Shiro+OAuth2客户端和服务器源码_oauth2和shiro,shiro+oauth2资源-CSDN文库

共188个文件

jar：71个

class：33个

java：30个

shiro

oauth2

5星 · 超过95%的资源需积分: 32 108 浏览量 2016-04-12 14:03:32 上传评论 4 收藏 25.62MB ZIP 举报

资源推荐

资源详情

资源评论

收起资源包目录

Shiro+OAuth2客户端和服务器源码（188个子文件）

AuthorizeController.class 7KB

OAuth2Realm.class 5KB

AccessTokenController.class 5KB

OAuth2AuthenticationFilter.class 4KB

UserInfoController.class 4KB

ClientDaoImpl.class 4KB

UserController.class 4KB

UserDaoImpl.class 4KB

ClientController.class 3KB

SpringCacheManagerWrapper$SpringCacheWrapper.class 3KB

UserRealm.class 3KB

OAuthServiceImpl.class 3KB

User.class 2KB

UserServiceImpl.class 2KB

Client.class 2KB

PasswordHelper.class 2KB

ClientServiceImpl.class 2KB

SpringUtils.class 2KB

RetryLimitHashedCredentialsMatcher.class 2KB

LoginController.class 2KB

ClientDaoImpl$1.class 2KB

UserDaoImpl$1.class 2KB

DefaultExceptionHandler.class 1KB

SpringCacheManagerWrapper.class 1KB

OAuth2Token.class 994B

IndexController.class 679B

OAuth2AuthenticationException.class 613B

UserService.class 588B

ClientService.class 572B

Constants.class 568B

ClientDao.class 560B

UserDao.class 511B

OAuthService.class 483B

.classpath 827B

org.eclipse.wst.common.component 509B

org.eclipse.wst.jsdt.ui.superType.container 49B

css.css 382B

aspectjweaver-1.7.4.jar 1.76MB

druid-0.2.23.jar 1.59MB

ehcache-core-2.5.0.jar 1.15MB

spring-core-4.0.0.RELEASE.jar 933KB

spring-context-4.0.0.RELEASE.jar 928KB

jackson-databind-2.2.3.jar 846KB

mysql-connector-java-5.1.25.jar 829KB

spring-beans-4.0.0.RELEASE.jar 654KB

spring-web-4.0.0.RELEASE.jar 646KB

spring-webmvc-4.0.0.RELEASE.jar 645KB

commons-collections-3.2.1.jar 562KB

quartz-1.6.1.jar 435KB

spring-jdbc-4.0.0.RELEASE.jar 410KB

jstl-1.2.jar 405KB

shiro-core-1.2.2.jar 358KB

spring-aop-4.0.0.RELEASE.jar 343KB

commons-codec-1.8.jar 258KB

spring-tx-4.0.0.RELEASE.jar 242KB

commons-beanutils-1.8.3.jar 227KB

spring-expression-4.0.0.RELEASE.jar 202KB

jackson-core-2.2.3.jar 188KB

shiro-web-1.2.2.jar 139KB

spring-context-support-4.0.0.RELEASE.jar 131KB

aspectjrt-1.7.4.jar 117KB

jettison-1.2.jar 71KB

commons-logging-1.1.1.jar 59KB

org.apache.oltu.oauth2.common-0.31.jar 50KB

jsp-api-2.2.jar 49KB

jackson-annotations-2.2.3.jar 33KB

org.apache.oltu.oauth2.client-0.31.jar 30KB

org.apache.oltu.oauth2.authzserver-0.31.jar 29KB

共 188 条

package com.zyl.shiro.web.controller; import org.apache.oltu.oauth2.as.issuer.MD5Generator; import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl; import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest; import org.apache.oltu.oauth2.as.response.OAuthASResponse; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.error.OAuthError; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; import org.apache.oltu.oauth2.common.exception.OAuthSystemException; import org.apache.oltu.oauth2.common.message.OAuthResponse; import org.apache.oltu.oauth2.common.message.types.ResponseType; import org.apache.oltu.oauth2.common.utils.OAuthUtils; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import com.zyl.shiro.common.Constants; import com.zyl.shiro.web.service.ClientService; import com.zyl.shiro.web.service.OAuthService; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.net.URI; import java.net.URISyntaxException; /** * 授权控制器 * * @author Administrator * */ @Controller public class AuthorizeController { @Autowired private OAuthService oAuthService; @Autowired private ClientService clientService; @RequestMapping("/authorize") public Object authorize(Model model, HttpServletRequest request) throws URISyntaxException, OAuthSystemException { try { // 构建OAuth 授权请求 OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request); // 检查传入的客户端id是否正确 if (!oAuthService.checkClientId(oauthRequest.getClientId())) { // 生成錯誤信息 OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST) .setError(OAuthError.TokenResponse.INVALID_CLIENT) .setErrorDescription(Constants.INVALID_CLIENT_DESCRIPTION).buildJSONMessage(); return new ResponseEntity(response.getBody(), HttpStatus.valueOf(response.getResponseStatus())); } Subject subject = SecurityUtils.getSubject(); // 如果用户没有登录，跳转到登陆页面 if (!subject.isAuthenticated()) { if (!login(subject, request)) {//登录失败时跳转到登陆页面 System.out.println("S:进入服务端authorize，登录失败时跳转到登陆页面"); model.addAttribute("client", clientService.findByClientId(oauthRequest.getClientId())); return "oauth2login"; } } String username = (String) subject.getPrincipal(); // 生成授权码 String authorizationCode = null; // responseType目前仅支持CODE，另外还有TOKEN String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE); if (responseType.equals(ResponseType.CODE.toString())) { OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator()); authorizationCode = oauthIssuerImpl.authorizationCode(); //把授权码放进缓存中 oAuthService.addAuthCode(authorizationCode, username); } // 进行OAuth响应构建 OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND); // 设置授权码 builder.setCode(authorizationCode); // 得到到客户端重定向地址 String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI); // 构建响应 final OAuthResponse response = builder.location(redirectURI).buildQueryMessage(); // 根据OAuthResponse返回ResponseEntity响应 HttpHeaders headers = new HttpHeaders(); headers.setLocation(new URI(response.getLocationUri())); System.out.println("S:进入服务端authorize，发送授权码authorizationCode="+authorizationCode); return new ResponseEntity(headers, HttpStatus.valueOf(response.getResponseStatus())); } catch (OAuthProblemException e) { // 出错处理 String redirectUri = e.getRedirectUri(); if (OAuthUtils.isEmpty(redirectUri)) { // 告诉客户端没有传入redirectUri直接报错 return new ResponseEntity("告诉客户端没有传入redirectUri直接报错", HttpStatus.NOT_FOUND); } // 返回错误消息（如?error=） final OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND).error(e) .location(redirectUri).buildQueryMessage(); HttpHeaders headers = new HttpHeaders(); headers.setLocation(new URI(response.getLocationUri())); return new ResponseEntity(headers, HttpStatus.valueOf(response.getResponseStatus())); } } //登录验证 private boolean login(Subject subject, HttpServletRequest request) { if ("get".equalsIgnoreCase(request.getMethod())) { return false; } String username = request.getParameter("username"); String password = request.getParameter("password"); if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) { return false; } UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { subject.login(token);//沿着用户登录 return true; } catch (Exception e) { request.setAttribute("error", "登录失败:" + e.getClass().getName()); return false; } } }

评论收藏

内容反馈