aboutsummaryrefslogtreecommitdiff
path: root/juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2017-01-17 11:57:50 +0300
committerGravatar Vitaly Takmazov2017-01-17 14:14:30 +0300
commit3890570bf190a63f8f34c47a7fd21e780a61b6b0 (patch)
tree94ee4a300ae032c3e01ba8bfc17ea462f0511578 /juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java
parent965d46f8188378eea8acb99e8f6c448a26a1ee19 (diff)
juick-www: Facebook and VK login using scribejava
Diffstat (limited to 'juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java')
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java125
1 files changed, 61 insertions, 64 deletions
diff --git a/juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java b/juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java
index cc11f99a..b1d275b6 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/FacebookLogin.java
@@ -19,27 +19,35 @@ package com.juick.www.controllers;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.scribejava.apis.FacebookApi;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.model.OAuthRequest;
+import com.github.scribejava.core.model.Verb;
+import com.github.scribejava.core.oauth.OAuth20Service;
+import com.juick.server.util.HttpBadRequestException;
import com.juick.service.CrosspostService;
import com.juick.service.UserService;
import com.juick.www.Utils;
-import com.juick.www.facebook.Graph;
-import org.apache.commons.lang3.CharEncoding;
+import com.juick.www.facebook.User;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
import javax.inject.Inject;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
+import java.io.IOException;
import java.util.UUID;
+import java.util.concurrent.ExecutionException;
/**
*
@@ -54,6 +62,7 @@ public class FacebookLogin {
private final String FACEBOOK_SECRET;
private final String FACEBOOK_REDIRECT = "http://juick.com/_fblogin";
private final ObjectMapper mapper;
+ private ServiceBuilder serviceBuilder;
@Inject
CrosspostService crosspostService;
@@ -64,7 +73,7 @@ public class FacebookLogin {
public FacebookLogin(Environment env) {
FACEBOOK_APPID = env.getProperty("facebook_appid");
FACEBOOK_SECRET = env.getProperty("facebook_secret");
-
+ serviceBuilder = new ServiceBuilder();
mapper = new ObjectMapper();
mapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY);
mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
@@ -72,82 +81,70 @@ public class FacebookLogin {
}
@RequestMapping(value = "/_fblogin", method = RequestMethod.GET)
- protected void doGet(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException {
- String fbstate;
-
- String code = request.getParameter("code");
+ protected String doGet(HttpServletRequest request,
+ @RequestParam(required = false) String code,
+ @RequestParam(required = false) String state,
+ @CookieValue(required = false) String fbstate,
+ HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
fbstate = UUID.randomUUID().toString();
Cookie c = new Cookie("fbstate", fbstate);
response.addCookie(c);
-
- response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
- response.setHeader("Location", "https://www.facebook.com/dialog/oauth?scope=publish_stream&client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, CharEncoding.UTF_8) + "&state=" + fbstate);
- return;
+ OAuth20Service facebookAuthService = serviceBuilder
+ .apiKey(FACEBOOK_APPID)
+ .apiSecret(FACEBOOK_SECRET)
+ .callback(FACEBOOK_REDIRECT)
+ .scope("publish_actions")
+ .state(fbstate)
+ .build(FacebookApi.instance());
+ return "redirect:" + facebookAuthService.getAuthorizationUrl();
}
- fbstate = Utils.getCookie(request, "fbstate");
- if (fbstate == null || fbstate.isEmpty() || !fbstate.equals(request.getParameter("state"))) {
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- return;
+ if (StringUtils.isBlank(fbstate) || !fbstate.equals(state)) {
+ throw new HttpBadRequestException();
} else {
Cookie c = new Cookie("fbstate", "-");
c.setMaxAge(0);
response.addCookie(c);
}
-
- String token = Utils.fetchURL("https://graph.facebook.com/oauth/access_token?client_id=" + FACEBOOK_APPID + "&redirect_uri=" + URLEncoder.encode(FACEBOOK_REDIRECT, CharEncoding.UTF_8) + "&client_secret=" + FACEBOOK_SECRET + "&code=" + URLEncoder.encode(code, CharEncoding.UTF_8));
- if (token == null || token.isEmpty() || !token.startsWith("access_token=")) {
- logger.error("FACEBOOK TOKEN ERROR: {}", token);
- response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- return;
- }
- token = token.substring(13); // access_token=...
- int tokenamp = token.indexOf('&'); // &expires=
- if (tokenamp > 0) {
- token = token.substring(0, tokenamp);
- }
-
- String graph = Utils.fetchURL("https://graph.facebook.com/me?access_token=" + token);
- if (graph == null || graph.isEmpty()) {
+ OAuth20Service facebookService = serviceBuilder
+ .apiKey(FACEBOOK_APPID)
+ .apiSecret(FACEBOOK_SECRET)
+ .callback(FACEBOOK_REDIRECT)
+ .state(state)
+ .build(FacebookApi.instance());
+ OAuth2AccessToken token = facebookService.getAccessToken(code);
+ final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v2.8/me?fields=id,name,link,verified");
+ facebookService.signRequest(token, meRequest);
+ String graph = facebookService.execute(meRequest).getBody();
+ if (StringUtils.isBlank(graph)) {
logger.error("FACEBOOK GRAPH ERROR");
- response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- return;
+ throw new HttpBadRequestException();
+ }
+ User fb = mapper.readValue(graph, User.class);
+ long fbID = NumberUtils.toLong(fb.getId(), 0);
+ if (fbID == 0 || StringUtils.isBlank(fb.getName()) || StringUtils.isBlank(fb.getLink())) {
+ throw new HttpBadRequestException();
}
- try {
- Graph fb = mapper.readValue(graph, Graph.class);
-
- long fbID = NumberUtils.toLong(fb.getId(), 0);
- if (fbID == 0 || StringUtils.isBlank(fb.getName()) || StringUtils.isBlank(fb.getLink())) {
- throw new Exception();
+ int uid = crosspostService.getUIDbyFBID(fbID);
+ if (uid > 0) {
+ if (!crosspostService.updateFacebookUser(fbID, token.getAccessToken(), fb.getName(), fb.getLink())) {
+ throw new HttpBadRequestException();
}
-
- int uid = crosspostService.getUIDbyFBID(fbID);
- if (uid > 0) {
- if (!crosspostService.updateFacebookUser(fbID, token, fb.getName(), fb.getLink())) {
- throw new Exception();
- }
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
- response.setHeader("Location", "/");
- } else if (fb.getVerified()) {
- String loginhash = UUID.randomUUID().toString();
- if (!crosspostService.createFacebookUser(fbID, loginhash, token, fb.getName(), fb.getLink())) {
- throw new Exception();
- }
- response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
- response.setHeader("Location", "/signup?type=fb&hash=" + loginhash);
- } else {
- throw new Exception();
+ Cookie c = new Cookie("hash", userService.getHashByUID(uid));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return Utils.getPreviousPageByRequest(request).orElse("/");
+ } else if (fb.getVerified()) {
+ String loginhash = UUID.randomUUID().toString();
+ if (!crosspostService.createFacebookUser(fbID, loginhash, token.getAccessToken(), fb.getName(), fb.getLink())) {
+ throw new HttpBadRequestException();
}
- } catch (Exception e) {
- logger.error("fb error", e);
- response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- return;
+ return "redirect:/signup?type=fb&hash=" + loginhash;
+ } else {
+ throw new HttpBadRequestException();
}
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 01:51:33 +0000