Java tutorial
/* * @(#)OAuth2.java $version 20131123 * * Copyright 2013 cuizuoli.cn. All rights Reserved. * cuizuoli.cn PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ package com.weibo.api; import java.io.IOException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import javax.annotation.Resource; import javax.crypto.Mac; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; import lombok.extern.slf4j.Slf4j; import org.apache.commons.codec.binary.Base64; import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.exception.ExceptionUtils; import org.codehaus.jackson.JsonParseException; import org.codehaus.jackson.map.JsonMappingException; import org.codehaus.jackson.map.ObjectMapper; import org.springframework.stereotype.Component; import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; import com.weibo.enums.Display; import com.weibo.http.client.WeiboHttpClient; import com.weibo.model.AccessToken; import com.weibo.model.PageTokenInfo; import com.weibo.model.AppTokenInfo; import com.weibo.model.TokenInfo; /** * weibo-api * com.weibo.api.OAuth2.java * @author cuizuoli * @date 20131123 */ @Slf4j @Component public class OAuth2 { private static final String ALGORITHM_HMACSHA256 = "hmacSHA256"; private static final String OAUTH2_AUTHORIZE = "https://api.weibo.com/oauth2/authorize"; private static final String OAUTH2_ACCESS_TOKEN = "https://api.weibo.com/oauth2/access_token"; private static final String OAUTH2_GET_TOKEN_INFO = "https://api.weibo.com/oauth2/get_token_info"; private static final String OAUTH2_REVOKE_OAUTH2 = "https://api.weibo.com/oauth2/revokeoauth2"; @Resource private WeiboHttpClient weiboHttpClient; @Resource private ObjectMapper weiboObjectMapper; /** * http://open.weibo.com/wiki/Oauth2/authorize * @param appKey * @param redirectUri * @param scope * @param state * @param display * @return */ public String authorize(String appKey, String redirectUri, String scope, String state, Display display) { String authorizeUrl = new StringBuffer().append(OAUTH2_AUTHORIZE).append("?client_id=").append(appKey) .append("&redirect_uri=").append(redirectUri).append("&scope=").append(scope).append("&state=") .append(state).append("&display=").append(display.getCode()).toString(); log.info(authorizeUrl); return authorizeUrl; } /** * http://open.weibo.com/wiki/OAuth2/access_token * @param appKey * @param appSecret * @param redirectUri * @param code * @return */ public AccessToken accessToken(String appKey, String appSecret, String redirectUri, String code) { MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>(); map.add("client_id", appKey); map.add("client_secret", appSecret); map.add("grant_type", "authorization_code"); map.add("code", code); map.add("redirect_uri", redirectUri); String result = weiboHttpClient.postForm(OAUTH2_ACCESS_TOKEN, map, String.class); try { AccessToken accessToken = weiboObjectMapper.readValue(result, AccessToken.class); return accessToken; } catch (JsonParseException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (JsonMappingException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (IOException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } return null; } /** * http://open.weibo.com/wiki/Oauth2/get_token_info * @param accessToken * @return */ public TokenInfo getTokenInfo(String accessToken) { MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>(); map.add("access_token", accessToken); String result = weiboHttpClient.postForm(OAUTH2_GET_TOKEN_INFO, map, String.class); try { TokenInfo tokenInfo = weiboObjectMapper.readValue(result, TokenInfo.class); return tokenInfo; } catch (JsonParseException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (JsonMappingException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (IOException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } return null; } /** * http://open.weibo.com/wiki/Oauth2/revokeoauth2 * @param accessToken * @return */ public String revokeOauth2(String accessToken) { MultiValueMap<String, String> map = new LinkedMultiValueMap<String, String>(); map.add("access_token", accessToken); return weiboHttpClient.postForm(OAUTH2_REVOKE_OAUTH2, map, String.class); } private String parseSignedRequest(String signedRequest, String appSecret) { String tokenInfoValue = null; String[] tokens = StringUtils.split(signedRequest, "\\.", 2); // base64Token String base64Token = tokens[0]; // url encode/decode ??base64url ?? // '+''/'??'-''_''=' ???base64?'='? int padding = (4 - base64Token.length() % 4); for (int i = 0; i < padding; i++) { base64Token += "="; } base64Token = StringUtils.replace(base64Token, "-", "+"); base64Token = StringUtils.replace(base64Token, "_", "/"); // base64Token1 String token1 = tokens[1]; SecretKey key = new SecretKeySpec(appSecret.getBytes(), ALGORITHM_HMACSHA256); try { Mac mac = Mac.getInstance(ALGORITHM_HMACSHA256); mac.init(key); mac.update(token1.getBytes()); byte[] macResult = mac.doFinal(); String base64Token1 = Base64.encodeBase64String(macResult); // access token if (StringUtils.equals(base64Token, base64Token1)) { tokenInfoValue = new String(Base64.decodeBase64(token1)); log.info(tokenInfoValue); } } catch (NoSuchAlgorithmException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (InvalidKeyException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } return tokenInfoValue; } /** * ?postsigned_request splitpart1part2 * @param signedRequest * @param appSecret * @return */ @Deprecated public AppTokenInfo parseAppSignedRequest(String signedRequest, String appSecret) { AppTokenInfo tokenInfo = null; try { String tokenInfoValue = parseSignedRequest(signedRequest, appSecret); if (StringUtils.isNotEmpty(tokenInfoValue)) { tokenInfo = weiboObjectMapper.readValue(tokenInfoValue, AppTokenInfo.class); } log.info(tokenInfo.toString()); } catch (JsonParseException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (JsonMappingException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (IOException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } return tokenInfo; } /** * ?Pagepostsigned_request splitpart1part2 * @param signedRequest * @param appSecret * @return */ public PageTokenInfo parsePageSignedRequest(String signedRequest, String appSecret) { PageTokenInfo tokenInfo = null; try { String tokenInfoValue = parseSignedRequest(signedRequest, appSecret); if (StringUtils.isNotEmpty(tokenInfoValue)) { tokenInfo = weiboObjectMapper.readValue(tokenInfoValue, PageTokenInfo.class); } log.info(tokenInfo.toString()); } catch (JsonParseException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (JsonMappingException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } catch (IOException e) { log.error(ExceptionUtils.getFullStackTrace(e)); } return tokenInfo; } }