基于自建应用,定义回调路由,接口,进行路由跳转
飞书授权登录过程:
一:开放平台创建以及配置应用:
1:登录飞书后台开放平台创建以及配置相关应用:
安全设置里面配置重定向路由,后续跳转登录的时候会校验重定向url有没有配置
二:配置完指定路由REDIRECT_URI后,用户点击登录按钮后,前端控制:跳转到以下官方授权登录页:
1:官方的授权登录页:
三:定义回调的登录的接口:
授权信息登录:拿到code后的登录过程:会跳转到上面定义的路由以及带上相关参数:REDIRECT_URI?code={code}
方式1:
引入封装好api依赖方法,调用相关方法::
<dependency>
<groupId>com.larksuite.oapi</groupId>
<artifactId>oapi-sdk</artifactId>
<version>2.2.10</version>
</dependency>
coding:
public String getUserAcessToken(String code) throws Exception {
Client client = Client.newBuilder(LoginConstant.getAppId(), LoginConstant.getAppSecret()).appType(AppType.SELF_BUILT).build();
AuthenAccessTokenResp resp =client.ext().getAuthenAccessToken(client.ext().getAuthenAccessToken(AuthenAccessTokenReq.newBuilder().body
(AuthenAccessTokenReqBody.newBuilder().code(code).grantType(GrantTypeEnum.AUTHORIZATION_CODE).build())
.build());
if (!ObjectUtils.isEmpty(resp)){
UserAccessTokenInfo tokenInfo = resp.getData();
if (ObjectUtils.isEmpty(tokenInfo)){
return "";
}
return tokenInfo.getAccessToken();
}
return "";
}
public UserInfo getAuthenuserInfo(String userAcessToken) throws Exception {
Client client = Client.newBuilder(LoginConstant.getAppId(), LoginConstant.getAppSecret()).appType(AppType.SELF_BUILT).build();
GetAuthenUserInfoResp resp = client.ext().getAuthenUserInfo(RequestOptions.newBuilder().userAccessToken(userAcessToken)
.build());
if (resp != null) {
UserInfo data = resp.getData();
return data;
}
return null;
}
方式2:调用官方的api进行post请求调用:
拿到用户信息需要分三步:
1:先根据配置后给的app_secret获取app_access_token:
2:根据app_access_token+code获取user_access_token:
3:在根据user_access_token获取用户信息:
后台回调接口{REDIRECT_URI},根据回调code字段,通过后台模拟post请求调用官方api,拿到用户信息:
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.2</version>
</dependency>
coding:
//模拟post请求
public void test(){
RestTemplate restTemplate = new RestTemplate();
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> map = new LinkedMultiValueMap<>();
map.add("", null);
//map也可以换成自定义实体类参数:
HttpEntity<MultiValueMap<String, String>> requestEntity = new HttpEntity<>(map, headers);
ResponseEntity<Result> responseEntity = restTemplate.exchange("路由地址",
HttpMethod.POST, requestEntity,
Result.class);
}
方法3:
有些依赖包:justauth,封装了各个平台的登录api,引入justauth,调用提供的方法
<dependency>
<groupId>me.zhyd.oauth</groupId>
<artifactId>JustAuth</artifactId>
<version>1.16.4</version>
</dependency>
coding:
@RequestMapping("/callback")
public Object login(AuthCallback callback) {
AuthRequest authRequest = getAuthRequest();
return authRequest.login(callback);
}
private AuthRequest getAuthRequest() {
return new AuthFeishuRequest(AuthConfig.builder()
.clientId("App ID")
.clientSecret("App Secret")
.redirectUri("重定向 URL")
.build());
}
来自:https://www.wenjiangs.com/doc/justauth-oauth-feishu
四:对接业务:
后台拿到用户信息后,可以通过路由跳转,跳转到自己的业务网址,根据用户信息的唯一值和原先业务进行关联;
后台路由跳转;
public void callback(@RequestParam(value = "code",required = false) String code, @RequestParam(value = "error",required = false) String error,
HttpServletResponse response){
try{
//...
////路由跳转
URI uri = UriComponentsBuilder.fromHttpUrl("目标路由").build().toUri();
response.sendRedirect(uri.toString());;
}catch (Exception e){
log.error("回调异常{}",e);
}
}
