第一次發文章,最近寫了一個集成第三方登錄的Demo
- QQ互聯/微信開發者平臺 通過認證,然后創建應用 獲得你的APPID 和AppSecret 配置回調函數
- 微信QQ請求都是https的請求,這里需要一個工具類 HttpClientUtils.java 用來請求QQ或微信的接口,工具類我貼在下面
- 添加 httpclient的依賴 依賴的jar包有:commons-lang-2.6.jar、httpclient-4.3.2.jar、httpcore-4.3.1.jar、commons-io-2.4.jar
- 配置Constants類, APPID 以及 AppSecret 都放到yml文件中
- yml文件中寫入你的APPID等信息
- 按開發文檔上拼接請求參數,發送請求(代碼在下面)
maven的依賴
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-io</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.4</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3.2</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.38</version>
</dependency>
工具類HttpClientUtils.java
import java.io.IOException;
import java.net.SocketTimeoutException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.Consts;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.config.RequestConfig.Builder;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustStrategy;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.message.BasicNameValuePair;
public class HttpClientUtils {
public static final int connTimeout=10000;
public static final int readTimeout=10000;
public static final String charset="UTF-8";
private static HttpClient client = null;
static {
PoolingHttpClientConnectionManager cm = new PoolingHttpClientConnectionManager();
cm.setMaxTotal(128);
cm.setDefaultMaxPerRoute(128);
client = HttpClients.custom().setConnectionManager(cm).build();
}
public static String postParameters(String url, String parameterStr) throws ConnectTimeoutException, SocketTimeoutException, Exception{
return post(url,parameterStr,"application/x-www-form-urlencoded",charset,connTimeout,readTimeout);
}
public static String postParameters(String url, String parameterStr,String charset, Integer connTimeout, Integer readTimeout) throws ConnectTimeoutException, SocketTimeoutException, Exception{
return post(url,parameterStr,"application/x-www-form-urlencoded",charset,connTimeout,readTimeout);
}
public static String postParameters(String url, Map<String, String> params) throws ConnectTimeoutException,
SocketTimeoutException, Exception {
return postForm(url, params, null, connTimeout, readTimeout);
}
public static String postParameters(String url, Map<String, String> params, Integer connTimeout,Integer readTimeout) throws ConnectTimeoutException,
SocketTimeoutException, Exception {
return postForm(url, params, null, connTimeout, readTimeout);
}
public static String get(String url) throws Exception {
return get(url, charset, null, null);
}
public static String get(String url, String charset) throws Exception {
return get(url, charset, connTimeout, readTimeout);
}
/**
* 發送一個 Post 請求, 使用指定的字符集編碼.
*
* @param url
* @param body RequestBody
* @param mimeType 例如 application/xml "application/x-www-form-urlencoded" a=1&b=2&c=3
* @param charset 編碼
* @param connTimeout 建立鏈接超時時間,毫秒.
* @param readTimeout 響應超時時間,毫秒.
* @return ResponseBody, 使用指定的字符集編碼.
* @throws ConnectTimeoutException 建立鏈接超時異常
* @throws SocketTimeoutException 響應超時
* @throws Exception
*/
public static String post(String url, String body, String mimeType,String charset, Integer connTimeout, Integer readTimeout)
throws ConnectTimeoutException, SocketTimeoutException, Exception {
HttpClient client = null;
HttpPost post = new HttpPost(url);
String result = "";
try {
if (StringUtils.isNotBlank(body)) {
HttpEntity entity = new StringEntity(body, ContentType.create(mimeType, charset));
post.setEntity(entity);
}
// 設置參數
Builder customReqConf = RequestConfig.custom();
if (connTimeout != null) {
customReqConf.setConnectTimeout(connTimeout);
}
if (readTimeout != null) {
customReqConf.setSocketTimeout(readTimeout);
}
post.setConfig(customReqConf.build());
HttpResponse res;
if (url.startsWith("https")) {
// 執行 Https 請求.
client = createSSLInsecureClient();
res = client.execute(post);
} else {
// 執行 Http 請求.
client = HttpClientUtils.client;
res = client.execute(post);
}
result = IOUtils.toString(res.getEntity().getContent(), charset);
} finally {
post.releaseConnection();
if (url.startsWith("https") && client != null&& client instanceof CloseableHttpClient) {
((CloseableHttpClient) client).close();
}
}
return result;
}
/**
* 提交form表單
*
* @param url
* @param params
* @param connTimeout
* @param readTimeout
* @return
* @throws ConnectTimeoutException
* @throws SocketTimeoutException
* @throws Exception
*/
public static String postForm(String url, Map<String, String> params, Map<String, String> headers, Integer connTimeout,Integer readTimeout) throws ConnectTimeoutException,
SocketTimeoutException, Exception {
HttpClient client = null;
HttpPost post = new HttpPost(url);
try {
if (params != null && !params.isEmpty()) {
List<NameValuePair> formParams = new ArrayList<org.apache.http.NameValuePair>();
Set<Entry<String, String>> entrySet = params.entrySet();
for (Entry<String, String> entry : entrySet) {
formParams.add(new BasicNameValuePair(entry.getKey(), entry.getValue()));
}
UrlEncodedFormEntity entity = new UrlEncodedFormEntity(formParams, Consts.UTF_8);
post.setEntity(entity);
}
if (headers != null && !headers.isEmpty()) {
for (Entry<String, String> entry : headers.entrySet()) {
post.addHeader(entry.getKey(), entry.getValue());
}
}
// 設置參數
Builder customReqConf = RequestConfig.custom();
if (connTimeout != null) {
customReqConf.setConnectTimeout(connTimeout);
}
if (readTimeout != null) {
customReqConf.setSocketTimeout(readTimeout);
}
post.setConfig(customReqConf.build());
HttpResponse res = null;
if (url.startsWith("https")) {
// 執行 Https 請求.
client = createSSLInsecureClient();
res = client.execute(post);
} else {
// 執行 Http 請求.
client = HttpClientUtils.client;
res = client.execute(post);
}
return IOUtils.toString(res.getEntity().getContent(), "UTF-8");
} finally {
post.releaseConnection();
if (url.startsWith("https") && client != null
&& client instanceof CloseableHttpClient) {
((CloseableHttpClient) client).close();
}
}
}
/**
* 發送一個 GET 請求
*
* @param url
* @param charset
* @param connTimeout 建立鏈接超時時間,毫秒.
* @param readTimeout 響應超時時間,毫秒.
* @return
* @throws ConnectTimeoutException 建立鏈接超時
* @throws SocketTimeoutException 響應超時
* @throws Exception
*/
public static String get(String url, String charset, Integer connTimeout,Integer readTimeout)
throws ConnectTimeoutException,SocketTimeoutException, Exception {
HttpClient client = null;
HttpGet get = new HttpGet(url);
String result = "";
try {
// 設置參數
Builder customReqConf = RequestConfig.custom();
if (connTimeout != null) {
customReqConf.setConnectTimeout(connTimeout);
}
if (readTimeout != null) {
customReqConf.setSocketTimeout(readTimeout);
}
get.setConfig(customReqConf.build());
HttpResponse res = null;
if (url.startsWith("https")) {
// 執行 Https 請求.
client = createSSLInsecureClient();
res = client.execute(get);
} else {
// 執行 Http 請求.
client = HttpClientUtils.client;
res = client.execute(get);
}
result = IOUtils.toString(res.getEntity().getContent(), charset);
} finally {
get.releaseConnection();
if (url.startsWith("https") && client != null && client instanceof CloseableHttpClient) {
((CloseableHttpClient) client).close();
}
}
return result;
}
/**
* 從 response 里獲取 charset
*
* @param ressponse
* @return
*/
@SuppressWarnings("unused")
private static String getCharsetFromResponse(HttpResponse ressponse) {
// Content-Type:text/html; charset=GBK
if (ressponse.getEntity() != null && ressponse.getEntity().getContentType() != null && ressponse.getEntity().getContentType().getValue() != null) {
String contentType = ressponse.getEntity().getContentType().getValue();
if (contentType.contains("charset=")) {
return contentType.substring(contentType.indexOf("charset=") + 8);
}
}
return null;
}
/**
* 創建 SSL連接
* @return
* @throws GeneralSecurityException
*/
private static CloseableHttpClient createSSLInsecureClient() throws GeneralSecurityException {
try {
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
public boolean isTrusted(X509Certificate[] chain,String authType) throws CertificateException {
return true;
}
}).build();
SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new X509HostnameVerifier() {
@Override
public boolean verify(String arg0, SSLSession arg1) {
return true;
}
@Override
public void verify(String host, SSLSocket ssl)
throws IOException {
}
@Override
public void verify(String host, X509Certificate cert)
throws SSLException {
}
@Override
public void verify(String host, String[] cns,
String[] subjectAlts) throws SSLException {
}
});
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
} catch (GeneralSecurityException e) {
throw e;
}
}
public static void main(String[] args) {
try {
String str= post("https://localhost:443/ssl/test.shtml","name=12&page=34","application/x-www-form-urlencoded", "UTF-8", 10000, 10000);
//String str= get("https://localhost:443/ssl/test.shtml?name=12&page=34","GBK");
/*Map<String,String> map = new HashMap<String,String>();
map.put("name", "111");
map.put("page", "222");
String str= postForm("https://localhost:443/ssl/test.shtml",map,null, 10000, 10000);*/
System.out.println(str);
} catch (ConnectTimeoutException e) {
e.printStackTrace();
} catch (SocketTimeoutException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
常量的配置 用來獲取yml文件中的APPID等
import org.hibernate.validator.constraints.NotEmpty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
/**
* 常量配置類
*/
@Configuration
@ConfigurationProperties(prefix = "constants")
public class Constants {
@NotEmpty
private String qqAppId;
@NotEmpty
private String qqAppSecret;
@NotEmpty
private String qqRedirectUrl;
@NotEmpty
private String weCatAppId;
@NotEmpty
private String weCatAppSecret;
@NotEmpty
private String weCatRedirectUrl;
public String getQqAppId() {
return qqAppId;
}
public void setQqAppId(String qqAppId) {
this.qqAppId = qqAppId;
}
public String getQqAppSecret() {
return qqAppSecret;
}
public void setQqAppSecret(String qqAppSecret) {
this.qqAppSecret = qqAppSecret;
}
public String getQqRedirectUrl() {
return qqRedirectUrl;
}
public void setQqRedirectUrl(String qqRedirectUrl) {
this.qqRedirectUrl = qqRedirectUrl;
}
public String getWeCatAppId() {
return weCatAppId;
}
public void setWeCatAppId(String weCatAppId) {
this.weCatAppId = weCatAppId;
}
public String getWeCatAppSecret() {
return weCatAppSecret;
}
public void setWeCatAppSecret(String weCatAppSecret) {
this.weCatAppSecret = weCatAppSecret;
}
public String getWeCatRedirectUrl() {
return weCatRedirectUrl;
}
public void setWeCatRedirectUrl(String weCatRedirectUrl) {
this.weCatRedirectUrl = weCatRedirectUrl;
}
}
yml文件中的配置
constants:
# QQ
qqAppId: xxxxxxxx
qqAppSecret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
qqRedirectUrl: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
#WECAT
weCatAppId: xxxxxxxxxx
weCatAppSecret: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
weCatRedirectUrl: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
開始編寫controller層, 我的demo沒有前端的頁面 所以只是純后端的請求方式
第一步獲取code
@Autowired
private Constants constants;
@RequestMapping("getCode")
public String getCode() throws Exception {
//拼接url
StringBuilder url = new StringBuilder();
url.append("https://graph.qq.com/oauth2.0/authorize?");
url.append("response_type=code");
url.append("&client_id=" + constants.getQqAppId());
//回調地址 ,回調地址要進行Encode轉碼
String redirect_uri = constants.getQqRedirectUrl();
//轉碼
url.append("&redirect_uri="+ URLEncodeUtil.getURLEncoderString(redirect_uri));
url.append("&state=ok");
String result = HttpClientUtils.get(url.toString(),"UTF-8");
System.out.println(url.toString());
return url.toString();
}
//上面的請求回返回一個url,然后進入到這個url中 QQ端會把調用你的回調函數,并把code一起傳過來
第二步 通過code取到token
/**
* 獲取token,該步驟返回的token期限為一個月
* @param code
* @return
* @throws Exception
*/
@RequestMapping("callback.do")
public String getAccessToken(String code) throws Exception {
if (code != null){
System.out.println(code);
}
StringBuilder url = new StringBuilder();
url.append("https://graph.qq.com/oauth2.0/token?");
url.append("grant_type=authorization_code");
url.append("&client_id=" + constants.getQqAppId());
url.append("&client_secret=" + constants.getQqAppSecret());
url.append("&code=" + code);
//回調地址
String redirect_uri = constants.getQqRedirectUrl();
//轉碼
url.append("&redirect_uri="+ URLEncodeUtil.getURLEncoderString(redirect_uri));
String result = HttpClientUtils.get(url.toString(),"UTF-8");
System.out.println("url:" + url.toString());
//把token保存
String[] items = StringUtils.splitByWholeSeparatorPreserveAllTokens(result, "&");
String accessToken = StringUtils.substringAfterLast(items[0], "=");
Long expiresIn = new Long(StringUtils.substringAfterLast(items[1], "="));
String refreshToken = StringUtils.substringAfterLast(items[2], "=");
if (qqProperties.get("accessToken") != null){
qqProperties.remove("accessToken");
}
if (qqProperties.get("expiresIn") != null){
qqProperties.remove("expiresIn");
}
if (qqProperties.get("refreshToken") != null){
qqProperties.remove("refreshToken");
}
qqProperties.put("accessToken",accessToken);
qqProperties.put("expiresIn",expiresIn);
qqProperties.put("refreshToken",refreshToken);
return result;
}
上面這個controller就是在yml文件中配置的回調函數地址,我這邊是把token存到一個map中了
QQ的這個請求返回值是一個字符串 比如
access_token=FE04************************CCE2&expires_in=7776000&refresh_token=88E4************************BE14
這樣子的 要取出來的話 需要做一下拆分,但是微信的是返回的json格式的 可以轉為model保存
第三步(可選) 上一步獲取的token是有期限的,過期就會失效,這里提供了刷新token的方法
/**
* 刷新token
* @return
* @throws Exception
*/
@RequestMapping("refreshToken")
public String refreshToken() throws Exception {
StringBuilder url = new StringBuilder("https://graph.qq.com/oauth2.0/token?");
url.append("grant_type=refresh_token");
url.append("&client_id=" + constants.getQqAppId());
url.append("&client_secret=" + constants.getQqAppSecret());
//獲取refreshToken
String refreshToken = (String) qqProperties.get("refreshToken");
url.append("&refresh_token=" + refreshToken); // 該處需要傳入上個步驟獲取到的refreshToken;
String result = HttpClientUtils.get(url.toString(),"UTF-8");
System.out.println("url:" + url.toString());
//把新獲取的token存到map中
String[] items = StringUtils.splitByWholeSeparatorPreserveAllTokens(result, "&");
String accessToken = StringUtils.substringAfterLast(items[0], "=");
Long expiresIn = new Long(StringUtils.substringAfterLast(items[1], "="));
String newRefreshToken = StringUtils.substringAfterLast(items[2], "=");
if (qqProperties.get("accessToken") != null){
qqProperties.remove("accessToken");
}
if (qqProperties.get("expiresIn") != null){
qqProperties.remove("expiresIn");
}
if (qqProperties.get("refreshToken") != null){
qqProperties.remove("refreshToken");
}
qqProperties.put("accessToken",accessToken);
qqProperties.put("expiresIn",expiresIn);
qqProperties.put("refreshToken",newRefreshToken);
return result;
}
第四步,獲取用戶openId
/**
* 獲取用戶openId
* @return
* @throws Exception
*/
@RequestMapping("getOpenId")
public String getOpenId() throws Exception {
StringBuilder url = new StringBuilder("https://graph.qq.com/oauth2.0/me?");
//獲取保存的用戶的token
String accessToken = (String) qqProperties.get("accessToken");
if (!StringUtils.isNotEmpty(accessToken)){
return "未授權";
}
url.append("access_token=" + accessToken);
String result = HttpClientUtils.get(url.toString(),"UTF-8");
String openId = StringUtils.substringBetween(result, "\"openid\":\"", "\"}");
System.out.println(openId);
//把openId存到map中
if (qqProperties.get("openId") != null) {
qqProperties.remove("openId");
}
qqProperties.put("openId",openId);
return result;
}
//這個步驟的正確返回值是callback( {"client_id":"YOUR_APPID","openid":"YOUR_OPENID"} );
也是一個字符串,需要進行拆分保存,這里請求傳入的就是上次獲取到的token
第五步 獲取用戶信息
/**
* 根據openId獲取用戶信息
*/
@RequestMapping("getUserInfo")
public QQUserInfo getUserInfo() throws Exception {
StringBuilder url = new StringBuilder("https://graph.qq.com/user/get_user_info?");
//取token
String accessToken = (String) qqProperties.get("accessToken");
String openId = (String) qqProperties.get("openId");
if (!StringUtils.isNotEmpty(accessToken) || !StringUtils.isNotEmpty(openId)){
return null;
}
url.append("access_token=" + accessToken);
url.append("&oauth_consumer_key=" + constants.getQqAppId());
url.append("&openid=" + openId);
String result = HttpClientUtils.get(url.toString(),"UTF-8");
Object json = JSON.parseObject(result,QQUserInfo.class);
QQUserInfo QQUserInfo = (QQUserInfo)json;
return QQUserInfo;
}
//傳入token APPID,openId 就可以獲取到用戶信息 由于用到的這個工具類 返回的是一個字符串,可以轉成object類型,再強轉成model
//到此授權就完成了,微信端和QQ不同的地方是微信獲取token的時候會把openId一并獲取到
回調函數轉碼工具類
import java.io.UnsupportedEncodingException;
public class URLEncodeUtil {
private final static String ENCODE = "UTF-8";
/**
* URL 解碼
*/
public static String getURLDecoderString(String str) {
String result = "";
if (null == str) {
return "";
}
try {
result = java.net.URLDecoder.decode(str, ENCODE);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return result;
}
/**
* URL 轉碼
*/
public static String getURLEncoderString(String str) {
String result = "";
if (null == str) {
return "";
}
try {
result = java.net.URLEncoder.encode(str, ENCODE);
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return result;
}
}
