diff --git a/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiScope.java b/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiScope.java new file mode 100644 index 0000000..d9dffa5 --- /dev/null +++ b/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiScope.java @@ -0,0 +1,65 @@ +package me.zhyd.oauth.enums.scope; + +import lombok.AllArgsConstructor; +import lombok.Getter; + +import java.util.ArrayList; +import java.util.Arrays; +import java.util.List; +import java.util.stream.Collectors; + +/** + * 华为平台 OAuth 授权范围 + * + * @author yadong.zhang (yadong.zhang0415(a)gmail.com) + * @version 1.0.0 + * @since 1.0.0 + */ +@Getter +@AllArgsConstructor +public enum AuthHuaweiScope implements AuthScope { + + /** + * {@code scope} 含义,以{@code description} 为准 + */ + BASE_PROFILE("https://www.huawei.com/auth/account/base.profile", "获取用户的基本信息", true), + MOBILE_NUMBER("https://www.huawei.com/auth/account/mobile.number", "获取用户的手机号", false), + ACCOUNTLIST("https://www.huawei.com/auth/account/accountlist", "获取用户的账单列表", false), + + /** + * 以下两个 scope 不需要经过华为评估和验证 + */ + SCOPE_DRIVE_FILE("https://www.huawei.com/auth/drive.file", "只允许访问由应用程序创建或打开的文件", false), + SCOPE_DRIVE_APPDATA("https://www.huawei.com/auth/drive.appdata", "只允许访问由应用程序创建或打开的文件", false), + /** + * 以下四个 scope 使用前需要向drivekit@huawei.com提交申请 + *

+ * 参考:https://developer.huawei.com/consumer/cn/doc/development/HMSCore-Guides-V5/server-dev-0000001050039664-V5#ZH-CN_TOPIC_0000001050039664__section1618418855716 + */ + SCOPE_DRIVE("https://www.huawei.com/auth/drive", "只允许访问由应用程序创建或打开的文件", false), + SCOPE_DRIVE_READONLY("https://www.huawei.com/auth/drive.readonly", "只允许访问由应用程序创建或打开的文件", false), + SCOPE_DRIVE_METADATA("https://www.huawei.com/auth/drive.metadata", "只允许访问由应用程序创建或打开的文件", false), + SCOPE_DRIVE_METADATA_READONLY("https://www.huawei.com/auth/drive.metadata.readonly", "只允许访问由应用程序创建或打开的文件", false), + + + ; + + private String scope; + private String description; + private boolean isDefault; + + public static List getDefaultScopes() { + AuthHuaweiScope[] scopes = AuthHuaweiScope.values(); + List defaultScopes = new ArrayList<>(); + for (AuthHuaweiScope scope : scopes) { + if (scope.isDefault()) { + defaultScopes.add(scope); + } + } + return defaultScopes; + } + + public static List listScope() { + return Arrays.stream(AuthHuaweiScope.values()).map(AuthHuaweiScope::getScope).collect(Collectors.toList()); + } +} diff --git a/src/main/java/me/zhyd/oauth/request/AuthHuaweiRequest.java b/src/main/java/me/zhyd/oauth/request/AuthHuaweiRequest.java index b6b10fc..f6ca729 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthHuaweiRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthHuaweiRequest.java @@ -1,16 +1,17 @@ package me.zhyd.oauth.request; import com.alibaba.fastjson.JSONObject; -import me.zhyd.oauth.utils.HttpUtils; import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthDefaultSource; import me.zhyd.oauth.enums.AuthUserGender; +import me.zhyd.oauth.enums.scope.AuthHuaweiScope; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthCallback; import me.zhyd.oauth.model.AuthResponse; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.utils.HttpUtils; import me.zhyd.oauth.utils.UrlBuilder; import java.util.HashMap; @@ -134,7 +135,7 @@ public class AuthHuaweiRequest extends AuthDefaultRequest { .queryParam("client_id", config.getClientId()) .queryParam("redirect_uri", config.getRedirectUri()) .queryParam("access_type", "offline") - .queryParam("scope", "https%3A%2F%2Fwww.huawei.com%2Fauth%2Faccount%2Fbase.profile") + .queryParam("scope", this.getScopes(" ", true, AuthHuaweiScope.getDefaultScopes())) .queryParam("state", getRealState(state)) .build(); }