package com.zyl.shiro.web.controller;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.error.OAuthError;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.ResponseType;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import com.zyl.shiro.common.Constants;
import com.zyl.shiro.web.service.ClientService;
import com.zyl.shiro.web.service.OAuthService;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.net.URI;
import java.net.URISyntaxException;
/**
* 授权控制器
*
* @author Administrator
*
*/
@Controller
public class AuthorizeController {
@Autowired
private OAuthService oAuthService;
@Autowired
private ClientService clientService;
@RequestMapping("/authorize")
public Object authorize(Model model, HttpServletRequest request) throws URISyntaxException, OAuthSystemException {
try {
// 构建OAuth 授权请求
OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request);
// 检查传入的客户端id是否正确
if (!oAuthService.checkClientId(oauthRequest.getClientId())) {
// 生成錯誤信息
OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
.setError(OAuthError.TokenResponse.INVALID_CLIENT)
.setErrorDescription(Constants.INVALID_CLIENT_DESCRIPTION).buildJSONMessage();
return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));
}
Subject subject = SecurityUtils.getSubject();
// 如果用户没有登录,跳转到登陆页面
if (!subject.isAuthenticated()) {
if (!login(subject, request)) {//登录失败时跳转到登陆页面
System.out.println("S:进入服务端authorize,登录失败时跳转到登陆页面");
model.addAttribute("client", clientService.findByClientId(oauthRequest.getClientId()));
return "oauth2login";
}
}
String username = (String) subject.getPrincipal();
// 生成授权码
String authorizationCode = null;
// responseType目前仅支持CODE,另外还有TOKEN
String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);
if (responseType.equals(ResponseType.CODE.toString())) {
OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
authorizationCode = oauthIssuerImpl.authorizationCode();
//把授权码放进缓存中
oAuthService.addAuthCode(authorizationCode, username);
}
// 进行OAuth响应构建
OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request,
HttpServletResponse.SC_FOUND);
// 设置授权码
builder.setCode(authorizationCode);
// 得到到客户端重定向地址
String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);
// 构建响应
final OAuthResponse response = builder.location(redirectURI).buildQueryMessage();
// 根据OAuthResponse返回ResponseEntity响应
HttpHeaders headers = new HttpHeaders();
headers.setLocation(new URI(response.getLocationUri()));
System.out.println("S:进入服务端authorize,发送授权码authorizationCode="+authorizationCode);
return new ResponseEntity(headers, HttpStatus.valueOf(response.getResponseStatus()));
} catch (OAuthProblemException e) {
// 出错处理
String redirectUri = e.getRedirectUri();
if (OAuthUtils.isEmpty(redirectUri)) {
// 告诉客户端没有传入redirectUri直接报错
return new ResponseEntity("告诉客户端没有传入redirectUri直接报错", HttpStatus.NOT_FOUND);
}
// 返回错误消息(如?error=)
final OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).error(e)
.location(redirectUri).buildQueryMessage();
HttpHeaders headers = new HttpHeaders();
headers.setLocation(new URI(response.getLocationUri()));
return new ResponseEntity(headers, HttpStatus.valueOf(response.getResponseStatus()));
}
}
//登录验证
private boolean login(Subject subject, HttpServletRequest request) {
if ("get".equalsIgnoreCase(request.getMethod())) {
return false;
}
String username = request.getParameter("username");
String password = request.getParameter("password");
if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
return false;
}
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try {
subject.login(token);//沿着用户登录
return true;
} catch (Exception e) {
request.setAttribute("error", "登录失败:" + e.getClass().getName());
return false;
}
}
}
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
Shiro+OAuth2客户端和服务器源码 (188个子文件)
AuthorizeController.class 7KB
OAuth2Realm.class 5KB
AccessTokenController.class 5KB
OAuth2AuthenticationFilter.class 4KB
UserInfoController.class 4KB
ClientDaoImpl.class 4KB
UserController.class 4KB
UserDaoImpl.class 4KB
ClientController.class 3KB
SpringCacheManagerWrapper$SpringCacheWrapper.class 3KB
UserRealm.class 3KB
OAuthServiceImpl.class 3KB
User.class 2KB
UserServiceImpl.class 2KB
Client.class 2KB
PasswordHelper.class 2KB
ClientServiceImpl.class 2KB
SpringUtils.class 2KB
RetryLimitHashedCredentialsMatcher.class 2KB
LoginController.class 2KB
ClientDaoImpl$1.class 2KB
UserDaoImpl$1.class 2KB
DefaultExceptionHandler.class 1KB
SpringCacheManagerWrapper.class 1KB
OAuth2Token.class 994B
IndexController.class 679B
OAuth2AuthenticationException.class 613B
UserService.class 588B
ClientService.class 572B
Constants.class 568B
ClientDao.class 560B
UserDao.class 511B
OAuthService.class 483B
.classpath 827B
.classpath 827B
org.eclipse.wst.common.component 509B
org.eclipse.wst.common.component 509B
org.eclipse.wst.jsdt.ui.superType.container 49B
org.eclipse.wst.jsdt.ui.superType.container 49B
css.css 382B
aspectjweaver-1.7.4.jar 1.76MB
aspectjweaver-1.7.4.jar 1.76MB
druid-0.2.23.jar 1.59MB
druid-0.2.23.jar 1.59MB
ehcache-core-2.5.0.jar 1.15MB
ehcache-core-2.5.0.jar 1.15MB
spring-core-4.0.0.RELEASE.jar 933KB
spring-core-4.0.0.RELEASE.jar 933KB
spring-context-4.0.0.RELEASE.jar 928KB
spring-context-4.0.0.RELEASE.jar 928KB
jackson-databind-2.2.3.jar 846KB
jackson-databind-2.2.3.jar 846KB
mysql-connector-java-5.1.25.jar 829KB
mysql-connector-java-5.1.25.jar 829KB
spring-beans-4.0.0.RELEASE.jar 654KB
spring-beans-4.0.0.RELEASE.jar 654KB
spring-web-4.0.0.RELEASE.jar 646KB
spring-web-4.0.0.RELEASE.jar 646KB
spring-webmvc-4.0.0.RELEASE.jar 645KB
spring-webmvc-4.0.0.RELEASE.jar 645KB
commons-collections-3.2.1.jar 562KB
commons-collections-3.2.1.jar 562KB
quartz-1.6.1.jar 435KB
quartz-1.6.1.jar 435KB
spring-jdbc-4.0.0.RELEASE.jar 410KB
spring-jdbc-4.0.0.RELEASE.jar 410KB
jstl-1.2.jar 405KB
jstl-1.2.jar 405KB
shiro-core-1.2.2.jar 358KB
shiro-core-1.2.2.jar 358KB
spring-aop-4.0.0.RELEASE.jar 343KB
spring-aop-4.0.0.RELEASE.jar 343KB
commons-codec-1.8.jar 258KB
commons-codec-1.8.jar 258KB
spring-tx-4.0.0.RELEASE.jar 242KB
spring-tx-4.0.0.RELEASE.jar 242KB
commons-beanutils-1.8.3.jar 227KB
commons-beanutils-1.8.3.jar 227KB
spring-expression-4.0.0.RELEASE.jar 202KB
spring-expression-4.0.0.RELEASE.jar 202KB
jackson-core-2.2.3.jar 188KB
jackson-core-2.2.3.jar 188KB
shiro-web-1.2.2.jar 139KB
shiro-web-1.2.2.jar 139KB
spring-context-support-4.0.0.RELEASE.jar 131KB
spring-context-support-4.0.0.RELEASE.jar 131KB
aspectjrt-1.7.4.jar 117KB
aspectjrt-1.7.4.jar 117KB
jettison-1.2.jar 71KB
jettison-1.2.jar 71KB
commons-logging-1.1.1.jar 59KB
commons-logging-1.1.1.jar 59KB
org.apache.oltu.oauth2.common-0.31.jar 50KB
org.apache.oltu.oauth2.common-0.31.jar 50KB
jsp-api-2.2.jar 49KB
jsp-api-2.2.jar 49KB
jackson-annotations-2.2.3.jar 33KB
jackson-annotations-2.2.3.jar 33KB
org.apache.oltu.oauth2.client-0.31.jar 30KB
org.apache.oltu.oauth2.authzserver-0.31.jar 29KB
共 188 条
- 1
- 2
悟之思语
- 粉丝: 711
- 资源: 131
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
- 1
- 2
- 3
- 4
前往页