aboutsummaryrefslogtreecommitdiff
path: root/src/main
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2019-02-19 10:23:07 +0300
committerGravatar Vitaly Takmazov2019-02-19 10:23:14 +0300
commit1eed5a8f1053f87b10cb3410e477792075d7f3e4 (patch)
tree516017568b857e7ae88c205e240391bc6130e428 /src/main
parente4f04775fc2e92e38613193ec11e60e6c983e3a2 (diff)
refactor social login flow
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/com/juick/server/api/ApiSocialLogin.java51
-rw-r--r--src/main/java/com/juick/server/www/controllers/SocialLogin.java51
2 files changed, 38 insertions, 64 deletions
diff --git a/src/main/java/com/juick/server/api/ApiSocialLogin.java b/src/main/java/com/juick/server/api/ApiSocialLogin.java
index 75fd6d11..be306fe9 100644
--- a/src/main/java/com/juick/server/api/ApiSocialLogin.java
+++ b/src/main/java/com/juick/server/api/ApiSocialLogin.java
@@ -82,6 +82,7 @@ public class ApiSocialLogin {
@Inject
private ObjectMapper jsonMapper;
private ServiceBuilder facebookBuilder, twitterBuilder, vkBuilder;
+ private OAuth20Service facebookAuthService, vkAuthService;
@Value("${twitter_consumer_key:appid}")
private String twitterConsumerKey;
@@ -117,6 +118,16 @@ public class ApiSocialLogin {
verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
.setAudience(Collections.singletonList(googleClientId))
.build();
+ facebookAuthService = facebookBuilder
+ .apiSecret(FACEBOOK_SECRET)
+ .callback(FACEBOOK_REDIRECT)
+ .scope("email")
+ .build(FacebookApi.instance());
+ vkAuthService = vkBuilder
+ .apiSecret(VK_SECRET)
+ .scope("friends,wall,offline")
+ .callback(VK_REDIRECT)
+ .build(VkontakteApi.instance());
}
@GetMapping("/api/_fblogin")
@@ -125,13 +136,7 @@ public class ApiSocialLogin {
if (StringUtils.isBlank(code)) {
String fbstate = UUID.randomUUID().toString();
crosspostService.addFacebookState(fbstate, state);
- OAuth20Service facebookAuthService = facebookBuilder
- .apiSecret(FACEBOOK_SECRET)
- .callback(FACEBOOK_REDIRECT)
- .scope("email")
- .state(fbstate)
- .build(FacebookApi.instance());
- return "redirect:" + facebookAuthService.getAuthorizationUrl();
+ return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
}
String redirectUrl = crosspostService.verifyFacebookState(state);
@@ -140,17 +145,10 @@ public class ApiSocialLogin {
logger.error("state is missing");
throw new HttpBadRequestException();
}
- OAuth20Service facebookService = facebookBuilder
- .apiKey(FACEBOOK_APPID)
- .apiSecret(FACEBOOK_SECRET)
- .callback(FACEBOOK_REDIRECT)
- .scope("email")
- .state(state)
- .build(FacebookApi.instance());
- OAuth2AccessToken token = facebookService.getAccessToken(code);
+ OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,email");
- facebookService.signRequest(token, meRequest);
- String graph = facebookService.execute(meRequest).getBody();
+ facebookAuthService.signRequest(token, meRequest);
+ String graph = facebookAuthService.execute(meRequest).getBody();
if (StringUtils.isBlank(graph)) {
logger.error("FACEBOOK GRAPH ERROR");
throw new HttpBadRequestException();
@@ -241,13 +239,7 @@ public class ApiSocialLogin {
if (StringUtils.isBlank(code)) {
String vkstate = UUID.randomUUID().toString();
crosspostService.addVKState(vkstate, state);
- OAuth20Service vkAuthService = vkBuilder
- .apiSecret(VK_SECRET)
- .scope("friends,wall,offline")
- .state(vkstate)
- .callback(VK_REDIRECT)
- .build(VkontakteApi.instance());
- return "redirect:" + vkAuthService.getAuthorizationUrl();
+ return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
}
String redirectUrl = crosspostService.verifyVKState(state);
@@ -255,16 +247,11 @@ public class ApiSocialLogin {
logger.error("state is missing");
throw new HttpBadRequestException();
}
-
- OAuth20Service vkService = vkBuilder
- .apiKey(VK_APPID)
- .apiSecret(VK_SECRET)
- .build(VkontakteApi.instance());
- OAuth2AccessToken token = vkService.getAccessToken(code);
+ OAuth2AccessToken token = vkAuthService.getAccessToken(code);
OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
- vkService.signRequest(token, meRequest);
- String graph = vkService.execute(meRequest).getBody();
+ vkAuthService.signRequest(token, meRequest);
+ String graph = vkAuthService.execute(meRequest).getBody();
com.juick.model.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
diff --git a/src/main/java/com/juick/server/www/controllers/SocialLogin.java b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
index b071b6ca..59b1ec0b 100644
--- a/src/main/java/com/juick/server/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/server/www/controllers/SocialLogin.java
@@ -79,6 +79,7 @@ public class SocialLogin {
@Inject
private ObjectMapper jsonMapper;
private ServiceBuilder facebookBuilder, twitterBuilder, vkBuilder;
+ private OAuth20Service facebookAuthService, vkAuthService;
@Value("${twitter_consumer_key:appid}")
private String twitterConsumerKey;
@@ -107,6 +108,16 @@ public class SocialLogin {
vkBuilder = new ServiceBuilder(VK_APPID);
UriComponentsBuilder facebookRedirectBuilder = UriComponentsBuilder.fromUriString(baseUri);
facebookRedirectUri = facebookRedirectBuilder.replacePath("/_fblogin").build().toUriString();
+ facebookAuthService = facebookBuilder
+ .apiSecret(FACEBOOK_SECRET)
+ .callback(facebookRedirectUri)
+ .scope("email")
+ .build(FacebookApi.instance());
+ vkAuthService = vkBuilder
+ .apiSecret(VK_SECRET)
+ .scope("friends,wall,offline")
+ .callback(VK_REDIRECT)
+ .build(VkontakteApi.instance());
}
@GetMapping("/_fblogin")
@@ -120,13 +131,7 @@ public class SocialLogin {
state = Utils.getPreviousPageByRequest(request).orElse("https://juick.com/");
}
crosspostService.addFacebookState(fbstate, state);
- OAuth20Service facebookAuthService = facebookBuilder
- .apiSecret(FACEBOOK_SECRET)
- .callback(facebookRedirectUri)
- .scope("email")
- .state(fbstate)
- .build(FacebookApi.instance());
- return "redirect:" + facebookAuthService.getAuthorizationUrl();
+ return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
}
String redirectUrl = crosspostService.verifyFacebookState(state);
@@ -134,17 +139,10 @@ public class SocialLogin {
logger.error("state is missing");
throw new HttpBadRequestException();
}
- OAuth20Service facebookService = facebookBuilder
- .apiKey(FACEBOOK_APPID)
- .apiSecret(FACEBOOK_SECRET)
- .callback(facebookRedirectUri)
- .scope("email")
- .state(state)
- .build(FacebookApi.instance());
- OAuth2AccessToken token = facebookService.getAccessToken(code);
+ OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email");
- facebookService.signRequest(token, meRequest);
- String graph = facebookService.execute(meRequest).getBody();
+ facebookAuthService.signRequest(token, meRequest);
+ String graph = facebookAuthService.execute(meRequest).getBody();
if (StringUtils.isBlank(graph)) {
logger.error("FACEBOOK GRAPH ERROR");
throw new HttpBadRequestException();
@@ -240,13 +238,7 @@ public class SocialLogin {
vkstate = UUID.randomUUID().toString();
Cookie c = new Cookie("vkstate", vkstate);
response.addCookie(c);
- OAuth20Service vkAuthService = vkBuilder
- .apiSecret(VK_SECRET)
- .scope("friends,wall,offline")
- .state(vkstate)
- .callback(VK_REDIRECT)
- .build(VkontakteApi.instance());
- return "redirect:" + vkAuthService.getAuthorizationUrl();
+ return "redirect:" + vkAuthService.getAuthorizationUrl(vkstate);
}
if (StringUtils.isBlank(vkstate) || !vkstate.equals(state)) {
@@ -256,16 +248,11 @@ public class SocialLogin {
c.setMaxAge(0);
response.addCookie(c);
}
-
- OAuth20Service vkService = vkBuilder
- .apiKey(VK_APPID)
- .apiSecret(VK_SECRET)
- .build(VkontakteApi.instance());
- OAuth2AccessToken token = vkService.getAccessToken(code);
+ OAuth2AccessToken token = vkAuthService.getAccessToken(code);
OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
- vkService.signRequest(token, meRequest);
- String graph = vkService.execute(meRequest).getBody();
+ vkAuthService.signRequest(token, meRequest);
+ String graph = vkAuthService.execute(meRequest).getBody();
com.juick.model.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();