@RequestMapping("/oauth")

@Controller

public class OauthController {

	String clientId = "clientId";

	String clientSecret = "clientSecret";

	String response_type = "code";

	String authorizationCode = "authorizationCode";

	String redirectUrlPage = "redirectUrlPage";

	/**

	 * 请求通过凭证地址

	 */

	String getAccessTokenURL = "http://localhost:8080/subaccountServer/oauth/getAccessToken";

	/**

	 * 请求资源地址

	 */

	String userInfoUrl = "http://localhost:8080/subaccountServer/oauth/getResource";

	/**

	 *   重定向到请求 授权码的url

	 * @return

	 * @throws Exception

	 */

	@RequestMapping("/redirectToRequestAuthorizationCodeURL")

	public String redirectToRequestAuthorizationCodeURL() throws Exception {

		String url = "getAuthorizationCode";

		// accessTokenRequest 是用来描述请求对象的,描述了请求地址,和请求参数

		OAuthClientRequest accessTokenRequest = OAuthClientRequest.authorizationLocation(url)

				.setResponseType(response_type).setClientId(clientId).setRedirectURI( redirectUrlPage ).buildQueryMessage();

		return "redirect:" + accessTokenRequest.getLocationUri();

	}

	/**

	 *   返回授权码

	 * @param model

	 * @param request

	 * @return

	 * @throws Exception

	 */

	@RequestMapping("/getAuthorizationCode")

	public Object getAuthorizationCode(Model model, HttpServletRequest request) throws Exception {

		OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request);

		String redirectURI = oauthRequest.getParam(OAuth.OAUTH_REDIRECT_URI);

		String clientId =  oauthRequest.getClientId();

		String responseType = oauthRequest.getParam(OAuth.OAUTH_RESPONSE_TYPE);

		//得到数据以后应该检查数据

		//把 state  写到一个 重定向的响应

		OAuthASResponse.OAuthAuthorizationResponseBuilder builder = OAuthASResponse.authorizationResponse(request, HttpServletResponse.SC_FOUND);

		builder.setCode(authorizationCode);

		OAuthResponse response = builder.location(redirectURI).buildQueryMessage();

		return "redirect:" + response.getLocationUri();

	}

	/**

	 *   请求通过凭证

	 * @param request

	 * @return

	 * @throws Exception

	 */

	@RequestMapping("/redirectUrlPage")

	public Object redirectUrlPage(HttpServletRequest request) throws Exception {

		String code = request.getParameter("code");

		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

		OAuthClientRequest accessTokenRequest = OAuthClientRequest.tokenLocation(getAccessTokenURL)

				.setGrantType(GrantType.AUTHORIZATION_CODE)

				.setClientId(clientId)

				.setClientSecret(clientSecret)

				.setCode(code)

				.setRedirectURI(redirectUrlPage)

				.buildQueryMessage();

		OAuthAccessTokenResponse oAuthResponse = oAuthClient.accessToken(accessTokenRequest, OAuth.HttpMethod.POST);

		//得到通过凭证和过期时间

		String accessToken = oAuthResponse.getAccessToken();

		Long expiresIn = oAuthResponse.getExpiresIn();

		return "redirect:requestResourcePage?accessToken=" + accessToken;

	}

	/**

	 *   返回通过凭证

	 * @param request

	 * @return

	 * @throws Exception

	 */

	@RequestMapping(value = "/getAccessToken", method = RequestMethod.POST)

	public HttpEntity<String> getAccessToken(HttpServletRequest request) throws Exception {

		// 构建OAuth请求

		OAuthTokenRequest oauthRequest = new OAuthTokenRequest(request);

		String authCode = oauthRequest.getParam(OAuth.OAUTH_CODE);

		String clientSecret = oauthRequest.getClientSecret();

		//应该验证授权码

		// 生成Access Token

		OAuthIssuer oauthIssuer = new OAuthIssuerImpl(new MD5Generator());

		String accessToken = oauthIssuer.accessToken();

		OAuthResponse response = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(accessToken).setExpiresIn("120").buildJSONMessage();

		return new ResponseEntity<String>(response.getBody(), HttpStatus.valueOf(response.getResponseStatus()));

	}

	/**

	 * 请求资源

	 * @param accessToken

	 * @return

	 * @throws Exception

	 */

	@RequestMapping("/requestResourcePage")

	@ResponseBody

	public String requestResourcePage(String accessToken) throws Exception {

		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

		OAuthClientRequest userInfoRequest = new OAuthBearerClientRequest(userInfoUrl).setAccessToken(accessToken).buildQueryMessage();

		OAuthResourceResponse resourceResponse = oAuthClient.resource(userInfoRequest, OAuth.HttpMethod.GET,OAuthResourceResponse.class);

		String resource = resourceResponse.getBody();

		return resource;

	}

	/**

	 *  返回资源

	 * @param request

	 * @return

	 * @throws Exception

	 */

	@RequestMapping("/getResource")

	public HttpEntity<String> getResource(HttpServletRequest request) throws Exception {

		OAuthAccessResourceRequest oauthRequest = new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);

		String accessToken = oauthRequest.getAccessToken();

		//这里应该验证accessToken

		return new ResponseEntity<String>("我就是资源", HttpStatus.OK);

	}

}

  

需要的oauth 依赖:

		<dependency>

			<groupId>org.apache.oltu.oauth2</groupId>

			<artifactId>org.apache.oltu.oauth2.client</artifactId>

			<version>1.0.1</version>

		</dependency>

		<dependency>

			<groupId>org.apache.oltu.oauth2</groupId>

			<artifactId>org.apache.oltu.oauth2.authzserver</artifactId>

			<version>1.0.1</version>

		</dependency>

		<dependency>

			<groupId>org.apache.oltu.oauth2</groupId>

			<artifactId>org.apache.oltu.oauth2.resourceserver</artifactId>

			<version>1.0.1</version>

		</dependency>

  

备注1:一个程序模拟了 三个服务器端 ,一个 客户端。   可能比较难懂

备注2: 省略了验证用户信息,授权码,通过凭证的  逻辑。

oauth 请求逻辑图  https://www.cnblogs.com/cxygg/p/9503032.html

oauth2 java 代码示例的更多相关文章

  1. MapReduce序列化及分区的java代码示例

    概述 序列化(Serialization)是指把结构化对象转化为字节流. 反序列化(Deserialization)是序列化的逆过程.把字节流转为结构化对象. 当要在进程间传递对象或持久化对象的时候, ...

  2. kafka集群和zookeeper集群的部署,kafka的java代码示例

    来自:http://doc.okbase.net/QING____/archive/19447.html 也可参考: http://blog.csdn.net/21aspnet/article/det ...

  3. 消费者、生产者Java代码示例,wait

    箱子中的苹果代表资源,现在有消费者从箱子中拿走苹果,生产者往箱子中放苹果.代码如下: 资源--箱子中的苹果: public class Box { int size; int num; public ...

  4. 将MySQL一张表的数据迁移到MongoDB数据库的Java代码示例

    Java代码: package com.zifeiy.snowflake.handle.etl.mongodb; import java.sql.Connection; import java.sql ...

  5. 阿里云直播鉴权java代码示例

    段时间公司需要做直播服务,所以就研究了一下阿里云的直播,在直播里面,最重要的就是url的鉴权操作(验证推流或者拉流的有效性),在网上找了很多代码,都没有发现java的demo,所以就写篇播客记录一下, ...

  6. java代码示例(3)

    /** * 需求分析:根据输入的天数是否是周六或是周日, * 并且天气的温度大于28摄氏度,则外出游泳,否则钓鱼 * @author chenyanlong * 日期:2017/10/14 */ pa ...

  7. spark使用KryoRegistrator java代码示例

    转载引用自:http://www.cnblogs.com/tovin/p/3833985.html 最近在使用spark开发过程中发现当数据量很大时,如果cache数据将消耗很多的内存.为了减少内存的 ...

  8. android webView开发之js调用java代码示例

    1.webView设置 webView.getSettings().setJavaScriptEnabled(true);//设置支持js webView.addJavascriptInterface ...

  9. 服务端发送xml请求java代码示例

    /** * */ package com.autoyol.pay.cmb.core; import java.io.ByteArrayOutputStream; import java.io.IOEx ...

随机推荐

  1. Oracle审计策略例子

    首先确保Oracle初始化参数audit_trail值为DB或OS,通过“show parameter audit_trail:”查看. 1 语句审计 audit table by test by a ...

  2. Oracle create tablespace 、create user and so on

    1.创建临时表空间 CREATE TEMPORARY TABLESPACE test_tempTEMPFILE 'C:\oracle\product\10.1.0\oradata\orcl\test_ ...

  3. 使用generator生成dao、mapping和model

    我们在ssm框架开发的时候(不限于此框架),为了开发效率.有时候不得不提高一下代码速度.千篇一律的事情谁都头疼,比如写dao,写model,写mapping等等.不仅慢,而且一不留神,还会出错. 今天 ...

  4. python-django的生命周期

    wsgi,请求封装后交给web框架(flask,django) 中间件,对请求进行校验或在请求对象中添加其他相关数据,列如(scrf[跨域],request,session) 路由匹配,根据浏览器发送 ...

  5. kafka definitive guide - reading notes

    一.认识Kafka 1)什么是sub/pub模型, 发布订阅模型   Publish/subscribe messaging is a pattern that is characterized by ...

  6. Python之路PythonNet,第四篇,网络4

    pythonnet   网络4 select  支持水平触发 poll       支持水平触发 epoll epoll 也是一种IO多路复用的方式,效率比select和poll 要高一点: epol ...

  7. cetos7最小化安装设置网络启动和更新yum源

    1. 使用静态 IP 地址配置网络 你第一件要做的事情就是为你的 CentOS 服务器配置静态 IP 地址.路由以及 DNS.我们会使用 ip 命令代替 ifconfig 命令.当然,ifconfig ...

  8. [LeetCode&Python] Problem 599. Minimum Index Sum of Two Lists

    Suppose Andy and Doris want to choose a restaurant for dinner, and they both have a list of favorite ...

  9. react状态提升问题::::

    父组件传值给子组件,只需要在组件上写上naverightstates={this.state.naverightstates},然后在子组件里面引用this.props.naverightstates ...

  10. linux php.ini文件没有指向 不生效

    phpinfo下查看: 命令行下查看 :php -i | grep "Loaded Configuration File" 解决: 使用命令去追踪错误: strace  /usr/ ...