♻️ 抽取 state 校验方法

2025-12-27 18:27:55 +08:00 · 2019-08-02 14:19:42 +08:00
parent 909702e4da
commit bed01eef6d
2 changed files with 17 additions and 16 deletions
--- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java
@@ -76,7 +76,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
    public AuthResponse login(AuthCallback authCallback) {
        try {
            AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode());
-            AuthChecker.checkState(authCallback.getState());
+            this.checkState(authCallback.getState());

            AuthToken authToken = this.getAccessToken(authCallback);
            AuthUser user = this.getUserInfo(authToken);
@@ -158,12 +158,12 @@ public abstract class AuthDefaultRequest implements AuthRequest {
    protected String refreshTokenUrl(String refreshToken) {
        return UrlBuilder.fromBaseUrl(source.refresh())
            .queryParam("client_id", config.getClientId())
-            .queryParam("client_secret", config.getClientSecret())
-            .queryParam("refresh_token", refreshToken)
+        .queryParam("client_secret", config.getClientSecret())
+        .queryParam("refresh_token", refreshToken)
            .queryParam("grant_type", "refresh_token")
            .queryParam("redirect_uri", config.getRedirectUri())
-            .build();
-    }
+        .build();
+}

    /**
     * 返回获取userInfo的url
@@ -261,4 +261,16 @@ public abstract class AuthDefaultRequest implements AuthRequest {
    protected HttpResponse doGetRevoke(AuthToken authToken) {
        return HttpRequest.get(revokeUrl(authToken)).execute();
    }
+
+
+    /**
+     * 校验回调传回的state
+     *
+     * @param state {@code state}一定不为空
+     */
+    protected void checkState(String state) {
+        if (StringUtils.isEmpty(state) || !authStateCache.containsKey(state)) {
+            throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
+        }
+    }
 }
--- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
+++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
@@ -66,15 +66,4 @@ public class AuthChecker {
            throw new AuthException(AuthResponseStatus.ILLEGAL_CODE);
        }
    }
-
-    /**
-     * 校验回调传回的state
-     *
-     * @param state {@code state}一定不为空
-     */
-    public static void checkState(String state) {
-        if (StringUtils.isEmpty(state) || !AuthStateCache.containsKey(state)) {
-            throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
-        }
-    }
 }