Java 实现 qq 登录

server:  port: 80 qq:  oauth:    http: //QQ互联中填写的网站地址

<!--httpclient--><dependency>    <groupId>org.apache.httpcomponents</groupId>    <artifactId>httpclient</artifactId>    <version>4.5.6</version></dependency><!--阿里 JSON--><dependency>    <groupId>com.alibaba</groupId>    <artifactId>fastjson</artifactId>    <version>1.2.47</version></dependency>

package com.ck.blog.controller; import com.alibaba.fastjson.JSONObject;import com.ck.blog.exception.StateErrorException;import com.ck.blog.utils.QQHttpClient;import org.springframework.beans.factory.annotation.Value;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.GetMapping; import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpSession;import java.net.URLEncoder;import java.util.UUID; /** * @author ck * @create 2019-05-18 20:32 */@Controllerpublic class QQController {      @Value("${qq.oauth.http}")    private String http;     /**     * 发起请求     * @param session     * @return     */    @GetMapping("/qq/oauth")    public String qq(HttpSession session){        //QQ互联中的回调地址        String backUrl = http + "/qq/callback";         //用于第三方应用防止CSRF攻击        String uuid = UUID.randomUUID().toString().replaceAll("-","");        session.setAttribute("state",uuid);         //Step1：获取Authorization Code        String url = "https://graph.qq.com/oauth2.0/authorize?response_type=code"+                "&client_id=" + QQHttpClient.APPID +                "&redirect_uri=" + URLEncoder.encode(backUrl) +                "&state=" + uuid;         return "redirect:" + url;    }     /**     * QQ回调     * @param request     * @return     */    @GetMapping("/qq/callback")    public String qqcallback(HttpServletRequest request) throws Exception {        HttpSession session = request.getSession();        //qq返回的信息：http://graph.qq.com/demo/index.jsp?code=9A5F************************06AF&state=test        String code = request.getParameter("code");        String state = request.getParameter("state");        String uuid = (String) session.getAttribute("state");         if(uuid != null){            if(!uuid.equals(state)){                throw new StateErrorException("QQ,state错误");            }        }          //Step2：通过Authorization Code获取Access Token        String backUrl = http + "/qq/callback";        String url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code"+                "&client_id=" + QQHttpClient.APPID +                "&client_secret=" + QQHttpClient.APPKEY +                "&code=" + code +                "&redirect_uri=" + backUrl;         String access_token = QQHttpClient.getAccessToken(url);         //Step3: 获取回调后的 openid 值        url = "https://graph.qq.com/oauth2.0/me?access_token=" + access_token;        String openid = QQHttpClient.getOpenID(url);         //Step4：获取QQ用户信息        url = "https://graph.qq.com/user/get_user_info?access_token=" + access_token +                "&oauth_consumer_key="+ QQHttpClient.APPID +                "&openid=" + openid;         JSONObject jsonObject = QQHttpClient.getUserInfo(url);         //也可以放到Redis和mysql中        session.setAttribute("openid",openid);  //openid,用来唯一标识qq用户        session.setAttribute("nickname",(String)jsonObject.get("nickname")); //QQ名        session.setAttribute("figureurl_qq_2",(String)jsonObject.get("figureurl_qq_2")); //大小为100*100像素的QQ头像URL         return "redirect:/home";    }}

package com.ck.blog.utils; import com.alibaba.fastjson.JSONObject;import org.apache.http.HttpEntity;import org.apache.http.HttpResponse;import org.apache.http.client.methods.HttpGet;import org.apache.http.impl.client.CloseableHttpClient;import org.apache.http.impl.client.HttpClients;import org.apache.http.util.EntityUtils; import java.io.IOException; /** * @author ck * @create 2019-05-18 20:32 * QQ工具类（主要用于解析QQ返回的信息） */public class QQHttpClient {    //QQ互联中提供的 appid 和 appkey    public static final String APPID = "xxxxxxxx";     public static final String APPKEY = "xxxxxxxxxx";      private static JSONObject parseJSONP(String jsonp){        int startIndex = jsonp.indexOf("(");        int endIndex = jsonp.lastIndexOf(")");         String json = jsonp.substring(startIndex + 1,endIndex);         return JSONObject.parseObject(json);    }    //qq返回信息：access_token=FE04************************CCE2&expires_in=7776000&refresh_token=88E4************************BE14    public static String getAccessToken(String url) throws IOException {        CloseableHttpClient client = HttpClients.createDefault();        String token = null;         HttpGet httpGet = new HttpGet(url);        HttpResponse response = client.execute(httpGet);        HttpEntity entity = response.getEntity();         if(entity != null){            String result = EntityUtils.toString(entity,"UTF-8");            if(result.indexOf("access_token") >= 0){                String[] array = result.split("&");                for (String str : array){                    if(str.indexOf("access_token") >= 0){                        token = str.substring(str.indexOf("=") + 1);                        break;                    }                }            }        }         httpGet.releaseConnection();        return token;    }    //qq返回信息：callback( {"client_id":"YOUR_APPID","openid":"YOUR_OPENID"} ); 需要用到上面自己定义的解析方法parseJSONP    public static String getOpenID(String url) throws IOException {        JSONObject jsonObject = null;        CloseableHttpClient client = HttpClients.createDefault();         HttpGet httpGet = new HttpGet(url);        HttpResponse response = client.execute(httpGet);        HttpEntity entity = response.getEntity();         if(entity != null){            String result = EntityUtils.toString(entity,"UTF-8");            jsonObject = parseJSONP(result);        }         httpGet.releaseConnection();         if(jsonObject != null){            return jsonObject.getString("openid");        }else {            return null;        }    }        //qq返回信息：{ "ret":0, "msg":"", "nickname":"YOUR_NICK_NAME", ... }，为JSON格式，直接使用JSONObject对象解析    public static JSONObject getUserInfo(String url) throws IOException {        JSONObject jsonObject = null;        CloseableHttpClient client = HttpClients.createDefault();         HttpGet httpGet = new HttpGet(url);        HttpResponse response = client.execute(httpGet);        HttpEntity entity = response.getEntity();          if(entity != null){            String result = EntityUtils.toString(entity,"UTF-8");            jsonObject = JSONObject.parseObject(result);        }         httpGet.releaseConnection();         return jsonObject;    }}

package com.ck.blog.controller; import org.springframework.stereotype.Controller;import org.springframework.ui.Model;import org.springframework.web.bind.annotation.GetMapping; import javax.servlet.http.HttpSession; /** * @author ck * @create 2019-05-18 20:31 */@Controllerpublic class IndexController {     @GetMapping("/index")    public String index(){        return "index";    }     @GetMapping("/home")    public String home(HttpSession session, Model model){        String openid = (String) session.getAttribute("openid");        String nickname = (String) session.getAttribute("nickname");        String figureurl_qq_2 = (String) session.getAttribute("figureurl_qq_2");         model.addAttribute("openid",openid);        model.addAttribute("nickname",nickname);        model.addAttribute("figureurl_qq_2",figureurl_qq_2);         return "home";    }}

<!DOCTYPE html><html lang="en" xmlns:th="http://www.thymeleaf.org"><head>    <meta charset="UTF-8">    <title>登录页</title></head><body><a href="/qq/oauth">QQ授权登录</a></body></html>

<!DOCTYPE html><html lang="en" xmlns:th="http://www.thymeleaf.org"><head>    <meta charset="UTF-8">    <title>QQ授权成功</title></head><body><div>    openid:[[${openid}]]</div><div>    nickName:[[${nickname}]]</div><div>    <img th:src="${figureurl_qq_2}"></div></body></html>