mirror of
https://gitee.com/yadong.zhang/JustAuth.git
synced 2025-12-06 16:58:24 +08:00
102 lines
3.5 KiB
Java
102 lines
3.5 KiB
Java
package me.zhyd.oauth.request;
|
||
|
||
import cn.hutool.http.HttpRequest;
|
||
import cn.hutool.http.HttpResponse;
|
||
import com.alibaba.fastjson.JSONObject;
|
||
import me.zhyd.oauth.config.AuthConfig;
|
||
import me.zhyd.oauth.config.AuthSource;
|
||
import me.zhyd.oauth.enums.AuthUserGender;
|
||
import me.zhyd.oauth.exception.AuthException;
|
||
import me.zhyd.oauth.model.AuthCallback;
|
||
import me.zhyd.oauth.model.AuthToken;
|
||
import me.zhyd.oauth.model.AuthUser;
|
||
import me.zhyd.oauth.utils.UrlBuilder;
|
||
|
||
/**
|
||
* Google登录
|
||
*
|
||
* @author yangkai.shen (https://xkcoding.com)
|
||
* @since 1.3.0
|
||
*/
|
||
public class AuthGoogleRequest extends AuthDefaultRequest {
|
||
|
||
public AuthGoogleRequest(AuthConfig config) {
|
||
super(config, AuthSource.GOOGLE);
|
||
}
|
||
|
||
@Override
|
||
protected AuthToken getAccessToken(AuthCallback authCallback) {
|
||
HttpResponse response = doPostAuthorizationCode(authCallback.getCode());
|
||
JSONObject accessTokenObject = JSONObject.parseObject(response.body());
|
||
this.checkResponse(accessTokenObject);
|
||
return AuthToken.builder()
|
||
.accessToken(accessTokenObject.getString("access_token"))
|
||
.expireIn(accessTokenObject.getIntValue("expires_in"))
|
||
.scope(accessTokenObject.getString("scope"))
|
||
.tokenType(accessTokenObject.getString("token_type"))
|
||
.idToken(accessTokenObject.getString("id_token"))
|
||
.build();
|
||
}
|
||
|
||
@Override
|
||
protected AuthUser getUserInfo(AuthToken authToken) {
|
||
HttpResponse response = HttpRequest.post(userInfoUrl(authToken))
|
||
.header("Authorization", "Bearer " + authToken.getAccessToken())
|
||
.execute();
|
||
String userInfo = response.body();
|
||
JSONObject object = JSONObject.parseObject(userInfo);
|
||
this.checkResponse(object);
|
||
return AuthUser.builder()
|
||
.uuid(object.getString("sub"))
|
||
.username(object.getString("email"))
|
||
.avatar(object.getString("picture"))
|
||
.nickname(object.getString("name"))
|
||
.location(object.getString("locale"))
|
||
.email(object.getString("email"))
|
||
.gender(AuthUserGender.UNKNOWN)
|
||
.token(authToken)
|
||
.source(source)
|
||
.build();
|
||
}
|
||
|
||
/**
|
||
* 返回带{@code state}参数的授权url,授权回调时会带上这个{@code state}
|
||
*
|
||
* @param state state 验证授权流程的参数,可以防止csrf
|
||
* @return 返回授权地址
|
||
* @since 1.9.3
|
||
*/
|
||
@Override
|
||
public String authorize(String state) {
|
||
return UrlBuilder.fromBaseUrl(source.authorize())
|
||
.queryParam("response_type", "code")
|
||
.queryParam("client_id", config.getClientId())
|
||
.queryParam("scope", "openid%20email%20profile")
|
||
.queryParam("redirect_uri", config.getRedirectUri())
|
||
.queryParam("state", getRealState(state))
|
||
.build();
|
||
}
|
||
|
||
/**
|
||
* 返回获取userInfo的url
|
||
*
|
||
* @param authToken 用户授权后的token
|
||
* @return 返回获取userInfo的url
|
||
*/
|
||
@Override
|
||
protected String userInfoUrl(AuthToken authToken) {
|
||
return UrlBuilder.fromBaseUrl(source.userInfo()).queryParam("access_token", authToken.getAccessToken()).build();
|
||
}
|
||
|
||
/**
|
||
* 检查响应内容是否正确
|
||
*
|
||
* @param object 请求响应内容
|
||
*/
|
||
private void checkResponse(JSONObject object) {
|
||
if (object.containsKey("error") || object.containsKey("error_description")) {
|
||
throw new AuthException(object.containsKey("error") + ":" + object.getString("error_description"));
|
||
}
|
||
}
|
||
}
|