0
点赞
收藏
分享

微信扫一扫

OAuth2.0 模式一:授权码(Authorization Code)

参考: https://sa-token.cc/doc.html#/oauth2/oauth2-dev https://support.huaweicloud.com/api-oneaccess/IssueOAuthAuthCode.html

SaOAuth2Template

@Component
public class SaOAuth2TemplateImpl extends SaOAuth2Template {

    // 根据 id 获取 Client 信息
    @Override
    public SaClientModel getClientModel(String clientId) {
        // 此为模拟数据,真实环境需要从数据库查询
        if ("1001".equals(clientId)) {
            return new SaClientModel()
                    .setClientId("1001")
                    .setClientSecret("aaaa-bbbb-cccc-dddd-eeee")
                    .setAllowUrl("*")
                    .setContractScope("userinfo")
                    .setIsAutoMode(true);
        } else {
            return null;
        }
    }

    // 根据ClientId 和 LoginId 获取openid
    @Override
    public String getOpenid(String clientId, Object loginId) {
        // clientId loginId 生成openid 在存数据库
        return "gr_SwoIN0MC1ewxHX_vfCW3BothWDZMMtx__";
    }

    // -------------- 其它需要重写的函数

}

SaOAuth2ServerController

@RestController
public class SaOAuth2ServerController {

    @RequestMapping("/sss/oauth2/authorize")
    public SaResult authorize(@RequestParam("response_type") String response_type,
                              @RequestParam("client_id") String client_id,
                              @RequestParam("scope") String scope,
                              @RequestParam("redirect_uri") String redirect_uri,
                              @RequestParam("state") String state) {
        RequestAuthModel requestAuthModel = new RequestAuthModel();
        requestAuthModel.setClientId(client_id);
        requestAuthModel.setScope(scope);
        requestAuthModel.setRedirectUri(redirect_uri);
        requestAuthModel.setResponseType(response_type);
        requestAuthModel.setState(state);
        requestAuthModel.setLoginId("loginid123");
        CodeModel codeModel = SaOAuth2Util.generateCode(requestAuthModel);
        return SaResult.data(codeModel);
    }

    @RequestMapping("/sss/oauth2/token")
    public SaResult token(@RequestHeader("code") String code,
                          @RequestHeader("client_id") String client_id,
                          @RequestHeader("client_secret") String client_secret,
                          @RequestHeader("redirect_uri") String redirect_uri) {
        SaOAuth2Util.checkGainTokenParam(code, client_id, client_secret, redirect_uri);
        AccessTokenModel token = SaOAuth2Util.generateAccessToken(code);
        return SaResult.data(token.toLineMap());
    }


    @RequestMapping("/sss/oauth2/userinfo")
    public SaResult userinfo() {
        // 获取 Access-Token 对应的账号id
        String accessToken = SaHolder.getRequest().getParamNotNull("Authorization");
        Object loginId = SaOAuth2Util.getLoginIdByAccessToken(accessToken);
        System.out.println("-------- 此Access-Token对应的账号id: " + loginId);
        // 校验 Access-Token 是否具有权限: userinfo
        SaOAuth2Util.checkScope(accessToken, "userinfo");

        // 模拟账号信息 (真实环境需要查询数据库获取信息) loginId 查到真实数据
        Map<String, Object> map = new LinkedHashMap<String, Object>();
        map.put("nickname", "nickname");
        map.put("avatar", "http://xxx.com/1.jpg");
        map.put("age", "18");
        map.put("sex", "男");
        return SaResult.data(map);
    }

    @RequestMapping("/sss/oauth2/refreshToken")
    public SaResult refreshToken(@RequestHeader("refresh_token") String refresh_token,
                                 @RequestHeader("client_id") String client_id,
                                 @RequestHeader("client_secret") String client_secret) {
        //校验
        saOAuth2Template.checkRefreshTokenParam(client_id, client_secret, refresh_token);
        //刷新
        AccessTokenModel accessTokenModel = saOAuth2Template.refreshAccessToken(refresh_token);
        return SaResult.data(accessTokenModel);
    }

}

认证登录获取授权码

image.png

获取AccessToken

image.png

获取用户信息

image.png

刷新Access Token

image.png

redis key

image.png

举报

相关推荐

0 条评论