1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/*
* Juick
* Copyright (C) 2008-2013, Ugnich Anton
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package com.juick.www;
import com.juick.server.UserQueries;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.dao.EmptyResultDataAccessException;
import org.springframework.jdbc.core.JdbcTemplate;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
/**
*
* @author Ugnich Anton
*/
public class VKontakteLogin {
private static final Logger logger = Logger.getLogger(VKontakteLogin.class.getName());
private static final String VK_APPID = "3544101";
private static final String VK_SECRET = "z2afNI8jA5lIpZ2jsTm1";
private static final String VK_REDIRECT = "http://juick.com/_vklogin";
protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String code = request.getParameter("code");
if (code == null || code.equals("")) {
response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
response.setHeader("Location", "https://oauth.vk.com/authorize?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&scope=friends,wall,offline&response_type=code");
return;
}
String tokenjson = Utils.fetchURL("https://oauth.vk.com/access_token?client_id=" + VK_APPID + "&redirect_uri=" + URLEncoder.encode(VK_REDIRECT, "utf-8") + "&client_secret=" + VK_SECRET + "&code=" + URLEncoder.encode(code, "utf-8"));
if (tokenjson == null || tokenjson.isEmpty()) {
logger.log(Level.SEVERE, "VK TOKEN EMPTY");
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return;
}
String token = null;
long vkID = 0;
try {
JSONObject json = new JSONObject(tokenjson);
token = json.getString("access_token");
vkID = json.getLong("user_id");
} catch (JSONException e) {
logger.log(Level.SEVERE, "VK TOKEN EXCEPTION: ", e);
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return;
}
if (token == null || vkID == 0) {
logger.log(Level.SEVERE, "VK TOKEN EMPTY: " + tokenjson);
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return;
}
String graph = Utils.fetchURL("https://api.vk.com/method/users.get?uids=" + vkID + "&fields=screen_name&access_token=" + token);
if (graph == null || graph.isEmpty()) {
logger.log(Level.SEVERE, "VK GRAPH ERROR");
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return;
}
try {
JSONObject json = new JSONObject(graph).getJSONArray("response").getJSONObject(0);
String vkName = json.getString("first_name") + " " + json.getString("last_name");
String vkLink = json.getString("screen_name");
if (vkName == null || vkLink == null || vkName.isEmpty() || vkName.length() == 1 || vkLink.isEmpty()) {
throw new Exception();
}
int uid = getUIDbyVKID(sql, vkID);
if (uid > 0) {
Cookie c = new Cookie("hash", UserQueries.getHashByUID(sql, uid));
c.setMaxAge(50 * 24 * 60 * 60);
response.addCookie(c);
response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
response.setHeader("Location", "/");
} else {
String loginhash = UUID.randomUUID().toString();
if (!insertDB(sql, vkID, loginhash, token, vkName, vkLink)) {
throw new Exception();
}
response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
response.setHeader("Location", "/signup?type=vk&hash=" + loginhash);
}
} catch (Exception e) {
logger.log(Level.SEVERE, "JSON ERROR", e);
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
private int getUIDbyVKID(JdbcTemplate sql, long vkID) {
try {
return sql.queryForObject("SELECT user_id FROM vk WHERE vk_id=? AND user_id IS NOT NULL", Integer.class, vkID);
} catch (EmptyResultDataAccessException e) {
return 0;
}
}
private boolean insertDB(JdbcTemplate sql, long vkID, String loginhash, String token, String vkName, String vkLink) {
return sql.update("INSERT INTO vk(vk_id,loginhash,access_token,vk_name,vk_link) VALUES (?,?,?,?,?)",
vkID, loginhash, token, vkName, vkLink) > 0;
}
}
|