OAuth2.0JAVA demo(四)

基于Spring boot 实现的OAuth2.0 目前通过访问客户端(web)、认证服务(OAuth-server)两个工程组成,暂时没有写资源服务。

B.认证服务(OAuth-server)工程

1.LoginController.class

package com.java.test.controller;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.CacheManager;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;


@Controller
@Slf4j
public class LoginController {
    private static final String OATH20_CLIENT_ID = "oath-client-id";
    @Autowired
    private CacheManager cacheManager;
    @RequestMapping(value = "/connect/authorize")
    public String connect(@RequestParam(value = "response_type") String strResponseType, @RequestParam(value = "client_id") String strClientId, @RequestParam(value = "redirect_uri") String strRedirectUri, @RequestParam(value = "scope") String strScope, HttpSession session){
        log.error("response_type={},client_id={},redirect_uri={}, scope={}", strResponseType, strClientId, strRedirectUri, strScope);
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("response_type", strResponseType);
        jsonObject.put("client_id", strClientId);
        jsonObject.put("redirect_uri", strRedirectUri);
        jsonObject.put("scope", strScope);
        cacheManager.getCache(OATH20_CLIENT_ID).put(strClientId, jsonObject);
        session.setAttribute("client_id", strClientId);
        return "login";
    }
    @RequestMapping(value = "/authorize")
    public String authorize(@RequestParam(value = "username") String strUsername, @RequestParam(value = "password") String strPassword, HttpSession session){
        log.error("username={},password={}", strUsername, strPassword);
        String strClientId = session.getAttribute("client_id").toString();
        Object obj = cacheManager.getCache(OATH20_CLIENT_ID).get(strClientId).get();
        JSONObject jsonObject = JSON.parseObject(obj.toString());
        log.error(jsonObject.toString());
        String strRedirectUri = jsonObject.get("redirect_uri").toString()+"?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz";
        return "redirect:"+strRedirectUri;
    }
    @RequestMapping(value = "/access_token")
    public void accessToken(@RequestParam(value = "grant_type") String strGrantType, @RequestParam(value = "client_id") String strClientId, @RequestParam(value = "redirect_uri") String strRedirectUri, @RequestParam(value = "code") String strCode, HttpServletResponse response){
        log.error("grant_type={},client_id={},redirect_uri={}, code={}", strGrantType, strClientId, strRedirectUri, strCode);
        Object obj = cacheManager.getCache(OATH20_CLIENT_ID).get(strClientId).get();
        JSONObject jsonObject = JSON.parseObject(obj.toString());
        log.error(jsonObject.toString());
        String strOldRedirectUri = jsonObject.get("redirect_uri").toString()+"?code=SplxlOBeZQQYbYS6WxSbIA&state=xyz";
        String retURL = null;
        if(strOldRedirectUri.equals(strRedirectUri)){
            JSONObject retJsonObject = new JSONObject();
            retJsonObject.put("access_token", "2YotnFZFEjr1zCsicMWpAA");
            retJsonObject.put("token_type", "bearer");
            retJsonObject.put("expires_in", 7200);
            retJsonObject.put("refresh_token", "tGzv3JOkF0XG5Qx2TlKWIA");
            retJsonObject.put("scope", jsonObject.get("scope"));
            response.setStatus(200);
            response.setDateHeader("expries", -1);
            response.setHeader("Cache-Control", "no-cache");
            response.setHeader("Pragma", "no-cache");
            response.setContentType("application/json");
            try {
                response.getWriter().write(retJsonObject.toJSONString());
            } catch (IOException e) {
                response.setStatus(500);
                e.printStackTrace();
            }
        }
        response.setStatus(400);
    }
}

2.授权页面-使用客户端web工程登录页面改造的




    
    授权页


3.ehcache配置类

package com.java.test.config;

import org.springframework.cache.ehcache.EhCacheCacheManager;
import org.springframework.cache.ehcache.EhCacheManagerFactoryBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;


@Configuration
public class CacheConfig {

    /**
     * EhCacheManagerFactoryBean
     *
     * @return EhCacheManagerFactoryBean
     */
    @Bean(name = "cacheManagerFactory")
    public EhCacheManagerFactoryBean ehCacheManagerFactoryBean() {
        System.out.println("CacheConfiguration.ehCacheManagerFactoryBean()");
        EhCacheManagerFactoryBean cacheManagerFactoryBean = new EhCacheManagerFactoryBean();
        cacheManagerFactoryBean.setConfigLocation(new ClassPathResource("conf/ehcache.xml"));
        cacheManagerFactoryBean.setShared(true);
        return cacheManagerFactoryBean;
    }
    //EhCache

    /**
     * EhCacheCacheManager
     *
     * @param cacheManagerFactory EhCacheManagerFactoryBean
     * @return EhCacheCacheManager
     */
    @Bean
    public EhCacheCacheManager ehCacheCacheManager(EhCacheManagerFactoryBean cacheManagerFactory) {
        System.out.println("CacheConfiguration.ehCacheCacheManager()");
        return new EhCacheCacheManager(cacheManagerFactory.getObject());
    }
}

 

你可能感兴趣的:(OAuth2.0,OAuth2.0,学习笔记)