diff --git a/src/main/java/im/zhaojun/zfile/admin/model/param/MicrosoftDriveParam.java b/src/main/java/im/zhaojun/zfile/admin/model/param/MicrosoftDriveParam.java index e3b4a6b..eb7423a 100644 --- a/src/main/java/im/zhaojun/zfile/admin/model/param/MicrosoftDriveParam.java +++ b/src/main/java/im/zhaojun/zfile/admin/model/param/MicrosoftDriveParam.java @@ -11,19 +11,21 @@ import lombok.Getter; @Getter public class MicrosoftDriveParam implements IStorageParam { - @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive.clientId}", order = 1, - description = "可自行更改,但修改后,下方获取访问令牌的地址不可用,需自行获取访问令牌和刷新令牌.") + @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive.clientId}", order = 1) private String clientId; @StorageParamItem(name = "SecretKey", defaultValue = "${zfile.onedrive.clientSecret}", order = 2) private String clientSecret; + + @StorageParamItem(name = "回调地址", description = "如使用自定义 api, 需将此处默认的域名修改为您的域名, 如 https://xxx.com/onedrive/callback, 且需在 api 中配置为回调域名.", defaultValue = "${zfile.onedrive.redirectUri}", order = 3) + private String redirectUri; @StorageParamItem(name = "访问令牌", link = "/onedrive/authorize", linkName = "前往获取令牌", order = 3) private String accessToken; @StorageParamItem(name = "刷新令牌", order = 4) private String refreshToken; - + @StorageParamItem(name = "反代域名", required = false, order = 7, description = "世纪互联版不建议启用,国际版启用后不一定比启用前快,这个要根据仔细网络情况决定.", link = "https://docs.zfile.vip/#/advanced?id=onedrive-cf", linkName = "配置文档") private String proxyDomain; diff --git a/src/main/java/im/zhaojun/zfile/admin/model/param/OneDriveChinaParam.java b/src/main/java/im/zhaojun/zfile/admin/model/param/OneDriveChinaParam.java index c28f460..ac62077 100644 --- a/src/main/java/im/zhaojun/zfile/admin/model/param/OneDriveChinaParam.java +++ b/src/main/java/im/zhaojun/zfile/admin/model/param/OneDriveChinaParam.java @@ -11,12 +11,15 @@ import lombok.Getter; @Getter public class OneDriveChinaParam extends OneDriveParam { - @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive-china.clientId}", - description = "可自行更改,但修改后,则下方获取访问令牌的地址不可用,需自行获取访问令牌和刷新令牌.", order = 1) + @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive-china.clientId}", order = 1) private String clientId; @StorageParamItem(name = "SecretKey", defaultValue = "${zfile.onedrive-china.clientSecret}", order = 2) private String clientSecret; + + @StorageParamItem(name = "回调地址", description = "如使用自定义 api, 需将此处默认的域名修改为您的域名, 如 https://xxx.com/onedrive/china-callback, 且需在 api 中配置为回调域名.", + defaultValue = "${zfile.onedrive-china.redirectUri}", order = 3) + private String redirectUri; @StorageParamItem(name = "访问令牌", link = "/onedrive/china-authorize", linkName = "前往获取令牌", order = 3) private String accessToken; diff --git a/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointChinaParam.java b/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointChinaParam.java index bdec156..2a9a506 100644 --- a/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointChinaParam.java +++ b/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointChinaParam.java @@ -9,12 +9,15 @@ import im.zhaojun.zfile.admin.annotation.StorageParamItem; */ public class SharePointChinaParam extends SharePointParam { - @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive-china.clientId}", order = 1, - description = "可自行更改,但修改后,则下方获取访问令牌的地址不可用,需自行获取访问令牌和刷新令牌.") + @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive-china.clientId}", order = 1) private String clientId; @StorageParamItem(name = "SecretKey", defaultValue = "${zfile.onedrive-china.clientSecret}", order = 2) private String clientSecret; + + @StorageParamItem(name = "回调地址", description = "如使用自定义 api, 需将此处默认的域名修改为您的域名, 如 https://xxx.com/onedrive/china-callback, 且需在 api 中配置为回调域名.", + defaultValue = "${zfile.onedrive-china.redirectUri}", order = 3) + private String redirectUri; @StorageParamItem(name = "访问令牌", link = "/onedrive/china-authorize", linkName = "前往获取令牌", order = 3) private String accessToken; diff --git a/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointParam.java b/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointParam.java index 9955c79..1046125 100644 --- a/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointParam.java +++ b/src/main/java/im/zhaojun/zfile/admin/model/param/SharePointParam.java @@ -11,8 +11,7 @@ import lombok.Getter; @Getter public class SharePointParam extends MicrosoftDriveParam { - @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive.clientId}", order = 1, - description = "可自行更改,但修改后,下方获取访问令牌的地址不可用,需自行获取访问令牌和刷新令牌.") + @StorageParamItem(name = "clientId", defaultValue = "${zfile.onedrive.clientId}", order = 1) private String clientId; @StorageParamItem(name = "SecretKey", defaultValue = "${zfile.onedrive.clientSecret}", order = 2) diff --git a/src/main/java/im/zhaojun/zfile/common/controller/callback/OneDriveCallbackController.java b/src/main/java/im/zhaojun/zfile/common/controller/callback/OneDriveCallbackController.java index ccb92de..155d909 100644 --- a/src/main/java/im/zhaojun/zfile/common/controller/callback/OneDriveCallbackController.java +++ b/src/main/java/im/zhaojun/zfile/common/controller/callback/OneDriveCallbackController.java @@ -1,5 +1,7 @@ package im.zhaojun.zfile.common.controller.callback; +import cn.hutool.core.codec.Base64; +import cn.hutool.core.util.StrUtil; import com.github.xiaoymin.knife4j.annotations.ApiOperationSupport; import im.zhaojun.zfile.admin.model.dto.OneDriveToken; import im.zhaojun.zfile.home.service.impl.OneDriveChinaServiceImpl; @@ -33,18 +35,31 @@ public class OneDriveCallbackController { @GetMapping("/authorize") @ApiOperationSupport(order = 1) @ApiOperation(value = "生成 OAuth2 登陆 URL", notes = "生成 OneDrive OAuth2 登陆 URL,用户国际版,家庭版等非世纪互联运营的 OneDrive.") - public String authorize() { - return "redirect:https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=" + oneDriveServiceImpl.getClientId() + - "&response_type=code&redirect_uri=" + oneDriveServiceImpl.getRedirectUri() + - "&scope=" + oneDriveServiceImpl.getScope(); + public String authorize(String clientId, String clientSecret, String redirectUri) { + if (StrUtil.isAllEmpty(clientId, clientSecret, redirectUri)) { + clientId = oneDriveServiceImpl.getClientId(); + redirectUri = oneDriveServiceImpl.getRedirectUri(); + clientSecret = oneDriveServiceImpl.getClientSecret(); + } + + String stateStr = "&state=" + Base64.encodeUrlSafe(StrUtil.join("::", clientId, clientSecret, redirectUri)); + + + String authorizeUrl = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=" + clientId + + "&response_type=code&redirect_uri=" + redirectUri + + "&scope=" + oneDriveServiceImpl.getScope() + + stateStr; + return "redirect:" + authorizeUrl; } @GetMapping("/callback") @ApiOperationSupport(order = 2) @ApiOperation(value = "OAuth2 回调地址", notes = "根据 OAuth2 协议,登录成功后,会返回给网站一个 code,用此 code 去换取 accessToken 和 refreshToken.(oneDrive 会回调此接口)") - public String oneDriveCallback(String code, Model model) { - OneDriveToken oneDriveToken = oneDriveServiceImpl.getToken(code); + public String oneDriveCallback(String code, String state, Model model) { + String stateDecode = Base64.decodeStr(state); + String[] stateArr = stateDecode.split("::"); + OneDriveToken oneDriveToken = oneDriveServiceImpl.getToken(code, stateArr[0], stateArr[1], stateArr[2]); model.addAttribute("accessToken", oneDriveToken.getAccessToken()); model.addAttribute("refreshToken", oneDriveToken.getRefreshToken()); return "callback"; @@ -54,18 +69,31 @@ public class OneDriveCallbackController { @GetMapping("/china-authorize") @ApiOperationSupport(order = 3) @ApiOperation(value = "生成 OAuth2 登陆 URL(世纪互联)", notes = "生成 OneDrive OAuth2 登陆 URL,用于世纪互联版本.") - public String authorizeChina() { - return "redirect:https://login.chinacloudapi.cn/common/oauth2/v2.0/authorize?client_id=" + oneDriveChinaServiceImpl.getClientId() + - "&response_type=code&redirect_uri=" + oneDriveChinaServiceImpl.getRedirectUri() + - "&scope=" + oneDriveChinaServiceImpl.getScope(); + public String authorizeChina(String clientId, String clientSecret, String redirectUri) { + if (StrUtil.isAllEmpty(clientId, clientSecret, redirectUri)) { + clientId = oneDriveChinaServiceImpl.getClientId(); + redirectUri = oneDriveChinaServiceImpl.getRedirectUri(); + clientSecret = oneDriveChinaServiceImpl.getClientSecret(); + } + + String stateStr = "&state=" + Base64.encodeUrlSafe(StrUtil.join("::", clientId, clientSecret, redirectUri)); + + + String authorizeUrl = "https://login.chinacloudapi.cn/common/oauth2/v2.0/authorize?client_id=" + clientId + + "&response_type=code&redirect_uri=" + redirectUri + + "&scope=" + oneDriveChinaServiceImpl.getScope() + + stateStr; + return "redirect:" + authorizeUrl; } @GetMapping("/china-callback") @ApiOperationSupport(order = 4) @ApiOperation(value = "OAuth2 回调地址(世纪互联)", notes = "根据 OAuth2 协议,登录成功后,会返回给网站一个 code,用此 code 去换取 accessToken 和 refreshToken.(oneDrive 会回调此接口)") - public String oneDriveChinaCallback(String code, Model model) { - OneDriveToken oneDriveToken = oneDriveChinaServiceImpl.getToken(code); + public String oneDriveChinaCallback(String code, String state, Model model) { + String stateDecode = Base64.decodeStr(state); + String[] stateArr = stateDecode.split("::"); + OneDriveToken oneDriveToken = oneDriveChinaServiceImpl.getToken(code, stateArr[0], stateArr[1], stateArr[2]); model.addAttribute("accessToken", oneDriveToken.getAccessToken()); model.addAttribute("refreshToken", oneDriveToken.getRefreshToken()); return "callback"; diff --git a/src/main/java/im/zhaojun/zfile/home/model/dto/StorageSourceAllParam.java b/src/main/java/im/zhaojun/zfile/home/model/dto/StorageSourceAllParam.java index 6e5c587..6242d01 100644 --- a/src/main/java/im/zhaojun/zfile/home/model/dto/StorageSourceAllParam.java +++ b/src/main/java/im/zhaojun/zfile/home/model/dto/StorageSourceAllParam.java @@ -90,6 +90,9 @@ public class StorageSourceAllParam { @ApiModelProperty(value = "clientSecret", example = "l:zI-_yrW75lV8M61K@z.I2K@B/On6Q1a") private String clientSecret; + + @ApiModelProperty(value = "回调地址", example = "https://zfile.jun6.net/onedrive/callback") + private String redirectUri; @ApiModelProperty(value = "区域", example = "cn-beijing") private String region; diff --git a/src/main/java/im/zhaojun/zfile/home/service/base/MicrosoftDriveServiceBase.java b/src/main/java/im/zhaojun/zfile/home/service/base/MicrosoftDriveServiceBase.java index 2bd64f6..4e5fa48 100644 --- a/src/main/java/im/zhaojun/zfile/home/service/base/MicrosoftDriveServiceBase.java +++ b/src/main/java/im/zhaojun/zfile/home/service/base/MicrosoftDriveServiceBase.java @@ -119,10 +119,10 @@ public abstract class MicrosoftDriveServiceBase

e * * @return 获取的 Token 信息. */ - public OneDriveToken getToken(String code) { - String param = "client_id=" + getClientId() + - "&redirect_uri=" + getRedirectUri() + - "&client_secret=" + getClientSecret() + + public OneDriveToken getToken(String code, String clientId, String clientSecret, String redirectUri) { + String param = "client_id=" + clientId + + "&redirect_uri=" + redirectUri + + "&client_secret=" + clientSecret + "&code=" + code + "&scope=" + getScope() + "&grant_type=authorization_code"; diff --git a/src/main/java/im/zhaojun/zfile/home/service/impl/OneDriveChinaServiceImpl.java b/src/main/java/im/zhaojun/zfile/home/service/impl/OneDriveChinaServiceImpl.java index cdbb00b..2c4c31c 100644 --- a/src/main/java/im/zhaojun/zfile/home/service/impl/OneDriveChinaServiceImpl.java +++ b/src/main/java/im/zhaojun/zfile/home/service/impl/OneDriveChinaServiceImpl.java @@ -1,7 +1,8 @@ package im.zhaojun.zfile.home.service.impl; -import im.zhaojun.zfile.home.model.enums.StorageTypeEnum; +import cn.hutool.core.util.ObjectUtil; import im.zhaojun.zfile.admin.model.param.OneDriveChinaParam; +import im.zhaojun.zfile.home.model.enums.StorageTypeEnum; import im.zhaojun.zfile.home.service.base.AbstractOneDriveServiceBase; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; @@ -46,17 +47,17 @@ public class OneDriveChinaServiceImpl extends AbstractOneDriveServiceBase