shasteel.git - Gitblit

houzhongjian

2024-10-09 97edd72e5e6dbb134cedae4b72c95be8c948c5ec

提交 \| 用户 \| 时间
97edd7	1	package com.iailab.module.shasteel.util.oauth2;
H	2
	3	import cn.hutool.core.collection.CollUtil;
	4	import cn.hutool.core.date.LocalDateTimeUtil;
	5	import cn.hutool.core.util.StrUtil;
	6	import com.iailab.framework.common.util.http.HttpUtils;
	7	import com.iailab.framework.security.core.util.SecurityFrameworkUtils;
	8
	9	import java.time.LocalDateTime;
	10	import java.time.temporal.ChronoUnit;
	11	import java.util.*;
	12
	13	/**
	14	* OAuth2 相关的工具类
	15	*
	16	* @author iailab
	17	*/
	18	public class OAuth2Utils {
	19
	20	/**
	21	* 构建授权码模式下，重定向的 URI
	22	*
	23	* copy from Spring Security OAuth2 的 AuthorizationEndpoint 类的 getSuccessfulRedirect 方法
	24	*
	25	* @param redirectUri 重定向 URI
	26	* @param authorizationCode 授权码
	27	* @param state 状态
	28	* @return 授权码模式下的重定向 URI
	29	*/
	30	public static String buildAuthorizationCodeRedirectUri(String redirectUri, String authorizationCode, String state) {
	31	Map<String, String> query = new LinkedHashMap<>();
	32	query.put("code", authorizationCode);
	33	if (state != null) {
	34	query.put("state", state);
	35	}
	36	return HttpUtils.append(redirectUri, query, null, false);
	37	}
	38
	39	/**
	40	* 构建简化模式下，重定向的 URI
	41	*
	42	* copy from Spring Security OAuth2 的 AuthorizationEndpoint 类的 appendAccessToken 方法
	43	*
	44	* @param redirectUri 重定向 URI
	45	* @param accessToken 访问令牌
	46	* @param state 状态
	47	* @param expireTime 过期时间
	48	* @param scopes 授权范围
	49	* @param additionalInformation 附加信息
	50	* @return 简化授权模式下的重定向 URI
	51	*/
	52	public static String buildImplicitRedirectUri(String redirectUri, String accessToken, String state, LocalDateTime expireTime,
	53	Collection<String> scopes, Map<String, Object> additionalInformation) {
	54	Map<String, Object> vars = new LinkedHashMap<String, Object>();
	55	Map<String, String> keys = new HashMap<String, String>();
	56	vars.put("access_token", accessToken);
	57	vars.put("token_type", SecurityFrameworkUtils.AUTHORIZATION_BEARER.toLowerCase());
	58	if (state != null) {
	59	vars.put("state", state);
	60	}
	61	if (expireTime != null) {
	62	vars.put("expires_in", getExpiresIn(expireTime));
	63	}
	64	if (CollUtil.isNotEmpty(scopes)) {
	65	vars.put("scope", buildScopeStr(scopes));
	66	}
	67	if (CollUtil.isNotEmpty(additionalInformation)) {
	68	for (String key : additionalInformation.keySet()) {
	69	Object value = additionalInformation.get(key);
	70	if (value != null) {
	71	keys.put("extra_" + key, key);
	72	vars.put("extra_" + key, value);
	73	}
	74	}
	75	}
	76	// Do not include the refresh token (even if there is one)
	77	return HttpUtils.append(redirectUri, vars, keys, true);
	78	}
	79
	80	public static String buildUnsuccessfulRedirect(String redirectUri, String responseType, String state,
	81	String error, String description) {
	82	Map<String, String> query = new LinkedHashMap<String, String>();
	83	query.put("error", error);
	84	query.put("error_description", description);
	85	if (state != null) {
	86	query.put("state", state);
	87	}
	88	return HttpUtils.append(redirectUri, query, null, !responseType.contains("code"));
	89	}
	90
	91	public static long getExpiresIn(LocalDateTime expireTime) {
	92	return LocalDateTimeUtil.between(LocalDateTime.now(), expireTime, ChronoUnit.SECONDS);
	93	}
	94
	95	public static String buildScopeStr(Collection<String> scopes) {
	96	return CollUtil.join(scopes, " ");
	97	}
	98
	99	public static List<String> buildScopes(String scope) {
	100	return StrUtil.split(scope, ' ');
	101	}
	102
	103	}