diff --git a/README.md b/README.md index 6e8db55..08ddaa0 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@

- + @@ -64,7 +64,7 @@ JustAuth,如你所见,它仅仅是一个**第三方授权登录**的**工具 me.zhyd.oauth JustAuth - 1.6.0-beta + 1.7.0 ``` - 调用api diff --git a/pom.xml b/pom.xml index dfca999..4cacc20 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ me.zhyd.oauth JustAuth - 1.6.0-beta + 1.7.0 JustAuth https://gitee.com/yadong.zhang/JustAuth diff --git a/src/main/java/me/zhyd/oauth/config/AuthSource.java b/src/main/java/me/zhyd/oauth/config/AuthSource.java index 14d51ea..73c2858 100644 --- a/src/main/java/me/zhyd/oauth/config/AuthSource.java +++ b/src/main/java/me/zhyd/oauth/config/AuthSource.java @@ -317,12 +317,12 @@ public enum AuthSource { @Override public String accessToken() { - return "https://open.douyin.com/oauth/access_token"; + return "https://open.douyin.com/oauth/access_token/"; } @Override public String userInfo() { - return "https://open.douyin.com/oauth/userinfo"; + return "https://open.douyin.com/oauth/userinfo/"; } @Override diff --git a/src/main/java/me/zhyd/oauth/model/AuthToken.java b/src/main/java/me/zhyd/oauth/model/AuthToken.java index 96f1d2c..37dcfd4 100644 --- a/src/main/java/me/zhyd/oauth/model/AuthToken.java +++ b/src/main/java/me/zhyd/oauth/model/AuthToken.java @@ -19,6 +19,7 @@ public class AuthToken { private String uid; private String openId; private String accessCode; + private String unionId; /** * Google附带属性 diff --git a/src/main/java/me/zhyd/oauth/model/AuthUserGender.java b/src/main/java/me/zhyd/oauth/model/AuthUserGender.java index b5dbd05..910a66a 100644 --- a/src/main/java/me/zhyd/oauth/model/AuthUserGender.java +++ b/src/main/java/me/zhyd/oauth/model/AuthUserGender.java @@ -10,7 +10,7 @@ import java.util.Arrays; * @since 1.8 */ public enum AuthUserGender { - MALE(1, "男"), FEMALE(0, "女"), UNKNOW(-1, ""); + MALE(1, "男"), FEMALE(0, "女"), UNKNOW(-1, "未知"); private int code; private String desc; diff --git a/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java b/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java index 95a9549..db414ae 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthAlipayRequest.java @@ -68,13 +68,17 @@ public class AuthAlipayRequest extends BaseAuthRequest { if (!response.isSuccess()) { throw new AuthException(response.getSubMsg()); } - String province = response.getProvince(), city = response.getCity(); + + String province = response.getProvince(), + city = response.getCity(); + String location = String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city); + return AuthUser.builder() .uuid(response.getUserId()) .username(StringUtils.isEmpty(response.getUserName()) ? response.getNickName() : response.getUserName()) .nickname(response.getNickName()) .avatar(response.getAvatar()) - .location(String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city)) + .location(location) .gender(AuthUserGender.getRealGender(response.getGender())) .token(authToken) .source(AuthSource.ALIPAY) diff --git a/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java b/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java index b26ddbf..66f7143 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthCodingRequest.java @@ -43,6 +43,7 @@ public class AuthCodingRequest extends BaseAuthRequest { if (object.getIntValue("code") != 0) { throw new AuthException(object.getString("msg")); } + object = object.getJSONObject("data"); return AuthUser.builder() .uuid(object.getString("id")) diff --git a/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java b/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java index 4e37183..858441b 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthCsdnRequest.java @@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; /** @@ -48,6 +49,7 @@ public class AuthCsdnRequest extends BaseAuthRequest { .username(object.getString("username")) .remark(object.getString("description")) .blog(object.getString("website")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.CSDN) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java index b77cf0c..05955e1 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDingTalkRequest.java @@ -2,18 +2,18 @@ package me.zhyd.oauth.request; import cn.hutool.http.HttpRequest; import cn.hutool.http.HttpResponse; -import cn.hutool.json.JSONObject; +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthDingTalkErrorCode; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.GlobalAuthUtil; import me.zhyd.oauth.utils.UrlBuilder; -import java.util.Objects; - /** * 钉钉登录 * @@ -36,22 +36,31 @@ public class AuthDingTalkRequest extends BaseAuthRequest { protected AuthUser getUserInfo(AuthToken authToken) { String code = authToken.getAccessCode(); // 根据timestamp, appSecret计算签名值 - String stringToSign = System.currentTimeMillis() + ""; - String urlEncodeSignature = GlobalAuthUtil.generateDingTalkSignature(config.getClientSecret(), stringToSign); - HttpResponse response = HttpRequest.post(UrlBuilder.getDingTalkUserInfoUrl(urlEncodeSignature, stringToSign, config - .getClientId())).body(Objects.requireNonNull(new JSONObject().put("tmp_auth_code", code))).execute(); + String timestamp = System.currentTimeMillis() + ""; + String urlEncodeSignature = GlobalAuthUtil.generateDingTalkSignature(config.getClientSecret(), timestamp); + JSONObject param = new JSONObject(); + param.put("tmp_auth_code", code); + HttpResponse response = HttpRequest.post(UrlBuilder.getDingTalkUserInfoUrl(urlEncodeSignature, timestamp, config.getClientId())) + .body(param.toJSONString()) + .execute(); String userInfo = response.body(); - JSONObject object = new JSONObject(userInfo); - AuthDingTalkErrorCode errorCode = AuthDingTalkErrorCode.getErrorCode(object.getInt("errcode")); + JSONObject object = JSON.parseObject(userInfo); + AuthDingTalkErrorCode errorCode = AuthDingTalkErrorCode.getErrorCode(object.getIntValue("errcode")); if (!AuthDingTalkErrorCode.EC0.equals(errorCode)) { throw new AuthException(errorCode.getDesc()); } object = object.getJSONObject("user_info"); + AuthToken token = AuthToken.builder() + .openId(object.getString("openid")) + .unionId(object.getString("unionid")) + .build(); return AuthUser.builder() - .uuid(object.getStr("openid")) - .nickname(object.getStr("nick")) - .username(object.getStr("nick")) + .uuid(object.getString("unionid")) + .nickname(object.getString("nick")) + .username(object.getString("nick")) + .gender(AuthUserGender.UNKNOW) .source(AuthSource.DINGTALK) + .token(token) .build(); } diff --git a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java index d469f1f..a3ae4ee 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthDouyinRequest.java @@ -9,6 +9,7 @@ import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthResponse; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; @@ -35,16 +36,19 @@ public class AuthDouyinRequest extends BaseAuthRequest { protected AuthUser getUserInfo(AuthToken authToken) { String accessToken = authToken.getAccessToken(); String openId = authToken.getOpenId(); - HttpResponse response = HttpRequest.get(UrlBuilder.getDouyinUserInfoUrl(accessToken, openId)).execute(); + String url = UrlBuilder.getDouyinUserInfoUrl(accessToken, openId); + HttpResponse response = HttpRequest.get(url).execute(); JSONObject object = JSONObject.parseObject(response.body()); JSONObject userInfoObject = this.checkResponse(object); return AuthUser.builder() - .uuid(userInfoObject.getString("open_id")) + .uuid(userInfoObject.getString("union_id")) .username(userInfoObject.getString("nickname")) .nickname(userInfoObject.getString("nickname")) .avatar(userInfoObject.getString("avatar")) + .remark(userInfoObject.getString("description")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.DOUYIN) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java index 57a11e8..1e3ae3b 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthGiteeRequest.java @@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; /** @@ -51,6 +52,7 @@ public class AuthGiteeRequest extends BaseAuthRequest { .location(object.getString("address")) .email(object.getString("email")) .remark(object.getString("bio")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.GITEE) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java index d2e12f6..db7dcb2 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthGithubRequest.java @@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.GlobalAuthUtil; import me.zhyd.oauth.utils.UrlBuilder; @@ -54,6 +55,7 @@ public class AuthGithubRequest extends BaseAuthRequest { .location(object.getString("location")) .email(object.getString("email")) .remark(object.getString("bio")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.GITHUB) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java b/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java index 0c12ea9..4e91761 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthGoogleRequest.java @@ -8,6 +8,7 @@ import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; /** @@ -57,6 +58,7 @@ public class AuthGoogleRequest extends BaseAuthRequest { .nickname(object.getString("name")) .location(object.getString("locale")) .email(object.getString("email")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.GOOGLE) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java index 2439f9b..acdb664 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthLinkedinRequest.java @@ -10,6 +10,7 @@ import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthResponse; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.StringUtils; import me.zhyd.oauth.utils.UrlBuilder; @@ -83,6 +84,7 @@ public class AuthLinkedinRequest extends BaseAuthRequest { .avatar(avatar) .email(email) .token(authToken) + .gender(AuthUserGender.UNKNOW) .source(AuthSource.LINKEDIN) .build(); } diff --git a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java index 49d84d1..fe40401 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMiRequest.java @@ -10,6 +10,7 @@ import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthResponse; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; import java.text.MessageFormat; @@ -74,6 +75,7 @@ public class AuthMiRequest extends BaseAuthRequest { .nickname(user.getString("miliaoNick")) .avatar(user.getString("miliaoIcon")) .email(user.getString("mail")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.MI) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java index 1308977..8902338 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthMicrosoftRequest.java @@ -10,6 +10,7 @@ import me.zhyd.oauth.exception.AuthException; import me.zhyd.oauth.model.AuthResponse; import me.zhyd.oauth.model.AuthToken; import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; import java.util.HashMap; @@ -85,6 +86,7 @@ public class AuthMicrosoftRequest extends BaseAuthRequest { .nickname(object.getString("displayName")) .location(object.getString("officeLocation")) .email(object.getString("mail")) + .gender(AuthUserGender.UNKNOW) .token(authToken) .source(AuthSource.MICROSOFT) .build(); diff --git a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java index 54c9c61..d9ad586 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthQqRequest.java @@ -48,7 +48,7 @@ public class AuthQqRequest extends BaseAuthRequest { @Override protected AuthUser getUserInfo(AuthToken authToken) { String accessToken = authToken.getAccessToken(); - String openId = this.getOpenId(accessToken); + String openId = this.getOpenId(authToken); HttpResponse response = HttpRequest.get(UrlBuilder.getQqUserInfoUrl(config.getClientId(), accessToken, openId)) .execute(); JSONObject object = JSONObject.parseObject(response.body()); @@ -59,11 +59,13 @@ public class AuthQqRequest extends BaseAuthRequest { if (StringUtils.isEmpty(avatar)) { avatar = object.getString("figureurl_qq_1"); } + + String location = String.format("%s-%s", object.getString("province"), object.getString("city")); return AuthUser.builder() .username(object.getString("nickname")) .nickname(object.getString("nickname")) .avatar(avatar) - .location(object.getString("province") + "-" + object.getString("city")) + .location(location) .uuid(openId) .gender(AuthUserGender.getRealGender(object.getString("gender"))) .token(authToken) @@ -81,7 +83,8 @@ public class AuthQqRequest extends BaseAuthRequest { return UrlBuilder.getQqAuthorizeUrl(config.getClientId(), config.getRedirectUri()); } - private String getOpenId(String accessToken) { + private String getOpenId(AuthToken authToken) { + String accessToken = authToken.getAccessToken(); HttpResponse response = HttpRequest.get(UrlBuilder.getQqOpenidUrl("https://graph.qq.com/oauth2.0/me", accessToken)) .execute(); if (response.isOk()) { @@ -90,11 +93,14 @@ public class AuthQqRequest extends BaseAuthRequest { String removeSuffix = StrUtil.replace(removePrefix, ");", ""); String openId = StrUtil.trim(removeSuffix); JSONObject object = JSONObject.parseObject(openId); - if (object.containsKey("openid")) { - return object.getString("openid"); + if (object.containsKey("error")) { + throw new AuthException(object.get("error") + ":" + object.get("error_description")); } - throw new AuthException("Invalid openId"); + authToken.setOpenId(object.getString("openid")); + authToken.setUnionId(object.getString("unionid")); + return StringUtils.isEmpty(authToken.getUnionId()) ? authToken.getOpenId() : authToken.getUnionId(); } - throw new AuthException("Invalid openId"); + + throw new AuthException("request error"); } } diff --git a/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java b/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java index daefc50..423595c 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthToutiaoRequest.java @@ -6,7 +6,10 @@ import com.alibaba.fastjson.JSONObject; import me.zhyd.oauth.config.AuthConfig; import me.zhyd.oauth.config.AuthSource; import me.zhyd.oauth.exception.AuthException; -import me.zhyd.oauth.model.*; +import me.zhyd.oauth.model.AuthToken; +import me.zhyd.oauth.model.AuthToutiaoErrorCode; +import me.zhyd.oauth.model.AuthUser; +import me.zhyd.oauth.model.AuthUserGender; import me.zhyd.oauth.utils.UrlBuilder; /** diff --git a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java index 7df984e..3d9fb7c 100644 --- a/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java +++ b/src/main/java/me/zhyd/oauth/request/AuthWeChatRequest.java @@ -46,11 +46,12 @@ public class AuthWeChatRequest extends BaseAuthRequest { this.checkResponse(object); + String location = String.format("%s-%s-%s", object.getString("country"), object.getString("province"), object.getString("city")); return AuthUser.builder() .username(object.getString("nickname")) .nickname(object.getString("nickname")) .avatar(object.getString("headimgurl")) - .location(object.getString("country") + "-" + object.getString("province") + "-" + object.getString("city")) + .location(location) .uuid(openId) .gender(AuthUserGender.getRealGender(object.getString("sex"))) .token(authToken) diff --git a/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java b/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java index fc9f207..4fa29c3 100644 --- a/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java +++ b/src/main/java/me/zhyd/oauth/request/BaseAuthRequest.java @@ -22,9 +22,11 @@ public abstract class BaseAuthRequest implements AuthRequest { public BaseAuthRequest(AuthConfig config, AuthSource source) { this.config = config; this.source = source; - if (!AuthConfigChecker.isSupportedAuth(config)) { + if (!AuthConfigChecker.isSupportedAuth(config, source)) { throw new AuthException(ResponseStatus.PARAMETER_INCOMPLETE); } + // 校验配置合法性 + AuthConfigChecker.check(config, source); } protected abstract AuthToken getAccessToken(String code); diff --git a/src/main/java/me/zhyd/oauth/request/ResponseStatus.java b/src/main/java/me/zhyd/oauth/request/ResponseStatus.java index 378669b..41052ab 100644 --- a/src/main/java/me/zhyd/oauth/request/ResponseStatus.java +++ b/src/main/java/me/zhyd/oauth/request/ResponseStatus.java @@ -13,6 +13,7 @@ public enum ResponseStatus { UNSUPPORTED(5003, "Unsupported operation"), NO_AUTH_SOURCE(5004, "AuthSource cannot be null"), UNIDENTIFIED_PLATFORM(5005, "Unidentified platform"), + ILLEGAL_REDIRECT_URI(5006, "Illegal redirect uri"), ; private int code; diff --git a/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java b/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java index ca58d14..5451d48 100644 --- a/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java +++ b/src/main/java/me/zhyd/oauth/utils/AuthConfigChecker.java @@ -1,6 +1,9 @@ package me.zhyd.oauth.utils; import me.zhyd.oauth.config.AuthConfig; +import me.zhyd.oauth.config.AuthSource; +import me.zhyd.oauth.exception.AuthException; +import me.zhyd.oauth.request.ResponseStatus; /** * 授权配置类的校验器 @@ -15,9 +18,35 @@ public class AuthConfigChecker { * 是否支持第三方登录 * * @param config config + * @param source source * @return true or false */ - public static boolean isSupportedAuth(AuthConfig config) { - return StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri()); + public static boolean isSupportedAuth(AuthConfig config, AuthSource source) { + boolean isSupported = StringUtils.isNotEmpty(config.getClientId()) && StringUtils.isNotEmpty(config.getClientSecret()) && StringUtils.isNotEmpty(config.getRedirectUri()); + if (isSupported && AuthSource.ALIPAY == source) { + isSupported = StringUtils.isNotEmpty(config.getAlipayPublicKey()); + } + return isSupported; + } + + /** + * 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://,而对于facebook平台, redirect uri 必须是https的链接 + * + * @param config config + * @param source source + */ + public static void check(AuthConfig config, AuthSource source) { + String redirectUri = config.getRedirectUri(); + if (!GlobalAuthUtil.isHttpProtocol(redirectUri) && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) { + throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI); + } + // facebook的回调地址必须为https的链接 + if (AuthSource.FACEBOOK == source && !GlobalAuthUtil.isHttpsProtocol(redirectUri)) { + throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI); + } + // 支付宝在创建回调地址时,不允许使用localhost或者127.0.0.1 + if (AuthSource.ALIPAY == source && GlobalAuthUtil.isLocalHost(redirectUri)) { + throw new AuthException(ResponseStatus.ILLEGAL_REDIRECT_URI); + } } } diff --git a/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java b/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java index 5bf022e..245f11a 100644 --- a/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java +++ b/src/main/java/me/zhyd/oauth/utils/GlobalAuthUtil.java @@ -25,9 +25,9 @@ public class GlobalAuthUtil { private static final String DEFAULT_ENCODING = "UTF-8"; private static final String ALGORITHM = "HmacSHA256"; - public static String generateDingTalkSignature(String canonicalString, String secret) { + public static String generateDingTalkSignature(String secretKey, String timestamp) { try { - byte[] signData = sign(canonicalString.getBytes(DEFAULT_ENCODING), secret.getBytes(DEFAULT_ENCODING)); + byte[] signData = sign(secretKey.getBytes(DEFAULT_ENCODING), timestamp.getBytes(DEFAULT_ENCODING)); return urlEncode(new String(Base64.encode(signData, false))); } catch (UnsupportedEncodingException ex) { throw new AuthException("Unsupported algorithm: " + DEFAULT_ENCODING, ex); @@ -84,4 +84,23 @@ public class GlobalAuthUtil { } return res; } + + public static boolean isHttpProtocol(String url) { + if (StringUtils.isEmpty(url)) { + return false; + } + return url.startsWith("http://"); + } + + public static boolean isHttpsProtocol(String url) { + if (StringUtils.isEmpty(url)) { + return false; + } + return url.startsWith("https://"); + } + + public static boolean isLocalHost(String url) { + return StringUtils.isEmpty(url) || url.contains("127.0.0.1") || url.contains("localhost"); + } + } diff --git a/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java b/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java index ea856ad..7437cac 100644 --- a/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java +++ b/src/main/java/me/zhyd/oauth/utils/UrlBuilder.java @@ -58,7 +58,7 @@ public class UrlBuilder { private static final String QQ_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&grant_type=authorization_code&code={3}&redirect_uri={4}"; private static final String QQ_USER_INFO_PATTERN = "{0}?oauth_consumer_key={1}&access_token={2}&openid={3}"; private static final String QQ_AUTHORIZE_PATTERN = "{0}?client_id={1}&response_type=code&redirect_uri={2}&state={3}"; - private static final String QQ_OPENID_PATTERN = "{0}?access_token={1}"; + private static final String QQ_OPENID_PATTERN = "{0}?access_token={1}&unionid=1"; private static final String WECHAT_AUTHORIZE_PATTERN = "{0}?appid={1}&redirect_uri={2}&response_type=code&scope=snsapi_login&state={3}#wechat_redirect"; private static final String WECHAT_ACCESS_TOKEN_PATTERN = "{0}?appid={1}&secret={2}&code={3}&grant_type=authorization_code"; @@ -73,7 +73,7 @@ public class UrlBuilder { private static final String FACEBOOK_USER_INFO_PATTERN = "{0}?access_token={1}&fields=id,name,birthday,gender,hometown,email,devices,picture.width(400)"; private static final String DOUYIN_AUTHORIZE_PATTERN = "{0}?client_key={1}&redirect_uri={2}&state={3}&response_type=code&scope=user_info"; - private static final String DOUYIN_ACCESS_TOKEN_PATTERN = "{0}?client_id={1}&client_secret={2}&code={3}&grant_type=authorization_code"; + private static final String DOUYIN_ACCESS_TOKEN_PATTERN = "{0}?client_key={1}&client_secret={2}&code={3}&grant_type=authorization_code"; private static final String DOUYIN_USER_INFO_PATTERN = "{0}?access_token={1}&open_id={2}"; private static final String DOUYIN_REFRESH_TOKEN_PATTERN = "{0}?client_key={1}&refresh_token={2}&grant_type=refresh_token"; diff --git a/update.md b/update.md index 7c85527..7441705 100644 --- a/update.md +++ b/update.md @@ -1,3 +1,15 @@ +### 2019/06/19 +1. 合并[xkcoding](https://github.com/xkcoding)提交的[PR](https://github.com/zhangyd-c/JustAuth/pull/14),重构了部分代码,jar包由原来的`130+kb`优化到现在的`110+kb` +2. 合并[skqing](https://gitee.com/skqing)提交的[PR](https://gitee.com/yadong.zhang/JustAuth/pulls/3), 解决抖音登录失败问题 + +### 2019/06/18 +1. 解决Issue [#IY2HW](https://gitee.com/yadong.zhang/JustAuth/issues/IY2HW) +2. 解决Issue [#IY2OH](https://gitee.com/yadong.zhang/JustAuth/issues/IY2OH) +3. 解决Issue [#IY2FV](https://gitee.com/yadong.zhang/JustAuth/issues/IY2FV) +4. 修复部分注释、拼写错误 +5. 解决Issue [#IY1QR](https://gitee.com/yadong.zhang/JustAuth/issues/IY1QR) 增加对Config属性的校验功能,主要校验redirect uri的合法性 +6. 合并[skqing](https://gitee.com/skqing)提交的[PR](https://gitee.com/yadong.zhang/JustAuth/pulls/2),解决一些BUG + ### 2019/06/06 1. 增加今日头条的授权登陆 2. 发布1.6.0-beta版本,今日头条开发者暂时不能认证, 所以无法做测试,等测试通过后,正式发布release版本