SSO [ OAuth2.0 ]

 

1) SSO英文全称Single Sign On，单点登录。

  　　SSO是在多个应用系统中，用户只需要登录一次就可以访问所有相互信任的应用系统。

它包括可以将这次主要的登录映射到其他应用中用于同一个用户的登录的机制。

它是目前比较流行的企业业务整合的解决方案之一。(来源百度词条)

服务器端:

 用的GitHub上基于OAuth2.0的sso项目

附github链接 : https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server

用maven 导下来后,部署后就可以直接用了

然后用admin password登录,配置一个client ,设置好client ID ,secret 和redirect url就可以用了

 

这张图是secret 

 

 

说明: client ID 和secret任意写,用的时候一致就行了  ,重定向路径 要和 需要使用这个服务的项目的路径一致 ,其他的先用默认值.

然后是测试应用

先上结果(第三方登录返回的json数据 这里只显示了name和email )

 

  应用代码:

　　login.jsp

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"
 2     pageEncoding="UTF-8"%>
 3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 4 <html>
 5 <head>
 6 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 7 <title>Test Single Sign On</title>
 8 </head>
 9 <body style="font-size: 40px">
10 <a href="${pageContext.request.contextPath}/LoginServlet" >第三方登录</a>
11 
12 </body>
13 </html>

 

　　welcome.jsp

 1 <%@ page language="java" contentType="text/html; charset=UTF-8"
 2     pageEncoding="UTF-8"%>
 3 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 4 <html>
 5 <head>
 6 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 7 <title>Insert title here</title>
 8 <script type="text/javascript">
 9     function getAccessToken() {
10         var url = window.location.href;
11         var start = url.indexOf("#");
12         var end = url.indexOf("&");
13         var access_token = url.substring(start+1, end);
14 
15         if (access_token != null) {
16             var ajax = new XMLHttpRequest();
17             var url = "AccessServlet";
18             ajax.open("post", url);
19             ajax.setRequestHeader("Content-Type",
20                     "application/x-www-form-urlencoded");
21             var data = "access_toke="+access_token;
22             ajax.send(data);
23             //监听消息
24             ajax.onreadystatechange = function() {
25                 if (ajax.readyState == 4) {
26                     if (ajax.status == 200) {
27                         var strJSON = ajax.responseText;
28                         var json = JSON.parse(strJSON);
29                         document.getElementById("name").innerHTML = json.name;
30                         document.getElementById("email").innerHTML = json.email;
31                     }
32                 }
33             }
34         }
35     }
36     getAccessToken();
37 </script>
38 
39 </head>
40 <body>
41 name:<span id ="name"></span>
42 <br>
43 email:<span id ="email"></span>
44 </body>
45 </html>

 

　　CallBackServlet.java

 1 package test_sso;
 2 
 3 import java.io.IOException;
 4 
 5 import javax.servlet.ServletException;
 6 import javax.servlet.annotation.WebServlet;
 7 import javax.servlet.http.HttpServlet;
 8 import javax.servlet.http.HttpServletRequest;
 9 import javax.servlet.http.HttpServletResponse;
10 
11 @WebServlet("/CallBackServlet")
12 public class CallBackServlet extends HttpServlet {
13     private static final long serialVersionUID = 1L;
14 
15     protected void doGet(HttpServletRequest request, HttpServletResponse response)
16             throws ServletException, IOException {
17         if (request.getParameter("code") != null) {
18             String code = request.getParameter("code");
19             System.out.println("code=" + code);
20             String url = "http://localhost:8080/openid-connect-server-webapp/authorize?" + "response_type=token"
21                     + "&grant_type=" + MyUtil.grant_type + "&code=" + code + "&client_id=" + MyUtil.clientID
22                     + "&client_secret=" + MyUtil.secret + "&redirect_uri=" + MyUtil.redrictURL;
23             ;
24             response.sendRedirect(url);
25         } else {
26             response.sendRedirect("welcome.jsp");
27         }
28     }
29 }

　　LoginServlet.java

 1 package test_sso;
 2 
 3 import java.io.IOException;
 4 
 5 import javax.servlet.ServletException;
 6 import javax.servlet.annotation.WebServlet;
 7 import javax.servlet.http.HttpServlet;
 8 import javax.servlet.http.HttpServletRequest;
 9 import javax.servlet.http.HttpServletResponse;
10 
11 @WebServlet("/LoginServlet")
12 public class LoginServlet extends HttpServlet {
13     private static final long serialVersionUID = 1L;
14 
15     protected void doGet(HttpServletRequest request, HttpServletResponse response)
16             throws ServletException, IOException {
17     
18         String url ="http://localhost:8080/openid-connect-server-webapp/authorize?" + 
19                     "response_type=code" + 
20                     "&client_id="+MyUtil.clientID+
21                     "&state=ok"+
22                     "redirect_uri="+MyUtil.redrictURL;
23         response.sendRedirect(url);
24 
25     }
26     protected void doPost(HttpServletRequest request, HttpServletResponse response)
27             throws ServletException, IOException {
28         doGet(request, response);
29 
30     }
31 }

　　MyUtil.jsp

 1 package test_sso;
 2 
 3 import java.io.IOException;
 4 
 5 import org.apache.http.HttpEntity;
 6 import org.apache.http.HttpResponse;
 7 import org.apache.http.client.ClientProtocolException;
 8 import org.apache.http.client.methods.HttpGet;
 9 import org.apache.http.impl.client.DefaultHttpClient;
10 import org.apache.http.util.EntityUtils;
11 
12 
13 import net.sf.json.JSONObject;
14 
15 public class MyUtil {
16     public static final String clientID = "123123";
17     public static final String redrictURL = "http://localhost:8080/test_sso/CallBackServlet";
18     public static final String secret = "hello";
19     public static final String grant_type = "authorization_code";
20 
21     public static JSONObject doGetJson(String url) throws ClientProtocolException, IOException {
22         JSONObject jsonObject = null;
23         DefaultHttpClient client = new DefaultHttpClient();
24         HttpGet httpGet = new HttpGet(url);
25         HttpResponse reponse = client.execute(httpGet);
26         HttpEntity entity = reponse.getEntity();
27         if (entity != null) {
28             System.out.println("~~~start~~~" + entity + "~~end~~~~~");
29             String result = EntityUtils.toString(entity, "utf-8");
30             jsonObject = JSONObject.fromObject(result);
31         }
32         httpGet.releaseConnection();
33         return jsonObject;
34     }
35 }

 

　　AccessServlet.java

 1 package test_sso;
 2 
 3 import java.io.IOException;
 4 import java.io.PrintWriter;
 5 import java.util.HashMap;
 6 import java.util.Map;
 7 
 8 import javax.servlet.ServletException;
 9 import javax.servlet.annotation.WebServlet;
10 import javax.servlet.http.HttpServlet;
11 import javax.servlet.http.HttpServletRequest;
12 import javax.servlet.http.HttpServletResponse;
13 
14 import net.sf.json.JSONObject;
15 import net.sf.json.util.JSONUtils;
16 
17 @WebServlet("/AccessServlet")
18 public class AccessServlet extends HttpServlet {
19     private static final long serialVersionUID = 1L;
20 
21     protected void doPost(HttpServletRequest request, HttpServletResponse response)
22             throws ServletException, IOException {
23         
24         String access_toke = request.getParameter("access_toke");
25         String url = "http://localhost:8080/openid-connect-server-webapp/userinfo?"+access_toke;
26         JSONObject jsonObject = MyUtil.doGetJson(url);
27         response.setContentType("text/html;charset=UTF-8");
28         PrintWriter pw = response.getWriter();
29         pw.write(jsonObject.toString());
30         pw.flush();
31         pw.close();
32 
33     }
34 
35 }

 

　　

目录结构

 

 

如果对OAuth2.0不了解的,或者不知道这篇文章是干啥,建议先看看大神

 阮一峰 http://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html的博客 .

 

转载于:https://www.cnblogs.com/kingshing/p/7398393.html