admin/JustAuth
1
0
Fork 0
mirror of https://gitee.com/yadong.zhang/JustAuth.git synced 2025-12-06 08:48:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

💩 添加新版钉钉扫码登录能力

Browse Source
This commit is contained in:
yadong.zhang 2024-09-02 00:24:05 +08:00
parent e9135436f9
commit 64e1098519
6 changed files with 213 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOGS.md
View File

@ -1,11 +1,12 @@
## 1.16.7
### 2024/08/03
:
- 新增
- 添加`appleid`社交登录能力。 [Github#192](https://github.com/justauth/JustAuth/pull/192)
- 添加`figma`社交登录能力。 [Gitee#41](https://gitee.com/yadong.zhang/JustAuth/pulls/41)
- 添加新版`企业微信扫码`登录能力。 [Github Issue#165](https://github.com/justauth/JustAuth/issues/165)
- 添加新版`钉钉扫码`登录能力。 [Gitee Issue#I73FZL](https://gitee.com/yadong.zhang/JustAuth/issues/I73FZL)
- 添加新版`华为`登录能力,原`AuthHuaweiRequest`会在后面版本被弃用,如有使用,请切换到`AuthHuaweiV3Request`
- 新增微信小程序授权登录
- 优化

40
src/main/java/me/zhyd/oauth/config/AuthConfig.java
View File

@ -209,9 +209,47 @@ public class AuthConfig {
private String loginType = "CorpApp";
/**
* 语言编码
* 企业微信平台的语言编码
*
* @since 1.16.7
*/
private String lang = "zh";
/**
* 钉钉平台参数控制输出特定类型的组织列表org_type=management 表示只输出有管理权限的组织
*
* scope包含corpid时该参数存在意义
*
* @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
* @since 1.16.7
*/
private String dingTalkOrgType;
/**
* 钉钉平台参数用于指定用户需要选择的组织
*
* scope包含corpid时该参数存在意义传入的corpId需要是当前用户所在的组织
*
* @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
* @since 1.16.7
*/
private String dingTalkCorpId;
/**
* 钉钉平台参数true表示专属帐号登录展示组织代码输入页
*
* @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
* @since 1.16.7
*/
private boolean dingTalkExclusiveLogin;
/**
* 钉钉平台参数开启了专属帐号功能的组织corpId
*
* scope包含corpid时该参数存在意义传入的corpId需要是当前用户所在的组织
*
* @see <a href="https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug">https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug</a>
* @since 1.16.7
*/
private String dingTalkExclusiveCorpId;
}

24
src/main/java/me/zhyd/oauth/config/AuthDefaultSource.java
View File

@ -112,6 +112,30 @@ public enum AuthDefaultSource implements AuthSource {
return AuthDingTalkRequest.class;
}
},
/**
* 新版钉钉扫码登录
*/
DINGTALK_V2 {
@Override
public String authorize() {
return "https://login.dingtalk.com/oauth2/challenge.htm";
}
@Override
public String accessToken() {
return "https://api.dingtalk.com/v1.0/oauth2/userAccessToken";
}
@Override
public String userInfo() {
return "https://api.dingtalk.com/v1.0/contact/users/me";
}
@Override
public Class<? extends AuthDefaultRequest> getTargetClass() {
return AuthDingTalkV2Request.class;
}
},
/**
* 钉钉账号登录
*/

33
src/main/java/me/zhyd/oauth/enums/scope/AuthDingTalkScope.java Normal file
View File

@ -0,0 +1,33 @@
package me.zhyd.oauth.enums.scope;
import lombok.AllArgsConstructor;
import lombok.Getter;
/**
* 钉钉平台 OAuth 授权范围
*
* https://open.dingtalk.com/document/orgapp/obtain-identity-credentials#title-4up-u8w-5ug
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0.0
* @since 1.16.7
*/
@Getter
@AllArgsConstructor
public enum AuthDingTalkScope implements AuthScope {
/**
* 无需申请 默认开启
*/
openid("openid", "授权后可获得用户userid", true),
/**
* 无需申请 默认开启
*/
corpid("corpid", "授权后可获得登录过程中用户选择的组织id", false)
;
private final String scope;
private final String description;
private final boolean isDefault;
}

7
src/main/java/me/zhyd/oauth/model/AuthToken.java
View File

@ -66,4 +66,11 @@ public class AuthToken implements Serializable {
* Apple附带属性
*/
private String username;
/**
* 新版钉钉附带属性
*
* @since 1.16.7
*/
private String corpId;
}

108
src/main/java/me/zhyd/oauth/request/AuthDingTalkV2Request.java Normal file
View File

@ -0,0 +1,108 @@
package me.zhyd.oauth.request;
import com.alibaba.fastjson.JSONObject;
import com.xkcoding.http.support.HttpHeader;
import me.zhyd.oauth.cache.AuthStateCache;
import me.zhyd.oauth.config.AuthConfig;
import me.zhyd.oauth.config.AuthDefaultSource;
import me.zhyd.oauth.enums.scope.AuthDingTalkScope;
import me.zhyd.oauth.exception.AuthException;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthToken;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.utils.AuthScopeUtils;
import me.zhyd.oauth.utils.HttpUtils;
import me.zhyd.oauth.utils.UrlBuilder;
import java.util.HashMap;
import java.util.Map;
/**
* 新版钉钉二维码登录
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @since 1.16.7
*/
public class AuthDingTalkV2Request extends AuthDefaultRequest {
public AuthDingTalkV2Request(AuthConfig config) {
super(config, AuthDefaultSource.DINGTALK_V2);
}
public AuthDingTalkV2Request(AuthConfig config, AuthStateCache authStateCache) {
super(config, AuthDefaultSource.DINGTALK_V2, authStateCache);
}
@Override
public String authorize(String state) {
return UrlBuilder.fromBaseUrl(source.authorize())
.queryParam("response_type", "code")
.queryParam("client_id", config.getClientId())
.queryParam("scope", this.getScopes(",", true, AuthScopeUtils.getDefaultScopes(AuthDingTalkScope.values())))
.queryParam("redirect_uri", config.getRedirectUri())
.queryParam("prompt", "consent")
.queryParam("org_type", config.getDingTalkOrgType())
.queryParam("corpId", config.getDingTalkCorpId())
.queryParam("exclusiveLogin", config.isDingTalkExclusiveLogin())
.queryParam("exclusiveCorpId", config.getDingTalkExclusiveCorpId())
.queryParam("state", getRealState(state))
.build();
}
@Override
public AuthToken getAccessToken(AuthCallback authCallback) {
Map<String, String> params = new HashMap<>();
params.put("grantType", "authorization_code");
params.put("clientId", config.getClientId());
params.put("clientSecret", config.getClientSecret());
params.put("code", authCallback.getCode());
String response = new HttpUtils(config.getHttpConfig()).post(this.source.accessToken(), JSONObject.toJSONString(params)).getBody();
JSONObject accessTokenObject = JSONObject.parseObject(response);
if (!accessTokenObject.containsKey("accessToken")) {
throw new AuthException(JSONObject.toJSONString(response), source);
}
return AuthToken.builder()
.accessToken(accessTokenObject.getString("accessToken"))
.refreshToken(accessTokenObject.getString("refreshToken"))
.expireIn(accessTokenObject.getIntValue("expireIn"))
.corpId(accessTokenObject.getString("corpId"))
.build();
}
@Override
public AuthUser getUserInfo(AuthToken authToken) {
HttpHeader header = new HttpHeader();
header.add("x-acs-dingtalk-access-token", authToken.getAccessToken());
String response = new HttpUtils(config.getHttpConfig()).get(this.source.userInfo(), null, header, false).getBody();
JSONObject object = JSONObject.parseObject(response);
authToken.setOpenId(object.getString("openId"));
authToken.setUnionId(object.getString("unionId"));
return AuthUser.builder()
.rawUserInfo(object)
.uuid(object.getString("unionId"))
.username(object.getString("nick"))
.nickname(object.getString("nick"))
.avatar(object.getString("avatarUrl"))
.snapshotUser(object.getBooleanValue("visitor"))
.token(authToken)
.source(source.toString())
.build();
}
/**
* 返回获取accessToken的url
*
* @param code 授权码
* @return 返回获取accessToken的url
*/
protected String accessTokenUrl(String code) {
return UrlBuilder.fromBaseUrl(source.accessToken())
.queryParam("code", code)
.queryParam("clientId", config.getClientId())
.queryParam("clientSecret", config.getClientSecret())
.queryParam("grantType", "authorization_code")
.build();
}
}