From 02e69163a94d4ea820b49e88a7bc35ee9588d14b Mon Sep 17 00:00:00 2001
From: zhouhao <zh.sqy@qq.com>
Date: Fri, 7 Apr 2017 09:28:00 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9EOAuth2=20client?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../pom.xml                                   | 51 +++++++++++++
 .../controller/OAuth2ClientController.java    | 74 +++++++++++++++++++
 .../hsweb-system-oauth2-client/pom.xml        | 37 ++++++++++
 3 files changed, 162 insertions(+)
 create mode 100644 hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/pom.xml
 create mode 100644 hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/src/main/java/org/hswebframework/web/authorization/oauth2/controller/OAuth2ClientController.java
 create mode 100644 hsweb-system/hsweb-system-oauth2-client/pom.xml

diff --git a/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/pom.xml b/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/pom.xml
new file mode 100644
index 000000000..4467ea4fc
--- /dev/null
+++ b/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/pom.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-system-oauth2-client</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-system-oauth2-client-controller</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-commons-controller</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-client</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+
+</project>
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/src/main/java/org/hswebframework/web/authorization/oauth2/controller/OAuth2ClientController.java b/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/src/main/java/org/hswebframework/web/authorization/oauth2/controller/OAuth2ClientController.java
new file mode 100644
index 000000000..ee8938564
--- /dev/null
+++ b/hsweb-system/hsweb-system-oauth2-client/hsweb-system-oauth2-client-controller/src/main/java/org/hswebframework/web/authorization/oauth2/controller/OAuth2ClientController.java
@@ -0,0 +1,74 @@
+/*
+ *  Copyright 2016 http://www.hswebframework.org
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.authorization.oauth2.controller;
+
+import org.hswebframework.web.BusinessException;
+import org.hswebframework.web.authorization.oauth2.client.OAuth2RequestService;
+import org.hswebframework.web.authorization.oauth2.client.listener.OAuth2CodeAuthBeforeEvent;
+import org.hswebframework.web.controller.message.ResponseMessage;
+import org.hswebframework.web.id.IDGenerator;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpSession;
+import java.util.Map;
+
+/**
+ * @author zhouhao
+ */
+@Controller
+@RequestMapping("${hsweb.web.mappings.oauth2-client-callback:oauth2}")
+public class OAuth2ClientController {
+
+    private OAuth2RequestService oAuth2RequestService;
+
+    @Autowired
+    public void setoAuth2RequestService(OAuth2RequestService oAuth2RequestService) {
+        this.oAuth2RequestService = oAuth2RequestService;
+    }
+
+    private static final String STATE_SESSION_KEY = "OAUTH2_STATE";
+
+    @GetMapping("/state")
+    @ResponseBody
+    public ResponseMessage<String> requestState(HttpSession session) {
+        String state = IDGenerator.RANDOM.generate();
+        session.setAttribute(STATE_SESSION_KEY, state);
+        return ResponseMessage.ok(state);
+    }
+
+    @GetMapping("/callback/{serverId}")
+    public ModelAndView callback(@RequestParam(defaultValue = "/") String redirect
+            , @PathVariable String serverId
+            , @RequestParam String code
+            , @RequestParam String state
+            , @RequestParam Map<String, Object> param
+            , HttpSession session) {
+        try {
+            String cachedState = (String) session.getAttribute(STATE_SESSION_KEY);
+            if (!state.equals(cachedState)) throw new BusinessException("state error");
+            oAuth2RequestService.doEvent(serverId, new OAuth2CodeAuthBeforeEvent(code, state, param::get));
+            return new ModelAndView("redirect:" + redirect);
+        } finally {
+            session.removeAttribute(STATE_SESSION_KEY);
+        }
+    }
+}
diff --git a/hsweb-system/hsweb-system-oauth2-client/pom.xml b/hsweb-system/hsweb-system-oauth2-client/pom.xml
new file mode 100644
index 000000000..b6ab3c660
--- /dev/null
+++ b/hsweb-system/hsweb-system-oauth2-client/pom.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-system</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-system-oauth2-client</artifactId>
+    <packaging>pom</packaging>
+    <modules>
+        <module>hsweb-system-oauth2-client-controller</module>
+    </modules>
+
+
+</project>
\ No newline at end of file