springboot服务第三方接口安全签名 springboot集成第三方登录

在SpringBoot工程中整合Gitee第三方登录授权功能

文章目录

• 在SpringBoot工程中整合Gitee第三方登录授权功能

• 1.创建gitee第三方应用程序
• 2.在idea中创建SpringBoot工程，建项目时勾选web框架即可
• 3.使用的dependece：okhttp、fastjson、httpclient
• 4.在idea中建立相应的工程结构
• 5.相关链接

• ***STAY ANGER!!!***

1.创建gitee第三方应用程序

2.在idea中创建SpringBoot工程，建项目时勾选web框架即可

3.使用的dependece：okhttp、fastjson、httpclient

在pom.xml中添加上述依赖

<dependency>
	<groupId>com.squareup.okhttp3</groupId>
    <artifactId>okhttp</artifactId>
    <version>3.14.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.alibaba/fastjson -->
<dependency>
    <groupId>com.alibaba</groupId>
    <artifactId>fastjson</artifactId>
    <version>1.2.75</version>
</dependency>

<!--网络请求-->
<dependency>
    <groupId>org.apache.httpcomponents</groupId>
    <artifactId>httpclient</artifactId>
    <version>4.5.6</version>
</dependency>

4.在idea中建立相应的工程结构

1. 将创建好的第三方应用属性放入src\main\resources\application.properties文件内
2. 在前端页面中填入get请求，将用户引导至gitee第三方认证页面上

https://gitee.com/oauth/authorize?client_id={client_id}&redirect_uri={redirect_uri}&response_type=code&state=1

将{}括号内的参数换成申请的第三方程序的相应属性

1. 创建AccessTokenDTO.java用于存储在gitee中创建的第三方应用，通过这个类来对第三方应用中的client_id、client_secret、redirect_uri进行封装

package com.coderforum.community.dto;

import org.springframework.stereotype.Component;

/**
 * @Author: xuehai.XUE
 * @MailBox: xuehai.xue@qq.com
 * @Date: 2021/4/1 20:56
 * @Description: 用于数据传输的对象AccessTokenDTO
 */
@Component
public class AccessTokenDTO {
    private String client_id;
    private String redirect_uri;
    private String client_secret;
    private String code;
    private String state;

    public String getClient_id() {
        return client_id;
    }

    public void setClient_id(String client_id) {
        this.client_id = client_id;
    }

    public String getRedirect_uri() {
        return redirect_uri;
    }

    public void setRedirect_uri(String redirect_uri) {
        this.redirect_uri = redirect_uri;
    }

    public String getClient_secret() {
        return client_secret;
    }

    public void setClient_secret(String client_secret) {
        this.client_secret = client_secret;
    }

    public String getCode() {
        return code;
    }

    public void setCode(String code) {
        this.code = code;
    }

    public String getState() {
        return state;
    }

    public void setState(String state) {
        this.state = state;
    }
}

1. 创建GiteeProvider.java使用方法getAccessToken用于向gitee认证服务器发送请求，发送code获取Accesstoken；使用方法getUser用于向Gitee服务器请求用户数据

package com.coderforum.community.provider;

import com.alibaba.fastjson.JSON;
import com.coderforum.community.dto.AccessTokenDTO;
import com.coderforum.community.dto.GiteeUser;
import okhttp3.*;
import org.springframework.stereotype.Component;

import java.io.IOException;

/**
 * @Author: xuehai.XUE
 * @MailBox: xuehai.xue@qq.com
 * @Date: 2021/4/1 20:54
 * @Description:
 */
@Component
public class GiteeProvider {
    /** 通过okhttp向gitee认证服务器发送code以获取返回的AccessToken
     *
     * @param accessTokenDTO 传入的待获取认证DTO，包含应用id、密钥、重定向地址等
     * @return AccessToken
     */
    public String getAccessToken(AccessTokenDTO accessTokenDTO){
        MediaType mediaType = MediaType.get("application/json; charset=utf-8");
        OkHttpClient client = new OkHttpClient();


            RequestBody body = RequestBody.create(mediaType, JSON.toJSONString(accessTokenDTO));
            Request request = new Request.Builder()
                    .url("https://gitee.com/oauth/token?grant_type=authorization_code&" +
                            "code=" + accessTokenDTO.getCode() + "&" +
                            "client_id=" + accessTokenDTO.getClient_id() + "&" +
                            "redirect_uri=" + accessTokenDTO.getRedirect_uri() + "&" +
                            "client_secret=" + accessTokenDTO.getClient_secret())
                    .post(body)
                    .build();
            try (Response response = client.newCall(request).execute()) {
                String string = response.body().string();
                String accessToken = string.split("\"")[3];
                return accessToken;
            } catch (IOException e) {
                e.printStackTrace();
            }

        return null;
    }

    /** 应用通过 access_token 访问 Open API 使用用户数据。
     *
     * @param accessToken 传入的accessToken用于向Gitee服务器请求用户数据
     * @return
     */
    public GiteeUser getUser(String accessToken){
        OkHttpClient client = new OkHttpClient();
        Request request = new Request.Builder()
                .url("https://gitee.com/api/v5/user?access_token=" + accessToken)
                .build();
        try {
            Response response = client.newCall(request).execute();
            String string = response.body().string();
            //将String的json对象自动的解析成GiteeUser类的对象
            GiteeUser giteeUser = JSON.parseObject(string, GiteeUser.class);
            return giteeUser;
        } catch (IOException e) {
            e.printStackTrace();
        }
        return  null;
    }
}

1. 创建AuthorizedController.java用于页面控制和跳转

package com.coderforum.community.controller;

import com.coderforum.community.dto.AccessTokenDTO;
import com.coderforum.community.dto.GiteeUser;
import com.coderforum.community.provider.GiteeProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;


/**
 * @Author: xuehai.XUE
 * @MailBox: xuehai.xue@qq.com
 * @Date: 2021/4/1 20:45
 * @Description:
 */
@Controller
public class AuthorizedController {
    @Autowired
    private AccessTokenDTO accessTokenDTO;

    @Autowired
    private GiteeProvider giteeProvider;

    /**
     * 获取application.properties中定义的第三方应用的属性
     */
    @Value("${gitee.client.id}")
    private String clientId;
    @Value("${gitee.client.secret}")
    private String clientSecret;
    @Value("${gitee.redirect.uri}")
    private String clientRedirectUri;


    @GetMapping("/callback")
    public String callback(@RequestParam(name = "code") String code,
                           @RequestParam(name = "code") String state) {
        //为accessTokenDTO对象赋值
        accessTokenDTO.setClient_id(clientId);
        accessTokenDTO.setClient_secret(clientSecret);
        accessTokenDTO.setCode(code);
        accessTokenDTO.setRedirect_uri(clientRedirectUri);
        accessTokenDTO.setState(state);

        //将accessTokenDTO对象作为参数传入以获取用户的accessToken
        String accessToken = giteeProvider.getAccessToken(accessTokenDTO);

        //使用GetUser方法将携带的accessToken链接发送至Gitee服务器获取用户的信息
        GiteeUser user = giteeProvider.getUser(accessToken);
        System.out.println(user.getName());
        System.out.println(user.getId());
        System.out.println(user.getBio());

        //重定向返回首页
        return "redirect:/";


    }
}

1. 获取的JSON对象转为指定的实体类对象，这个类定义如下

package com.coderforum.community.dto;

/**
 * @Author: xuehai.XUE
 * @MailBox: xuehai.xue@qq.com
 * @Date: 2021/4/2 13:33
 * @Description: 用于传回JSON格式的用户，解析为这个目标类
 */
public class GiteeUser {
    private String name;
    private Long id;
    private String bio;

    public String getName() {
        return name;
    }

    public void setName(String name) {
        this.name = name;
    }

    public Long getId() {
        return id;
    }

    public void setId(Long id) {
        this.id = id;
    }

    public String getBio() {
        return bio;
    }

    public void setBio(String bio) {
        this.bio = bio;
    }
}