新增OAuth2 client

2026-06-20 08:52:21 +08:00 · 2017-04-07 09:28:00 +08:00
parent 7b845bea78
commit 02e69163a9
3 changed files with 162 additions and 0 deletions
--- a/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/pom.xml
+++ b/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/pom.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-system-oauth2-client</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-system-oauth2-client-controller</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-commons-controller</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-client</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+
+</project>
--- a/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/src/main/java/org/hswebframework/web/authorization/oauth2/controller/OAuth2ClientController.java
+++ b/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/src/main/java/org/hswebframework/web/authorization/oauth2/controller/OAuth2ClientController.java
@@ -0,0 +1,74 @@
+/*
+ *  Copyright 2016 http://www.hswebframework.org
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.authorization.oauth2.controller;
+
+import org.hswebframework.web.BusinessException;
+import org.hswebframework.web.authorization.oauth2.client.OAuth2RequestService;
+import org.hswebframework.web.authorization.oauth2.client.listener.OAuth2CodeAuthBeforeEvent;
+import org.hswebframework.web.controller.message.ResponseMessage;
+import org.hswebframework.web.id.IDGenerator;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpSession;
+import java.util.Map;
+
+/**
+ * @author zhouhao
+ */
+@Controller
+@RequestMapping("${hsweb.web.mappings.oauth2-client-callback:oauth2}")
+public class OAuth2ClientController {
+
+    private OAuth2RequestService oAuth2RequestService;
+
+    @Autowired
+    public void setoAuth2RequestService(OAuth2RequestService oAuth2RequestService) {
+        this.oAuth2RequestService = oAuth2RequestService;
+    }
+
+    private static final String STATE_SESSION_KEY = "OAUTH2_STATE";
+
+    @GetMapping("/state")
+    @ResponseBody
+    public ResponseMessage<String> requestState(HttpSession session) {
+        String state = IDGenerator.RANDOM.generate();
+        session.setAttribute(STATE_SESSION_KEY, state);
+        return ResponseMessage.ok(state);
+    }
+
+    @GetMapping("/callback/{serverId}")
+    public ModelAndView callback(@RequestParam(defaultValue = "/") String redirect
+            , @PathVariable String serverId
+            , @RequestParam String code
+            , @RequestParam String state
+            , @RequestParam Map<String, Object> param
+            , HttpSession session) {
+        try {
+            String cachedState = (String) session.getAttribute(STATE_SESSION_KEY);
+            if (!state.equals(cachedState)) throw new BusinessException("state error");
+            oAuth2RequestService.doEvent(serverId, new OAuth2CodeAuthBeforeEvent(code, state, param::get));
+            return new ModelAndView("redirect:" + redirect);
+        } finally {
+            session.removeAttribute(STATE_SESSION_KEY);
+        }
+    }
+}
--- a/hsweb-system/hsweb-system-oauth2-client/pom.xml
+++ b/hsweb-system/hsweb-system-oauth2-client/pom.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-system</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-system-oauth2-client</artifactId>
+    <packaging>pom</packaging>
+    <modules>
+        <module>hsweb-system-oauth2-client-controller</module>
+    </modules>
+
+
+</project>