Search in sources :

Example 1 with DocOAuth20Sub

use of info.xiancloud.core.apidoc.annotation.DocOAuth20Sub in project xian by happyyangyuan.

the class OAuth20MdBuilderHandler method build.

@Override
public void build() {
    LOG.info("-----Oauth20接口文档构建开始-----");
    LOG.info("-----Auth20接口开始扫描-----");
    List<Class> list = Reflection.getWithAnnotatedClass(DocOAuth20.class, "com.apifest");
    if (list == null || list.isEmpty()) {
        LOG.info("----Auth20接口扫描完成,暂无相关信息,构建退出---");
        invokeCallback(null);
        return;
    }
    System.out.println(String.format("----Auth20接口扫描完成%s---", list.size()));
    try {
        LOG.info("----Auth20接口文档开始生成---");
        // FileWriter fw = new FileWriter(storePath);
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        Writer wout = new OutputStreamWriter(bos);
        BufferedWriter bw = new BufferedWriter(wout);
        bw.write("# OAuth20接口文档\r\n");
        for (Class oauthApi : list) {
            // 获取所有方法
            Method[] methods = oauthApi.getDeclaredMethods();
            for (Method method : methods) {
                DocOAuth20Sub sub = method.getAnnotation(DocOAuth20Sub.class);
                // 该方法属于接口
                if (sub != null) {
                    String name = sub.name();
                    String dec = sub.dec();
                    String url = sub.url();
                    String httpMethod = sub.method();
                    bw.write(String.format("## 接口 %s", name));
                    bw.newLine();
                    bw.write(String.format(" * 接口描述%s\r\n", dec));
                    bw.write(String.format(" * 接口路径%s\r\n", url));
                    bw.write(String.format(" * 请求方式%s\r\n", httpMethod));
                    // System.out.println(String.format("name[%s],dec[%s],url[%s],httpMethod[%s]",
                    // sub.name(),
                    // sub.dec(), sub.url(), sub.method()));
                    // 接口入参
                    DocOAuth20SubIn[] args = sub.args();
                    bw.write(" * 入参数据结构说明\r\n");
                    bw.newLine();
                    bw.write(" <table class='table table-bordered table-striped table-condensed'>");
                    bw.newLine();
                    bw.write("<tr><td>名称</td><td>数据类型</td><td>参数说明</td><td>必须</td></tr>");
                    bw.newLine();
                    if (args != null && args.length > 0) {
                        for (DocOAuth20SubIn arg : args) {
                            bw.write("<tr>");
                            bw.newLine();
                            bw.write(String.format("<td>%s</td><td>%s</td><td>%s</td><td>%s</td>", arg.name(), arg.type(), arg.dec(), arg.require() ? "是" : "否"));
                            bw.newLine();
                            bw.write("</tr>");
                        }
                    }
                    bw.write("</table>\r\n");
                    bw.newLine();
                }
            }
        }
        bw.flush();
        bw.close();
        LOG.info("-----Oauth20接口文档构建结束-----");
        invokeCallback(bos.toByteArray());
    } catch (Exception e) {
        LOG.error(e);
    }
}
Also used : ByteArrayOutputStream(java.io.ByteArrayOutputStream) Method(java.lang.reflect.Method) BufferedWriter(java.io.BufferedWriter) DocOAuth20Sub(info.xiancloud.core.apidoc.annotation.DocOAuth20Sub) OutputStreamWriter(java.io.OutputStreamWriter) BufferedWriter(java.io.BufferedWriter) Writer(java.io.Writer) OutputStreamWriter(java.io.OutputStreamWriter) DocOAuth20SubIn(info.xiancloud.core.apidoc.annotation.DocOAuth20SubIn)

Example 2 with DocOAuth20Sub

use of info.xiancloud.core.apidoc.annotation.DocOAuth20Sub in project xian by happyyangyuan.

the class OAuth20Handler method handleTokenValidate.

@DocOAuth20Sub(name = "handleTokenValidate", dec = "验证access_token是否有效", method = "GET", url = "/oauth2.0/tokens/validate", args = { @DocOAuth20SubIn(name = "access_token", dec = "access_token", require = true, type = String.class) })
FullHttpResponse handleTokenValidate(FullHttpRequest req) {
    FullHttpResponse response;
    QueryStringDecoder dec = new QueryStringDecoder(req.uri());
    Map<String, List<String>> params = dec.parameters();
    String tokenParam = QueryParameter.getFirstElement(params, QueryParameter.TOKEN);
    if (tokenParam == null || tokenParam.isEmpty()) {
        response = ResponseBuilder.createBadRequestResponse();
    } else {
        AccessToken token = auth.isValidToken(tokenParam);
        if (token != null) {
            String json = JSON.toJSONString(token);
            LOG.debug(json);
            response = ResponseBuilder.createOkResponse(json);
        } else {
            response = ResponseBuilder.createUnauthorizedResponse();
        }
    }
    return response;
}
Also used : AccessToken(info.xiancloud.core.support.authen.AccessToken) DocOAuth20Sub(info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)

Example 3 with DocOAuth20Sub

use of info.xiancloud.core.apidoc.annotation.DocOAuth20Sub in project xian by happyyangyuan.

the class OAuth20Handler method handlePostAccessToken.

@DocOAuth20Sub(name = "handlePostAccessToken", dec = "获取新access_token", method = "POST", url = "/oauth2.0/tokens", args = { @DocOAuth20SubIn(name = "grant_type", dec = "grant_type有四种类型,分别为authorization_code,refresh_token,client_credentials,password", require = true, type = String.class), @DocOAuth20SubIn(name = "client_id", dec = "client_id", require = true, type = String.class), @DocOAuth20SubIn(name = "client_secret", dec = "client_secret", require = true, type = String.class), @DocOAuth20SubIn(name = "redirect_uri", dec = "仅当grant_type为authorization_code时必填", require = false, type = String.class), @DocOAuth20SubIn(name = "code", dec = "仅当grant_type为authorization_code时必填", require = false, type = String.class), @DocOAuth20SubIn(name = "refresh_token", dec = "仅当grant_type为refresh_token时必填", require = false, type = String.class), @DocOAuth20SubIn(name = "scope", dec = "仅当grant_type为refresh_token,client_credentials时填写有效", require = false, type = String.class), @DocOAuth20SubIn(name = "username", dec = "仅当grant_type为password时必填", require = false, type = String.class), @DocOAuth20SubIn(name = "password", dec = "仅当grant_type为password时必填", require = false, type = String.class) })
FullHttpResponse handlePostAccessToken(FullHttpRequest request) {
    FullHttpResponse response = null;
    String contentType = request.headers().get(HttpHeaderNames.CONTENT_TYPE);
    if (contentType != null && (contentType.contains(HttpHeaderValues.APPLICATION_X_WWW_FORM_URLENCODED) || contentType.contains(HttpHeaderValues.APPLICATION_JSON))) {
        try {
            AccessToken accessToken = auth.issueAccessToken(request);
            if (accessToken != null) {
                String jsonString = JSON.toJSONString(accessToken);
                LOG.debug("access token:" + jsonString);
                response = ResponseBuilder.createOkResponse(jsonString);
            /*accessTokensLog.debug(String.format("token {%s}", jsonString));*/
            }
        } catch (OAuthException ex) {
            response = ResponseBuilder.createOAuthExceptionResponse(ex);
            invokeExceptionHandler(ex, request);
        }
        if (response == null) {
            response = ResponseBuilder.createBadRequestResponse(ResponseBuilder.CANNOT_ISSUE_TOKEN);
        }
    } else {
        response = ResponseBuilder.createResponse(HttpResponseStatus.BAD_REQUEST, ResponseBuilder.UNSUPPORTED_MEDIA_TYPE);
    }
    return response;
}
Also used : AccessToken(info.xiancloud.core.support.authen.AccessToken) OAuthException(com.apifest.oauth20.bean.OAuthException) DocOAuth20Sub(info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)

Example 4 with DocOAuth20Sub

use of info.xiancloud.core.apidoc.annotation.DocOAuth20Sub in project xian by happyyangyuan.

the class OAuth20Handler method handleUpdateClientApplication.

@DocOAuth20Sub(name = "handleUpdateClientApplication", dec = "更新单个application", method = "PUT", url = "/oauth2.0/applications/{LOCAL_NODE_ID}", args = { @DocOAuth20SubIn(name = "description", dec = "用户自定义描述", require = true, type = String.class), @DocOAuth20SubIn(name = "scope", dec = "支持由空格分割的多个scope", require = true, type = String.class), @DocOAuth20SubIn(name = "status", dec = "值为1或者0,1为有效,0为无效", require = true, type = Integer.class), @DocOAuth20SubIn(name = "client_id", dec = "client_id", require = true, type = String.class), @DocOAuth20SubIn(name = "application_details", dec = "用户自定义的多个键值对", require = false, type = Map.class) })
FullHttpResponse handleUpdateClientApplication(FullHttpRequest req) {
    FullHttpResponse response = null;
    Matcher m = APPLICATION_PATTERN.matcher(req.uri());
    if (m.find()) {
        String clientId = m.group(1);
        try {
            if (auth.updateClientApp(req, clientId)) {
                response = ResponseBuilder.createOkResponse(ResponseBuilder.CLIENT_APP_UPDATED);
            }
        } catch (OAuthException ex) {
            response = ResponseBuilder.createOAuthExceptionResponse(ex);
            invokeExceptionHandler(ex, req);
        }
    } else {
        response = ResponseBuilder.createNotFoundResponse();
    }
    return response;
}
Also used : Matcher(java.util.regex.Matcher) OAuthException(com.apifest.oauth20.bean.OAuthException) DocOAuth20Sub(info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)

Example 5 with DocOAuth20Sub

use of info.xiancloud.core.apidoc.annotation.DocOAuth20Sub in project xian by happyyangyuan.

the class OAuth20Handler method handleUpdateScope.

@DocOAuth20Sub(name = "handleUpdateScope", dec = "更新已存在的scope", method = "PUT", url = "/oauth2.0/scopes/{scopeName}", args = { @DocOAuth20SubIn(name = "scope", dec = "一次仅能更新一个scope", require = true, type = String.class), @DocOAuth20SubIn(name = "description", dec = "自定义scope描述", require = true, type = String.class), @DocOAuth20SubIn(name = "cc_expires_in", dec = "grant_type为client_credentials时access_token过期时间", require = true, type = Integer.class), @DocOAuth20SubIn(name = "pass_expires_in", dec = "grant_type为password时access_token过期时间", require = true, type = Integer.class), @DocOAuth20SubIn(name = "refreshExpiresIn", dec = "grant_type为refresh_token时access_token过期时间", require = true, type = Integer.class) })
FullHttpResponse handleUpdateScope(FullHttpRequest req) {
    FullHttpResponse response;
    Matcher m = OAUTH_CLIENT_SCOPE_PATTERN.matcher(req.uri());
    if (m.find()) {
        String scopeName = m.group(1);
        ScopeService scopeService = getScopeService();
        try {
            String responseMsg = scopeService.updateScope(req, scopeName);
            response = ResponseBuilder.createOkResponse(responseMsg);
        } catch (OAuthException e) {
            invokeExceptionHandler(e, req);
            response = ResponseBuilder.createResponse(e.getHttpStatus(), e.getMessage());
        }
    } else {
        response = ResponseBuilder.createNotFoundResponse();
    }
    return response;
}
Also used : Matcher(java.util.regex.Matcher) OAuthException(com.apifest.oauth20.bean.OAuthException) DocOAuth20Sub(info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)

Aggregations

DocOAuth20Sub (info.xiancloud.core.apidoc.annotation.DocOAuth20Sub)11 OAuthException (com.apifest.oauth20.bean.OAuthException)7 Matcher (java.util.regex.Matcher)5 AccessToken (info.xiancloud.core.support.authen.AccessToken)2 JSONObject (com.alibaba.fastjson.JSONObject)1 ExceptionEventHandler (com.apifest.oauth20.api.ExceptionEventHandler)1 ApplicationInfo (com.apifest.oauth20.bean.ApplicationInfo)1 ClientCredentials (com.apifest.oauth20.bean.ClientCredentials)1 DocOAuth20SubIn (info.xiancloud.core.apidoc.annotation.DocOAuth20SubIn)1 BufferedWriter (java.io.BufferedWriter)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 OutputStreamWriter (java.io.OutputStreamWriter)1 Writer (java.io.Writer)1 Method (java.lang.reflect.Method)1 URISyntaxException (java.net.URISyntaxException)1