✨ 全面开启state校验
This commit is contained in:
yadong.zhang
@@ -17,6 +17,10 @@ import me.zhyd.oauth.config.AuthSource;
|
||||
@Setter
|
||||
@Builder
|
||||
public class AuthUser {
|
||||
/**
|
||||
* 用户第三方系统的唯一id。在调用方集成改组件时,可以用uuid + source唯一确定一个用户
|
||||
*/
|
||||
private String uuid;
|
||||
/**
|
||||
* 用户名
|
||||
*/
|
||||
@@ -61,8 +65,4 @@ public class AuthUser {
|
||||
* 用户授权的token信息
|
||||
*/
|
||||
private AuthToken token;
|
||||
/**
|
||||
* 用户第三方系统的唯一id。在调用方集成改组件时,可以用uuid + source唯一确定一个用户
|
||||
*/
|
||||
private String uuid;
|
||||
}
|
||||
|
||||
@@ -38,12 +38,12 @@ public class AuthAlipayRequest extends BaseAuthRequest {
|
||||
protected AuthToken getAccessToken(AuthCallback authCallback) {
|
||||
AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest();
|
||||
request.setGrantType("authorization_code");
|
||||
request.setCode(authCallback.getCode());
|
||||
request.setCode(authCallback.getAuth_code());
|
||||
AlipaySystemOauthTokenResponse response = null;
|
||||
try {
|
||||
response = this.alipayClient.execute(request);
|
||||
} catch (Exception e) {
|
||||
throw new AuthException("Unable to get token from alipay using code [" + authCallback.getCode() + "]", e);
|
||||
throw new AuthException("Unable to get token from alipay using code [" + authCallback.getAuth_code() + "]", e);
|
||||
}
|
||||
if (!response.isSuccess()) {
|
||||
throw new AuthException(response.getSubMsg());
|
||||
@@ -93,6 +93,6 @@ public class AuthAlipayRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getAlipayAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getAlipayAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,7 +67,7 @@ public class AuthBaiduRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getBaiduAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getBaiduAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -33,7 +33,11 @@ public class AuthCodingRequest extends BaseAuthRequest {
|
||||
if (accessTokenObject.getIntValue("code") != 0) {
|
||||
throw new AuthException("Unable to get token from coding using code [" + authCallback.getCode() + "]");
|
||||
}
|
||||
return AuthToken.builder().accessToken(accessTokenObject.getString("access_token")).build();
|
||||
return AuthToken.builder()
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.refreshToken(accessTokenObject.getString("refresh_token"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -69,6 +73,6 @@ public class AuthCodingRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getCodingAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getCodingAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -63,6 +63,6 @@ public class AuthCsdnRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getCsdnAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getCsdnAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -67,6 +67,6 @@ public class AuthDingTalkRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getDingTalkQrConnectUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getDingTalkQrConnectUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -58,7 +58,7 @@ public class AuthDouyinRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getDouyinAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getDouyinAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -30,16 +30,16 @@ public class AuthFacebookRequest extends BaseAuthRequest {
|
||||
String accessTokenUrl = UrlBuilder.getFacebookAccessTokenUrl(config.getClientId(), config.getClientSecret(),
|
||||
authCallback.getCode(), config.getRedirectUri());
|
||||
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
|
||||
JSONObject object = JSONObject.parseObject(response.body());
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||||
|
||||
if (object.containsKey("error")) {
|
||||
throw new AuthException(object.getJSONObject("error").getString("message"));
|
||||
if (accessTokenObject.containsKey("error")) {
|
||||
throw new AuthException(accessTokenObject.getJSONObject("error").getString("message"));
|
||||
}
|
||||
|
||||
return AuthToken.builder()
|
||||
.accessToken(object.getString("access_token"))
|
||||
.expireIn(object.getIntValue("expires_in"))
|
||||
.tokenType(object.getString("token_type"))
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.tokenType(accessTokenObject.getString("token_type"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@@ -80,6 +80,6 @@ public class AuthFacebookRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getFacebookAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getFacebookAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,19 +30,19 @@ public class AuthGoogleRequest extends BaseAuthRequest {
|
||||
String accessTokenUrl = UrlBuilder.getGoogleAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode(), config
|
||||
.getRedirectUri());
|
||||
HttpResponse response = HttpRequest.post(accessTokenUrl).execute();
|
||||
JSONObject object = JSONObject.parseObject(response.body());
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||||
|
||||
if (object.containsKey("error") || object.containsKey("error_description")) {
|
||||
throw new AuthException("get google access_token has error:[" + object.getString("error") + "], error_description:[" + object
|
||||
if (accessTokenObject.containsKey("error") || accessTokenObject.containsKey("error_description")) {
|
||||
throw new AuthException("get google access_token has error:[" + accessTokenObject.getString("error") + "], error_description:[" + accessTokenObject
|
||||
.getString("error_description") + "]");
|
||||
}
|
||||
|
||||
return AuthToken.builder()
|
||||
.accessToken(object.getString("access_token"))
|
||||
.expireIn(object.getIntValue("expires_in"))
|
||||
.scope(object.getString("scope"))
|
||||
.tokenType(object.getString("token_type"))
|
||||
.idToken(object.getString("id_token"))
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.scope(accessTokenObject.getString("scope"))
|
||||
.tokenType(accessTokenObject.getString("token_type"))
|
||||
.idToken(accessTokenObject.getString("id_token"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@@ -72,6 +72,6 @@ public class AuthGoogleRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getGoogleAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getGoogleAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,7 +93,7 @@ public class AuthLinkedinRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getLinkedinAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getLinkedinAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
private String getUserEmail(String accessToken) {
|
||||
|
||||
@@ -35,21 +35,21 @@ public class AuthMiRequest extends BaseAuthRequest {
|
||||
private AuthToken getToken(String accessTokenUrl) {
|
||||
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
|
||||
String jsonStr = StrUtil.replace(response.body(), PREFIX, StrUtil.EMPTY);
|
||||
JSONObject object = JSONObject.parseObject(jsonStr);
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(jsonStr);
|
||||
|
||||
if (object.containsKey("error")) {
|
||||
throw new AuthException(object.getString("error_description"));
|
||||
if (accessTokenObject.containsKey("error")) {
|
||||
throw new AuthException(accessTokenObject.getString("error_description"));
|
||||
}
|
||||
|
||||
return AuthToken.builder()
|
||||
.accessToken(object.getString("access_token"))
|
||||
.expireIn(object.getIntValue("expires_in"))
|
||||
.scope(object.getString("scope"))
|
||||
.tokenType(object.getString("token_type"))
|
||||
.refreshToken(object.getString("refresh_token"))
|
||||
.openId(object.getString("openId"))
|
||||
.macAlgorithm(object.getString("mac_algorithm"))
|
||||
.macKey(object.getString("mac_key"))
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.scope(accessTokenObject.getString("scope"))
|
||||
.tokenType(accessTokenObject.getString("token_type"))
|
||||
.refreshToken(accessTokenObject.getString("refresh_token"))
|
||||
.openId(accessTokenObject.getString("openId"))
|
||||
.macAlgorithm(accessTokenObject.getString("mac_algorithm"))
|
||||
.macKey(accessTokenObject.getString("mac_key"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@@ -98,7 +98,7 @@ public class AuthMiRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getMiAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getMiAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -48,16 +48,16 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
|
||||
.form(paramMap)
|
||||
.execute();
|
||||
String accessTokenStr = response.body();
|
||||
JSONObject object = JSONObject.parseObject(accessTokenStr);
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(accessTokenStr);
|
||||
|
||||
this.checkResponse(object);
|
||||
this.checkResponse(accessTokenObject);
|
||||
|
||||
return AuthToken.builder()
|
||||
.accessToken(object.getString("access_token"))
|
||||
.expireIn(object.getIntValue("expires_in"))
|
||||
.scope(object.getString("scope"))
|
||||
.tokenType(object.getString("token_type"))
|
||||
.refreshToken(object.getString("refresh_token"))
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.scope(accessTokenObject.getString("scope"))
|
||||
.tokenType(accessTokenObject.getString("token_type"))
|
||||
.refreshToken(accessTokenObject.getString("refresh_token"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@@ -96,7 +96,7 @@ public class AuthMicrosoftRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getMicrosoftAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getMicrosoftAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -34,7 +34,12 @@ public class AuthOschinaRequest extends BaseAuthRequest {
|
||||
if (accessTokenObject.containsKey("error")) {
|
||||
throw new AuthException("Unable to get token from oschina using code [" + authCallback.getCode() + "]");
|
||||
}
|
||||
return AuthToken.builder().accessToken(accessTokenObject.getString("access_token")).build();
|
||||
return AuthToken.builder()
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.refreshToken(accessTokenObject.getString("refresh_token"))
|
||||
.uid(accessTokenObject.getString("uid"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -66,6 +71,6 @@ public class AuthOschinaRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getOschinaAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getOschinaAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -81,7 +81,7 @@ public class AuthQqRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getQqAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getQqAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
private String getOpenId(AuthToken authToken) {
|
||||
|
||||
@@ -36,19 +36,19 @@ public class AuthTaobaoRequest extends BaseAuthRequest {
|
||||
String accessCode = authToken.getAccessCode();
|
||||
HttpResponse response = HttpRequest.post(UrlBuilder.getTaobaoAccessTokenUrl(this.config.getClientId(), this.config
|
||||
.getClientSecret(), accessCode, this.config.getRedirectUri())).execute();
|
||||
JSONObject object = JSONObject.parseObject(response.body());
|
||||
if (object.containsKey("error")) {
|
||||
throw new AuthException(ResponseStatus.FAILURE + ":" + object.getString("error_description"));
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||||
if (accessTokenObject.containsKey("error")) {
|
||||
throw new AuthException(ResponseStatus.FAILURE + ":" + accessTokenObject.getString("error_description"));
|
||||
}
|
||||
authToken.setAccessToken(object.getString("access_token"));
|
||||
authToken.setRefreshToken(object.getString("refresh_token"));
|
||||
authToken.setExpireIn(object.getIntValue("expires_in"));
|
||||
authToken.setUid(object.getString("taobao_user_id"));
|
||||
authToken.setOpenId(object.getString("taobao_open_uid"));
|
||||
authToken.setAccessToken(accessTokenObject.getString("access_token"));
|
||||
authToken.setRefreshToken(accessTokenObject.getString("refresh_token"));
|
||||
authToken.setExpireIn(accessTokenObject.getIntValue("expires_in"));
|
||||
authToken.setUid(accessTokenObject.getString("taobao_user_id"));
|
||||
authToken.setOpenId(accessTokenObject.getString("taobao_open_uid"));
|
||||
|
||||
String nick = GlobalAuthUtil.urlDecode(object.getString("taobao_user_nick"));
|
||||
String nick = GlobalAuthUtil.urlDecode(accessTokenObject.getString("taobao_user_nick"));
|
||||
return AuthUser.builder()
|
||||
.uuid(object.getString("taobao_user_id"))
|
||||
.uuid(accessTokenObject.getString("taobao_user_id"))
|
||||
.username(nick)
|
||||
.nickname(nick)
|
||||
.gender(AuthUserGender.UNKNOW)
|
||||
@@ -64,6 +64,6 @@ public class AuthTaobaoRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getTaobaoAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getTaobaoAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -29,11 +29,15 @@ public class AuthTencentCloudRequest extends BaseAuthRequest {
|
||||
protected AuthToken getAccessToken(AuthCallback authCallback) {
|
||||
String accessTokenUrl = UrlBuilder.getTencentCloudAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
|
||||
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
|
||||
JSONObject object = JSONObject.parseObject(response.body());
|
||||
if (object.getIntValue("code") != 0) {
|
||||
throw new AuthException("Unable to get token from tencent cloud using code [" + authCallback.getCode() + "]: " + object.get("msg"));
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||||
if (accessTokenObject.getIntValue("code") != 0) {
|
||||
throw new AuthException("Unable to get token from tencent cloud using code [" + authCallback.getCode() + "]: " + accessTokenObject.get("msg"));
|
||||
}
|
||||
return AuthToken.builder().accessToken(object.getString("access_token")).build();
|
||||
return AuthToken.builder()
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.refreshToken(accessTokenObject.getString("refresh_token"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -68,6 +72,6 @@ public class AuthTencentCloudRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getTencentCloudAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getTencentCloudAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,16 +26,16 @@ public class AuthToutiaoRequest extends BaseAuthRequest {
|
||||
protected AuthToken getAccessToken(AuthCallback authCallback) {
|
||||
String accessTokenUrl = UrlBuilder.getToutiaoAccessTokenUrl(config.getClientId(), config.getClientSecret(), authCallback.getCode());
|
||||
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
|
||||
JSONObject object = JSONObject.parseObject(response.body());
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||||
|
||||
if (object.containsKey("error_code")) {
|
||||
throw new AuthException(AuthToutiaoErrorCode.getErrorCode(object.getIntValue("error_code")).getDesc());
|
||||
if (accessTokenObject.containsKey("error_code")) {
|
||||
throw new AuthException(AuthToutiaoErrorCode.getErrorCode(accessTokenObject.getIntValue("error_code")).getDesc());
|
||||
}
|
||||
|
||||
return AuthToken.builder()
|
||||
.accessToken(object.getString("access_token"))
|
||||
.expireIn(object.getIntValue("expires_in"))
|
||||
.openId(object.getString("open_id"))
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.openId(accessTokenObject.getString("open_id"))
|
||||
.build();
|
||||
}
|
||||
|
||||
@@ -73,6 +73,6 @@ public class AuthToutiaoRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getToutiaoAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getToutiaoAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,7 +24,7 @@ public class AuthWeChatRequest extends BaseAuthRequest {
|
||||
/**
|
||||
* 微信的特殊性,此时返回的信息同时包含 openid 和 access_token
|
||||
*
|
||||
* @param code 授权码
|
||||
* @param authCallback 回调返回的参数
|
||||
* @return 所有信息
|
||||
*/
|
||||
@Override
|
||||
@@ -63,7 +63,7 @@ public class AuthWeChatRequest extends BaseAuthRequest {
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
return UrlBuilder.getWeChatAuthorizeUrl(config.getClientId(), config.getRedirectUri());
|
||||
return UrlBuilder.getWeChatAuthorizeUrl(config.getClientId(), config.getRedirectUri(), config.getState());
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -94,15 +94,15 @@ public class AuthWeChatRequest extends BaseAuthRequest {
|
||||
*/
|
||||
private AuthToken getToken(String accessTokenUrl) {
|
||||
HttpResponse response = HttpRequest.get(accessTokenUrl).execute();
|
||||
JSONObject object = JSONObject.parseObject(response.body());
|
||||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||||
|
||||
this.checkResponse(object);
|
||||
this.checkResponse(accessTokenObject);
|
||||
|
||||
return AuthToken.builder()
|
||||
.accessToken(object.getString("access_token"))
|
||||
.refreshToken(object.getString("refresh_token"))
|
||||
.expireIn(object.getIntValue("expires_in"))
|
||||
.openId(object.getString("openid"))
|
||||
.accessToken(accessTokenObject.getString("access_token"))
|
||||
.refreshToken(accessTokenObject.getString("refresh_token"))
|
||||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||||
.openId(accessTokenObject.getString("openid"))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -37,7 +37,7 @@ public abstract class BaseAuthRequest implements AuthRequest {
|
||||
@Override
|
||||
public AuthResponse login(AuthCallback authCallback) {
|
||||
try {
|
||||
AuthChecker.checkCode(authCallback.getCode());
|
||||
AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode());
|
||||
AuthChecker.checkState(authCallback.getState(), config.getState());
|
||||
|
||||
AuthToken authToken = this.getAccessToken(authCallback);
|
||||
|
||||
@@ -29,31 +29,31 @@ public class UrlBuilder {
|
||||
private static final String GITEE_USER_INFO_PATTERN = "{0}?access_token={1}";
|
||||
private static final String GITEE_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
|
||||
|
||||
private static final String DING_TALK_QRCONNECT_PATTERN = "{0}?appid={1}&response_type=code&scope=snsapi_login&state=STATE&redirect_uri={2}";
|
||||
private static final String DING_TALK_QRCONNECT_PATTERN = "{0}?appid={1}&response_type=code&scope=snsapi_login&redirect_uri={2}&state={3}";
|
||||
private static final String DING_TALK_USER_INFO_PATTERN = "{0}?signature={1}×tamp={2}&accessKey={3}";
|
||||
|
||||
private static final String BAIDU_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
|
||||
private static final String BAIDU_USER_INFO_PATTERN = "{0}?access_token={1}";
|
||||
private static final String BAIDU_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&display=popup";
|
||||
private static final String BAIDU_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&display=popup&state={3}";
|
||||
private static final String BAIDU_REVOKE_PATTERN = "{0}?access_token={1}";
|
||||
|
||||
private static final String CSDN_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
|
||||
private static final String CSDN_USER_INFO_PATTERN = "{0}?access_token={1}";
|
||||
private static final String CSDN_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}";
|
||||
private static final String CSDN_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
|
||||
|
||||
private static final String CODING_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}";
|
||||
private static final String CODING_USER_INFO_PATTERN = "{0}?access_token={1}";
|
||||
private static final String CODING_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user";
|
||||
private static final String CODING_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user&state={3}";
|
||||
|
||||
private static final String TENCENT_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}";
|
||||
private static final String TENCENT_USER_INFO_PATTERN = "{0}?access_token={1}";
|
||||
private static final String TENCENT_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user";
|
||||
private static final String TENCENT_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&scope=user&state={3}";
|
||||
|
||||
private static final String OSCHINA_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}&dataType=json";
|
||||
private static final String OSCHINA_USER_INFO_PATTERN = "{0}?access_token={1}&dataType=json";
|
||||
private static final String OSCHINA_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}";
|
||||
private static final String OSCHINA_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}";
|
||||
|
||||
private static final String ALIPAY_AUTHORIZE_PATTERN = "{0}?app_id={1}&scope=auth_user&redirect_uri={2}&state=init";
|
||||
private static final String ALIPAY_AUTHORIZE_PATTERN = "{0}?app_id={1}&scope=auth_user&redirect_uri={2}&state={3}";
|
||||
|
||||
private static final String QQ_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}";
|
||||
private static final String QQ_USER_INFO_PATTERN = "{0}?oauth_consumer_key={1}&access_token={2}&openid={3}";
|
||||
@@ -215,10 +215,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId 钉钉 应用的App Id
|
||||
* @param redirectUrl 钉钉 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getDingTalkQrConnectUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(DING_TALK_QRCONNECT_PATTERN, AuthSource.DINGTALK.authorize(), clientId, redirectUrl);
|
||||
public static String getDingTalkQrConnectUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(DING_TALK_QRCONNECT_PATTERN, AuthSource.DINGTALK.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -261,10 +262,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId baidu 应用的API Key
|
||||
* @param redirectUrl baidu 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return json
|
||||
*/
|
||||
public static String getBaiduAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(BAIDU_AUTHORIZE_PATTERN, AuthSource.BAIDU.authorize(), clientId, redirectUrl);
|
||||
public static String getBaiduAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(BAIDU_AUTHORIZE_PATTERN, AuthSource.BAIDU.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -305,10 +307,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId csdn 应用的Client ID
|
||||
* @param redirectUrl csdn 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getCsdnAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(CSDN_AUTHORIZE_PATTERN, AuthSource.CSDN.authorize(), clientId, redirectUrl);
|
||||
public static String getCsdnAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(CSDN_AUTHORIZE_PATTERN, AuthSource.CSDN.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -338,10 +341,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId coding 应用的Client ID
|
||||
* @param redirectUrl coding 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getCodingAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(CODING_AUTHORIZE_PATTERN, AuthSource.CODING.authorize(), clientId, redirectUrl);
|
||||
public static String getCodingAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(CODING_AUTHORIZE_PATTERN, AuthSource.CODING.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -371,10 +375,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId coding 应用的Client ID
|
||||
* @param redirectUrl coding 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getTencentCloudAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(TENCENT_AUTHORIZE_PATTERN, AuthSource.TENCENT_CLOUD.authorize(), clientId, redirectUrl);
|
||||
public static String getTencentCloudAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(TENCENT_AUTHORIZE_PATTERN, AuthSource.TENCENT_CLOUD.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -405,10 +410,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId oschina 应用的Client ID
|
||||
* @param redirectUrl oschina 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getOschinaAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(OSCHINA_AUTHORIZE_PATTERN, AuthSource.OSCHINA.authorize(), clientId, redirectUrl);
|
||||
public static String getOschinaAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(OSCHINA_AUTHORIZE_PATTERN, AuthSource.OSCHINA.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -441,10 +447,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId qq 应用的Client ID
|
||||
* @param redirectUrl qq 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getQqAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(QQ_AUTHORIZE_PATTERN, AuthSource.QQ.authorize(), clientId, redirectUrl, System.currentTimeMillis());
|
||||
public static String getQqAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(QQ_AUTHORIZE_PATTERN, AuthSource.QQ.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -464,10 +471,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId alipay 应用的Client ID
|
||||
* @param redirectUrl alipay 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getAlipayAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(ALIPAY_AUTHORIZE_PATTERN, AuthSource.ALIPAY.authorize(), clientId, redirectUrl);
|
||||
public static String getAlipayAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(ALIPAY_AUTHORIZE_PATTERN, AuthSource.ALIPAY.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -475,11 +483,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId 微信 应用的appid
|
||||
* @param redirectUrl 微信 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getWeChatAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(WECHAT_AUTHORIZE_PATTERN, AuthSource.WECHAT.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getWeChatAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(WECHAT_AUTHORIZE_PATTERN, AuthSource.WECHAT.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -534,11 +542,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId Taobao 应用的Client ID
|
||||
* @param redirectUrl Taobao 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getTaobaoAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(TAOBAO_AUTHORIZE_PATTERN, AuthSource.TAOBAO.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getTaobaoAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(TAOBAO_AUTHORIZE_PATTERN, AuthSource.TAOBAO.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -546,11 +554,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId google 应用的Client ID
|
||||
* @param redirectUrl google 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getGoogleAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(GOOGLE_AUTHORIZE_PATTERN, AuthSource.GOOGLE.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getGoogleAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(GOOGLE_AUTHORIZE_PATTERN, AuthSource.GOOGLE.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -581,11 +589,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId Facebook 应用的Client ID
|
||||
* @param redirectUrl Facebook 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getFacebookAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(FACEBOOK_AUTHORIZE_PATTERN, AuthSource.FACEBOOK.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getFacebookAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(FACEBOOK_AUTHORIZE_PATTERN, AuthSource.FACEBOOK.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -616,11 +624,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId Douyin 应用的Client ID
|
||||
* @param redirectUrl Douyin 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getDouyinAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(DOUYIN_AUTHORIZE_PATTERN, AuthSource.DOUYIN.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getDouyinAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(DOUYIN_AUTHORIZE_PATTERN, AuthSource.DOUYIN.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -662,11 +670,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId Linkedin 应用的Client ID
|
||||
* @param redirectUrl Linkedin 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getLinkedinAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(LINKEDIN_AUTHORIZE_PATTERN, AuthSource.LINKEDIN.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getLinkedinAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(LINKEDIN_AUTHORIZE_PATTERN, AuthSource.LINKEDIN.authorize(), clientId, redirectUrl, state);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -708,11 +716,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId 微软 应用的Client ID
|
||||
* @param redirectUrl 微软 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getMicrosoftAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(MICROSOFT_AUTHORIZE_PATTERN, AuthSource.MICROSOFT.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getMicrosoftAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(MICROSOFT_AUTHORIZE_PATTERN, AuthSource.MICROSOFT.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -755,10 +763,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId 小米 应用的Client ID
|
||||
* @param redirectUrl 小米 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getMiAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(MI_AUTHORIZE_PATTERN, AuthSource.MI.authorize(), clientId, redirectUrl, System.currentTimeMillis());
|
||||
public static String getMiAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(MI_AUTHORIZE_PATTERN, AuthSource.MI.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -803,11 +812,11 @@ public class UrlBuilder {
|
||||
*
|
||||
* @param clientId 今日头条 应用的Client ID
|
||||
* @param redirectUrl 今日头条 应用授权成功后的回调地址
|
||||
* @param state 随机字符串,用于保持会话状态,防止CSRF攻击
|
||||
* @return full url
|
||||
*/
|
||||
public static String getToutiaoAuthorizeUrl(String clientId, String redirectUrl) {
|
||||
return MessageFormat.format(TOUTIAO_AUTHORIZE_PATTERN, AuthSource.TOUTIAO.authorize(), clientId, redirectUrl, System
|
||||
.currentTimeMillis());
|
||||
public static String getToutiaoAuthorizeUrl(String clientId, String redirectUrl, String state) {
|
||||
return MessageFormat.format(TOUTIAO_AUTHORIZE_PATTERN, AuthSource.TOUTIAO.authorize(), clientId, redirectUrl, getState(state));
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user