merge pr

💩 添加新版钉钉扫码登录能力
💩 修复企业微信扫码登录 code 的传值
2025-11-06 06:20:49 +08:00 · 2024-09-02 00:45:40 +08:00 · 2024-09-02 00:24:05 +08:00 · 2024-09-01 18:19:05 +08:00 · 2024-09-01 18:15:18 +08:00 · 2024-08-27 03:44:47 +00:00
12 changed files with 507 additions and 4 deletions
--- a/CHANGELOGS.md
+++ b/CHANGELOGS.md
@@ -1,11 +1,13 @@
 ## 1.16.7

 ### 2024/08/03
-:
+
 - 新增
  - 添加`appleid`社交登录能力。 [Github#192](https://github.com/justauth/JustAuth/pull/192)
  - 添加`figma`社交登录能力。 [Gitee#41](https://gitee.com/yadong.zhang/JustAuth/pulls/41)
  - 添加新版`企业微信扫码`登录能力。 [Github Issue#165](https://github.com/justauth/JustAuth/issues/165)
+  - 添加新版`钉钉扫码`登录能力。 [Gitee Issue#I73FZL](https://gitee.com/yadong.zhang/JustAuth/issues/I73FZL)
+  - 添加新版`华为`登录能力，原`AuthHuaweiRequest`会在后面版本被弃用，如有使用，请切换到`AuthHuaweiV3Request`
  - 新增微信小程序授权登录
 - 优化
  - 更新 Google 端点地址。[Github #198](https://github.com/justauth/JustAuth/pull/198)
--- a/src/main/java/me/zhyd/oauth/config/AuthConfig.java
+++ b/src/main/java/me/zhyd/oauth/config/AuthConfig.java
@@ -209,9 +209,47 @@ public class AuthConfig {
    private String loginType = "CorpApp";

    /**
-     * 语言编码
+     * 企业微信平台的语言编码
     *
     * @since 1.16.7
     */
    private String lang = "zh";
+
+    /**
+     * 钉钉平台参数：控制输出特定类型的组织列表，org_type=management 表示只输出有管理权限的组织。
+     *
+     * scope包含corpid时该参数存在意义。
+     *
+     * @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
+     * @since 1.16.7
+     */
+    private String dingTalkOrgType;
+
+    /**
+     * 钉钉平台参数：用于指定用户需要选择的组织。
+     *
+     * scope包含corpid时该参数存在意义。传入的corpId需要是当前用户所在的组织。
+     *
+     * @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
+     * @since 1.16.7
+     */
+    private String dingTalkCorpId;
+
+    /**
+     * 钉钉平台参数：true表示专属帐号登录，展示组织代码输入页。
+     *
+     * @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
+     * @since 1.16.7
+     */
+    private boolean dingTalkExclusiveLogin;
+
+    /**
+     * 钉钉平台参数：开启了专属帐号功能的组织corpId。
+     *
+     * scope包含corpid时该参数存在意义。传入的corpId需要是当前用户所在的组织。
+     *
+     * @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
+     * @since 1.16.7
+     */
+    private String dingTalkExclusiveCorpId;
 }
--- a/src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java
+++ b/src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java
@@ -112,6 +112,30 @@ public enum AuthDefaultSource implements AuthSource {
            return AuthDingTalkRequest.class;
        }
    },
+    /**
+     * 新版钉钉扫码登录
+     */
+    DINGTALK_V2 {
+        @Override
+        public String authorize() {
+            return "https://login.dingtalk.com/oauth2/challenge.htm";
+        }
+
+        @Override
+        public String accessToken() {
+            return "https://api.dingtalk.com/v1.0/oauth2/userAccessToken";
+        }
+
+        @Override
+        public String userInfo() {
+            return "https://api.dingtalk.com/v1.0/contact/users/me";
+        }
+
+        @Override
+        public Class<? extends AuthDefaultRequest> getTargetClass() {
+            return AuthDingTalkV2Request.class;
+        }
+    },
    /**
     * 钉钉账号登录
     */
@@ -709,8 +733,11 @@ public enum AuthDefaultSource implements AuthSource {
    /**
     * 华为
     *
+     * 当前方式未来可能被废弃，建议使用 {@link this#HUAWEI_V3}
+     *
     * @since 1.10.0
     */
+    @Deprecated
    HUAWEI {
        @Override
        public String authorize() {
@@ -738,6 +765,38 @@ public enum AuthDefaultSource implements AuthSource {
        }
    },

+    /**
+     * 华为最新版本的 API
+     *
+     * @since 1.16.7
+     */
+    HUAWEI_V3 {
+        @Override
+        public String authorize() {
+            return "https://oauth-login.cloud.huawei.com/oauth2/v3/authorize";
+        }
+
+        @Override
+        public String accessToken() {
+            return "https://oauth-login.cloud.huawei.com/oauth2/v3/token";
+        }
+
+        @Override
+        public String userInfo() {
+            return "https://account.cloud.huawei.com/rest.php";
+        }
+
+        @Override
+        public String refresh() {
+            return "https://oauth-login.cloud.huawei.com/oauth2/v3/token";
+        }
+
+        @Override
+        public Class<? extends AuthDefaultRequest> getTargetClass() {
+            return AuthHuaweiV3Request.class;
+        }
+    },
+
    /**
     * 企业微信二维码登录
     *
--- a/src/main/java/me/zhyd/oauth/enums/scope/AuthDingTalkScope.java
+++ b/src/main/java/me/zhyd/oauth/enums/scope/AuthDingTalkScope.java
@@ -0,0 +1,33 @@
+package me.zhyd.oauth.enums.scope;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 钉钉平台 OAuth 授权范围
+ *
+ * https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug
+ *
+ * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
+ * @version 1.0.0
+ * @since 1.16.7
+ */
+@Getter
+@AllArgsConstructor
+public enum AuthDingTalkScope implements AuthScope {
+
+    /**
+     * 无需申请	默认开启
+     */
+    openid("openid", "授权后可获得用户userid", true),
+    /**
+     * 无需申请	默认开启
+     */
+    corpid("corpid", "授权后可获得登录过程中用户选择的组织id", false)
+    ;
+
+    private final String scope;
+    private final String description;
+    private final boolean isDefault;
+
+}
--- a/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiScope.java
+++ b/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiScope.java
@@ -6,12 +6,15 @@ import lombok.Getter;
 /**
 * 华为平台 OAuth 授权范围
 *
+ * 当前方式未来可能被废弃，建议使用 {@link AuthHuaweiV3Scope}
+ *
 * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
 * @version 1.0.0
 * @since 1.0.0
 */
@Getter
@AllArgsConstructor
+@Deprecated
 public enum AuthHuaweiScope implements AuthScope {

    /**
--- a/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiV3Scope.java
+++ b/src/main/java/me/zhyd/oauth/enums/scope/AuthHuaweiV3Scope.java
@@ -0,0 +1,51 @@
+package me.zhyd.oauth.enums.scope;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 华为平台 V3 版本 OAuth 授权范围
+ *
+ * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
+ * @version 1.0.0
+ * @since 1.16.7
+ */
+@Getter
+@AllArgsConstructor
+public enum AuthHuaweiV3Scope implements AuthScope {
+
+    /**
+     * {@code scope} 含义，以{@code description} 为准
+     */
+    OPENID("openid", "基础scope，v3必选", true),
+    /**
+     * {@code scope} 含义，以{@code description} 为准
+     */
+    BASE_PROFILE("https://www.huawei.com/auth/account/base.profile", "获取用户的基本信息", true),
+    MOBILE_NUMBER("https://www.huawei.com/auth/account/mobile.number", "获取用户的手机号", false),
+    ACCOUNTLIST("https://www.huawei.com/auth/account/accountlist", "获取用户的账单列表", false),
+
+    /**
+     * 以下两个 scope 不需要经过华为评估和验证
+     */
+    SCOPE_DRIVE_FILE("https://www.huawei.com/auth/drive.file", "只允许访问由应用程序创建或打开的文件", false),
+    SCOPE_DRIVE_APPDATA("https://www.huawei.com/auth/drive.appdata", "只允许访问由应用程序创建或打开的文件", false),
+    /**
+     * 以下四个 scope 使用前需要向drivekit@huawei.com提交申请
+     * <p>
+     * 参考：https://developer.huawei.com/consumer/cn/doc/development/HMSCore-Guides-V5/server-dev-0000001050039664-V5#ZH-CN_TOPIC_0000001050039664__section1618418855716
+     */
+    SCOPE_DRIVE("https://www.huawei.com/auth/drive", "只允许访问由应用程序创建或打开的文件", false),
+    SCOPE_DRIVE_READONLY("https://www.huawei.com/auth/drive.readonly", "只允许访问由应用程序创建或打开的文件", false),
+    SCOPE_DRIVE_METADATA("https://www.huawei.com/auth/drive.metadata", "只允许访问由应用程序创建或打开的文件", false),
+    SCOPE_DRIVE_METADATA_READONLY("https://www.huawei.com/auth/drive.metadata.readonly", "只允许访问由应用程序创建或打开的文件", false),
+
+
+    ;
+    ;
+
+    private final String scope;
+    private final String description;
+    private final boolean isDefault;
+
+}
--- a/src/main/java/me/zhyd/oauth/model/AuthToken.java
+++ b/src/main/java/me/zhyd/oauth/model/AuthToken.java
@@ -66,4 +66,11 @@ public class AuthToken implements Serializable {
     * Apple附带属性
     */
    private String username;
+
+    /**
+     * 新版钉钉附带属性
+     *
+     * @since 1.16.7
+     */
+    private String corpId;
 }
--- a/src/main/java/me/zhyd/oauth/request/AuthDingTalkV2Request.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthDingTalkV2Request.java
@@ -0,0 +1,108 @@
+package me.zhyd.oauth.request;
+
+import com.alibaba.fastjson.JSONObject;
+import com.xkcoding.http.support.HttpHeader;
+import me.zhyd.oauth.cache.AuthStateCache;
+import me.zhyd.oauth.config.AuthConfig;
+import me.zhyd.oauth.config.AuthDefaultSource;
+import me.zhyd.oauth.enums.scope.AuthDingTalkScope;
+import me.zhyd.oauth.exception.AuthException;
+import me.zhyd.oauth.model.AuthCallback;
+import me.zhyd.oauth.model.AuthToken;
+import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.utils.AuthScopeUtils;
+import me.zhyd.oauth.utils.HttpUtils;
+import me.zhyd.oauth.utils.UrlBuilder;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * 新版钉钉二维码登录
+ *
+ * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
+ * @since 1.16.7
+ */
+public class AuthDingTalkV2Request extends AuthDefaultRequest {
+
+    public AuthDingTalkV2Request(AuthConfig config) {
+        super(config, AuthDefaultSource.DINGTALK_V2);
+    }
+
+    public AuthDingTalkV2Request(AuthConfig config, AuthStateCache authStateCache) {
+        super(config, AuthDefaultSource.DINGTALK_V2, authStateCache);
+    }
+
+    @Override
+    public String authorize(String state) {
+        return UrlBuilder.fromBaseUrl(source.authorize())
+            .queryParam("response_type", "code")
+            .queryParam("client_id", config.getClientId())
+            .queryParam("scope", this.getScopes(",", true, AuthScopeUtils.getDefaultScopes(AuthDingTalkScope.values())))
+            .queryParam("redirect_uri", config.getRedirectUri())
+            .queryParam("prompt", "consent")
+            .queryParam("org_type", config.getDingTalkOrgType())
+            .queryParam("corpId", config.getDingTalkCorpId())
+            .queryParam("exclusiveLogin", config.isDingTalkExclusiveLogin())
+            .queryParam("exclusiveCorpId", config.getDingTalkExclusiveCorpId())
+            .queryParam("state", getRealState(state))
+            .build();
+    }
+
+    @Override
+    public AuthToken getAccessToken(AuthCallback authCallback) {
+        Map<String, String> params = new HashMap<>();
+        params.put("grantType", "authorization_code");
+        params.put("clientId", config.getClientId());
+        params.put("clientSecret", config.getClientSecret());
+        params.put("code", authCallback.getCode());
+        String response = new HttpUtils(config.getHttpConfig()).post(this.source.accessToken(), JSONObject.toJSONString(params)).getBody();
+        JSONObject accessTokenObject = JSONObject.parseObject(response);
+        if (!accessTokenObject.containsKey("accessToken")) {
+            throw new AuthException(JSONObject.toJSONString(response), source);
+        }
+        return AuthToken.builder()
+            .accessToken(accessTokenObject.getString("accessToken"))
+            .refreshToken(accessTokenObject.getString("refreshToken"))
+            .expireIn(accessTokenObject.getIntValue("expireIn"))
+            .corpId(accessTokenObject.getString("corpId"))
+            .build();
+    }
+
+    @Override
+    public AuthUser getUserInfo(AuthToken authToken) {
+        HttpHeader header = new HttpHeader();
+        header.add("x-acs-dingtalk-access-token", authToken.getAccessToken());
+
+        String response = new HttpUtils(config.getHttpConfig()).get(this.source.userInfo(), null, header, false).getBody();
+        JSONObject object = JSONObject.parseObject(response);
+
+        authToken.setOpenId(object.getString("openId"));
+        authToken.setUnionId(object.getString("unionId"));
+        return AuthUser.builder()
+            .rawUserInfo(object)
+            .uuid(object.getString("unionId"))
+            .username(object.getString("nick"))
+            .nickname(object.getString("nick"))
+            .avatar(object.getString("avatarUrl"))
+            .snapshotUser(object.getBooleanValue("visitor"))
+            .token(authToken)
+            .source(source.toString())
+            .build();
+    }
+
+    /**
+     * 返回获取accessToken的url
+     *
+     * @param code 授权码
+     * @return 返回获取accessToken的url
+     */
+    protected String accessTokenUrl(String code) {
+        return UrlBuilder.fromBaseUrl(source.accessToken())
+            .queryParam("code", code)
+            .queryParam("clientId", config.getClientId())
+            .queryParam("clientSecret", config.getClientSecret())
+            .queryParam("grantType", "authorization_code")
+            .build();
+    }
+}
--- a/src/main/java/me/zhyd/oauth/request/AuthHuaweiRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthHuaweiRequest.java
@@ -23,10 +23,13 @@ import static me.zhyd.oauth.enums.AuthResponseStatus.SUCCESS;
 /**
 * 华为授权登录
 *
+ * 当前方式未来可能被废弃，建议使用 {@link AuthHuaweiV3Request}
+ *
 * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
 * @version 1.0
 * @since 1.10.0
 */
+@Deprecated
 public class AuthHuaweiRequest extends AuthDefaultRequest {

    public AuthHuaweiRequest(AuthConfig config) {
@@ -71,7 +74,9 @@ public class AuthHuaweiRequest extends AuthDefaultRequest {
        form.put("nsp_ts", System.currentTimeMillis() + "");
        form.put("access_token", authToken.getAccessToken());
        form.put("nsp_fmt", "JS");
-        form.put("nsp_svc", "OpenUP.User.getInfo");
+        form.put("open_id", "OPENID");
+        // form.put("nsp_svc", "OpenUP.User.getInfo");
+        form.put("nsp_svc", "huawei.oauth2.user.getTokenInfo");

        String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), form, false).getBody();
        JSONObject object = JSONObject.parseObject(response);
--- a/src/main/java/me/zhyd/oauth/request/AuthHuaweiV3Request.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthHuaweiV3Request.java
@@ -0,0 +1,196 @@
+package me.zhyd.oauth.request;
+
+import com.alibaba.fastjson.JSONObject;
+import com.xkcoding.http.constants.Constants;
+import com.xkcoding.http.support.HttpHeader;
+import me.zhyd.oauth.cache.AuthStateCache;
+import me.zhyd.oauth.config.AuthConfig;
+import me.zhyd.oauth.config.AuthDefaultSource;
+import me.zhyd.oauth.enums.AuthUserGender;
+import me.zhyd.oauth.enums.scope.AuthHuaweiV3Scope;
+import me.zhyd.oauth.exception.AuthException;
+import me.zhyd.oauth.model.AuthCallback;
+import me.zhyd.oauth.model.AuthResponse;
+import me.zhyd.oauth.model.AuthToken;
+import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.utils.*;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
+import static me.zhyd.oauth.enums.AuthResponseStatus.SUCCESS;
+
+/**
+ * 华为授权登录
+ *
+ * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
+ * @version 1.0
+ * @since 1.16.7
+ */
+public class AuthHuaweiV3Request extends AuthDefaultRequest {
+
+    public AuthHuaweiV3Request(AuthConfig config) {
+        super(config, AuthDefaultSource.HUAWEI_V3);
+    }
+
+    public AuthHuaweiV3Request(AuthConfig config, AuthStateCache authStateCache) {
+        super(config, AuthDefaultSource.HUAWEI_V3, authStateCache);
+    }
+
+    /**
+     * 获取access token
+     *
+     * @param authCallback 授权成功后的回调参数
+     * @return token
+     * @see AuthDefaultRequest#authorize()
+     * @see AuthDefaultRequest#authorize(String)
+     */
+    @Override
+    public AuthToken getAccessToken(AuthCallback authCallback) {
+        Map<String, String> form = new HashMap<>(8);
+        form.put("grant_type", "authorization_code");
+        form.put("code", authCallback.getCode());
+        form.put("client_id", config.getClientId());
+        form.put("client_secret", config.getClientSecret());
+        form.put("redirect_uri", config.getRedirectUri());
+
+        if (config.isPkce()) {
+            String cacheKey = this.source.getName().concat(":code_verifier:").concat(authCallback.getState());
+            String codeVerifier = this.authStateCache.get(cacheKey);
+            form.put("code_verifier", codeVerifier);
+        }
+
+        HttpHeader httpHeader = new HttpHeader();
+        httpHeader.add(Constants.CONTENT_TYPE, "application/x-www-form-urlencoded");
+        String response = new HttpUtils(config.getHttpConfig()).post(source.accessToken(), form, httpHeader, false).getBody();
+        return getAuthToken(response);
+    }
+
+    /**
+     * 使用token换取用户信息
+     *
+     * @param authToken token信息
+     * @return 用户信息
+     * @see AuthDefaultRequest#getAccessToken(AuthCallback)
+     */
+    @Override
+    public AuthUser getUserInfo(AuthToken authToken) {
+        String idToken = authToken.getIdToken();
+        if (StringUtils.isEmpty(idToken)) {
+            Map<String, String> form = new HashMap<>(7);
+            form.put("access_token", authToken.getAccessToken());
+            form.put("getNickName", "1");
+            form.put("nsp_svc", "GOpen.User.getInfo");
+
+            HttpHeader httpHeader = new HttpHeader();
+            httpHeader.add(Constants.CONTENT_TYPE, "application/x-www-form-urlencoded");
+            String response = new HttpUtils(config.getHttpConfig()).post(source.userInfo(), form, httpHeader, false).getBody();
+            JSONObject object = JSONObject.parseObject(response);
+
+            this.checkResponse(object);
+
+            return AuthUser.builder()
+                .rawUserInfo(object)
+                .uuid(object.getString("unionID"))
+                .username(object.getString("displayName"))
+                .nickname(object.getString("displayName"))
+                .gender(AuthUserGender.UNKNOWN)
+                .avatar(object.getString("headPictureURL"))
+                .token(authToken)
+                .source(source.toString())
+                .build();
+        }
+        String payload = new String(Base64.getUrlDecoder().decode(idToken.split("\\.")[1]), StandardCharsets.UTF_8);
+
+        JSONObject object = JSONObject.parseObject(payload);
+        return AuthUser.builder()
+            .rawUserInfo(object)
+            .uuid(object.getString("sub"))
+            .username(object.getString("name"))
+            .nickname(object.getString("nickname"))
+            .gender(AuthUserGender.UNKNOWN)
+            .avatar(object.getString("picture"))
+            .token(authToken)
+            .source(source.toString())
+            .build();
+    }
+
+    /**
+     * 刷新access token （续期）
+     *
+     * @param authToken 登录成功后返回的Token信息
+     * @return AuthResponse
+     */
+    @Override
+    public AuthResponse<AuthToken> refresh(AuthToken authToken) {
+        Map<String, String> form = new HashMap<>(7);
+        form.put("client_id", config.getClientId());
+        form.put("client_secret", config.getClientSecret());
+        form.put("refresh_token", authToken.getRefreshToken());
+        form.put("grant_type", "refresh_token");
+
+        HttpHeader httpHeader = new HttpHeader();
+        httpHeader.add(Constants.CONTENT_TYPE, "application/x-www-form-urlencoded");
+        String response = new HttpUtils(config.getHttpConfig()).post(source.refresh(), form, httpHeader, false).getBody();
+        return AuthResponse.<AuthToken>builder().code(SUCCESS.getCode()).data(getAuthToken(response)).build();
+    }
+
+    private AuthToken getAuthToken(String response) {
+        JSONObject object = JSONObject.parseObject(response);
+
+        this.checkResponse(object);
+
+        return AuthToken.builder()
+            .accessToken(object.getString("access_token"))
+            .expireIn(object.getIntValue("expires_in"))
+            .refreshToken(object.getString("refresh_token"))
+            .idToken(object.getString("id_token"))
+            .build();
+    }
+
+    /**
+     * 返回带{@code state}参数的授权url，授权回调时会带上这个{@code state}
+     *
+     * @param state state 验证授权流程的参数，可以防止csrf
+     * @return 返回授权地址
+     * @since 1.9.3
+     */
+    @Override
+    public String authorize(String state) {
+        String realState = getRealState(state);
+        UrlBuilder builder = UrlBuilder.fromBaseUrl(super.authorize(realState))
+            .queryParam("access_type", "offline")
+            .queryParam("scope", this.getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthHuaweiV3Scope.values())));
+
+        if (config.isPkce()) {
+            String cacheKey = this.source.getName().concat(":code_verifier:").concat(realState);
+            String codeVerifier = PkceUtil.generateCodeVerifier();
+            String codeChallengeMethod = "S256";
+            String codeChallenge = PkceUtil.generateCodeChallenge(codeChallengeMethod, codeVerifier);
+            builder.queryParam("code_challenge", codeChallenge)
+                .queryParam("code_challenge_method", codeChallengeMethod);
+            // 缓存 codeVerifier 十分钟
+            this.authStateCache.cache(cacheKey, codeVerifier, TimeUnit.MINUTES.toMillis(10));
+        }
+        return builder.build();
+    }
+
+    /**
+     * 校验响应结果
+     *
+     * @param object 接口返回的结果
+     */
+    private void checkResponse(JSONObject object) {
+        if (object.containsKey("NSP_STATUS")) {
+            throw new AuthException(object.getString("error"));
+        }
+        if (object.containsKey("error")) {
+            throw new AuthException(object.getString("sub_error") + ":" + object.getString("error_description"));
+        }
+    }
+
+
+}
--- a/src/main/java/me/zhyd/oauth/request/AuthWeChatEnterpriseThirdQrcodeRequest.java
+++ b/src/main/java/me/zhyd/oauth/request/AuthWeChatEnterpriseThirdQrcodeRequest.java
@@ -63,6 +63,7 @@ public class AuthWeChatEnterpriseThirdQrcodeRequest extends AbstractAuthWeChatEn
            AuthToken authToken = AuthToken.builder()
                .accessToken(object.getString("provider_access_token"))
                .expireIn(object.getIntValue("expires_in"))
+                .code(authCallback.getCode())
                .build();
            return authToken;
        } catch (Exception e) {
--- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
+++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java
@@ -80,7 +80,7 @@ public class AuthChecker {
            return;
        }
        String code = callback.getCode();
-        if (source == AuthDefaultSource.HUAWEI) {
+        if (StringUtils.isEmpty(code) && source == AuthDefaultSource.HUAWEI) {
            code = callback.getAuthorization_code();
        }
        if (StringUtils.isEmpty(code)) {
Author	SHA1	Message	Date
yadong.zhang	9153e97398	merge pr	2024-09-02 00:45:40 +08:00
yadong.zhang	64e1098519	💩 添加新版`钉钉扫码`登录能力	2024-09-02 00:24:05 +08:00
yadong.zhang	e9135436f9	💩 修复企业微信扫码登录 code 的传值	2024-09-01 18:19:05 +08:00
yadong.zhang	20731ea77e	💩 添加新版`华为`登录能力，原`AuthHuaweiRequest`会在后面版本被弃用，如有使用，请切换到`AuthHuaweiV3Request`	2024-09-01 18:15:18 +08:00
yadong.zhang	587d2f4072	!42 修改爱发电平台的域名为 https://afdian.com Merge pull request !42 from handy/handy-0827	2024-08-27 03:44:47 +00:00
handy	602a48b3ce	修改爱发电平台的域名为 https://afdian.com	2024-08-27 10:51:00 +08:00