Beispiel #1
0
 @RequestMapping("/toBindWeibo")
 public void toWeibo(HttpServletResponse response, HttpServletRequest request) {
   response.setContentType("text/html;charset=utf-8");
   try {
     if (request.getSession().getAttribute("callback") == null) {
       String callback = request.getHeader("REFERER");
       request.getSession().setAttribute("callback", callback);
     }
     ThirdPartyAccess xinlang = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_XINLANG);
     GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
     response.sendRedirect(
         new weibo4j.Oauth()
             .authorize(
                 "code",
                 xinlang.getAccessKey(),
                 "http://" + globalSetting.getAppUrl() + "/profile/bindWeibo"));
   } catch (IOException e) {
     LOG.error("连接到新浪失败", e);
   } catch (WeiboException e) {
     LOG.error("重定向失败", e);
   }
 }
Beispiel #2
0
 @RequestMapping("/toBindQQ")
 public void toQQ(HttpServletResponse response, HttpServletRequest request) {
   response.setContentType("text/html;charset=utf-8");
   try {
     if (request.getSession().getAttribute("callback") == null) {
       String callback = request.getHeader("REFERER");
       request.getSession().setAttribute("callback", callback);
     }
     ThirdPartyAccess qq = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_QQ);
     GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
     response.sendRedirect(
         new Oauth()
             .getAuthorizeURL(
                 request,
                 qq.getAccessKey(),
                 "http://" + globalSetting.getAppUrl() + "/profile/bindQQ"));
   } catch (QQConnectException e) {
     LOG.error("连接到QQ失败", e);
   } catch (IOException e) {
     LOG.error("重定向失败", e);
   }
 }
Beispiel #3
0
  @RequestMapping("/bindWeibo")
  public void weiboLogin(HttpServletRequest request, HttpServletResponse response, String code) {
    try {
      ThirdPartyAccess xinlang = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_XINLANG);
      GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
      weibo4j.Oauth oauth = new weibo4j.Oauth();
      weibo4j.http.AccessToken accessTokenObj =
          oauth.getAccessTokenByCode(
              code,
              xinlang.getAccessKey(),
              xinlang.getAccessSecret(),
              "http://" + globalSetting.getAppUrl() + "/profile/bindWeibo");
      String accessToken = null, uid = null, tokenExpireIn = null;
      if ("".equals(accessTokenObj.getAccessToken())) {
        // 我们的网站被CSRF攻击了或者用户取消了授权
        // 做一些数据统计工作
        LOG.info("没有获取到响应参数");
      } else {
        accessToken = accessTokenObj.getAccessToken();
        tokenExpireIn = accessTokenObj.getExpireIn();

        request.getSession().setAttribute("token_expirein", String.valueOf(tokenExpireIn));

        // 利用获取到的accessToken 去获取当前用的uid -------- start
        Account am = new Account(accessToken);
        JSONObject uidObj = am.getUid();
        uid = uidObj.getString("uid");
        request.getSession().setAttribute("openId", uid);
        request.getSession().setAttribute("loginType", UserSession.TYPE_XINLANG);
        // 利用获取到的accessToken 去获取当前用户的openid --------- end
        // 为空代表首次登录,此处获取的信息尚未完全
        ThirdPartyAccount tpa = tpaService.findByOpenId(uid);
        if (tpa == null) {
          // 获取新浪微博用户的信息
          Users um = new Users(accessToken);
          weibo4j.model.User wUser = um.showUserById(uid);
          tpa = new ThirdPartyAccount();
          tpa.setOpenId(uid);
          tpa.setAccountType(UserSession.TYPE_XINLANG);
          tpa.setAccessToken(accessToken);

          tpa.setHeadIconHD(wUser.getAvatarHD());
          tpa.setHeadIconBig(wUser.getAvatarLarge());
          tpa.setHeadIconMid(wUser.getProfileImageUrl());
          tpa.setHeadIconSmall(wUser.getProfileImageUrl());
          tpa = tpaService.update(tpa);
        }
        UserSession userSession =
            (UserSession) request.getSession(false).getAttribute("userSession");
        tpa.setUser(userSession.getUser());
        tpaService.update(tpa);
        response.sendRedirect("thirdParty");
      }
    } catch (IOException e) {
      LOG.error("重定向回本站失败", e);
    } catch (WeiboException e) {
      LOG.error("连接到新浪失败", e);
    } catch (JSONException e) {
      LOG.error("JSON解析错误", e);
    }
  }
Beispiel #4
0
  @RequestMapping("/bindQQ")
  public void bindQQ(HttpServletRequest request, HttpServletResponse response) {
    try {
      ThirdPartyAccess qq = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_QQ);
      GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
      AccessToken accessTokenObj =
          (new Oauth())
              .getAccessTokenByRequest(
                  request,
                  qq.getAccessKey(),
                  qq.getAccessSecret(),
                  "http://" + globalSetting.getAppUrl() + "/op/login/QQLogin");
      String accessToken = null, openID = null;
      long tokenExpireIn = 0L;
      if ("".equals(accessTokenObj.getAccessToken())) {
        // 我们的网站被CSRF攻击了或者用户取消了授权
        // 做一些数据统计工作
        LOG.info("没有获取到响应参数");
      } else {
        accessToken = accessTokenObj.getAccessToken();
        tokenExpireIn = accessTokenObj.getExpireIn();

        request.getSession().setAttribute("token_expirein", String.valueOf(tokenExpireIn));

        // 利用获取到的accessToken 去获取当前用的openid -------- start
        OpenID openIDObj = new OpenID(accessToken);
        openID = openIDObj.getUserOpenID();

        request.getSession().setAttribute("openId", openID);
        request.getSession().setAttribute("loginType", UserSession.TYPE_QQ);
        // 利用获取到的accessToken 去获取当前用户的openid --------- end
        // 为空代表首次登录,此处获取的信息尚未完全
        ThirdPartyAccount tpa = tpaService.findByOpenId(openID);
        if (tpa == null) {
          // 获取用户QQ空间的信息
          UserInfo qzoneUserInfo = new UserInfo(accessToken, openID);
          UserInfoBean userInfoBean = qzoneUserInfo.getUserInfo(qq.getAccessKey());
          if (userInfoBean != null) {
            tpa = new ThirdPartyAccount();
            tpa.setOpenId(openID);
            tpa.setAccountType(UserSession.TYPE_QQ);
            tpa.setAccessToken(accessToken);
            tpa.setHeadIconBig(userInfoBean.getAvatar().getAvatarURL100());
            tpa.setHeadIconMid(userInfoBean.getAvatar().getAvatarURL50());
            tpa.setHeadIconSmall(userInfoBean.getAvatar().getAvatarURL30());
            tpa = tpaService.update(tpa);
          }
        }

        UserSession userSession =
            (UserSession) request.getSession(false).getAttribute("userSession");
        tpa.setUser(userSession.getUser());
        tpaService.update(tpa);

        //				fate.qq4j.weibo.UserInfo weiboUserInfo = new fate.qq4j.weibo.UserInfo(
        //						accessToken, openID);
        //				com.qq.connect.javabeans.weibo.UserInfoBean weiboUserInfoBean = weiboUserInfo
        //						.getUserInfo(qq.getAccessKey());
        response.sendRedirect("thirdParty");
      }
    } catch (QQConnectException e) {
      LOG.error("连接到QQ失败", e);
    } catch (IOException e) {
      LOG.error("重定向会本站失败", e);
    }
  }
Beispiel #5
0
  public void sendEmail(String toMails, User user)
      throws MessagingException, UnsupportedEncodingException {
    GlobalSetting globalSetting = GlobalSetting.getInstance();
    SecurityVerification securityVerification =
        securityVerificationService.findBySecurityVerificationAndType(
            user.getUid(), SecurityVerification.VERIFICATION_TYPE_EMAIL);
    if (securityVerification == null) {
      securityVerification = new SecurityVerification();
      securityVerification.setUser(user);
    }
    Date now = Calendar.getInstance().getTime();
    if (securityVerification.getCode() == null
        || now.getTime() - securityVerification.getVerificationTime().getTime()
            > securityVerification.getTimeout() * 60 * 1000) {
      String code = TokenUtil.getRandomString(8, 2);
      securityVerification.setValue(toMails);
      securityVerification.setCode(code);
      securityVerification.setStatus(SecurityVerification.VERIFICATION_STATUS_FAIL);
      securityVerification.setTimeout(Constants.EMAIL_TIMEOUT);
      securityVerification.setVerificationType(SecurityVerification.VERIFICATION_TYPE_EMAIL);
      securityVerification.setVerificationTime(new Date());
      securityVerificationService.update(securityVerification);
      GlobalSetting setting = GlobalSetting.getInstance();
      // 建立邮件消息
      MimeMessage mailMessage = setting.getJavaMailSender().createMimeMessage();
      MimeMessageHelper messageHelper = new MimeMessageHelper(mailMessage);
      // 设置收件人,寄件人 用数组发送多个邮件
      messageHelper.setTo(toMails);
      String nick = javax.mail.internet.MimeUtility.encodeText(globalSetting.getAppName());
      messageHelper.setFrom(new InternetAddress(nick + " <" + setting.getSmtpFrom() + ">"));
      messageHelper.setSubject(globalSetting.getSiteName() + "邮箱验证(请勿回复此邮件)");

      messageHelper.setText(
          "<!doctype html>"
              + "<html>"
              + "<head>"
              + "<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>"
              + "<title>祝福之风邮箱验证</title>"
              + "</head>"
              + "<body>"
              + "<div style='margin:0 auto;width:650px;'>"
              + "<h3>尊敬的用户:</h3>"
              + "<p>请点击以下地址,完成邮箱验证:</p>"
              + "<p><a href='http://"
              + globalSetting.getAppUrl()
              + "/op/security/verification/goVerifyEmail?uid="
              + user.getUid()
              + "&code="
              + URLEncoder.encode(Base64.encode(code.getBytes()), "UTF-8")
              + "'>http://"
              + globalSetting.getAppUrl()
              + "/op/security/verification/goVerifyEmail?uid="
              + user.getUid()
              + "&code="
              + URLEncoder.encode(Base64.encode(code.getBytes()), "UTF-8")
              + "</a></p>"
              + "<p>此链接有效期为"
              + Constants.EMAIL_TIMEOUT / 60
              + "小时<span style='color:#808080'>(如果您无法点击此链接,请将链接复制到浏览器地址栏后访问)</span>"
              + "</p>"
              + "</div>"
              + "</body>"
              + "</html>",
          true);
      setting.getJavaMailSender().send(mailMessage);
    }
  }