• ESB服务学习Auth2.0和sso规范

    ESB服务学习Auth2.0和sso规范

    看下Auth的代码和若干方法

    从第三方认证系统中认证:

    public String getAuthorizeUri(AuthorizeUriGetInput input) {
    String redirectUri = this.casProperties.getRedirectUri();
    if (input.getRedirectUri()!=null){
        redirectUri = input.getRedirectUri();
    }
    return String.format("%s/oauth2.0/authorize?service=%s&response_type=code&client_id=%s&redirect_uri=%s", this.casProperties.getCasUrl(), redirectUri, this.casProperties.getClientId(), redirectUri);
}

    登出系统,也是调用第三方的页面

    public String logout(AuthorizeUriGetInput input) {
    String redirectUri = this.casProperties.getRedirectUri();
    if (input.getRedirectUri()!=null){
        redirectUri = input.getRedirectUri();
    }
    return String.format("%s/logout?service=%s", this.casProperties.getCasUrl(), redirectUri);
}

    从第三方获取token,没有页面,AccessToken有没有固定的格式?

    public AccessToken getAccessToken(String code) {
        String url = String.format("%s/oauth2.0/accessToken?	grant_type=authorization_code&client_id=%s&client_secret=%s&redirect_uri=%s&code=%s", this.casProperties.getCasUrl(), this.casProperties.getClientId(), this.casProperties.getClientSecret(), this.casProperties.getRedirectUri(), code);
        HttpHeaders headers = getHeaderApplicationJson();
        HttpEntity request = new HttpEntity("", headers);

        try {
            RestTemplate restTemplate = new RestTemplate();
            ResponseEntity<String> responseEntity = restTemplate.exchange(url, HttpMethod.GET, request, String.class, new Object[0]);
            return (AccessToken) JSON.parseObject((String) responseEntity.getBody(), AccessToken.class);
        } catch (
                Exception var7) {
            log.error("获取Token返回错误" + (String) responseEntity.getBody());
            return null;
        }
    }

    刷新token,也没有页面,调用第三方服务

    public AccessToken refreshToken(String refreshToken) {
    String url = String.format("%s/oauth2.0/accessToken?grant_type=refresh_token&client_id=%s&client_secret=%s&redirect_uri=%s&refresh_token=%s", this.casProperties.getCasUrl(), this.casProperties.getClientId(), this.casProperties.getClientSecret(), this.casProperties.getRedirectUri(), refreshToken);
    HttpHeaders headers = getHeaderApplicationJson();
    HttpEntity request = new HttpEntity("", headers);

    try {
        RestTemplate restTemplate = new RestTemplate();
        ResponseEntity<String> responseEntity = restTemplate.exchange(url, HttpMethod.GET, request, String.class, new Object[0]);
        return (AccessToken) JSON.parseObject((String) responseEntity.getBody(), AccessToken.class);

    } catch (Exception var7) {
        log.error("刷新Token信息失败-{}" + refreshToken, var7);
        return null;
    }
}

    拿着token去获取我们需要的资源,比如用户信息

    public UserProfile getUserProfile(String token) {
    String url = String.format("%s/oauth2.0/profile?access_token=%s", this.casProperties.getCasUrl(), token);
    HttpHeaders headers = getHeaderApplicationJson();
    HttpEntity request = new HttpEntity("", headers);

    try {
        RestTemplate restTemplate = new RestTemplate();
        ResponseEntity<String> responseEntity = restTemplate.exchange(url, HttpMethod.GET, request, String.class, new Object[0]);
        return (UserProfile) JSON.parseObject(jsonObject.getJSONObject("attributes").toJSONString(), UserProfile.class);

    } catch (
            Exception var8) {
        log.error("获取用户信息失败" + token, var8);
    }
    return null;
}

    ​ 这里验证了这个人的有效身份,至于拿这个身份做什么,取决于系统。
  • 相关阅读:
    Kubernetes豁然贯通(安全认证)
    Kubernetes登堂入室(数据存储)
    Kubernetes渐入佳境(Service和Ingress详解)
    Kubernetes崭露头角(Pod控制器详解)
    Kubernetes初露锋芒(Pod详解)
    Kubernets初窥门径 (NameSpace、Pod、Label、Deployment、Service)
    Kubernetes初学乍练(资源管理)
    Kubernetes小试牛刀
    构建高并发的扣减服务
    Redis集群的三种姿势
  • 原文地址:https://www.cnblogs.com/Robin008/p/16352840.html
Copyright © 2020-2023  润新知