mirror of
https://gitee.com/yadong.zhang/JustAuth.git
synced 2026-01-07 19:31:48 +08:00
State优化第一步:去掉AuthState工具类
This commit is contained in:
yadong.zhang
parent
7f725b579b
commit
55c4b391bc
@ -6,7 +6,7 @@ import lombok.*;
|
||||
* JustAuth配置类
|
||||
*
|
||||
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
|
||||
* @version 1.0
|
||||
* @version 1.9.3
|
||||
* @since 1.8
|
||||
*/
|
||||
@Getter
|
||||
@ -45,13 +45,6 @@ public class AuthConfig {
|
||||
*/
|
||||
private boolean unionId;
|
||||
|
||||
/**
|
||||
* 一个神奇的参数,最好使用随机的不可测的内容,可以用来防止CSRF攻击
|
||||
* <p>
|
||||
* 1.8.0版本新增参数
|
||||
*/
|
||||
private String state;
|
||||
|
||||
/**
|
||||
* Stack Overflow Key
|
||||
* <p>
|
||||
|
||||
@ -86,17 +86,18 @@ public class AuthAlipayRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("app_id", config.getClientId())
|
||||
.queryParam("scope", "auth_user")
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@ -79,18 +79,19 @@ public class AuthBaiduRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("display", "popup")
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -4,11 +4,11 @@ import cn.hutool.http.HttpResponse;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import me.zhyd.oauth.config.AuthConfig;
|
||||
import me.zhyd.oauth.config.AuthSource;
|
||||
import me.zhyd.oauth.enums.AuthUserGender;
|
||||
import me.zhyd.oauth.exception.AuthException;
|
||||
import me.zhyd.oauth.model.AuthCallback;
|
||||
import me.zhyd.oauth.model.AuthToken;
|
||||
import me.zhyd.oauth.model.AuthUser;
|
||||
import me.zhyd.oauth.enums.AuthUserGender;
|
||||
import me.zhyd.oauth.utils.UrlBuilder;
|
||||
|
||||
/**
|
||||
@ -71,18 +71,19 @@ public class AuthCodingRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("scope", "user")
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,6 @@ package me.zhyd.oauth.request;
|
||||
|
||||
import cn.hutool.http.HttpRequest;
|
||||
import cn.hutool.http.HttpResponse;
|
||||
import lombok.Data;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import me.zhyd.oauth.config.AuthConfig;
|
||||
import me.zhyd.oauth.config.AuthSource;
|
||||
@ -43,7 +42,6 @@ public abstract class AuthDefaultRequest implements AuthRequest {
|
||||
public AuthResponse login(AuthCallback authCallback) {
|
||||
try {
|
||||
AuthChecker.checkCode(source == AuthSource.ALIPAY ? authCallback.getAuth_code() : authCallback.getCode());
|
||||
AuthChecker.checkState(authCallback.getState(), config.getState());
|
||||
|
||||
AuthToken authToken = this.getAccessToken(authCallback);
|
||||
AuthUser user = this.getUserInfo(authToken);
|
||||
@ -64,16 +62,31 @@ public abstract class AuthDefaultRequest implements AuthRequest {
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* <p>
|
||||
* 不建议使用该方式获取授权地址,不带{@code state}的授权地址,容易受到csrf攻击。
|
||||
* 建议使用{@link AuthDefaultRequest#authorize(String)}方法生成授权地址,在回调方法中对{@code state}进行校验
|
||||
*
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Deprecated
|
||||
@Override
|
||||
public String authorize() {
|
||||
return this.authorize(null);
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
@ -130,7 +143,7 @@ public abstract class AuthDefaultRequest implements AuthRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取state,如果为空, 则默认去当前日期的时间戳
|
||||
* 获取state,如果为空, 则默认取当前日期的时间戳
|
||||
*
|
||||
* @param state 原始的state
|
||||
* @return 返回不为null的state
|
||||
|
||||
@ -58,18 +58,19 @@ public class AuthDingTalkRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("appid", config.getClientId())
|
||||
.queryParam("scope", "snsapi_login")
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -89,18 +89,19 @@ public class AuthDouyinRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_key", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("scope", "user_info")
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -63,12 +63,4 @@ public class AuthGithubRequest extends AuthDefaultRequest {
|
||||
.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* 检查响应内容是否正确
|
||||
*
|
||||
* @param object 请求响应内容
|
||||
*/
|
||||
private void checkResponse(JSONObject object) {
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@ -61,19 +61,19 @@ public class AuthGoogleRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* https://openidconnect.googleapis.com/v1/userinfo
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("scope", "openid%20email%20profile")
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -182,18 +182,19 @@ public class AuthLinkedinRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("scope", "r_liteprofile%20r_emailaddress%20w_member_social")
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -109,19 +109,20 @@ public class AuthMiRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("scope", "user/profile%20user/openIdV2%20user/phoneAndEmail")
|
||||
.queryParam("skip_confirm", "false")
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -102,19 +102,20 @@ public class AuthMicrosoftRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("response_mode", "query")
|
||||
.queryParam("scope", "offline_access%20user.read%20mail.read")
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -69,14 +69,20 @@ public class AuthPinterestRequest extends AuthDefaultRequest {
|
||||
return jsonObject.getJSONObject("60x60").getString("url");
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("scope", "read_public")
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -18,10 +18,21 @@ public interface AuthRequest {
|
||||
*
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Deprecated
|
||||
default String authorize() {
|
||||
throw new AuthException(AuthResponseStatus.NOT_IMPLEMENTED);
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
default String authorize(String state) {
|
||||
throw new AuthException(AuthResponseStatus.NOT_IMPLEMENTED);
|
||||
}
|
||||
|
||||
/**
|
||||
* 第三方登录
|
||||
*
|
||||
|
||||
@ -67,14 +67,20 @@ public class AuthStackOverflowRequest extends AuthDefaultRequest {
|
||||
.build();
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("scope", "read_inbox")
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -4,11 +4,11 @@ import cn.hutool.http.HttpResponse;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import me.zhyd.oauth.config.AuthConfig;
|
||||
import me.zhyd.oauth.config.AuthSource;
|
||||
import me.zhyd.oauth.enums.AuthUserGender;
|
||||
import me.zhyd.oauth.exception.AuthException;
|
||||
import me.zhyd.oauth.model.AuthCallback;
|
||||
import me.zhyd.oauth.model.AuthToken;
|
||||
import me.zhyd.oauth.model.AuthUser;
|
||||
import me.zhyd.oauth.enums.AuthUserGender;
|
||||
import me.zhyd.oauth.utils.GlobalAuthUtil;
|
||||
import me.zhyd.oauth.utils.UrlBuilder;
|
||||
|
||||
@ -55,18 +55,19 @@ public class AuthTaobaoRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("view", "web")
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@ -71,18 +71,19 @@ public class AuthTencentCloudRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_id", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("scope", "user")
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
@ -65,19 +65,20 @@ public class AuthToutiaoRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("client_key", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("state", getRealState(config.getState()))
|
||||
.queryParam("auth_only", 1)
|
||||
.queryParam("display", 0)
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -100,18 +100,19 @@ public class AuthWeChatRequest extends AuthDefaultRequest {
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回认证url,可自行跳转页面
|
||||
* 返回带{@code state}参数的认证url,授权回调时会带上这个{@code state}
|
||||
*
|
||||
* @param state state 验证授权流程的参数,可以防止csrf
|
||||
* @return 返回授权地址
|
||||
*/
|
||||
@Override
|
||||
public String authorize() {
|
||||
public String authorize(String state) {
|
||||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("appid", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("scope", "snsapi_login")
|
||||
.queryParam("state", getRealState(config.getState()).concat("#wechat_redirect"))
|
||||
.queryParam("state", getRealState(state))
|
||||
.build();
|
||||
}
|
||||
|
||||
|
||||
@ -63,25 +63,4 @@ public class AuthChecker {
|
||||
throw new AuthException(AuthResponseStatus.ILLEGAL_CODE);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验state的合法性防止被CSRF
|
||||
*
|
||||
* @param newState 新的state,一般为回调时传回的state(可能被篡改)
|
||||
* @param originalState 原始的state,发起授权时向第三方平台传递的state
|
||||
*/
|
||||
public static void checkState(String newState, String originalState) {
|
||||
// 如果原始state为空,表示当前平台未使用state
|
||||
if (StringUtils.isEmpty(originalState)) {
|
||||
return;
|
||||
}
|
||||
// 如果授权之前使用了state,但是回调时未返回state,则表示当前请求为非法的请求,可能正在被CSRF攻击
|
||||
if (StringUtils.isEmpty(newState)) {
|
||||
throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
|
||||
}
|
||||
// 如果授权前后的state不一致,则表示当前请求为非法的请求,新的state可能为伪造
|
||||
if (!newState.equals(originalState)) {
|
||||
throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,230 +0,0 @@
|
||||
package me.zhyd.oauth.utils;
|
||||
|
||||
import cn.hutool.core.codec.Base64;
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import me.zhyd.oauth.config.AuthSource;
|
||||
import me.zhyd.oauth.exception.AuthException;
|
||||
import me.zhyd.oauth.model.AuthResponseStatus;
|
||||
|
||||
import java.nio.charset.Charset;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
/**
|
||||
* state工具,负责创建、获取和删除state
|
||||
*
|
||||
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
|
||||
* @version 1.0
|
||||
* @since 1.8
|
||||
*/
|
||||
@Slf4j
|
||||
public class AuthState {
|
||||
|
||||
/**
|
||||
* 空字符串
|
||||
*/
|
||||
private static final String EMPTY_STR = "";
|
||||
|
||||
/**
|
||||
* state存储器
|
||||
*/
|
||||
private static ConcurrentHashMap<String, String> stateBucket = new ConcurrentHashMap<>();
|
||||
|
||||
/**
|
||||
* 生成随机的state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @return state
|
||||
*/
|
||||
public static String create(AuthSource source) {
|
||||
return create(source.name());
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成随机的state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @return state
|
||||
*/
|
||||
public static String create(String source) {
|
||||
return create(source, RandomUtil.randomString(4));
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @param body 希望加密到state的消息体
|
||||
* @return state
|
||||
*/
|
||||
public static String create(AuthSource source, Object body) {
|
||||
return create(source, JSON.toJSONString(body));
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @param body 希望加密到state的消息体
|
||||
* @return state
|
||||
*/
|
||||
public static String create(String source, Object body) {
|
||||
return create(source, JSON.toJSONString(body));
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @param body 希望加密到state的消息体
|
||||
* @return state
|
||||
*/
|
||||
public static String create(AuthSource source, String body) {
|
||||
return create(source.name(), body);
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @param body 希望加密到state的消息体
|
||||
* @return state
|
||||
*/
|
||||
public static String create(String source, String body) {
|
||||
String currentIp = getCurrentIp();
|
||||
String simpleKey = ((source + currentIp));
|
||||
String key = Base64.encode(simpleKey.getBytes(Charset.forName("UTF-8")));
|
||||
log.debug("Create the state: ip={}, platform={}, simpleKey={}, key={}, body={}", currentIp, source, simpleKey, key, body);
|
||||
|
||||
if (stateBucket.containsKey(key)) {
|
||||
log.debug("Get from bucket: {}", stateBucket.get(key));
|
||||
return stateBucket.get(key);
|
||||
}
|
||||
|
||||
String simpleState = source + "_" + currentIp + "_" + body;
|
||||
String state = Base64.encode(simpleState.getBytes(Charset.forName("UTF-8")));
|
||||
log.debug("Create a new state: {}", state, simpleState);
|
||||
stateBucket.put(key, state);
|
||||
return state;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @return state
|
||||
*/
|
||||
public static String get(AuthSource source) {
|
||||
return get(source.name());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取state
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @return state
|
||||
*/
|
||||
public static String get(String source) {
|
||||
String currentIp = getCurrentIp();
|
||||
String simpleKey = ((source + currentIp));
|
||||
String key = Base64.encode(simpleKey.getBytes(Charset.forName("UTF-8")));
|
||||
log.debug("Get state by the key[{}], current ip[{}]", key, currentIp);
|
||||
return stateBucket.get(key);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取state中保存的body内容
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @param state 加密后的state
|
||||
* @param clazz body的实际类型
|
||||
* @param <T> 需要转换的具体的class类型
|
||||
* @return state
|
||||
*/
|
||||
public static <T> T getBody(AuthSource source, String state, Class<T> clazz) {
|
||||
return getBody(source.name(), state, clazz);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取state中保存的body内容
|
||||
*
|
||||
* @param source oauth平台
|
||||
* @param state 加密后的state
|
||||
* @param clazz body的实际类型
|
||||
* @param <T> 需要转换的具体的class类型
|
||||
* @return state
|
||||
*/
|
||||
public static <T> T getBody(String source, String state, Class<T> clazz) {
|
||||
if (StringUtils.isEmpty(state) || null == clazz) {
|
||||
return null;
|
||||
}
|
||||
log.debug("Get body from the state[{}] of the {} and convert it to {}", state, source, clazz.toString());
|
||||
String currentIp = getCurrentIp();
|
||||
String decodedState = Base64.decodeStr(state);
|
||||
log.debug("The decoded state is [{}]", decodedState);
|
||||
if (!decodedState.startsWith(source)) {
|
||||
return null;
|
||||
}
|
||||
String noneSourceState = decodedState.substring(source.length() + 1);
|
||||
if (!noneSourceState.startsWith(currentIp)) {
|
||||
// ip不相同,可能为非法的请求
|
||||
throw new AuthException(AuthResponseStatus.ILLEGAL_REQUEST);
|
||||
}
|
||||
String body = noneSourceState.substring(currentIp.length() + 1);
|
||||
log.debug("body is [{}]", body);
|
||||
if (clazz == String.class) {
|
||||
return (T) body;
|
||||
}
|
||||
if (clazz == Integer.class) {
|
||||
return (T) Integer.valueOf(Integer.parseInt(body));
|
||||
}
|
||||
if (clazz == Long.class) {
|
||||
return (T) Long.valueOf(Long.parseLong(body));
|
||||
}
|
||||
if (clazz == Short.class) {
|
||||
return (T) Short.valueOf(Short.parseShort(body));
|
||||
}
|
||||
if (clazz == Double.class) {
|
||||
return (T) Double.valueOf(Double.parseDouble(body));
|
||||
}
|
||||
if (clazz == Float.class) {
|
||||
return (T) Float.valueOf(Float.parseFloat(body));
|
||||
}
|
||||
if (clazz == Boolean.class) {
|
||||
return (T) Boolean.valueOf(Boolean.parseBoolean(body));
|
||||
}
|
||||
if (clazz == Byte.class) {
|
||||
return (T) Byte.valueOf(Byte.parseByte(body));
|
||||
}
|
||||
return JSON.parseObject(body, clazz);
|
||||
}
|
||||
|
||||
/**
|
||||
* 登录成功后,清除state
|
||||
*
|
||||
* @param source oauth平台
|
||||
*/
|
||||
public static void delete(String source) {
|
||||
String currentIp = getCurrentIp();
|
||||
|
||||
String simpleKey = ((source + currentIp));
|
||||
String key = Base64.encode(simpleKey.getBytes(Charset.forName("UTF-8")));
|
||||
log.debug("Delete used state[{}] by the key[{}], current ip[{}]", stateBucket.get(key), key, currentIp);
|
||||
stateBucket.remove(key);
|
||||
}
|
||||
|
||||
/**
|
||||
* 登录成功后,清除state
|
||||
*
|
||||
* @param source oauth平台
|
||||
*/
|
||||
public static void delete(AuthSource source) {
|
||||
delete(source.name());
|
||||
}
|
||||
|
||||
private static String getCurrentIp() {
|
||||
String currentIp = IpUtils.getIp();
|
||||
return StringUtils.isEmpty(currentIp) ? EMPTY_STR : currentIp;
|
||||
}
|
||||
}
|
||||
@ -16,13 +16,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void giteeTest() {
|
||||
AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -30,13 +29,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void githubTest() {
|
||||
AuthRequest authRequest = new AuthGithubRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -44,12 +42,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void weiboTest() {
|
||||
AuthRequest authRequest = new AuthWeiboRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -57,13 +55,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void dingdingTest() {
|
||||
AuthRequest authRequest = new AuthDingTalkRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -71,13 +68,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void baiduTest() {
|
||||
AuthRequest authRequest = new AuthBaiduRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -85,13 +81,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void codingTest() {
|
||||
AuthRequest authRequest = new AuthCodingRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -99,13 +94,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void tencentCloudTest() {
|
||||
AuthRequest authRequest = new AuthTencentCloudRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -113,13 +107,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void oschinaTest() {
|
||||
AuthRequest authRequest = new AuthOschinaRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -127,14 +120,13 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void alipayTest() {
|
||||
AuthRequest authRequest = new AuthAlipayRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.alipayPublicKey("publicKey")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.alipayPublicKey("publicKey")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -142,13 +134,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void qqTest() {
|
||||
AuthRequest authRequest = new AuthQqRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -156,13 +147,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void wechatTest() {
|
||||
AuthRequest authRequest = new AuthWeChatRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -170,13 +160,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void taobaoTest() {
|
||||
AuthRequest authRequest = new AuthTaobaoRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -184,13 +173,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void googleTest() {
|
||||
AuthRequest authRequest = new AuthGoogleRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -198,13 +186,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void facebookTest() {
|
||||
AuthRequest authRequest = new AuthFacebookRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -212,13 +199,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void douyinTest() {
|
||||
AuthRequest authRequest = new AuthDouyinRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -226,13 +212,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void linkedinTest() {
|
||||
AuthRequest authRequest = new AuthLinkedinRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -240,13 +225,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void microsoftTest() {
|
||||
AuthRequest authRequest = new AuthMicrosoftRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -254,13 +238,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void miTest() {
|
||||
AuthRequest authRequest = new AuthMiRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
@ -268,13 +251,12 @@ public class AuthRequestTest {
|
||||
@Test
|
||||
public void toutiaoTest() {
|
||||
AuthRequest authRequest = new AuthToutiaoRequest(AuthConfig.builder()
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.state("state")
|
||||
.build());
|
||||
.clientId("clientId")
|
||||
.clientSecret("clientSecret")
|
||||
.redirectUri("redirectUri")
|
||||
.build());
|
||||
// 返回授权页面,可自行跳转
|
||||
String url = authRequest.authorize();
|
||||
authRequest.authorize("state");
|
||||
// 授权登录后会返回code(auth_code(仅限支付宝))、state,1.8.0版本后,可以用AuthCallback类作为回调接口的入参
|
||||
AuthResponse login = authRequest.login(new AuthCallback());
|
||||
}
|
||||
|
||||
@ -1,231 +0,0 @@
|
||||
package me.zhyd.oauth.utils;
|
||||
|
||||
import cn.hutool.core.date.DatePattern;
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import me.zhyd.oauth.config.AuthConfig;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.*;
|
||||
|
||||
public class AuthStateTest {
|
||||
|
||||
/**
|
||||
* step1 生成state: 预期创建一个新的state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9yM3ll
|
||||
*
|
||||
* step2 重复生成state: 预期从bucket中返回一个可用的state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9yM3ll
|
||||
*
|
||||
* step3 获取state: 预期获取上面生成的state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9yM3ll
|
||||
*
|
||||
* step4 删除state: 预期删除掉上面创建的state...
|
||||
*
|
||||
* step5 重新获取state: 预期返回null...
|
||||
* null
|
||||
*/
|
||||
@Test
|
||||
public void usage() {
|
||||
String source = "github";
|
||||
System.out.println("\nstep1 生成state: 预期创建一个新的state...");
|
||||
String state = AuthState.create(source);
|
||||
System.out.println(state);
|
||||
|
||||
System.out.println("\nstep2 重复生成state: 预期从bucket中返回一个可用的state...");
|
||||
String recreateState = AuthState.create(source);
|
||||
System.out.println(recreateState);
|
||||
Assert.assertEquals(state, recreateState);
|
||||
|
||||
System.out.println("\nstep3 获取state: 预期获取上面生成的state...");
|
||||
String stateByBucket = AuthState.get(source);
|
||||
System.out.println(stateByBucket);
|
||||
Assert.assertEquals(state, stateByBucket);
|
||||
|
||||
System.out.println("\nstep4 删除state: 预期删除掉上面创建的state...");
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\nstep5 重新获取state: 预期返回null...");
|
||||
String deletedState = AuthState.get(source);
|
||||
System.out.println(deletedState);
|
||||
Assert.assertNull(deletedState);
|
||||
}
|
||||
|
||||
/**
|
||||
* 通过随机字符串生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9wdnAy
|
||||
*
|
||||
* 通过传入自定义的字符串生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV/ov5nmmK/kuIDkuKrlrZfnrKbkuLI=
|
||||
*
|
||||
* 通过传入数字生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xMTE=
|
||||
*
|
||||
* 通过传入日期生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xNTQ2MzE1OTMyMDAw
|
||||
*
|
||||
* 通过传入map生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV97InVzZXJUb2tlbiI6Inh4eHh4IiwidXNlcklkIjoxfQ==
|
||||
*
|
||||
* 通过传入List生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9bInh4eHgiLCJ4eHh4eHh4eCJd
|
||||
*
|
||||
* 通过传入实体类生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV97ImNsaWVudElkIjoieHh4eHgiLCJjbGllbnRTZWNyZXQiOiJ4eHh4eCIsInVuaW9uSWQiOmZhbHNlfQ==
|
||||
*/
|
||||
@Test
|
||||
public void create() {
|
||||
String source = "github";
|
||||
System.out.println("\n通过随机字符串生成state...");
|
||||
String state = AuthState.create(source);
|
||||
System.out.println(state);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入自定义的字符串生成state...");
|
||||
String stringBody = "这是一个字符串";
|
||||
String stringState = AuthState.create(source, stringBody);
|
||||
System.out.println(stringState);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入数字生成state...");
|
||||
Integer numberBody = 111;
|
||||
String numberState = AuthState.create(source, numberBody);
|
||||
System.out.println(numberState);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入日期生成state...");
|
||||
Date dateBody = DateUtil.parse("2019-01-01 12:12:12", DatePattern.NORM_DATETIME_PATTERN);
|
||||
String dateState = AuthState.create(source, dateBody);
|
||||
System.out.println(dateState);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入map生成state...");
|
||||
Map<String, Object> mapBody = new HashMap<>();
|
||||
mapBody.put("userId", 1);
|
||||
mapBody.put("userToken", "xxxxx");
|
||||
String mapState = AuthState.create(source, mapBody);
|
||||
System.out.println(mapState);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入List生成state...");
|
||||
List<String> listBody = new ArrayList<>();
|
||||
listBody.add("xxxx");
|
||||
listBody.add("xxxxxxxx");
|
||||
String listState = AuthState.create(source, listBody);
|
||||
System.out.println(listState);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入实体类生成state...");
|
||||
AuthConfig entityBody = AuthConfig.builder()
|
||||
.clientId("xxxxx")
|
||||
.clientSecret("xxxxx")
|
||||
.build();
|
||||
String entityState = AuthState.create(source, entityBody);
|
||||
System.out.println(entityState);
|
||||
AuthState.delete(source);
|
||||
}
|
||||
|
||||
/**
|
||||
* 通过随机字符串生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9kaWNn
|
||||
* dicg
|
||||
*
|
||||
* 通过传入自定义的字符串生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV/ov5nmmK/kuIDkuKrlrZfnrKbkuLI=
|
||||
* 这是一个字符串
|
||||
*
|
||||
* 通过传入数字生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xMTE=
|
||||
* 111
|
||||
*
|
||||
* 通过传入日期生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV8xNTQ2MzE1OTMyMDAw
|
||||
* Tue Jan 01 12:12:12 CST 2019
|
||||
*
|
||||
* 通过传入map生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV97InVzZXJUb2tlbiI6Inh4eHh4IiwidXNlcklkIjoxfQ==
|
||||
* {userToken=xxxxx, userId=1}
|
||||
*
|
||||
* 通过传入List生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV9bInh4eHgiLCJ4eHh4eHh4eCJd
|
||||
* [xxxx, xxxxxxxx]
|
||||
*
|
||||
* 通过传入实体类生成state...
|
||||
* Z2l0aHViXzE5Mi4xNjguMTkuMV97ImNsaWVudElkIjoieHh4eHgiLCJjbGllbnRTZWNyZXQiOiJ4eHh4eCIsInVuaW9uSWQiOmZhbHNlfQ==
|
||||
* me.zhyd.oauth.config.AuthConfig@725bef66
|
||||
*/
|
||||
@Test
|
||||
public void getBody() {
|
||||
String source = "github";
|
||||
System.out.println("\n通过随机字符串生成state...");
|
||||
String state = AuthState.create(source);
|
||||
System.out.println(state);
|
||||
String body = AuthState.getBody(source, state, String.class);
|
||||
System.out.println(body);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入自定义的字符串生成state...");
|
||||
String stringBody = "这是一个字符串";
|
||||
String stringState = AuthState.create(source, stringBody);
|
||||
System.out.println(stringState);
|
||||
stringBody = AuthState.getBody(source, stringState, String.class);
|
||||
System.out.println(stringBody);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入数字生成state...");
|
||||
Integer numberBody = 111;
|
||||
String numberState = AuthState.create(source, numberBody);
|
||||
System.out.println(numberState);
|
||||
numberBody = AuthState.getBody(source, numberState, Integer.class);
|
||||
System.out.println(numberBody);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入日期生成state...");
|
||||
Date dateBody = DateUtil.parse("2019-01-01 12:12:12", DatePattern.NORM_DATETIME_PATTERN);
|
||||
String dateState = AuthState.create(source, dateBody);
|
||||
System.out.println(dateState);
|
||||
dateBody = AuthState.getBody(source, dateState, Date.class);
|
||||
System.out.println(dateBody);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入map生成state...");
|
||||
Map<String, Object> mapBody = new HashMap<>();
|
||||
mapBody.put("userId", 1);
|
||||
mapBody.put("userToken", "xxxxx");
|
||||
String mapState = AuthState.create(source, mapBody);
|
||||
System.out.println(mapState);
|
||||
mapBody = AuthState.getBody(source, mapState, Map.class);
|
||||
System.out.println(mapBody);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入List生成state...");
|
||||
List<String> listBody = new ArrayList<>();
|
||||
listBody.add("xxxx");
|
||||
listBody.add("xxxxxxxx");
|
||||
String listState = AuthState.create(source, listBody);
|
||||
System.out.println(listState);
|
||||
listBody = AuthState.getBody(source, listState, List.class);
|
||||
System.out.println(listBody);
|
||||
AuthState.delete(source);
|
||||
|
||||
System.out.println("\n通过传入实体类生成state...");
|
||||
AuthConfig entityBody = AuthConfig.builder()
|
||||
.clientId("xxxxx")
|
||||
.clientSecret("xxxxx")
|
||||
.build();
|
||||
String entityState = AuthState.create(source, entityBody);
|
||||
System.out.println(entityState);
|
||||
entityBody = AuthState.getBody(source, entityState, AuthConfig.class);
|
||||
System.out.println(entityBody);
|
||||
AuthState.delete(source);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getErrorStateBody() {
|
||||
String source = "github";
|
||||
String state = "1111111111111111111111111111111";
|
||||
String body = AuthState.getBody(source, state, String.class);
|
||||
System.out.println(body);
|
||||
AuthState.delete(source);
|
||||
}
|
||||
}
|
||||
@ -3,7 +3,6 @@ package me.zhyd.oauth.utils;
|
||||
import me.zhyd.oauth.config.AuthConfig;
|
||||
import me.zhyd.oauth.config.AuthSource;
|
||||
import me.zhyd.oauth.request.AuthWeChatRequest;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
|
||||
/**
|
||||
@ -21,18 +20,17 @@ public class UrlBuilderTest {
|
||||
.clientId("appid-110110110")
|
||||
.clientSecret("secret-110110110")
|
||||
.redirectUri("https://xkcoding.com")
|
||||
.state(AuthState.create(AuthSource.WECHAT))
|
||||
.build();
|
||||
String build = UrlBuilder.fromBaseUrl(AuthSource.WECHAT.authorize())
|
||||
.queryParam("appid", config.getClientId())
|
||||
.queryParam("redirect_uri", config.getRedirectUri())
|
||||
.queryParam("response_type", "code")
|
||||
.queryParam("scope", "snsapi_login")
|
||||
.queryParam("state", config.getState().concat("#wechat_redirect"))
|
||||
.queryParam("state", "")
|
||||
.build(false);
|
||||
System.out.println(build);
|
||||
AuthWeChatRequest request = new AuthWeChatRequest(config);
|
||||
String authorize = request.authorize();
|
||||
Assert.assertEquals(build, authorize);
|
||||
AuthState.delete(AuthSource.WECHAT);
|
||||
String authorize = request.authorize("state");
|
||||
System.out.println(authorize);
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user