推荐阅读这篇文章:https://www.cnblogs.com/flashsun/p/7424071.html
http://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html
下面是我实战中用到的案例:
@GetMapping("/login")
public String login(HttpServletRequest request, HttpServletResponse response) {
HttpSession session = request.getSession();
//判断session中是否存在UserInfo
Object userInfo = session.getAttribute("UserInfo");
if (userInfo == null) {
//判断是否带有code参数
String code = request.getParameter("code");
if (code == null) {
try {
//重定向到授权服务器,获取到code参数
response.sendRedirect(AuthUtils.getAdminBackUrl(request));
} catch (IOException e) {
e.printStackTrace();
}
return null;
} else {
try {
//code不为空,带着code去获取token值
URI uri = URI.create(AuthUtils.getAccessTokenUrl(code));
String template = restTemplate.getForObject(uri, String.class);
//Auth是自定义封装的实体类,封装的是从授权服务器返回的数据,有token和openid等参数
Auth auth = JSONObject.parseObject(template, Auth.class);
if (template == null) {
request.getSession().invalidate();
response.sendRedirect(AuthUtils.getAdminBackUrl(request));
}
assert template != null;
String access_token = auth.getData().get("access_token");
String open_id = auth.getData().get("openid");
//把返回的token和openid存入session中
session.setAttribute("access_token", access_token);
session.setAttribute("open_id", open_id);
logger.info("access_token:" + access_token);
//根据openid和token值去授权服务器获得用户信息,具体返回的什么信息看授权服务器
URI userUri = URI.create(AuthUtils.getUserInfoUrl(open_id, access_token));
String forObject = restTemplate.getForObject(userUri, String.class);
UserInfo info = JSONObject.parseObject(forObject, UserInfo.class);
if (info == null) {
request.getSession().invalidate();
response.sendRedirect(AuthUtils.getAdminBackUrl(request));
}
//把用户信息存入session中
session.setAttribute("UserInfo", info);
} catch (Exception e) {
request.getSession().invalidate();
try {
response.sendRedirect(AuthUtils.getAdminBackUrl(request));
} catch (IOException e1) {
e1.printStackTrace();
}
return null;
}
}
}
return "login";
}
@Component public class AuthUtils { public static final String APP_USER_AUTH_WEB_URL = "http://demo.zhunedu.com/ca/oAuth/connect/webauth"; public static final String APP_USER_AUTH_API_URL = "http://demo.zhunedu.com/ca/oAuth/api/"; public static final String APP_SSL_APPID = "d36b2d9dbabb4fd09931b302a84b97a6"; //此处请填写您的应用ID public static final String APP_SSL_APPSECRET = "fxsjbz123456"; //此处请填写您的应用密钥 /*** * 获取code,拼接请求路径 * @return */ public static String getAdminBackUrl(HttpServletRequest request){ HttpSession session = request.getSession(); StringBuffer param = new StringBuffer(APP_USER_AUTH_WEB_URL); StringBuffer redirect_uri = request.getRequestURL(); try { param.append("?redirect_uri=").append(java.net.URLEncoder.encode(redirect_uri.toString(),"UTF-8")); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } param.append("&state=").append(session.getId()); param.append("&appid=").append(APP_SSL_APPID); param.append("&scope=").append("web_login"); return param.toString(); } /** * 获取toekn,拼接请求路径 * @param code * @return */ public static String getAccessTokenUrl(String code){ StringBuffer tokenParam = new StringBuffer(APP_USER_AUTH_API_URL+"accessToken"); tokenParam.append("?appid=").append(APP_SSL_APPID); tokenParam.append("&secret=").append(APP_SSL_APPSECRET); tokenParam.append("&grant_type=").append("authorization_code"); tokenParam.append("&code=").append(code); return tokenParam.toString(); } /** * 单点登录当前登录用户信息url */ public static String getUserInfoUrl(String openid,String accessToken){ StringBuffer param = new StringBuffer("http://demo.zhunedu.com/ca/oAuth/api/userInfo"); param.append("?access_token=").append(accessToken); param.append("&openid=").append(openid); return param.toString(); } }