aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/www
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/www')
-rw-r--r--src/main/java/com/juick/www/controllers/SocialLogin.java125
1 files changed, 58 insertions, 67 deletions
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index 08ac9dc2..5e9e8b8f 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -112,30 +112,21 @@ public class SocialLogin {
ServiceBuilder vkBuilder = new ServiceBuilder(VK_APPID);
UriComponentsBuilder redirectBuilder = UriComponentsBuilder.fromUriString(baseUri);
String facebookRedirectUri = redirectBuilder.replacePath("/_fblogin").build().toUriString();
- facebookAuthService = facebookBuilder
- .apiSecret(FACEBOOK_SECRET)
- .callback(facebookRedirectUri)
- .defaultScope("email")
- .build(FacebookApi.instance());
- vkAuthService = vkBuilder
- .apiSecret(VK_SECRET)
- .defaultScope("friends,wall,offline")
- .callback(VK_REDIRECT)
+ facebookAuthService = facebookBuilder.apiSecret(FACEBOOK_SECRET).callback(facebookRedirectUri)
+ .defaultScope("email").build(FacebookApi.instance());
+ vkAuthService = vkBuilder.apiSecret(VK_SECRET).defaultScope("friends,wall,offline").callback(VK_REDIRECT)
.build(VkontakteApi.instance());
ServiceBuilder appleSignInBuilder = new ServiceBuilder(appleApplicationId);
String appleSignInRedirectUri = redirectBuilder.replacePath("/_apple").build().toUriString();
- appleSignInService = appleSignInBuilder
- .callback(appleSignInRedirectUri)
- .defaultScope("email")
+ appleSignInService = appleSignInBuilder.callback(appleSignInRedirectUri).defaultScope("email")
.build(new AppleSignInApi(clientSecretGenerator));
}
@GetMapping("/_fblogin")
- protected String doFacebookLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- @RequestHeader(value = "referer", required = false) String referer,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+ protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code,
+ @RequestParam(required = false) String state,
+ @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response)
+ throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
String fbstate = UUID.randomUUID().toString();
if (StringUtils.isBlank(state)) {
@@ -151,7 +142,8 @@ public class SocialLogin {
throw new HttpBadRequestException();
}
OAuth2AccessToken token = facebookAuthService.getAccessToken(code);
- final OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email");
+ final OAuthRequest meRequest = new OAuthRequest(Verb.GET,
+ "https://graph.facebook.com/v3.2/me?fields=id,name,link,verified,email");
facebookAuthService.signRequest(token, meRequest);
String graph = facebookAuthService.execute(meRequest).getBody();
if (StringUtils.isBlank(graph)) {
@@ -190,11 +182,10 @@ public class SocialLogin {
return "redirect:/signup?type=fb&hash=" + state;
}
}
+
@GetMapping("/_twitter")
- protected void doTwitterLogin(
- @Visitor com.juick.model.User user,
- HttpServletRequest request, HttpServletResponse response)
- throws IOException, ExecutionException, InterruptedException {
+ protected void doTwitterLogin(@Visitor com.juick.model.User user, HttpServletRequest request,
+ HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
String verifier = request.getParameter("oauth_verifier");
Cookie[] cookies = request.getCookies();
@@ -209,13 +200,10 @@ public class SocialLogin {
request_token_secret = cookie.getValue();
}
}
- OAuth10aService oAuthService = twitterBuilder
- .apiSecret(twitterConsumerSecret)
- .callback("https://juick.com/_twitter")
- .build(TwitterApi.instance());
+ OAuth10aService oAuthService = twitterBuilder.apiSecret(twitterConsumerSecret)
+ .callback("https://juick.com/_twitter").build(TwitterApi.instance());
- if (request_token.isEmpty() && request_token_secret.isEmpty()
- && (verifier == null || verifier.isEmpty())) {
+ if (request_token.isEmpty() && request_token_secret.isEmpty() && (verifier == null || verifier.isEmpty())) {
OAuth1RequestToken requestToken = oAuthService.getRequestToken();
String authUrl = oAuthService.getAuthorizationUrl(requestToken);
response.addCookie(new Cookie("request_token", requestToken.getToken()));
@@ -228,8 +216,8 @@ public class SocialLogin {
OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier);
OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, TWITTER_VERIFY_URL);
oAuthService.signRequest(accessToken, oAuthRequest);
- com.juick.model.ext.twitter.User twitterUser = jsonMapper.readValue(oAuthService.execute(oAuthRequest).getBody(),
- com.juick.model.ext.twitter.User.class);
+ com.juick.model.ext.twitter.User twitterUser = jsonMapper.readValue(
+ oAuthService.execute(oAuthRequest).getBody(), com.juick.model.ext.twitter.User.class);
if (userService.linkTwitterAccount(user, accessToken.getToken(), accessToken.getTokenSecret(),
twitterUser.getScreenName())) {
response.setStatus(HttpServletResponse.SC_FOUND);
@@ -240,12 +228,13 @@ public class SocialLogin {
}
}
}
+
@GetMapping("/_vklogin")
protected String doVKLogin(@RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- @RequestHeader(value = "referer", required = false) String referer,
- @CookieValue(required = false) String vkstate,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+ @RequestParam(required = false) String state,
+ @RequestHeader(value = "referer", required = false) String referer,
+ @CookieValue(required = false) String vkstate, HttpServletResponse response)
+ throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
vkstate = UUID.randomUUID().toString();
Cookie c = new Cookie("vkstate", vkstate);
@@ -262,44 +251,47 @@ public class SocialLogin {
}
OAuth2AccessToken token = vkAuthService.getAccessToken(code);
- OAuthRequest meRequest = new OAuthRequest(Verb.GET, "https://api.vk.com/method/users.get?fields=screen_name&v=5.73");
+ OAuthRequest meRequest = new OAuthRequest(Verb.GET,
+ "https://api.vk.com/method/users.get?fields=screen_name&v=5.131");
vkAuthService.signRequest(token, meRequest);
- String graph = vkAuthService.execute(meRequest).getBody();
-
- com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().get(0);
- String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
- String vkLink = jsonUser.getScreenName();
+ Response vkResponse = vkAuthService.execute(meRequest);
+ if (vkResponse.isSuccessful()) {
+ String graph = vkResponse.getBody();
+ com.juick.model.ext.vk.User jsonUser = jsonMapper.readValue(graph, UsersResponse.class).getUsers().stream().findFirst().orElseThrow(HttpBadRequestException::new);
+ String vkName = jsonUser.getFirstName() + " " + jsonUser.getLastName();
+ String vkLink = jsonUser.getScreenName();
- if (vkName.length() == 1 || StringUtils.isBlank(vkLink)) {
- logger.error("vk user error");
- throw new HttpBadRequestException();
- }
-
- long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
- int uid = crosspostService.getUIDbyVKID(vkID);
- if (uid > 0) {
- Cookie c = new Cookie("hash", userService.getHashByUID(uid));
- c.setMaxAge(50 * 24 * 60 * 60);
- response.addCookie(c);
- return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
- } else {
- String loginhash = UUID.randomUUID().toString();
- if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
- logger.error("create vk user error");
+ if (vkName.length() == 1 || StringUtils.isBlank(vkLink)) {
+ logger.error("vk user error");
throw new HttpBadRequestException();
}
- return "redirect:/signup?type=vk&hash=" + loginhash;
+
+ long vkID = NumberUtils.toLong(jsonUser.getId(), 0);
+ int uid = crosspostService.getUIDbyVKID(vkID);
+ if (uid > 0) {
+ Cookie c = new Cookie("hash", userService.getHashByUID(uid));
+ c.setMaxAge(50 * 24 * 60 * 60);
+ response.addCookie(c);
+ return "redirect:/" + Optional.ofNullable(referer).orElse(StringUtils.EMPTY);
+ } else {
+ String loginhash = UUID.randomUUID().toString();
+ if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
+ logger.error("create vk user error");
+ throw new HttpBadRequestException();
+ }
+ return "redirect:/signup?type=vk&hash=" + loginhash;
+ }
+ } else {
+ logger.error("vk error {}: {}", vkResponse.getCode(), vkResponse.getBody());
+ throw new HttpBadRequestException();
}
}
@GetMapping("/_tglogin")
public String doDurovLogin(@RequestParam Map<String, String> params,
- @RequestHeader(value = "referer", required = false) String referer,
- HttpServletResponse response) {
- String dataCheckString = params.entrySet().stream()
- .filter(p -> !p.getKey().equals("hash"))
- .sorted(Map.Entry.comparingByKey())
- .map(p -> p.getKey() + "=" + p.getValue())
+ @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) {
+ String dataCheckString = params.entrySet().stream().filter(p -> !p.getKey().equals("hash"))
+ .sorted(Map.Entry.comparingByKey()).map(p -> p.getKey() + "=" + p.getValue())
.collect(Collectors.joining("\n"));
String hash = params.get("hash");
byte[] secretKey = DigestUtils.sha256(telegramToken);
@@ -328,8 +320,7 @@ public class SocialLogin {
}
@GetMapping("/_apple")
- public String doAppleLogin(@RequestParam(required = false) String code,
- HttpServletResponse response) {
+ public String doAppleLogin(@RequestParam(required = false) String code, HttpServletResponse response) {
if (StringUtils.isBlank(code)) {
String state = UUID.randomUUID().toString();
Cookie c = new Cookie("astate", state);
@@ -338,10 +329,10 @@ public class SocialLogin {
}
throw new HttpBadRequestException();
}
+
@PostMapping("/_apple")
public String doVerifyAppleResponse(HttpServletRequest request, HttpServletResponse response,
- @RequestParam Map<String, String> body)
- throws InterruptedException, ExecutionException, IOException {
+ @RequestParam Map<String, String> body) throws InterruptedException, ExecutionException, IOException {
OAuth2AccessToken token = appleSignInService.getAccessToken(body.get("code"));
var jsonNode = jsonMapper.readTree(token.getRawResponse());
var idToken = jsonNode.get("id_token").textValue();