oauth2-梳理oauth2
This commit is contained in:
khalil
@@ -1,12 +1,8 @@
|
||||
package com.accompany.oauth2.controller;
|
||||
|
||||
import com.accompany.common.constant.AppEnum;
|
||||
import com.accompany.common.constant.Constant;
|
||||
import com.accompany.common.device.DeviceInfo;
|
||||
import com.accompany.common.status.BusiStatus;
|
||||
import com.accompany.common.utils.*;
|
||||
import com.accompany.core.exception.ServiceException;
|
||||
import com.accompany.core.service.SysConfService;
|
||||
import com.accompany.oauth2.common.BaseController;
|
||||
import com.accompany.oauth2.config.OAuthConfig;
|
||||
import com.accompany.oauth2.constant.LoginTypeEnum;
|
||||
@@ -18,9 +14,6 @@ import com.google.common.collect.Maps;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
@@ -38,8 +31,6 @@ import java.util.Map;
|
||||
@RequestMapping("/acc")
|
||||
public class AccountController extends BaseController {
|
||||
|
||||
@Autowired
|
||||
private SysConfService sysConfService;
|
||||
@Autowired
|
||||
private OAuthConfig oAuthConfig;
|
||||
@Autowired
|
||||
@@ -49,30 +40,24 @@ public class AccountController extends BaseController {
|
||||
|
||||
@PostMapping("/logout")
|
||||
@ResponseBody
|
||||
public ServiceRes<Void> logout(String access_token) {
|
||||
if (StringUtils.isBlank(access_token)) {
|
||||
public ServiceRes<Void> logout(@RequestParam("access_token") String token) {
|
||||
if (StringUtils.isBlank(token)) {
|
||||
return new ServiceRes<>(OAuthStatus.INVALID_REQUEST);
|
||||
}
|
||||
myUserDetailsService.logout(access_token);
|
||||
myUserDetailsService.logout(token);
|
||||
return new ServiceRes<>(OAuthStatus.SUCCESS);
|
||||
}
|
||||
|
||||
@RequestMapping("/third/login")
|
||||
public ResponseEntity<OAuth2AccessToken> login(HttpServletRequest request, String openid, Integer type, DeviceInfo deviceInfo,
|
||||
AppEnum app) throws Exception {
|
||||
String unionId = request.getParameter("unionid");
|
||||
public OAuth2AccessToken login(HttpServletRequest request,
|
||||
@RequestParam String openid, @RequestParam Integer type,
|
||||
String unionId, DeviceInfo deviceInfo, AppEnum app) throws Exception {
|
||||
log.info("/acc/third/login? app {} , type {}, unionId {}", app, type, unionId);
|
||||
checkAppVersion(deviceInfo);
|
||||
if (StringUtils.isEmpty(openid) || type == 0) {
|
||||
throw new RuntimeException("参数异常");
|
||||
}
|
||||
String ipAddress= IPUtils.getRealIpAddress(request);
|
||||
|
||||
String ipAddress = IPUtils.getRealIpAddress(request);
|
||||
UserDetails userDetails = myUserDetailsService.loadUserByOpenId(openid, type.byteValue(), deviceInfo, ipAddress, unionId);
|
||||
myUserDetailsService.login(null, userDetails, LoginTypeEnum.get(type), deviceInfo, ipAddress, openid, unionId,null);
|
||||
|
||||
OAuth2AccessToken token = createAccessToken(userDetails);
|
||||
return getResponse(token);
|
||||
return createAccessToken(userDetails);
|
||||
}
|
||||
|
||||
private OAuth2AccessToken createAccessToken(UserDetails userDetails) {
|
||||
@@ -87,18 +72,4 @@ public class AccountController extends BaseController {
|
||||
return token;
|
||||
}
|
||||
|
||||
private ResponseEntity<OAuth2AccessToken> getResponse(OAuth2AccessToken accessToken) {
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
headers.set("Cache-Control", "no-store");
|
||||
headers.set("Pragma", "no-cache");
|
||||
return new ResponseEntity<>(accessToken, headers, HttpStatus.OK);
|
||||
}
|
||||
|
||||
private void checkAppVersion(DeviceInfo deviceInfo) {
|
||||
String limitAppVersion = sysConfService.getDefaultSysConfValueById(Constant.SysConfId.APP_VERSION_LIMIT, Constant.LOWEST_VERSION_FOR_USE);
|
||||
if (deviceInfo.getAppVersion() == null || AppVersionUtil.compareVersion(deviceInfo.getAppVersion(), limitAppVersion) < 0) {
|
||||
throw new ServiceException(BusiStatus.VERSIONTOOOLD);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,13 +1,8 @@
|
||||
package com.accompany.oauth2.controller;
|
||||
|
||||
import com.accompany.common.constant.Constant;
|
||||
import com.accompany.common.device.DeviceInfo;
|
||||
import com.accompany.common.result.BusiResult;
|
||||
import com.accompany.common.status.BusiStatus;
|
||||
import com.accompany.common.utils.AppVersionUtil;
|
||||
import com.accompany.common.utils.IPUtils;
|
||||
import com.accompany.core.exception.ServiceException;
|
||||
import com.accompany.core.service.SysConfService;
|
||||
import com.accompany.oauth2.common.BaseController;
|
||||
import com.accompany.oauth2.exception.UnsupportedIssueTypeException;
|
||||
import com.accompany.oauth2.ticket.Ticket;
|
||||
@@ -17,6 +12,7 @@ import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
@@ -35,19 +31,17 @@ public class TicketController extends BaseController {
|
||||
|
||||
@Autowired
|
||||
private TicketServices ticketServices;
|
||||
@Autowired
|
||||
private SysConfService sysConfService;
|
||||
|
||||
@RequestMapping("/ticket")
|
||||
public Object issueTicket(String issue_type, String access_token, HttpServletRequest request,
|
||||
HttpServletResponse response, DeviceInfo deviceInfo) {
|
||||
log.info("oauth/ticket=" + access_token + ".........");
|
||||
checkAppVersion(deviceInfo);
|
||||
public Object issueTicket(@RequestParam("issue_type") String type, @RequestParam("access_token") String token,
|
||||
HttpServletRequest request, HttpServletResponse response,
|
||||
DeviceInfo deviceInfo) {
|
||||
log.info("oauth/ticket=" + token + ".........");
|
||||
try {
|
||||
if (Ticket.ONCE_TYPE.equals(issue_type) || Ticket.MULTI_TYPE.equals(issue_type)) {
|
||||
Map<String, Object> ticketsMap = ticketServices.issueTicket(access_token);
|
||||
if (Ticket.ONCE_TYPE.equals(type) || Ticket.MULTI_TYPE.equals(type)) {
|
||||
Map<String, Object> ticketsMap = ticketServices.issueTicket(token);
|
||||
TicketRes ticketRes = new TicketRes();
|
||||
ticketRes.setIssue_type(issue_type);
|
||||
ticketRes.setIssue_type(type);
|
||||
ticketRes.setTickets((List<Ticket>) ticketsMap.get("tickets"));
|
||||
ticketRes.setAccid((String) ticketsMap.get("accid"));
|
||||
ticketRes.setNetEaseToken((String) ticketsMap.get("netEaseToken"));
|
||||
@@ -58,23 +52,17 @@ public class TicketController extends BaseController {
|
||||
}
|
||||
throw new UnsupportedIssueTypeException("unsupported ticket issue type");
|
||||
} catch (InvalidTokenException e) {
|
||||
log.error("issueTicket InvalidTokenException, issue_type=" + issue_type + ", access_token=" + access_token, e);
|
||||
log.error("issueTicket InvalidTokenException, issue_type=" + type + ", access_token=" + token, e);
|
||||
response.setStatus(401);
|
||||
return e;
|
||||
} catch (UnsupportedIssueTypeException e1) {
|
||||
log.error("issueTicket UnsupportedIssueTypeException, issue_type=" + issue_type + ", access_token=" + access_token, e1);
|
||||
log.error("issueTicket UnsupportedIssueTypeException, issue_type=" + type + ", access_token=" + token, e1);
|
||||
response.setStatus(400);
|
||||
return e1;
|
||||
} catch (Exception ex) {
|
||||
log.error("issueTicket Exception, issue_type=" + issue_type + ", access_token=" + access_token, ex);
|
||||
log.error("issueTicket Exception, issue_type=" + type + ", access_token=" + token, ex);
|
||||
return ex;
|
||||
}
|
||||
}
|
||||
|
||||
private void checkAppVersion(DeviceInfo deviceInfo) {
|
||||
String limitAppVersion = sysConfService.getDefaultSysConfValueById(Constant.SysConfId.APP_VERSION_LIMIT, Constant.LOWEST_VERSION_FOR_USE);
|
||||
if (deviceInfo.getAppVersion() == null || AppVersionUtil.compareVersion(deviceInfo.getAppVersion(), limitAppVersion) < 0) {
|
||||
throw new ServiceException(BusiStatus.VERSIONTOOOLD);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -42,18 +42,18 @@ public class SecurityInterceptor extends BasicInterceptor {
|
||||
}
|
||||
|
||||
// 检查 IP 是否被封禁
|
||||
String ip = IPUtils.getRealIpAddress(request);
|
||||
/*String ip = IPUtils.getRealIpAddress(request);
|
||||
if (this.jedisService.sismember(RedisKey.global_block_ip.getKey(), ip)){
|
||||
logger.warn("IP {} 被封禁,不允许访问", ip);
|
||||
return false;
|
||||
}
|
||||
}*/
|
||||
|
||||
// 检查设备号是否被封禁
|
||||
String deviceId = request.getParameter("deviceId");
|
||||
/*String deviceId = request.getParameter("deviceId");
|
||||
if (StringUtils.isNotEmpty(deviceId) && this.jedisService.sismember(RedisKey.global_block_device.getKey(), deviceId)){
|
||||
logger.warn("设备号 {} 被封禁,不允许访问", deviceId);
|
||||
return false;
|
||||
}
|
||||
}*/
|
||||
|
||||
// 验证签名
|
||||
if (this.isLegalRequest(request)) {
|
||||
|
||||
Reference in New Issue
Block a user