📝 更新文档

修正若干注释

CHANGELOGS.md

@@ -1,3 +1,14 @@
+## 1.16.1
+
+### 2021/4/19
+
+- 发布 v1.16.1
+- Fix Github issue [#114](https://github.com/justauth/JustAuth/issues/114): 解决企业微信授权后,回调地址中原有的参数丢失的问题
+- Fix Github issue [#82](https://github.com/justauth/JustAuth/issues/82): 抖音平台支持自定义 scope
+- Fix Github issue [#92](https://github.com/justauth/JustAuth/issues/92): 增加忽略校验 redirectUri 的配置
+- Merge Github PR [#115](https://github.com/justauth/JustAuth/pull/115)
+- 升级 `fastjson` 到 `v1.2.76`
+  
 ## 1.16.0
 
 ### 2021/4/7

README.en-US.md

@@ -6,7 +6,7 @@
 </p>
 <p align="center">
 	<a target="_blank" href="https://search.maven.org/search?q=JustAuth">
-		<img src="https://img.shields.io/badge/Maven%20Central-1.16.0-blue" ></img>
+		<img src="https://img.shields.io/badge/Maven%20Central-1.16.1-blue" ></img>
 	</a>
 	<a target="_blank" href="https://gitee.com/yadong.zhang/JustAuth/blob/master/LICENSE">
 		<img src="https://img.shields.io/apm/l/vim-mode.svg?color=yellow" ></img>
@@ -15,7 +15,7 @@
 		<img src="https://img.shields.io/badge/JDK-1.8+-green.svg" ></img>
 	</a>
 	<a target="_blank" href="https://apidoc.gitee.com/yadong.zhang/JustAuth/" title="API文档">
-		<img src="https://img.shields.io/badge/Api%20Docs-1.16.0-orange" ></img>
+		<img src="https://img.shields.io/badge/Api%20Docs-1.16.1-orange" ></img>
 	</a>
 	<a target="_blank" href="https://justauth.wiki" title="参考文档">
 		<img src="https://img.shields.io/badge/Docs-latest-blueviolet.svg" ></img>
@@ -59,7 +59,7 @@ These artifacts are available from Maven Central:
 <dependency>
     <groupId>me.zhyd.oauth</groupId>
     <artifactId>JustAuth</artifactId>
-    <version>1.16.0</version>
+    <version>1.16.1</version>
 </dependency>
 ```
 - Using JustAuth

README.md

@@ -6,7 +6,7 @@
 </p>
 <p align="center">
 	<a target="_blank" href="https://search.maven.org/search?q=JustAuth">
-		<img src="https://img.shields.io/badge/Maven%20Central-1.16.0-blue" ></img>
+		<img src="https://img.shields.io/badge/Maven%20Central-1.16.1-blue" ></img>
 	</a>
 	<a target="_blank" href="https://gitee.com/yadong.zhang/JustAuth/blob/master/LICENSE">
 		<img src="https://img.shields.io/apm/l/vim-mode.svg?color=yellow" ></img>
@@ -15,7 +15,7 @@
 		<img src="https://img.shields.io/badge/JDK-1.8+-green.svg" ></img>
 	</a>
 	<a target="_blank" href="https://apidoc.gitee.com/yadong.zhang/JustAuth/" title="API文档">
-		<img src="https://img.shields.io/badge/Api%20Docs-1.16.0-orange" ></img>
+		<img src="https://img.shields.io/badge/Api%20Docs-1.16.1-orange" ></img>
 	</a>
 	<a target="_blank" href="https://justauth.wiki" title="参考文档">
 		<img src="https://img.shields.io/badge/Docs-latest-blueviolet.svg" ></img>
@@ -69,7 +69,7 @@ JustAuth 集成了诸如：Github、Gitee、支付宝、新浪微博、微信、
 <dependency>
     <groupId>me.zhyd.oauth</groupId>
     <artifactId>JustAuth</artifactId>
-    <version>1.16.0</version>
+    <version>1.16.1</version>
 </dependency>
 ```
 - 调用api
@@ -130,22 +130,22 @@ authRequest.login(callback);
 ![](docs/users/4ca0177c.png)
 
 
-怎么没有我？[加入]()
+怎么没有我？[登记](https://gitee.com/yadong.zhang/JustAuth/issues/IZ2T7)
 
 ## 开源推荐
+- `JAP` 开源的登录认证中间件: [https://gitee.com/fujieid/jap](https://gitee.com/fujieid/jap)
 - `spring-boot-demo` 深度学习并实战 spring boot 的项目: [https://github.com/xkcoding/spring-boot-demo](https://github.com/xkcoding/spring-boot-demo)
 - `mica` SpringBoot 微服务高效开发工具集: [https://github.com/lets-mica/mica](https://github.com/lets-mica/mica)
 - `pig` 微服务认证授权脚手架(架构师必备): [https://gitee.com/log4j/pig](https://gitee.com/log4j/pig)
 - `SpringBlade` 完整的线上解决方案（企业开发必备）: [https://gitee.com/smallc/SpringBlade](https://gitee.com/smallc/SpringBlade)
 - `MaxKey` 马克思的钥匙，寓意是最大钥匙,是用户单点登录认证系统（Sigle Sign On System）,OAuth 2.0/OpenID Connect、SAML 2.0、JWT、CAS等标准化的开放协议，使用JustAuth集成OAuth第三方认证。: [https://shimingxy.github.io/MaxKey/](https://shimingxy.github.io/MaxKey/)
 - `YurunOAuthLogin` PHP 第三方登录授权 SDK：[YurunOAuthLogin](https://gitee.com/yurunsoft/YurunOAuthLogin)
+- `sureness` 面向restful api的高性能认证鉴权框架：[sureness](https://github.com/usthe/sureness)
 
 ## 鸣谢
 - 感谢 JetBrains 提供的免费开源 License：
 <img src="https://images.gitee.com/uploads/images/2020/0406/220236_f5275c90_5531506.png" alt="图片引用自lets-mica" style="float:left;">
 
-<a href="https://www.producthunt.com/posts/justauth?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-justauth" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=196886&theme=dark" alt="JustAuth - Login, so easy! | Product Hunt Embed" style="width: 250px; height: 54px;" width="250px" height="54px" /></a>
-
 ## 其他
 - [CONTRIBUTORS](https://justauth.wiki/contributors.html)
 - [CHANGELOGS](https://justauth.wiki/update.html)
@@ -165,3 +165,6 @@ authRequest.login(callback);
 
 [![Stargazers over time](https://starchart.cc/justauth/JustAuth.svg)](https://starchart.cc/justauth/JustAuth)
 
+### ProductHunt
+
+<a href="https://www.producthunt.com/posts/justauth?utm_source=badge-featured&utm_medium=badge&utm_souce=badge-justauth" target="_blank"><img src="https://api.producthunt.com/widgets/embed-image/v1/featured.svg?post_id=196886&theme=dark" alt="JustAuth - Login, so easy! | Product Hunt Embed" style="width: 250px; height: 54px;" width="250px" height="54px" /></a>

bin/version.txt

@@ -1 +1 @@
-1.16.0
+1.16.1

pom.xml

@@ -6,7 +6,7 @@
 
   <groupId>me.zhyd.oauth</groupId>
   <artifactId>JustAuth</artifactId>
-  <version>1.16.0</version>
+  <version>1.16.1</version>
 
   <name>JustAuth</name>
   <url>https://gitee.com/yadong.zhang/JustAuth</url>
@@ -60,7 +60,7 @@
     <simple-http.version>1.0.3</simple-http.version>
     <lombok-version>1.18.10</lombok-version>
     <junit-version>4.13.1</junit-version>
-    <fastjson-version>1.2.73</fastjson-version>
+    <fastjson-version>1.2.76</fastjson-version>
     <alipay-sdk-version>4.8.10.ALL</alipay-sdk-version>
     <jacoco-version>0.8.2</jacoco-version>
   </properties>

src/main/java/me/zhyd/oauth/config/AuthConfig.java

@@ -155,6 +155,13 @@ public class AuthConfig {
      * @since 1.16.0
      */
     private String authServerId;
+    /**
+     * 忽略校验 {@code redirectUri} 参数，默认不开启。当 {@code ignoreCheckRedirectUri} 为 {@code true} 时，
+     * {@link me.zhyd.oauth.utils.AuthChecker#checkConfig(AuthConfig, AuthSource)} 将不会校验 {@code redirectUri} 的合法性。
+     *
+     * @since 1.16.1
+     */
+    private boolean ignoreCheckRedirectUri;
 
     /**
      * 适配 builder 模式 set 值的情况

src/main/java/me/zhyd/oauth/enums/scope/AuthBaiduScope.java

@@ -4,7 +4,7 @@ import lombok.AllArgsConstructor;
 import lombok.Getter;
 
 /**
- * 边度平台 OAuth 授权范围
+ * 百度平台 OAuth 授权范围
  *
  * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
  * @version 1.0.0

src/main/java/me/zhyd/oauth/enums/scope/AuthDouyinScope.java

@@ -0,0 +1,68 @@
+package me.zhyd.oauth.enums.scope;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * 抖音平台 OAuth 授权范围
+ *
+ * https://open.douyin.com/platform/doc/6855240178122983437
+ *
+ * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
+ * @version 1.0.0
+ * @since 1.16.1
+ */
+@Getter
+@AllArgsConstructor
+public enum AuthDouyinScope implements AuthScope {
+
+    /**
+     * 无需申请	默认开启
+     */
+    USER_INFO("user_info", "返回抖音用户公开信息", true),
+    /**
+     * 无需申请	默认开启
+     */
+    AWEME_SHARE("aweme.share", "抖音分享", false),
+    /**
+     * 普通权限,管理中心申请
+     */
+    IM_SHARE("im.share", "分享给抖音好友", false),
+    RENEW_REFRESH_TOKEN("renew_refresh_token", "授权有效期动态续期", false),
+    FOLLOWING_LIST("following.list", "获取该用户的关注列表", false),
+    FANS_LIST("fans.list", "获取该用户的粉丝列表", false),
+    VIDEO_CREATE("video.create", "视频发布及管理", false),
+    VIDEO_DELETE("video.delete", "删除内容", false),
+    VIDEO_DATA("video.data", "查询授权用户的抖音视频数据", false),
+    VIDEO_LIST("video.list", "查询特定抖音视频的视频数据", false),
+    /**
+     * 特殊权限	默认关闭	管理中心申请
+     */
+    SHARE_WITH_SOURCE("share_with_source", "分享携带来源标签，用户可点击标签进入转化页", false),
+    MOBILE("mobile", "用抖音帐号登录第三方平台，获得用户在抖音上的手机号码", false),
+    MOBILE_ALERT("mobile_alert", "用抖音帐号登录第三方平台，获得用户在抖音上的手机号码", false),
+    VIDEO_SEARCH("video.search", "关键词视频管理", false),
+    POI_SEARCH("poi.search", "查询POI信息", false),
+    LOGIN_ID("login_id", "静默授权直接获取该用户的open id", false),
+    /**
+     * 抖音数据权限, 默认关闭, 管理中心申请
+     */
+    DATA_EXTERNAL_USER("data.external.user", "查询用户的获赞、评论、分享，主页访问等相关数据", false),
+    DATA_EXTERNAL_ITEM("data.external.item", "查询作品的获赞，评论，分享等相关数据", false),
+    FANS_DATA("fans.data", "获取用户粉丝画像数据", false),
+    HOTSEARCH("hotsearch", "获取抖音热门内容", false),
+    STAR_TOP_SCORE_DISPLAY("star_top_score_display", "星图达人与达人对应各指数评估分，以及星图6大热门维度下的达人榜单", false),
+    STAR_TOPS("star_tops", "星图达人与达人对应各指数评估分，以及星图6大热门维度下的达人榜单", false),
+    STAR_AUTHOR_SCORE_DISPLAY("star_author_score_display", "星图达人与达人对应各指数评估分，以及星图6大热门维度下的达人榜单", false),
+    notes("data.external.sdk_share", "获取用户通过分享SDK分享视频数据", false),
+    /**
+     * 定向开通	默认关闭	定向开通
+     */
+    DISCOVERY_ENT("discovery.ent", "查询抖音电影榜、抖音剧集榜、抖音综艺榜数据", false),
+    ;
+
+    private final String scope;
+    private final String description;
+    private final boolean isDefault;
+
+}

src/main/java/me/zhyd/oauth/enums/scope/AuthGithubScope.java

@@ -4,7 +4,7 @@ import lombok.AllArgsConstructor;
 import lombok.Getter;
 
 /**
- * 边度平台 OAuth 授权范围
+ * Github平台 OAuth 授权范围
  *
  * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
  * @version 1.0.0

src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java

@@ -14,7 +14,7 @@ import me.zhyd.oauth.utils.AuthScopeUtils;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 /**
- * Cooding登录
+ * Coding登录
  *
  * @author yadong.zhang (yadong.zhang0415(a)gmail.com)
  * @since 1.0.0

src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java

@@ -1,17 +1,19 @@
 package me.zhyd.oauth.request;
 
 import com.alibaba.fastjson.JSONObject;
-import me.zhyd.oauth.utils.HttpUtils;
 import me.zhyd.oauth.cache.AuthStateCache;
 import me.zhyd.oauth.config.AuthConfig;
 import me.zhyd.oauth.config.AuthDefaultSource;
 import me.zhyd.oauth.enums.AuthResponseStatus;
 import me.zhyd.oauth.enums.AuthUserGender;
+import me.zhyd.oauth.enums.scope.AuthDouyinScope;
 import me.zhyd.oauth.exception.AuthException;
 import me.zhyd.oauth.model.AuthCallback;
 import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthToken;
 import me.zhyd.oauth.model.AuthUser;
+import me.zhyd.oauth.utils.AuthScopeUtils;
+import me.zhyd.oauth.utils.HttpUtils;
 import me.zhyd.oauth.utils.UrlBuilder;
 
 
@@ -111,7 +113,7 @@ public class AuthDouyinRequest extends AuthDefaultRequest {
             .queryParam("response_type", "code")
             .queryParam("client_key", config.getClientId())
             .queryParam("redirect_uri", config.getRedirectUri())
-            .queryParam("scope", "user_info")
+            .queryParam("scope", this.getScopes(",", true, AuthScopeUtils.getDefaultScopes(AuthDouyinScope.values())))
             .queryParam("state", getRealState(state))
             .build();
     }

src/main/java/me/zhyd/oauth/utils/AuthChecker.java

@@ -25,7 +25,8 @@ public class AuthChecker {
      * @since 1.6.1-beta
      */
     public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
-        boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri());
+        boolean isSupported = StringUtils.isNotEmpty(config.getClientId())
+            && StringUtils.isNotEmpty(config.getClientSecret());
         if (isSupported && AuthDefaultSource.ALIPAY == source) {
             isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey());
         }
@@ -56,6 +57,12 @@ public class AuthChecker {
      */
     public static void checkConfig(AuthConfig config, AuthSource source) {
         String redirectUri = config.getRedirectUri();
+        if (config.isIgnoreCheckRedirectUri()) {
+            return;
+        }
+        if (StringUtils.isEmpty(redirectUri)) {
+            throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
+        }
         if (!GlobalAuthUtils.isHttpProtocol(redirectUri) && !GlobalAuthUtils.isHttpsProtocol(redirectUri)) {
             throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
         }

src/main/java/me/zhyd/oauth/utils/GlobalAuthUtils.java

@@ -149,7 +149,7 @@ public class GlobalAuthUtils {
         if (StringUtils.isEmpty(url)) {
             return false;
         }
-        return url.startsWith("http://");
+        return url.startsWith("http://") || url.startsWith("http%3A%2F%2F");
     }
 
     /**
@@ -162,7 +162,7 @@ public class GlobalAuthUtils {
         if (StringUtils.isEmpty(url)) {
             return false;
         }
-        return url.startsWith("https://");
+        return url.startsWith("https://") || url.startsWith("https%3A%2F%2F");
     }
 
     /**