From 38264616b4861032f0f28f47ebed14e5333e2da8 Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Mon, 22 Jul 2019 17:54:33 +0800 Subject: [PATCH 1/6] =?UTF-8?q?:bookmark:=20=E5=8F=91=E5=B8=831.9.2?= =?UTF-8?q?=EF=BC=8C=E4=BF=AE=E6=94=B9AuthConfig=E7=B1=BB=EF=BC=8C?= =?UTF-8?q?=E9=80=82=E9=85=8Dspring=20starter=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- update.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update.md b/update.md index 27ae1e5..184b2c6 100644 --- a/update.md +++ b/update.md @@ -1,5 +1,5 @@ ### 2019/07/22 ([v1.9.2](https://gitee.com/yadong.zhang/JustAuth/releases/v1.9.2)) -1. 合并github上[@xkcoding](https://github.com/xkcoding) 的[pr#26](https://github.com/zhangyd-c/JustAuth/pull/26),AuthConfig类添加lombok注解,方便 [justauth-spring-boot-starter](https://github.com/xkcoding/justauth-spring-boot-starter) 直接使用 +1. 合并github上[xkcoding](https://github.com/xkcoding) 的[pr#26](https://github.com/zhangyd-c/JustAuth/pull/26),AuthConfig类添加lombok注解,方便 [justauth-spring-boot-starter](https://github.com/xkcoding/justauth-spring-boot-starter) 直接使用 ### 2019/07/22 ([v1.9.1](https://gitee.com/yadong.zhang/JustAuth/releases/v1.9.1)) 1. 增加`stackoverflow`参数校验 From 993dc687fc245b0788026e4e7fd5d0dd3d1c43f3 Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Mon, 22 Jul 2019 19:06:15 +0800 Subject: [PATCH 2/6] =?UTF-8?q?:bookmark:=20=E9=85=8D=E5=A5=97starter?= =?UTF-8?q?=EF=BC=9Ajustauth-spring-boot-starter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 8e51b9f..cde2971 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,10 @@ authRequest.login(callback); - [Springboot版](https://gitee.com/yadong.zhang/JustAuth-demo) - [jFinal版](https://github.com/zhangyd-c/jfinal-justauth-demo) +**配套SpringBoot starter**: + +[justauth-spring-boot-starter](https://github.com/xkcoding/justauth-spring-boot-starter) + 具体的例子可以参考: - [实现Gitee授权登录](http://t.cn/ExDKxQs) From 43d9ec86314e82167b4aa50d86fca4566c140eb8 Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Tue, 30 Jul 2019 09:34:17 +0800 Subject: [PATCH 3/6] =?UTF-8?q?:pushpin:=20=E4=BF=AE=E6=94=B9=E7=A8=8B?= =?UTF-8?q?=E5=BA=8F=E7=89=88=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e466e7d..5a25860 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ me.zhyd.oauth JustAuth - 1.9.2 + 1.9.3 JustAuth https://gitee.com/yadong.zhang/JustAuth From 6ce26d4ce1016734eea02835e07e12bd39e7790a Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Tue, 30 Jul 2019 09:36:30 +0800 Subject: [PATCH 4/6] =?UTF-8?q?:memo:=20=E6=9B=B4=E6=96=B0=E6=96=87?= =?UTF-8?q?=E6=A1=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index a410b11..06bddb1 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,6 @@ AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder() .clientId("clientId") .clientSecret("clientSecret") .redirectUri("redirectUri") - .state("state") .build()); // 生成授权页面 authRequest.authorize(); From e5900777016c0fc495840894e109cff9a36c0f11 Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Tue, 30 Jul 2019 10:34:48 +0800 Subject: [PATCH 5/6] =?UTF-8?q?:bulb:=20=E4=BF=AE=E6=94=B9=E6=B3=A8?= =?UTF-8?q?=E9=87=8A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java | 1 - src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java | 2 +- src/main/java/me/zhyd/oauth/utils/AuthStateUtils.java | 2 +- src/main/java/me/zhyd/oauth/utils/UuidUtils.java | 2 +- 4 files changed, 3 insertions(+), 4 deletions(-) diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java index 354e3c5..7af5f9e 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java @@ -206,7 +206,6 @@ public abstract class AuthDefaultRequest implements AuthRequest { * * @param authToken token封装 * @return HttpResponse - * @since */ @Deprecated protected HttpResponse doPostRevoke(AuthToken authToken) { diff --git a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java index 55227af..963d6d8 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java @@ -122,7 +122,7 @@ public class AuthMicrosoftRequest extends AuthDefaultRequest { /** * 返回获取accessToken的url * - * @param code + * @param code 授权code * @return 返回获取accessToken的url */ @Override diff --git a/src/main/java/me/zhyd/oauth/utils/AuthStateUtils.java b/src/main/java/me/zhyd/oauth/utils/AuthStateUtils.java index 4570d7b..a8ccdde 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthStateUtils.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthStateUtils.java @@ -9,7 +9,7 @@ package me.zhyd.oauth.utils; public class AuthStateUtils { /** - * 生成随机state,采用{@see https://github.com/lets-mica/mica}的UUID工具 + * 生成随机state,采用https://github.com/lets-mica/mica的UUID工具 * * @return 随机的state字符串 */ diff --git a/src/main/java/me/zhyd/oauth/utils/UuidUtils.java b/src/main/java/me/zhyd/oauth/utils/UuidUtils.java index 2782750..6b62e01 100644 --- a/src/main/java/me/zhyd/oauth/utils/UuidUtils.java +++ b/src/main/java/me/zhyd/oauth/utils/UuidUtils.java @@ -4,7 +4,7 @@ import java.nio.charset.StandardCharsets; import java.util.concurrent.ThreadLocalRandom; /** - * 高性能的创建UUID的工具类,{@see https://github.com/lets-mica/mica} + * 高性能的创建UUID的工具类,https://github.com/lets-mica/mica * * @author yadong.zhang (yadong.zhang0415(a)gmail.com) * @since 1.9.3 From 79417395a1488d138ee0c04cc57e764256eb800f Mon Sep 17 00:00:00 2001 From: "yadong.zhang" Date: Tue, 30 Jul 2019 21:10:00 +0800 Subject: [PATCH 6/6] =?UTF-8?q?:beers:=20=E5=8D=87=E7=BA=A7hutool=EF=BC=8C?= =?UTF-8?q?alipay-sdk=E6=94=B9=E4=B8=BAprovided=EF=BC=8C=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E6=B3=A8=E9=87=8A=EF=BC=8Cstate=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 7 ++-- pom.xml | 6 +-- .../java/me/zhyd/oauth/config/AuthSource.java | 2 +- .../{model => enums}/AuthResponseStatus.java | 8 +++- .../oauth/enums/AuthToutiaoErrorCode.java | 4 ++ .../me/zhyd/oauth/enums/AuthUserGender.java | 9 ++++- .../zhyd/oauth/exception/AuthException.java | 4 +- .../me/zhyd/oauth/model/AuthCallback.java | 11 ------ .../me/zhyd/oauth/model/AuthResponse.java | 2 +- .../zhyd/oauth/request/AuthBaiduRequest.java | 1 + .../oauth/request/AuthDefaultRequest.java | 37 ++++++++++++++++++- .../zhyd/oauth/request/AuthDouyinRequest.java | 1 + .../oauth/request/AuthLinkedinRequest.java | 2 +- .../me/zhyd/oauth/request/AuthMiRequest.java | 1 + .../oauth/request/AuthMicrosoftRequest.java | 1 + .../oauth/request/AuthPinterestRequest.java | 1 + .../me/zhyd/oauth/request/AuthQqRequest.java | 1 + .../zhyd/oauth/request/AuthRenrenRequest.java | 2 +- .../me/zhyd/oauth/request/AuthRequest.java | 2 +- .../oauth/request/AuthTeambitionRequest.java | 1 + .../zhyd/oauth/request/AuthWeChatRequest.java | 1 + .../java/me/zhyd/oauth/utils/AuthChecker.java | 2 +- .../java/me/zhyd/oauth/AuthRequestTest.java | 19 ---------- update.md | 7 ++++ 24 files changed, 85 insertions(+), 47 deletions(-) rename src/main/java/me/zhyd/oauth/{model => enums}/AuthResponseStatus.java (80%) diff --git a/README.md b/README.md index 06bddb1..fad79e2 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@

- + @@ -15,7 +15,7 @@ - +

@@ -76,7 +76,7 @@ JustAuth,如你所见,它仅仅是一个**第三方授权登录**的**工具 me.zhyd.oauth JustAuth - 1.9.3 + 1.9.4 ``` - 调用api @@ -90,7 +90,6 @@ AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder() // 生成授权页面 authRequest.authorize(); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的参数 -// 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(callback); ``` diff --git a/pom.xml b/pom.xml index 5a25860..22ef9cb 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ me.zhyd.oauth JustAuth - 1.9.3 + 1.9.4 JustAuth https://gitee.com/yadong.zhang/JustAuth @@ -54,7 +54,7 @@ 2.2.1 3.7.0 true - 4.6.0 + 4.6.1 1.18.4 4.11 1.2.58 @@ -89,7 +89,7 @@ com.alipay.sdk alipay-sdk-java ${alipay-sdk-version} - compile + provided org.slf4j diff --git a/src/main/java/me/zhyd/oauth/config/AuthSource.java b/src/main/java/me/zhyd/oauth/config/AuthSource.java index a9a0a61..00e0ec2 100644 --- a/src/main/java/me/zhyd/oauth/config/AuthSource.java +++ b/src/main/java/me/zhyd/oauth/config/AuthSource.java @@ -1,7 +1,7 @@ package me.zhyd.oauth.config; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.AuthResponseStatus; +import me.zhyd.oauth.enums.AuthResponseStatus; /** * 各api需要的url, 用枚举类分平台类型管理 diff --git a/src/main/java/me/zhyd/oauth/model/AuthResponseStatus.java b/src/main/java/me/zhyd/oauth/enums/AuthResponseStatus.java similarity index 80% rename from src/main/java/me/zhyd/oauth/model/AuthResponseStatus.java rename to src/main/java/me/zhyd/oauth/enums/AuthResponseStatus.java index 28247f9..bc27736 100644 --- a/src/main/java/me/zhyd/oauth/model/AuthResponseStatus.java +++ b/src/main/java/me/zhyd/oauth/enums/AuthResponseStatus.java @@ -1,15 +1,21 @@ -package me.zhyd.oauth.model; +package me.zhyd.oauth.enums; import lombok.AllArgsConstructor; import lombok.Getter; /** + * JustAuth通用的状态码对照表 + * * @author yadong.zhang (yadong.zhang0415(a)gmail.com) * @since 1.8 */ @Getter @AllArgsConstructor public enum AuthResponseStatus { + /** + * 2000:正常; + * other:调用异常,具体异常内容见{@code msg} + */ SUCCESS(2000, "Success"), FAILURE(5000, "Failure"), NOT_IMPLEMENTED(5001, "Not Implemented"), diff --git a/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java b/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java index 18df6ee..b2e7497 100644 --- a/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java +++ b/src/main/java/me/zhyd/oauth/enums/AuthToutiaoErrorCode.java @@ -12,6 +12,10 @@ import lombok.Getter; @Getter @AllArgsConstructor public enum AuthToutiaoErrorCode { + /** + * 0:正常; + * other:调用异常,具体异常内容见{@code desc} + */ EC0(0, "接口调用成功"), EC1(1, "API配置错误,未传入Client Key"), EC2(2, "API配置错误,Client Key错误,请检查是否和开放平台的ClientKey一致"), diff --git a/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java b/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java index 4a4d402..af3bd1a 100644 --- a/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java +++ b/src/main/java/me/zhyd/oauth/enums/AuthUserGender.java @@ -14,7 +14,14 @@ import java.util.Arrays; @Getter @AllArgsConstructor public enum AuthUserGender { - MALE(1, "男"), FEMALE(0, "女"), UNKNOWN(-1, "未知"); + /** + * MALE/FAMALE为正常值,通过{@link AuthUserGender#getRealGender(String)}方法获取真实的性别 + * UNKNOWN为容错值,部分平台不会返回用户性别,为了方便统一,使用UNKNOWN标记所有未知或不可测的用户性别信息 + */ + MALE(1, "男"), + FEMALE(0, "女"), + UNKNOWN(-1, "未知"); + private int code; private String desc; diff --git a/src/main/java/me/zhyd/oauth/exception/AuthException.java b/src/main/java/me/zhyd/oauth/exception/AuthException.java index c64b0f8..e5d3bc3 100644 --- a/src/main/java/me/zhyd/oauth/exception/AuthException.java +++ b/src/main/java/me/zhyd/oauth/exception/AuthException.java @@ -1,8 +1,10 @@ package me.zhyd.oauth.exception; -import me.zhyd.oauth.model.AuthResponseStatus; +import me.zhyd.oauth.enums.AuthResponseStatus; /** + * JustAuth通用异常类 + * * @author yadong.zhang (yadong.zhang0415(a)gmail.com) * @since 1.8 */ diff --git a/src/main/java/me/zhyd/oauth/model/AuthCallback.java b/src/main/java/me/zhyd/oauth/model/AuthCallback.java index 4a6fbee..810ebea 100644 --- a/src/main/java/me/zhyd/oauth/model/AuthCallback.java +++ b/src/main/java/me/zhyd/oauth/model/AuthCallback.java @@ -2,7 +2,6 @@ package me.zhyd.oauth.model; import lombok.Getter; import lombok.Setter; -import me.zhyd.oauth.cache.AuthStateCache; /** * 授权回调时的参数类 @@ -28,14 +27,4 @@ public class AuthCallback { * 访问AuthorizeUrl后回调时带的参数state,用于和请求AuthorizeUrl前的state比较,防止CSRF攻击 */ private String state; - - /** - * 内置的检验state合法性的方法 - * - * @return true: state正常;false:state不正常,可能授权时间过长导致state失效 - * @since 1.9.3 - */ - public boolean checkState() { - return AuthStateCache.containsKey(this.state); - } } diff --git a/src/main/java/me/zhyd/oauth/model/AuthResponse.java b/src/main/java/me/zhyd/oauth/model/AuthResponse.java index 3d682d5..ab21006 100644 --- a/src/main/java/me/zhyd/oauth/model/AuthResponse.java +++ b/src/main/java/me/zhyd/oauth/model/AuthResponse.java @@ -2,7 +2,7 @@ package me.zhyd.oauth.model; import lombok.Builder; import lombok.Getter; -import lombok.Setter; +import me.zhyd.oauth.enums.AuthResponseStatus; /** * JustAuth统一授权响应类 diff --git a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java index 43796fe..29e64bf 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthBaiduRequest.java @@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java index 7af5f9e..7ca3e81 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDefaultRequest.java @@ -6,8 +6,12 @@ import lombok.extern.slf4j.Slf4j; import me.zhyd.oauth.cache.AuthStateCache; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthCallback; +import me.zhyd.oauth.model.AuthResponse; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthUser; import me.zhyd.oauth.utils.AuthChecker; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; @@ -35,13 +39,38 @@ public abstract class AuthDefaultRequest implements AuthRequest { AuthChecker.checkConfig(config, source); } + /** + * 获取access token + * + * @param authCallback 授权成功后的回调参数 + * @return token + * @see AuthDefaultRequest#authorize() + * @see AuthDefaultRequest#authorize(String) + */ protected abstract AuthToken getAccessToken(AuthCallback authCallback); + /** + * 使用token换取用户信息 + * + * @param authToken token信息 + * @return 用户信息 + * @see AuthDefaultRequest#getAccessToken(AuthCallback) + */ protected abstract AuthUser getUserInfo(AuthToken authToken); + /** + * 统一的登录入口。当通过{@link AuthDefaultRequest#authorize(String)}授权成功后,会跳转到调用方的相关回调方法中 + * 方法的入参可以使用{@code AuthCallback},{@code AuthCallback}类中封装好了OAuth2授权回调所需要的参数 + * + * @param authCallback 用于接收回调参数的实体 + * @return AuthResponse + */ @Override public AuthResponse login(AuthCallback authCallback) { try { + if (!AuthStateCache.containsKey(authCallback.getState())) { + throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST); + } AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode()); AuthToken authToken = this.getAccessToken(authCallback); @@ -53,6 +82,12 @@ public abstract class AuthDefaultRequest implements AuthRequest { } } + /** + * 处理{@link AuthDefaultRequest#login(AuthCallback)} 发生异常的情况,统一响应参数 + * + * @param e 具体的异常 + * @return AuthResponse + */ private AuthResponse responseError(Exception e) { int errorCode = AuthResponseStatus.FAILURE.getCode(); if (e instanceof AuthException) { diff --git a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java index cdab6ae..cd17db9 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java @@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java index adbb7e6..8095983 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java @@ -7,6 +7,7 @@ import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONPath; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; @@ -112,7 +113,6 @@ public class AuthLinkedinRequest extends AuthDefaultRequest { * @return 用户的邮箱地址 */ private String getUserEmail(String accessToken) { - String email = null; HttpResponse emailResponse = HttpRequest.get("https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))") .header("Host", "api.linkedin.com") .header("Connection", "Keep-Alive") diff --git a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java index 3b241e9..46f13c5 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java @@ -7,6 +7,7 @@ import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java index 963d6d8..69aa58a 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java @@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java index 31151d5..c537cff 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthPinterestRequest.java @@ -92,6 +92,7 @@ public class AuthPinterestRequest extends AuthDefaultRequest { * @param authToken token * @return 返回获取userInfo的url */ + @Override protected String userInfoUrl(AuthToken authToken) { return UrlBuilder.fromBaseUrl(source.userInfo()) .queryParam("access_token", authToken.getAccessToken()) diff --git a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java index 274ccc2..8fa7b1a 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java @@ -6,6 +6,7 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java index 4b1186f..62cc116 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthRenrenRequest.java @@ -13,7 +13,7 @@ import me.zhyd.oauth.utils.UrlBuilder; import java.util.Objects; import static me.zhyd.oauth.config.AuthSource.RENREN; -import static me.zhyd.oauth.model.AuthResponseStatus.SUCCESS; +import static me.zhyd.oauth.enums.AuthResponseStatus.SUCCESS; /** * 人人登录 diff --git a/src/main/java/me/zhyd/oauth/request/AuthRequest.java b/src/main/java/me/zhyd/oauth/request/AuthRequest.java index 6ceca1e..53e6b38 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthRequest.java @@ -3,7 +3,7 @@ package me.zhyd.oauth.request; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthCallback; import me.zhyd.oauth.model.AuthResponse; -import me.zhyd.oauth.model.AuthResponseStatus; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.model.AuthToken; /** diff --git a/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java b/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java index 50c1b7f..09c8f7b 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthTeambitionRequest.java @@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java index cf87013..c10f24d 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java @@ -5,6 +5,7 @@ import cn.hutool.http.HttpResponse; import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.enums.AuthResponseStatus; import me.zhyd.oauth.enums.AuthUserGender; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.*; diff --git a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java index 3cbd6ad..a62eedc 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthChecker.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthChecker.java @@ -3,7 +3,7 @@ package me.zhyd.oauth.utils; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.AuthResponseStatus; +import me.zhyd.oauth.enums.AuthResponseStatus; /** * 授权配置类的校验器 diff --git a/src/test/java/me/zhyd/oauth/AuthRequestTest.java b/src/test/java/me/zhyd/oauth/AuthRequestTest.java index 9b50f53..74ffa39 100644 --- a/src/test/java/me/zhyd/oauth/AuthRequestTest.java +++ b/src/test/java/me/zhyd/oauth/AuthRequestTest.java @@ -21,7 +21,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -36,7 +35,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -51,7 +49,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -66,7 +63,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -81,7 +77,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -96,7 +91,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -111,7 +105,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -126,7 +119,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state authRequest.login(new AuthCallback()); } @@ -142,7 +134,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -157,7 +148,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -172,7 +162,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -187,7 +176,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -202,7 +190,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -217,7 +204,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -232,7 +218,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -247,7 +232,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -262,7 +246,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -277,7 +260,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } @@ -292,7 +274,6 @@ public class AuthRequestTest { // 返回授权页面,可自行跳转 authRequest.authorize("state"); // 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参 - // 1.9.3版本后 如果需要验证state,可以在login之前调用{@see AuthCallback#checkState}方法校验state合法性 // 注:JustAuth默认保存state的时效为3分钟,3分钟内未使用则会自动清除过期的state AuthResponse login = authRequest.login(new AuthCallback()); } diff --git a/update.md b/update.md index 62887cb..af8ac5c 100644 --- a/update.md +++ b/update.md @@ -1,3 +1,10 @@ +### 2019/07/30 ([v1.9.4](https://gitee.com/yadong.zhang/JustAuth/releases/v1.9.4)) + +1. 升级`hutool-http`版本到`v4.6.1` +2. 去除`AuthCallback`中增加的默认的校验state的方法,挪到`AuthDefaultRequest`中做统一处理 +3. `alipay-sdk-java`依赖改为`provided`,如果需要使用支付宝登录,需要使用方手动引入相关依赖,具体操作方式,见项目WIKI; +4. 规范注释 + ### 2019/07/30 ([v1.9.3](https://gitee.com/yadong.zhang/JustAuth/releases/v1.9.3)) 1. 规范注释