80 lines
2.6 KiB
Java
80 lines
2.6 KiB
Java
|
package com.sf.oauth.utils;
|
|||
|
|
|
|||
|
|
|
|||
|
|
import cn.hutool.core.util.StrUtil;
|
|||
|
|
import com.sf.common.constant.HttpStatus;
|
|||
|
|
import com.sf.oauth.config.AuthConfig;
|
|||
|
|
import com.sf.oauth.enums.AuthDefaultSource;
|
|||
|
|
import com.sf.oauth.config.AuthSource;
|
|||
|
|
import com.sf.oauth.exception.AuthException;
|
|||
|
|
import com.sf.oauth.domain.AuthCallback;
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 授权配置类的校验器
|
|||
|
|
*
|
|||
|
|
* @author ZK
|
|||
|
|
*/
|
|||
|
|
public class AuthChecker {
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 是否支持第三方登录
|
|||
|
|
*
|
|||
|
|
* @param config config
|
|||
|
|
* @param source source
|
|||
|
|
* @return true or false
|
|||
|
|
*/
|
|||
|
|
public static boolean isSupportedAuth(AuthConfig config, AuthSource source) {
|
|||
|
|
|
|||
|
|
return StrUtil.isNotEmpty(config.getClientId())
|
|||
|
|
&& StrUtil.isNotEmpty(config.getClientSecret())
|
|||
|
|
&& null != source;
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 检查配置合法性。针对部分平台, 对redirect uri有特定要求。一般来说redirect uri都是http://,
|
|||
|
|
* 而对于部分平台, redirect uri 必须是https的链接
|
|||
|
|
*
|
|||
|
|
* @param config config
|
|||
|
|
* @param source source
|
|||
|
|
*/
|
|||
|
|
public static void checkConfig(AuthConfig config, AuthSource source) {
|
|||
|
|
String redirectUri = config.getRedirectUri();
|
|||
|
|
if (StrUtil.isEmpty(redirectUri)) {
|
|||
|
|
throw new AuthException(HttpStatus.BAD_REQUEST, "Illegal redirect uri", source);
|
|||
|
|
}
|
|||
|
|
if (!AuthUtils.isHttpProtocol(redirectUri) && !AuthUtils.isHttpsProtocol(redirectUri)) {
|
|||
|
|
throw new AuthException(HttpStatus.BAD_REQUEST, "Illegal redirect uri", source);
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 校验回调传回的code
|
|||
|
|
* <p>
|
|||
|
|
* {@code v1.10.0}版本中改为传入{@code source}和{@code callback},对于不同平台使用不同参数接受code的情况统一做处理
|
|||
|
|
*
|
|||
|
|
* @param source 当前授权平台
|
|||
|
|
* @param callback 从第三方授权回调回来时传入的参数集合
|
|||
|
|
*/
|
|||
|
|
public static void checkCode(AuthSource source, AuthCallback callback) {
|
|||
|
|
if (StrUtil.isEmpty(callback.getCode())) {
|
|||
|
|
throw new AuthException(HttpStatus.UNAUTHORIZED,"Illegal code", source);
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 校验回调传回的{@code state},为空或者不存在
|
|||
|
|
* <p>
|
|||
|
|
* {@code state}不存在的情况只有两种:
|
|||
|
|
* 1. {@code state}已使用,被正常清除
|
|||
|
|
* 2. {@code state}为前端伪造,本身就不存在
|
|||
|
|
*
|
|||
|
|
* @param state {@code state}一定不为空
|
|||
|
|
* @param source {@code source}当前授权平台
|
|||
|
|
*/
|
|||
|
|
public static void checkState(String state, AuthSource source) {
|
|||
|
|
if (StrUtil.isEmpty(state)) {
|
|||
|
|
throw new AuthException(HttpStatus.UNAUTHORIZED,"Illegal state", source);
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
}
|