMapToString(oauthParams, false).replaceAll("&", ", "))
|
||||
.header("Content-Type", "application/x-www-form-urlencoded")
|
||||
.form("oauth_verifier", authCallback.getOauthVerifier())
|
||||
.execute();
|
||||
checkResponse(response);
|
||||
|
||||
Map<String, Object> requestToken = GlobalAuthUtil.parseQueryToMap(response.body());
|
||||
|
||||
return AuthToken.builder()
|
||||
.oauthToken(requestToken.get("oauth_token").toString())
|
||||
.oauthTokenSecret(requestToken.get("oauth_token_secret").toString())
|
||||
.userId(requestToken.get("user_id").toString())
|
||||
.screenName(requestToken.get("screen_name").toString())
|
||||
.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected AuthUser getUserInfo(AuthToken authToken) {
|
||||
|
||||
Map<String, Object> queryParams = new HashMap<>();
|
||||
queryParams.put("user_id", authToken.getUserId());
|
||||
queryParams.put("screen_name", authToken.getScreenName());
|
||||
queryParams.put("include_entities", true);
|
||||
|
||||
Map<String, Object> oauthParams = buildOauthParams();
|
||||
oauthParams.put("oauth_token", authToken.getOauthToken());
|
||||
|
||||
Map<String, Object> params = new HashMap<>(oauthParams);
|
||||
params.putAll(queryParams);
|
||||
oauthParams.put("oauth_signature", generateTwitterSignature(params, "GET", source.userInfo(), config.getClientSecret(), authToken.getOauthTokenSecret()));
|
||||
oauthParams.forEach((k, v) -> oauthParams.put(k, "\"" + urlEncode(v.toString()) + "\""));
|
||||
|
||||
HttpResponse response = HttpRequest.get(userInfoUrl(authToken))
|
||||
.header("Authorization", "OAuth " + GlobalAuthUtil.parseMapToString(oauthParams, false).replaceAll("&", ", "))
|
||||
.execute();
|
||||
checkResponse(response);
|
||||
JSONObject userInfo = JSONObject.parseObject(response.body());
|
||||
|
||||
return AuthUser.builder()
|
||||
.uuid(userInfo.getString("id_str"))
|
||||
.username(userInfo.getString("screen_name"))
|
||||
.nickname(userInfo.getString("name"))
|
||||
.remark(userInfo.getString("description"))
|
||||
.avatar(userInfo.getString("profile_image_url_https"))
|
||||
.blog(userInfo.getString("url"))
|
||||
.location(userInfo.getString("location"))
|
||||
.source(source.toString())
|
||||
.token(authToken)
|
||||
.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected String userInfoUrl(AuthToken authToken) {
|
||||
return UrlBuilder.fromBaseUrl(source.userInfo())
|
||||
.queryParam("user_id", authToken.getUserId())
|
||||
.queryParam("screen_name", authToken.getScreenName())
|
||||
.queryParam("include_entities", true)
|
||||
.build();
|
||||
}
|
||||
|
||||
private Map<String, Object> buildOauthParams() {
|
||||
Map<String, Object> params = new HashMap<>();
|
||||
params.put("oauth_consumer_key", config.getClientId());
|
||||
params.put("oauth_nonce", GlobalAuthUtil.generateNonce(32));
|
||||
params.put("oauth_signature_method", "HMAC-SHA1");
|
||||
params.put("oauth_timestamp", GlobalAuthUtil.getTimestamp());
|
||||
params.put("oauth_version", "1.0");
|
||||
return params;
|
||||
}
|
||||
|
||||
private void checkResponse(HttpResponse response) {
|
||||
if (!response.isOk()) {
|
||||
throw new AuthException(response.body());
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -17,7 +17,13 @@ import java.nio.charset.StandardCharsets;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.*;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Random;
|
||||
import java.util.TreeMap;
|
||||
|
||||
/**
|
||||
* 全局的工具类
|
||||
@@ -27,7 +33,8 @@ import java.util.*;
|
||||
*/
|
||||
public class GlobalAuthUtil {
|
||||
private static final Charset DEFAULT_ENCODING = StandardCharsets.UTF_8;
|
||||
private static final String ALGORITHM = "HmacSHA256";
|
||||
private static final String HMAC_SHA1 = "HmacSHA1";
|
||||
private static final String HMAC_SHA_256 = "HmacSHA256";
|
||||
|
||||
/**
|
||||
* 生成钉钉请求的Signature
|
||||
@@ -37,24 +44,25 @@ public class GlobalAuthUtil {
|
||||
* @return Signature
|
||||
*/
|
||||
public static String generateDingTalkSignature(String secretKey, String timestamp) {
|
||||
byte[] signData = sign(secretKey.getBytes(DEFAULT_ENCODING), timestamp.getBytes(DEFAULT_ENCODING));
|
||||
byte[] signData = sign(secretKey.getBytes(DEFAULT_ENCODING), timestamp.getBytes(DEFAULT_ENCODING), HMAC_SHA_256);
|
||||
return urlEncode(new String(Base64.encode(signData, false)));
|
||||
}
|
||||
|
||||
/**
|
||||
* 签名
|
||||
*
|
||||
* @param key key
|
||||
* @param data data
|
||||
* @param key key
|
||||
* @param data data
|
||||
* @param algorithm algorithm
|
||||
* @return byte[]
|
||||
*/
|
||||
private static byte[] sign(byte[] key, byte[] data) {
|
||||
private static byte[] sign(byte[] key, byte[] data, String algorithm) {
|
||||
try {
|
||||
Mac mac = Mac.getInstance(ALGORITHM);
|
||||
mac.init(new SecretKeySpec(key, ALGORITHM));
|
||||
Mac mac = Mac.getInstance(algorithm);
|
||||
mac.init(new SecretKeySpec(key, algorithm));
|
||||
return mac.doFinal(data);
|
||||
} catch (NoSuchAlgorithmException ex) {
|
||||
throw new AuthException("Unsupported algorithm: " + ALGORITHM, ex);
|
||||
throw new AuthException("Unsupported algorithm: " + algorithm, ex);
|
||||
} catch (InvalidKeyException ex) {
|
||||
throw new AuthException("Invalid key: " + Arrays.toString(key), ex);
|
||||
}
|
||||
@@ -184,6 +192,57 @@ public class GlobalAuthUtil {
|
||||
return StringUtils.isEmpty(url) || url.contains("127.0.0.1") || url.contains("localhost");
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Generate nonce with given length
|
||||
*
|
||||
* @param len length
|
||||
* @return nonce string
|
||||
*/
|
||||
public static String generateNonce(int len) {
|
||||
String s = "0123456789QWERTYUIOPLKJHGFDSAZXCVBNMqwertyuioplkjhgfdsazxcvbnm";
|
||||
Random rng = new Random();
|
||||
StringBuilder sb = new StringBuilder();
|
||||
for (int i = 0; i < len; i++) {
|
||||
int index = rng.nextInt(62);
|
||||
sb.append(s, index, index + 1);
|
||||
}
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get current timestamp
|
||||
*
|
||||
* @return timestamp string
|
||||
*/
|
||||
public static String getTimestamp() {
|
||||
return String.valueOf(System.currentTimeMillis() / 1000);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate Twitter signature
|
||||
* https://developer.twitter.com/en/docs/basics/authentication/guides/creating-a-signature
|
||||
*
|
||||
* @param params parameters including: oauth headers, query params, body params
|
||||
* @param method HTTP method
|
||||
* @param baseUrl base url
|
||||
* @param apiSecret api key secret can be found in the developer portal by viewing the app details page
|
||||
* @param tokenSecret oauth token secret
|
||||
* @return BASE64 encoded signature string
|
||||
*/
|
||||
public static String generateTwitterSignature(Map<String, Object> params, String method, String baseUrl, String apiSecret, String tokenSecret) {
|
||||
TreeMap<String, Object> map = new TreeMap<>();
|
||||
for (Map.Entry<String, Object> e : params.entrySet()) {
|
||||
map.put(urlEncode(e.getKey()), e.getValue());
|
||||
}
|
||||
String str = parseMapToString(map, true);
|
||||
String baseStr = method.toUpperCase() + "&" + urlEncode(baseUrl) + "&" + urlEncode(str);
|
||||
String signKey = apiSecret + "&" + (StringUtils.isEmpty(tokenSecret) ? "" : tokenSecret);
|
||||
byte[] signature = sign(signKey.getBytes(DEFAULT_ENCODING), baseStr.getBytes(DEFAULT_ENCODING), HMAC_SHA1);
|
||||
|
||||
return new String(Base64.encode(signature, false));
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成饿了么请求的Signature
|
||||
* <p>
|
||||
|
||||
Reference in New Issue
Block a user