-
Notifications
You must be signed in to change notification settings - Fork 100
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2f0e35d
commit cfdc7bf
Showing
8 changed files
with
299 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| package com.oauth.ch09; | ||
|
|
||
| import com.my.util.URLParamsUtil; | ||
|
|
||
| import javax.servlet.ServletException; | ||
| import javax.servlet.annotation.WebServlet; | ||
| import javax.servlet.http.HttpServlet; | ||
| import javax.servlet.http.HttpServletRequest; | ||
| import javax.servlet.http.HttpServletResponse; | ||
| import java.io.IOException; | ||
| import java.util.HashMap; | ||
| import java.util.Map; | ||
|
|
||
| /** | ||
| * ** | ||
| * 使用此类来模拟【第三方软件的首页】 | ||
| * 浏览器输入 http://localhost:8080/AppIndexServlet-ch09 | ||
| */ | ||
| @WebServlet("/AppIndexServlet-ch09") | ||
| public class AppIndexServlet extends HttpServlet { | ||
|
|
||
| //8080:三方软件,8081:授权服务,8081:受保护资源服务 为了演示方便我们将授权服务和受保护资源服务放在同一个服务上面 | ||
|
|
||
| String oauthUrl = "http://localhost:8081/OauthServlet-ch09?reqType=oauth"; | ||
| String redirectUrl = "http://localhost:8080/AppServlet-ch09"; | ||
|
|
||
|
|
||
| protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
|
||
| } | ||
|
|
||
| protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
|
||
| //授权码许可流程,DEMO CODE | ||
| System.out.println("app index ..."); | ||
|
|
||
| Map<String, String> params = new HashMap<String, String>(); | ||
| params.put("response_type","code"); | ||
| params.put("redirect_uri",redirectUrl); | ||
| params.put("app_id","APPID_RABBIT"); | ||
| params.put("scope","today history"); | ||
|
|
||
|
|
||
| String toOauthUrl = URLParamsUtil.appendParams(oauthUrl,params);//构造请求授权的URl | ||
|
|
||
| System.out.println("toOauthUrl: "+toOauthUrl); | ||
|
|
||
| response.sendRedirect(toOauthUrl);//授权码流程的【第一次】重定向 | ||
|
|
||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,109 @@ | ||
| package com.oauth.ch09; | ||
|
|
||
| import com.my.util.HttpURLClient; | ||
| import io.jsonwebtoken.*; | ||
|
|
||
| import javax.crypto.spec.SecretKeySpec; | ||
| import javax.servlet.ServletException; | ||
| import javax.servlet.annotation.WebServlet; | ||
| import javax.servlet.http.HttpServlet; | ||
| import javax.servlet.http.HttpServletRequest; | ||
| import javax.servlet.http.HttpServletResponse; | ||
| import java.io.IOException; | ||
| import java.security.Key; | ||
| import java.util.HashMap; | ||
| import java.util.Map; | ||
|
|
||
|
|
||
| /** | ||
| * ** | ||
| * 使用此类来模拟【第三方软件的Server端】 | ||
| * | ||
| */ | ||
| @WebServlet("/AppServlet-ch09") | ||
| public class AppServlet extends HttpServlet { | ||
|
|
||
| String oauthURl="http://localhost:8081/OauthServlet-ch09"; | ||
| String protectedURl="http://localhost:8081/ProtectedServlet-ch09"; | ||
|
|
||
| protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
|
||
| } | ||
|
|
||
| protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
|
||
| //授权码许可流程,DEMO CODE | ||
|
|
||
| String code = request.getParameter("code"); | ||
|
|
||
| Map<String, String> params = new HashMap<String, String>(); | ||
| params.put("code",code); | ||
| params.put("grant_type","authorization_code"); | ||
| params.put("app_id","APPID_RABBIT"); | ||
| params.put("app_secret","APPSECRET_RABBIT"); | ||
|
|
||
| System.out.println("start post code for token ..."); | ||
| String result = HttpURLClient.doPost(oauthURl,HttpURLClient.mapToStr(params)); | ||
|
|
||
| System.out.println("result:"+result); | ||
| String[] arry = result.split("&"); | ||
| String accessToken = arry[0]; | ||
| String id_token = arry[1]; | ||
|
|
||
| System.out.println("accessToken:"+accessToken); | ||
| System.out.println("id_token:"+id_token); | ||
|
|
||
| //获取用户登录标识 | ||
| Map<String,String> map = parseJwt(id_token); | ||
|
|
||
| request.setAttribute("sub",map.get("sub")); | ||
|
|
||
| //跳转到授权页面 | ||
| request.getRequestDispatcher("/oidc.jsp").forward(request,response); | ||
|
|
||
|
|
||
| /*//使用 accessToken 请求受保护资源服务 | ||
| Map<String, String> paramsMap = new HashMap<String, String>(); | ||
| paramsMap.put("app_id","APPID_RABBIT"); | ||
| paramsMap.put("app_secret","APPSECRET_RABBIT"); | ||
| paramsMap.put("token",accessToken); | ||
| HttpURLClient.doPost(protectedURl,HttpURLClient.mapToStr(paramsMap)); | ||
| */ | ||
|
|
||
| } | ||
|
|
||
| private Map<String,String> parseJwt(String jwt){ | ||
| String sharedTokenSecret="hellooauthhellooauthhellooauthhellooauth"; | ||
| Key key = new SecretKeySpec(sharedTokenSecret.getBytes(), | ||
| SignatureAlgorithm.HS256.getJcaName()); | ||
|
|
||
| Map<String,String> map = new HashMap<String, String>(); | ||
|
|
||
| Jws<Claims> claimsJws = Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(jwt); | ||
|
|
||
| // JwsHeader header = claimsJws.getHeader(); | ||
| Claims body = claimsJws.getBody(); | ||
|
|
||
| // System.out.println("jwt header:" + header); | ||
| System.out.println("jwt body:" + body); | ||
|
|
||
| map.put("sub",body.getSubject()); | ||
| map.put("aud",body.getAudience()); | ||
| map.put("iss",body.getIssuer()); | ||
|
|
||
| return map; | ||
| } | ||
|
|
||
|
|
||
| public static void main(String[] args) { | ||
|
|
||
| String ss="95fd88bc-c69e-4add-bf3a-5d75766b85a7&eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJYSUFPTUlOR1RFU1QiLCJhdWQiOiJBUFBJRF9SQUJCSVQiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODEvIiwiZXhwIjoxNTg0MTA1NzkwNzAzLCJpYXQiOjE1ODQxMDU5NDgzNzJ9.SoJT62wYOMihpaH3Ttxf3WYwnC6qEyKbJ-bF7jMqxL8"; | ||
|
|
||
| String[] arry = ss.split("&"); | ||
| System.out.println("access_token:"+arry[0]); | ||
| System.out.println("id_token:"+arry[1]); | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| package com.oauth.ch09; | ||
|
|
||
| import com.oauth.ch09.OauthServlet; | ||
|
|
||
| import javax.servlet.ServletException; | ||
| import javax.servlet.annotation.WebServlet; | ||
| import javax.servlet.http.HttpServlet; | ||
| import javax.servlet.http.HttpServletRequest; | ||
| import javax.servlet.http.HttpServletResponse; | ||
| import java.io.IOException; | ||
|
|
||
|
|
||
| /** | ||
| * ** | ||
| * 使用此类来模拟【受保护资源服务】 | ||
| */ | ||
| @WebServlet("/ProtectedServlet-ch09") | ||
| public class ProtectedServlet extends HttpServlet { | ||
|
|
||
| protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
|
||
| //省略验证代码 | ||
|
|
||
| String accessToken = request.getParameter("token"); | ||
|
|
||
| //根据当时授权的token对应的权限范围,做相应的处理动作 | ||
| //不同权限对应不同的操作 | ||
| String[] scope = OauthServlet.tokenScopeMap.get(accessToken); | ||
|
|
||
| StringBuffer sbuf = new StringBuffer(); | ||
| for(int i=0;i<scope.length;i++){ | ||
| sbuf.append(scope[i]).append("|"); | ||
| } | ||
|
|
||
| if(sbuf.toString().indexOf("query")>0){ | ||
| queryGoods(""); | ||
| } | ||
|
|
||
| if(sbuf.toString().indexOf("add")>0){ | ||
| addGoods(""); | ||
| } | ||
|
|
||
| if(sbuf.toString().indexOf("del")>0){ | ||
| delGoods(""); | ||
| } | ||
|
|
||
| //不同的用户对应不同的数据 | ||
| String user = OauthServlet.tokenMap.get(accessToken); | ||
| queryOrders(user); | ||
| } | ||
|
|
||
| protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { | ||
|
|
||
|
|
||
|
|
||
|
|
||
| } | ||
|
|
||
|
|
||
| private String queryGoods(String id){ | ||
| return ""; | ||
| } | ||
|
|
||
| private boolean addGoods(String goods){ | ||
| return true; | ||
| } | ||
|
|
||
| private boolean delGoods(String id){ | ||
| return true; | ||
| } | ||
|
|
||
| private String queryOrders(String user){ | ||
| return ""; | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
|
|
||
| <%@ page contentType="text/html;charset=UTF-8" language="java" %> | ||
| <html> | ||
| <head> | ||
| <title>Oauth Test</title> | ||
| </head> | ||
| <body> | ||
|
|
||
| <form action="/OauthServlet-ch09" method="post"> | ||
| <input type="hidden" name="reqid" value="<%=request.getAttribute("reqid")%>" /> | ||
| <input type="hidden" name="response_type" value="<%=request.getAttribute("response_type")%>" /> | ||
| <input type="hidden" name="redirect_uri" value="<%=request.getAttribute("redirect_uri")%>" /> | ||
| <input type="hidden" name="app_id" value="<%=request.getAttribute("app_id")%>" /> | ||
|
|
||
| <!--模拟 approve 动作--> | ||
| <input type="hidden" name="reqType" value="approve" /> | ||
|
|
||
| Are you sure you want the authorization code? | ||
|
|
||
| <br> | ||
| appid: <%=request.getAttribute("app_id")%> | ||
|
|
||
| <br> | ||
| <input type="checkbox" value="today" name="rscope" checked/>today<br> | ||
| <input type="checkbox" value="history" name="rscope"/>history<br> | ||
| <%--<input type="checkbox" value="pic" name="rscope"/>pic<br>--%> | ||
|
|
||
| <br> | ||
|
|
||
| <input type="submit" value="approve"/> <input type="submit" value="refuse"/> | ||
| <br> | ||
|
|
||
|
|
||
| </form> | ||
|
|
||
| </body> | ||
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
|
|
||
| <%@ page contentType="text/html;charset=UTF-8" language="java" %> | ||
| <html> | ||
| <head> | ||
| <title>Oauth Test</title> | ||
| </head> | ||
| <body> | ||
|
|
||
| hello ,<%=request.getAttribute("sub")%> ,you have signed in successfully。 | ||
|
|
||
| </body> | ||
| </html> |