me.zhyd.oauth.exception.AuthException Java Examples

@Override
protected AuthToken getAccessToken(AuthCallback authCallback) {
    AlipaySystemOauthTokenRequest request = new AlipaySystemOauthTokenRequest();
    request.setGrantType("authorization_code");
    request.setCode(authCallback.getAuth_code());
    AlipaySystemOauthTokenResponse response = null;
    try {
        response = this.alipayClient.execute(request);
    } catch (Exception e) {
        throw new AuthException(e);
    }
    if (!response.isSuccess()) {
        throw new AuthException(response.getSubMsg());
    }
    return AuthToken.builder()
        .accessToken(response.getAccessToken())
        .uid(response.getUserId())
        .expireIn(Integer.parseInt(response.getExpiresIn()))
        .refreshToken(response.getRefreshToken())
        .build();
}
 

/**
 * 获取QQ用户的OpenId，支持自定义是否启用查询unionid的功能，如果启用查询unionid的功能，
 * 那就需要开发者先通过邮件申请unionid功能，参考链接 {@see http://wiki.connect.qq.com/unionid%E4%BB%8B%E7%BB%8D}
 *
 * @param authToken 通过{@link AuthQqRequest#getAccessToken(AuthCallback)}获取到的{@code authToken}
 * @return openId
 */
private String getOpenId(AuthToken authToken) {
    String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl("https://graph.qq.com/oauth2.0/me")
        .queryParam("access_token", authToken.getAccessToken())
        .queryParam("unionid", config.isUnionId() ? 1 : 0)
        .build());
    String removePrefix = response.replace("callback(", "");
    String removeSuffix = removePrefix.replace(");", "");
    String openId = removeSuffix.trim();
    JSONObject object = JSONObject.parseObject(openId);
    if (object.containsKey("error")) {
        throw new AuthException(object.get("error") + ":" + object.get("error_description"));
    }
    authToken.setOpenId(object.getString("openid"));
    if (object.containsKey("unionid")) {
        authToken.setUnionId(object.getString("unionid"));
    }
    return StringUtils.isEmpty(authToken.getUnionId()) ? authToken.getOpenId() : authToken.getUnionId();
}
 

/**
 * 校验回调传回的code
 * <p>
 * {@code v1.10.0}版本中改为传入{@code source}和{@code callback}，对于不同平台使用不同参数接受code的情况统一做处理
 *
 * @param source   当前授权平台
 * @param callback 从第三方授权回调回来时传入的参数集合
 * @since 1.8.0
 */
public static void checkCode(AuthSource source, AuthCallback callback) {
    // 推特平台不支持回调 code 和 state
    if (source == AuthDefaultSource.TWITTER) {
        return;
    }
    String code = callback.getCode();
    if (source == AuthDefaultSource.ALIPAY) {
        code = callback.getAuth_code();
    } else if (source == AuthDefaultSource.HUAWEI) {
        code = callback.getAuthorization_code();
    }
    if (StringUtils.isEmpty(code)) {
        throw new AuthException(AuthResponseStatus.ILLEGAL_CODE, source);
    }
}
 

/**
 * 检查配置合法性。针对部分平台， 对redirect uri有特定要求。一般来说redirect uri都是http://，而对于facebook平台， redirect uri 必须是https的链接
 *
 * @param config config
 * @param source source
 * @since 1.6.1-beta
 */
public static void checkConfig(AuthConfig config, AuthSource source) {
    String redirectUri = config.getRedirectUri();
    if (!GlobalAuthUtils.isHttpProtocol(redirectUri) && !GlobalAuthUtils.isHttpsProtocol(redirectUri)) {
        throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
    }
    // facebook的回调地址必须为https的链接
    if (AuthDefaultSource.FACEBOOK == source && !GlobalAuthUtils.isHttpsProtocol(redirectUri)) {
        // Facebook's redirect uri must use the HTTPS protocol
        throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
    }
    // 支付宝在创建回调地址时，不允许使用localhost或者127.0.0.1
    if (AuthDefaultSource.ALIPAY == source && GlobalAuthUtils.isLocalHost(redirectUri)) {
        // The redirect uri of alipay is forbidden to use localhost or 127.0.0.1
        throw new AuthException(AuthResponseStatus.ILLEGAL_REDIRECT_URI, source);
    }
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    String openId = this.getOpenId(authToken);
    String response = doGetUserInfo(authToken);
    JSONObject object = JSONObject.parseObject(response);
    if (object.getIntValue("ret") != 0) {
        throw new AuthException(object.getString("msg"));
    }
    String avatar = object.getString("figureurl_qq_2");
    if (StringUtils.isEmpty(avatar)) {
        avatar = object.getString("figureurl_qq_1");
    }

    String location = String.format("%s-%s", object.getString("province"), object.getString("city"));
    return AuthUser.builder()
        .rawUserInfo(object)
        .username(object.getString("nickname"))
        .nickname(object.getString("nickname"))
        .avatar(avatar)
        .location(location)
        .uuid(openId)
        .gender(AuthUserGender.getRealGender(object.getString("gender")))
        .token(authToken)
        .source(source.toString())
        .build();
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    String response = doGetUserInfo(authToken);
    JSONObject object = this.checkResponse(response);

    // 返回 OpenId 或其他，均代表非当前企业用户，不支持
    if (!object.containsKey("UserId")) {
        throw new AuthException(AuthResponseStatus.UNIDENTIFIED_PLATFORM, source);
    }
    String userId = object.getString("UserId");
    String userDetailResponse = getUserDetail(authToken.getAccessToken(), userId);
    JSONObject userDetail = this.checkResponse(userDetailResponse);

    return AuthUser.builder()
        .rawUserInfo(userDetail)
        .username(userDetail.getString("name"))
        .nickname(userDetail.getString("alias"))
        .avatar(userDetail.getString("avatar"))
        .location(userDetail.getString("address"))
        .email(userDetail.getString("email"))
        .uuid(userId)
        .gender(AuthUserGender.getWechatRealGender(userDetail.getString("gender")))
        .token(authToken)
        .source(source.toString())
        .build();
}
 

@Override
public AuthUser getUserInfo(AuthToken authToken) {
    String openId = this.getOpenId(authToken);
    String response = new HttpUtils(config.getHttpConfig()).get(UrlBuilder.fromBaseUrl(source.userInfo())
        .queryParam("access_token", authToken.getAccessToken())
        .queryParam("open_id", openId)
        .build());
    JSONObject object = JSONObject.parseObject(response);
    if (!"0".equals(object.getString("c"))) {
        throw new AuthException(object.getString("m"));
    }
    JSONObject resultObject = object.getJSONObject("d");

    return AuthUser.builder()
        .rawUserInfo(resultObject)
        .username(resultObject.getString("userName"))
        .nickname(resultObject.getString("userName"))
        .avatar(resultObject.getString("avatar"))
        .uuid(resultObject.getString("openId"))
        .token(authToken)
        .source(source.toString())
        .build();
}
 

/**
 * 返回AuthRequest对象
 *
 * @param source {@link AuthSource}
 * @return {@link AuthRequest}
 */
public AuthRequest get(String source) {
    if (StrUtil.isBlank(source)) {
        throw new AuthException(AuthResponseStatus.NO_AUTH_SOURCE);
    }

    // 获取 JustAuth 中已存在的
    AuthRequest authRequest = getDefaultRequest(source);

    // 如果获取不到则尝试取自定义的
    if (authRequest == null) {
        authRequest = getExtendRequest(properties.getExtend().getEnumClass(), source);
    }

    if (authRequest == null) {
        throw new AuthException(AuthResponseStatus.UNSUPPORTED);
    }

    return authRequest;
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    String code = authToken.getAccessCode();
    JSONObject param = new JSONObject();
    param.put("tmp_auth_code", code);
    String response = new HttpUtils(config.getHttpConfig()).post(userInfoUrl(authToken), param.toJSONString());
    JSONObject object = JSON.parseObject(response);
    if (object.getIntValue("errcode") != 0) {
        throw new AuthException(object.getString("errmsg"));
    }
    object = object.getJSONObject("user_info");
    AuthToken token = AuthToken.builder()
        .openId(object.getString("openid"))
        .unionId(object.getString("unionid"))
        .build();
    return AuthUser.builder()
        .rawUserInfo(object)
        .uuid(object.getString("unionid"))
        .nickname(object.getString("nick"))
        .username(object.getString("nick"))
        .gender(AuthUserGender.UNKNOWN)
        .source(source.toString())
        .token(token)
        .build();
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    String response = doPostAuthorizationCode(authToken.getAccessCode());
    JSONObject accessTokenObject = JSONObject.parseObject(response);
    if (accessTokenObject.containsKey("error")) {
        throw new AuthException(accessTokenObject.getString("error_description"));
    }
    authToken.setAccessToken(accessTokenObject.getString("access_token"));
    authToken.setRefreshToken(accessTokenObject.getString("refresh_token"));
    authToken.setExpireIn(accessTokenObject.getIntValue("expires_in"));
    authToken.setUid(accessTokenObject.getString("taobao_user_id"));
    authToken.setOpenId(accessTokenObject.getString("taobao_open_uid"));

    String nick = GlobalAuthUtils.urlDecode(accessTokenObject.getString("taobao_user_nick"));
    return AuthUser.builder()
        .rawUserInfo(new JSONObject())
        .uuid(accessTokenObject.getString("taobao_user_id"))
        .username(nick)
        .nickname(nick)
        .gender(AuthUserGender.UNKNOWN)
        .token(authToken)
        .source(source.toString())
        .build();
}
 

private AuthToken getToken(String accessTokenUrl) {
    String response = new HttpUtils(config.getHttpConfig()).get(accessTokenUrl);
    String jsonStr = response.replace(PREFIX, Constants.EMPTY);
    JSONObject accessTokenObject = JSONObject.parseObject(jsonStr);

    if (accessTokenObject.containsKey("error")) {
        throw new AuthException(accessTokenObject.getString("error_description"));
    }

    return AuthToken.builder()
        .accessToken(accessTokenObject.getString("access_token"))
        .expireIn(accessTokenObject.getIntValue("expires_in"))
        .scope(accessTokenObject.getString("scope"))
        .tokenType(accessTokenObject.getString("token_type"))
        .refreshToken(accessTokenObject.getString("refresh_token"))
        .openId(accessTokenObject.getString("openId"))
        .macAlgorithm(accessTokenObject.getString("mac_algorithm"))
        .macKey(accessTokenObject.getString("mac_key"))
        .build();
}
 

/**
 * 处理{@link AuthDefaultRequest#login(AuthCallback)} 发生异常的情况，统一响应参数
 *
 * @param e 具体的异常
 * @return AuthResponse
 */
private AuthResponse responseError(Exception e) {
    int errorCode = AuthResponseStatus.FAILURE.getCode();
    String errorMsg = e.getMessage();
    if (e instanceof AuthException) {
        AuthException authException = ((AuthException) e);
        errorCode = authException.getErrorCode();
        if (StringUtils.isNotEmpty(authException.getErrorMsg())) {
            errorMsg = authException.getErrorMsg();
        }
    }
    return AuthResponse.builder().code(errorCode).msg(errorMsg).build();
}
 

private AuthToken getToken(String url) {
    String response = new HttpUtils(config.getHttpConfig()).post(url);
    JSONObject jsonObject = JSONObject.parseObject(response);
    if (jsonObject.containsKey("error")) {
        throw new AuthException("Failed to get token from Renren: " + jsonObject);
    }

    return AuthToken.builder()
        .tokenType(jsonObject.getString("token_type"))
        .expireIn(jsonObject.getIntValue("expires_in"))
        .accessToken(UrlUtil.urlEncode(jsonObject.getString("access_token")))
        .refreshToken(UrlUtil.urlEncode(jsonObject.getString("refresh_token")))
        .openId(jsonObject.getJSONObject("user").getString("id"))
        .build();
}
 

/**
 * 检查响应内容是否正确
 *
 * @param object 请求响应内容
 */
private void checkResponse(JSONObject object) {
    if (object.containsKey("error") || object.containsKey("error_code")) {
        String msg = object.containsKey("error_description") ? object.getString("error_description") : object.getString("error_msg");
        throw new AuthException(msg);
    }
}
 

/**
 * 校验请求结果
 *
 * @param response 请求结果
 * @return 如果请求结果正常，则返回JSONObject
 */
private JSONObject checkResponse(String response) {
    JSONObject object = JSONObject.parseObject(response);

    if (object.containsKey("errcode") && object.getIntValue("errcode") != 0) {
        throw new AuthException(object.getString("errmsg"), source);
    }

    return object;
}
 

@Override
protected AuthToken getAccessToken(AuthCallback authCallback) {
    String response = doPostAuthorizationCode(authCallback.getCode());
    JSONObject accessTokenObject = JSONObject.parseObject(response);
    if (accessTokenObject.containsKey("error")) {
        throw new AuthException(accessTokenObject.getString("error_description"));
    }
    return AuthToken.builder()
        .accessToken(accessTokenObject.getString("access_token"))
        .uid(accessTokenObject.getString("uid"))
        .openId(accessTokenObject.getString("uid"))
        .expireIn(accessTokenObject.getIntValue("expires_in"))
        .build();
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    String accessToken = authToken.getAccessToken();
    String uid = authToken.getUid();
    String oauthParam = String.format("uid=%s&access_token=%s", uid, accessToken);

    HttpHeader httpHeader = new HttpHeader();
    httpHeader.add("Authorization", "OAuth2 " + oauthParam);
    httpHeader.add("API-RemoteIP", IpUtils.getLocalIp());
    String userInfo = new HttpUtils(config.getHttpConfig()).get(userInfoUrl(authToken), null, httpHeader, false);
    JSONObject object = JSONObject.parseObject(userInfo);
    if (object.containsKey("error")) {
        throw new AuthException(object.getString("error"));
    }
    return AuthUser.builder()
        .rawUserInfo(object)
        .uuid(object.getString("id"))
        .username(object.getString("name"))
        .avatar(object.getString("profile_image_url"))
        .blog(StringUtils.isEmpty(object.getString("url")) ? "https://weibo.com/" + object.getString("profile_url") : object
            .getString("url"))
        .nickname(object.getString("screen_name"))
        .location(object.getString("location"))
        .remark(object.getString("description"))
        .gender(AuthUserGender.getRealGender(object.getString("gender")))
        .token(authToken)
        .source(source.toString())
        .build();
}
 

private void checkResponse(JSONObject object) {
    // oauth/token 验证异常
    if (object.containsKey("error")) {
        throw new AuthException(object.getString("error_description"));
    }
    // user 验证异常
    if (object.containsKey("message")) {
        throw new AuthException(object.getString("message"));
    }
}
 

/**
 * 校验响应结果
 *
 * @param object 接口返回的结果
 */
private void checkResponse(JSONObject object) {
    if (object.containsKey("NSP_STATUS")) {
        throw new AuthException(object.getString("error"));
    }
    if (object.containsKey("error")) {
        throw new AuthException(object.getString("sub_error") + ":" + object.getString("error_description"));
    }
}
 

private AuthToken getAuthToken(String response) {
    Map<String, String> accessTokenObject = GlobalAuthUtils.parseStringToMap(response);
    if (!accessTokenObject.containsKey("access_token") || accessTokenObject.containsKey("code")) {
        throw new AuthException(accessTokenObject.get("msg"));
    }
    return AuthToken.builder()
        .accessToken(accessTokenObject.get("access_token"))
        .expireIn(Integer.valueOf(accessTokenObject.get("expires_in")))
        .refreshToken(accessTokenObject.get("refresh_token"))
        .build();
}
 

@Override
public AuthResponse refresh(AuthToken oldToken) {
    String refreshToken = oldToken.getRefreshToken();
    if (StringUtils.isEmpty(refreshToken)) {
        throw new AuthException(AuthResponseStatus.REQUIRED_REFRESH_TOKEN, source);
    }
    String refreshTokenUrl = refreshTokenUrl(refreshToken);
    return AuthResponse.builder()
        .code(AuthResponseStatus.SUCCESS.getCode())
        .data(this.getToken(refreshTokenUrl))
        .build();
}
 

public AuthDefaultRequest(AuthConfig config, AuthSource source, AuthStateCache authStateCache) {
    this.config = config;
    this.source = source;
    this.authStateCache = authStateCache;
    if (!AuthChecker.isSupportedAuth(config, source)) {
        throw new AuthException(AuthResponseStatus.PARAMETER_INCOMPLETE, source);
    }
    // 校验配置合法性
    AuthChecker.checkConfig(config, source);
}
 

private JSONObject checkResponse(String response) {
    JSONObject accessTokenObject = JSONObject.parseObject(response);
    if (!"0".equals(accessTokenObject.getString("c"))) {
        throw new AuthException(accessTokenObject.getString("m"));
    }
    return accessTokenObject;
}
 

/**
 * 检查响应内容是否正确
 *
 * @param object 请求响应内容
 */
private void checkResponse(JSONObject object) {
    String message = object.getString("message");
    JSONObject data = object.getJSONObject("data");
    int errorCode = data.getIntValue("error_code");
    if ("error".equals(message) || errorCode != 0) {
        throw new AuthException(errorCode, data.getString("description"));
    }
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    // 获取用户信息
    String userResponse = doGetUserInfo(authToken);

    JSONObject userProfile = JSONObject.parseObject(userResponse);
    if ("error".equalsIgnoreCase(userProfile.getString("result"))) {
        throw new AuthException(userProfile.getString("description"));
    }

    JSONObject object = userProfile.getJSONObject("data");

    AuthUser authUser = AuthUser.builder()
        .rawUserInfo(object)
        .uuid(authToken.getOpenId())
        .username(object.getString("miliaoNick"))
        .nickname(object.getString("miliaoNick"))
        .avatar(object.getString("miliaoIcon"))
        .email(object.getString("mail"))
        .gender(AuthUserGender.UNKNOWN)
        .token(authToken)
        .source(source.toString())
        .build();

    // 获取用户邮箱手机号等信息
    String emailPhoneUrl = MessageFormat.format("{0}?clientId={1}&token={2}", "https://open.account.xiaomi.com/user/phoneAndEmail", config
        .getClientId(), authToken.getAccessToken());

    String emailResponse = new HttpUtils(config.getHttpConfig()).get(emailPhoneUrl);
    JSONObject userEmailPhone = JSONObject.parseObject(emailResponse);
    if (!"error".equalsIgnoreCase(userEmailPhone.getString("result"))) {
        JSONObject emailPhone = userEmailPhone.getJSONObject("data");
        authUser.setEmail(emailPhone.getString("email"));
    } else {
        Log.warn("小米开发平台暂时不对外开放用户手机及邮箱信息的获取");
    }

    return authUser;
}
 

/**
 * 编码
 *
 * @param value str
 * @return encode str
 */
public static String urlEncode(String value) {
    if (value == null) {
        return "";
    }
    try {
        String encoded = URLEncoder.encode(value, GlobalAuthUtils.DEFAULT_ENCODING.displayName());
        return encoded.replace("+", "%20").replace("*", "%2A").replace("~", "%7E").replace("/", "%2F");
    } catch (UnsupportedEncodingException e) {
        throw new AuthException("Failed To Encode Uri", e);
    }
}
 

/**
 * 解码
 *
 * @param value str
 * @return decode str
 */
public static String urlDecode(String value) {
    if (value == null) {
        return "";
    }
    try {
        return URLDecoder.decode(value, GlobalAuthUtils.DEFAULT_ENCODING.displayName());
    } catch (UnsupportedEncodingException e) {
        throw new AuthException("Failed To Decode Uri", e);
    }
}
 

@Override
protected AuthUser getUserInfo(AuthToken authToken) {
    String accessToken = authToken.getAccessToken();
    AlipayUserInfoShareRequest request = new AlipayUserInfoShareRequest();
    AlipayUserInfoShareResponse response = null;
    try {
        response = this.alipayClient.execute(request, accessToken);
    } catch (AlipayApiException e) {
        throw new AuthException(e.getErrMsg(), e);
    }
    if (!response.isSuccess()) {
        throw new AuthException(response.getSubMsg());
    }

    String province = response.getProvince(), city = response.getCity();
    String location = String.format("%s %s", StringUtils.isEmpty(province) ? "" : province, StringUtils.isEmpty(city) ? "" : city);

    return AuthUser.builder()
        .rawUserInfo(JSONObject.parseObject(JSONObject.toJSONString(response)))
        .uuid(response.getUserId())
        .username(StringUtils.isEmpty(response.getUserName()) ? response.getNickName() : response.getUserName())
        .nickname(response.getNickName())
        .avatar(response.getAvatar())
        .location(location)
        .gender(AuthUserGender.getRealGender(response.getGender()))
        .token(authToken)
        .source(source.toString())
        .build();
}
 

public static OauthRequest getInstance(String source) {
    if (StringUtils.isEmpty(source)) {
        throw new AuthException("请指定第三方平台");
    }
    OauthRequest request = requestMap.get(source);
    if (null == request) {
        throw new AuthException("当前系统暂不支持该平台[" + source + "]的授权登录");
    }
    return request;
}
 

/**
 * 获取 JustAuth Request
 *
 * @param source 来源平台
 * @return {@link AuthRequest}
 */
public AuthRequest getRequest(String source) {
    AuthConfig config = this.getConfig(source);
    AuthRequest authRequest = null;
    switch (source) {
        case "github":
            authRequest = new AuthGithubRequest(config);
            break;
        case "gitee":
            authRequest = new AuthGiteeRequest(config);
            break;
        case "weibo":
            authRequest = new AuthWeiboRequest(config);
            break;
        case "oschina":
            authRequest = new AuthOschinaRequest(config);
            break;
        case "wechat":
            authRequest = new AuthWeChatOpenRequest(config);
            break;
        default:
            break;
    }
    if (null == authRequest) {
        throw new AuthException(source + "登录还没有相关配置，联系站长吧！");
    }
    return authRequest;
}