参考: https://sa-token.cc/doc.html#/oauth2/oauth2-dev https://support.huaweicloud.com/api-oneaccess/IssueOAuthAuthCode.html
SaOAuth2Template
@Component
public class SaOAuth2TemplateImpl extends SaOAuth2Template {
// 根据 id 获取 Client 信息
@Override
public SaClientModel getClientModel(String clientId) {
// 此为模拟数据,真实环境需要从数据库查询
if ("1001".equals(clientId)) {
return new SaClientModel()
.setClientId("1001")
.setClientSecret("aaaa-bbbb-cccc-dddd-eeee")
.setAllowUrl("*")
.setContractScope("userinfo")
.setIsAutoMode(true);
} else {
return null;
}
}
// 根据ClientId 和 LoginId 获取openid
@Override
public String getOpenid(String clientId, Object loginId) {
// clientId loginId 生成openid 在存数据库
return "gr_SwoIN0MC1ewxHX_vfCW3BothWDZMMtx__";
}
// -------------- 其它需要重写的函数
}
SaOAuth2ServerController
@RestController
public class SaOAuth2ServerController {
@RequestMapping("/sss/oauth2/authorize")
public SaResult authorize(@RequestParam("response_type") String response_type,
@RequestParam("client_id") String client_id,
@RequestParam("scope") String scope,
@RequestParam("redirect_uri") String redirect_uri,
@RequestParam("state") String state) {
RequestAuthModel requestAuthModel = new RequestAuthModel();
requestAuthModel.setClientId(client_id);
requestAuthModel.setScope(scope);
requestAuthModel.setRedirectUri(redirect_uri);
requestAuthModel.setResponseType(response_type);
requestAuthModel.setState(state);
requestAuthModel.setLoginId("loginid123");
CodeModel codeModel = SaOAuth2Util.generateCode(requestAuthModel);
return SaResult.data(codeModel);
}
@RequestMapping("/sss/oauth2/token")
public SaResult token(@RequestHeader("code") String code,
@RequestHeader("client_id") String client_id,
@RequestHeader("client_secret") String client_secret,
@RequestHeader("redirect_uri") String redirect_uri) {
SaOAuth2Util.checkGainTokenParam(code, client_id, client_secret, redirect_uri);
AccessTokenModel token = SaOAuth2Util.generateAccessToken(code);
return SaResult.data(token.toLineMap());
}
@RequestMapping("/sss/oauth2/userinfo")
public SaResult userinfo() {
// 获取 Access-Token 对应的账号id
String accessToken = SaHolder.getRequest().getParamNotNull("Authorization");
Object loginId = SaOAuth2Util.getLoginIdByAccessToken(accessToken);
System.out.println("-------- 此Access-Token对应的账号id: " + loginId);
// 校验 Access-Token 是否具有权限: userinfo
SaOAuth2Util.checkScope(accessToken, "userinfo");
// 模拟账号信息 (真实环境需要查询数据库获取信息) loginId 查到真实数据
Map<String, Object> map = new LinkedHashMap<String, Object>();
map.put("nickname", "nickname");
map.put("avatar", "http://xxx.com/1.jpg");
map.put("age", "18");
map.put("sex", "男");
return SaResult.data(map);
}
@RequestMapping("/sss/oauth2/refreshToken")
public SaResult refreshToken(@RequestHeader("refresh_token") String refresh_token,
@RequestHeader("client_id") String client_id,
@RequestHeader("client_secret") String client_secret) {
//校验
saOAuth2Template.checkRefreshTokenParam(client_id, client_secret, refresh_token);
//刷新
AccessTokenModel accessTokenModel = saOAuth2Template.refreshAccessToken(refresh_token);
return SaResult.data(accessTokenModel);
}
}
认证登录获取授权码
获取AccessToken
获取用户信息
刷新Access Token
redis key
