@RequestMapping("/oauth")
@Controller
public class OauthController {

	String clientId = "clientId";
	String clientSecret = "clientSecret";
	String response_type = "code";
	String authorizationCode = "authorizationCode";
	String redirectUrlPage = "redirectUrlPage";
	
	/**
	 * 请求通过凭证地址
	 */
	String getAccessTokenURL = "http://localhost:8080/subaccountServer/oauth/getAccessToken";
	/**
	 * 请求资源地址
	 */
	String userInfoUrl = "http://localhost:8080/subaccountServer/oauth/getResource";


	/**
	 *   重定向到请求 授权码的url
	 * @return
	 * @throws Exception
	 */
	@RequestMapping("/redirectToRequestAuthorizationCodeURL")
	public String redirectToRequestAuthorizationCodeURL() throws Exception {
		String url = "getAuthorizationCode";
		// accessTokenRequest 是用来描述请求对象的,描述了请求地址,和请求参数
		OAuthClientRequest accessTokenRequest = OAuthClientRequest.authorizationLocation(url)
				.setResponseType(response_type).setClientId(clientId).setRedirectURI( redirectUrlPage ).buildQueryMessage();

		return "redirect:" + accessTokenRequest.getLocationUri();
	}
	
	
	
	
	
	
	
	
	/**
	 *   返回授权码
	 * @param model
	 * @param request
	 * @return
	 * @throws Exception
	 */
	@RequestMapping("/getAuthorizationCode")
	public Object getAuthorizationCode(Model model, HttpServletRequest request) throws Exception {
		OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request);

		
		String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
		String clientId =  oauthRequest.getClientId();
		String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
		//得到数据以后应该检查数据
		
		
		//把 state  写到一个 重定向的响应
		OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);
		builder.setCode(authorizationCode);
		OAuthResponse response = builder.location(redirectURI).buildQueryMessage();

		return "redirect:" + response.getLocationUri();

	}
	
	
	/**
	 *   请求通过凭证
	 * @param request
	 * @return
	 * @throws Exception
	 */
	@RequestMapping("/redirectUrlPage")
	public Object redirectUrlPage(HttpServletRequest request) throws Exception {
		String code = request.getParameter("code");

		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());


		OAuthClientRequest accessTokenRequest = OAuthClientRequest.tokenLocation(getAccessTokenURL)
				.setGrantType(GrantType.AUTHORIZATION_CODE)
				.setClientId(clientId)
				.setClientSecret(clientSecret)
				.setCode(code)
				.setRedirectURI(redirectUrlPage)
				.buildQueryMessage();

		OAuthAccessTokenResponse oAuthResponse = oAuthClient.accessToken(accessTokenRequest, OAuth.HttpMethod.POST);

		//得到通过凭证和过期时间
		String accessToken = oAuthResponse.getAccessToken();
		Long expiresIn = oAuthResponse.getExpiresIn();

		return "redirect:requestResourcePage?accessToken=" + accessToken;

	}
	
	/**
	 *   返回通过凭证
	 * @param request
	 * @return
	 * @throws Exception
	 */
	@RequestMapping(value = "/getAccessToken", method = RequestMethod.POST)
	public HttpEntity<String> getAccessToken(HttpServletRequest request) throws Exception {
		// 构建OAuth请求
		OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);

		String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);
		String clientSecret = oauthRequest.getClientSecret();
		//应该验证授权码



		// 生成Access Token
		OAuthIssuer oauthIssuer = new OAuthIssuerImpl(new MD5Generator());
		String accessToken = oauthIssuer.accessToken();

		OAuthResponse response = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn("120").buildJSONMessage();
		return new ResponseEntity<String>(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
	}
	
	/**
	 * 请求资源
	 * @param accessToken
	 * @return
	 * @throws Exception
	 */
	@RequestMapping("/requestResourcePage")
	@ResponseBody
	public String requestResourcePage(String accessToken) throws Exception {
		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

		OAuthClientRequest userInfoRequest = new OAuthBearerClientRequest(userInfoUrl).setAccessToken(accessToken).buildQueryMessage();

		OAuthResourceResponse resourceResponse = oAuthClient.resource(userInfoRequest, OAuth.HttpMethod.GET,OAuthResourceResponse.class);
		String resource = resourceResponse.getBody();

		return resource;
	}
	
	
	/**
	 *  返回资源
	 * @param request
	 * @return
	 * @throws Exception
	 */
	@RequestMapping("/getResource")
	public HttpEntity<String> getResource(HttpServletRequest request) throws Exception {
		OAuthAccessResourceRequest oauthRequest = new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
		String accessToken = oauthRequest.getAccessToken();
		//这里应该验证accessToken

		return new ResponseEntity<String>("我就是资源", HttpStatus.OK);
	}
	
	
	
	
	

}
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75.
  • 76.
  • 77.
  • 78.
  • 79.
  • 80.
  • 81.
  • 82.
  • 83.
  • 84.
  • 85.
  • 86.
  • 87.
  • 88.
  • 89.
  • 90.
  • 91.
  • 92.
  • 93.
  • 94.
  • 95.
  • 96.
  • 97.
  • 98.
  • 99.
  • 100.
  • 101.
  • 102.
  • 103.
  • 104.
  • 105.
  • 106.
  • 107.
  • 108.
  • 109.
  • 110.
  • 111.
  • 112.
  • 113.
  • 114.
  • 115.
  • 116.
  • 117.
  • 118.
  • 119.
  • 120.
  • 121.
  • 122.
  • 123.
  • 124.
  • 125.
  • 126.
  • 127.
  • 128.
  • 129.
  • 130.
  • 131.
  • 132.
  • 133.
  • 134.
  • 135.
  • 136.
  • 137.
  • 138.
  • 139.
  • 140.
  • 141.
  • 142.
  • 143.
  • 144.
  • 145.
  • 146.
  • 147.
  • 148.
  • 149.
  • 150.
  • 151.
  • 152.
  • 153.
  • 154.
  • 155.
  • 156.
  • 157.
  • 158.
  • 159.
  • 160.
  • 161.
  • 162.
  • 163.
  • 164.
  • 165.
  • 166.
  • 167.

  

需要的oauth 依赖:

<dependency>
			<groupId>org.apache.oltu.oauth2</groupId>
			<artifactId>org.apache.oltu.oauth2.client</artifactId>
			<version>1.0.1</version>
		</dependency>
		<dependency>
			<groupId>org.apache.oltu.oauth2</groupId>
			<artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
			<version>1.0.1</version>
		</dependency>
		<dependency>
			<groupId>org.apache.oltu.oauth2</groupId>
			<artifactId>org.apache.oltu.oauth2.resourceserver</artifactId>
			<version>1.0.1</version>
		</dependency>
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.

  

 

 

备注1:一个程序模拟了 三个服务器端 ,一个 客户端。   可能比较难懂

备注2: 省略了验证用户信息,授权码,通过凭证的  逻辑。

 

 

oauth 请求逻辑图