一、參考文檔
OAuth2.0授權認證
二、原理:
①概念原理:
②實際操作時的原理圖:
三、以POSTMAN為例對鏈接進行測試
① 引導需要授權的用戶到如下地址(在前端頁面鏈接設置一下URL):
URL:
https://api.weibo.com/oauth2/authorize?client_id=YOUR_CLIENT_ID&response_type=code&redirect_uri=YOUR_REGISTERED_REDIRECT_URI
其中
YOUR_CLIENT_ID、
YOUR_REGISTERED_REDIRECT_URI分別代表下圖中APP KEY和授權回調頁:
② 運行頁面登錄后,頁面跳轉至 YOUR_REGISTERED_REDIRECT_URI/?code=CODE,獲取CODE,利用postman測試以下鏈接:
https://api.weibo.com/oauth2/access_token?client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=authorization_code&redirect_uri=YOUR_REGISTERED_REDIRECT_URI&code=CODE
其中YOUR_CLIENT_ID、YOUR_CLIENT_SECRET分別代表APP KEY和APP Secret,YOUR_REGISTERED_REDIRECT_URI代表授權回調頁,code則為CODE授權令牌:
四、具體代碼編寫
①OAuth2Controller類的編寫
@Controller public class OAuth2Controller { @Autowired MemberFeignSerivce memberFeignSerivce; @GetMapping( "/oauth2.0/weibo/success") public String weibo(@RequestParam("code") String code) throws Exception { //1、根據code換取accessToken Map<String,String> map = new HashMap<>(); map.put("client_id","21*********6"); map.put("client_secret","65ae****************e30a"); map.put("grant_type","authorization_code"); map.put("redirect_uri","http://auth.gulimall.com/oauth2.0/weibo/success"); map.put("code",code); HttpResponse response = HttpUtils.doPost("https://api.weibo.com", "/oauth2/access_token", "post", new HashMap<String, String>(), new HashMap<String, String>(), map); //2、處理微博登陸成功的回調 System.out.println(response.getStatusLine().getStatusCode()); if (response.getStatusLine().getStatusCode()==200){ //將返回的json數據變成對象 String json = EntityUtils.toString(response.getEntity()); System.out.println("返回json數據:"+json); SocialUser socialUser = JSON.parseObject(json, SocialUser.class); //如果當前用戶是第一次登錄則自動注冊為本網站用戶(為當前社交用戶生成一個信息賬號,以后社交賬號對應指定會員) //登錄或注冊這個賬戶 R oauthlogin = memberFeignSerivce.oauthlogin(socialUser); if (oauthlogin.getCode()==0){ MemberResVo data = oauthlogin.getData("data", new TypeReference<MemberResVo>() { }); System.out.println("登陸成功:"+ data.toString()); return "redirect:http://gulimall.com"; }else { return "redirect:http://auth.gulimall.com/login.html"; } }else { return "redirect:http://auth.gulimall.com/login.html"; } } }
②使用遠程調用功能
@FeignClient("gulimall-member")
public interface MemberFeignSerivce {
@PostMapping("/member/member/oauth2/login")
public R oauthlogin(@RequestBody SocialUser socialUser);
}
@RestController @RequestMapping("member/member") public class MemberController { @Autowired private MemberService memberService; @PostMapping("/oauth2/login") public R oauthlogin(@RequestBody SocialUser socialUser) throws Exception { MemberEntity memberEntity = memberService.login(socialUser); if (memberEntity != null) { return R.ok().setData(memberEntity); } else { return R.error(BizCodeEnume.LOGIN_PASSWORD_INVAILD_EXCEPTION.getCode(),BizCodeEnume.LOGIN_PASSWORD_INVAILD_EXCEPTION.getMsg()); } } }
③MemberService接口編寫和實現類
public interface MemberService extends IService<MemberEntity> { MemberEntity login(SocialUser socialUser) throws Exception; }
@Service("memberService")
public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> implements MemberService {
@Resource
MemberLevelDao memberLevelDao;
@Override
public MemberEntity login(SocialUser socialUser) throws Exception{
//登錄和合並邏輯
String uid = socialUser.getUid();
//1、判斷當前社交用戶是否已經登陸過
MemberDao baseMapper = this.baseMapper;
//查找當前社區用戶的賬號uid
MemberEntity memberEntity = baseMapper.selectOne(new QueryWrapper<MemberEntity>().eq("social_uid", uid));
//則表明已注冊過
if (memberEntity != null) {
MemberEntity update = new MemberEntity();
update.setId(memberEntity.getId());
update.setAccessToken(socialUser.getAccess_token());
update.setExpiresIn(socialUser.getExpires_in());
//僅僅是更新本次的令牌號碼和過期時間
baseMapper.updateById(update);
//返回最新的本次的令牌號碼和過期時間
memberEntity.setAccessToken(socialUser.getAccess_token());
memberEntity.setExpiresIn(socialUser.getExpires_in());
return memberEntity;
} else {
//2、沒查到當前用戶,則需要注冊
MemberEntity regist = new MemberEntity();
try {
//查詢當前社交用戶的社交信息資料
HashMap<String, String> query = new HashMap<>();
query.put("access_token", socialUser.getAccess_token());
query.put("uid", socialUser.getUid());
HttpResponse response = HttpUtils.doGet("https://api.weibo.com", "/2/users/show.json", "get", new HashMap<String, String>(), query);
//查詢成功
if (response.getStatusLine().getStatusCode() == 200) {
String json = EntityUtils.toString(response.getEntity());
JSONObject jsonObject = JSON.parseObject(json);
//獲取用戶名稱等資料
String name = jsonObject.getString("name");
String gender = jsonObject.getString("gender");
//......
regist.setNickname(name);
regist.setGender("m".equals(gender) ? 1 : 0);
//.......
}
} catch (Exception e) {
e.printStackTrace();
}
regist.setSocialUid(socialUser.getUid());
regist.setAccessToken(socialUser.getAccess_token());
regist.setExpiresIn(socialUser.getExpires_in());
//插入數據庫
baseMapper.insert(regist);
return regist;
}
}
}
③所需要的實體類
@ToString @Data public class MemberResVo { private Long id; /** * 會員等級id */ private Long levelId; /** * 用戶名 */ private String username; /** * 密碼 */ private String password; /** * 昵稱 */ private String nickname; /** * 手機號碼 */ private String mobile; /** * 郵箱 */ private String email; /** * 頭像 */ private String header; /** * 性別 */ private Integer gender; /** * 生日 */ private Date birth; /** * 所在城市 */ private String city; /** * 職業 */ private String job; /** * 個性簽名 */ private String sign; /** * 用戶來源 */ private Integer sourceType; /** * 積分 */ private Integer integration; /** * 成長值 */ private Integer growth; /** * 啟用狀態 */ private Integer status; /** * 注冊時間 */ private Date createTime; /** * accesstoken碼 */ private String accessToken; /** * 過期時間 */ private long expiresIn; /** * 社區賬戶的id */ private String socialUid; }
@Data @TableName("ums_member") public class MemberEntity implements Serializable { private static final long serialVersionUID = 1L; /** * id */ @TableId private Long id; /** * 會員等級id */ private Long levelId; /** * 用戶名 */ private String username; /** * 密碼 */ private String password; /** * 昵稱 */ private String nickname; /** * 手機號碼 */ private String mobile; /** * 郵箱 */ private String email; /** * 頭像 */ private String header; /** * 性別 */ private Integer gender; /** * 生日 */ private Date birth; /** * 所在城市 */ private String city; /** * 職業 */ private String job; /** * 個性簽名 */ private String sign; /** * 用戶來源 */ private Integer sourceType; /** * 積分 */ private Integer integration; /** * 成長值 */ private Integer growth; /** * 啟用狀態 */ private Integer status; /** * 注冊時間 */ private Date createTime; /** * accesstoken碼 */ private String accessToken; /** * 過期時間 */ private long expiresIn; /** * 社區賬戶的id */ private String socialUid; }
五、整個工作流程
