/**
  * 获取淘宝的授权 code,并换取访问 token
  *
  * @return
  */
 @RequestMapping(value = "/callback", method = RequestMethod.GET)
 public String callback(
     @RequestParam(required = false) String code,
     @RequestParam(required = false) String error,
     @RequestParam(required = false) String error_description,
     @RequestParam(required = false) String state)
     throws TaobaoOauthException {
   if (null != code) {
     Subject currentSubject = SecurityUtils.getSubject();
     if (!currentSubject.isAuthenticated()) {
       ShiroTaobaoAuthenticationToken token = new ShiroTaobaoAuthenticationToken();
       token.setClientId(taobaoApiService.getAppKey());
       token.setCode(code);
       token.setState(state);
       token.setAppKey(taobaoApiService.getAppKey());
       token.setRedirectUri(appService.getTaobaoCallbackUrl());
       try {
         currentSubject.login(token);
       } catch (UnknownAccountException uae) {
         throw new AuthenticationException("UnknownAccountException occurred.", uae);
       } catch (IncorrectCredentialsException ice) {
         throw new AuthenticationException("IncorrectCredentialsException occurred.", ice);
       } catch (LockedAccountException lae) {
         throw new AuthenticationException("LockedAccountException occurred.", lae);
       }
     }
     return "redirect:/"; // 返回首页
   } else {
     return "redirect:/400"; // 返回首页
   }
 }
 @RequestMapping(value = "/manual", method = RequestMethod.GET)
 public Subject manualCallback(
     @RequestParam Long userId,
     @RequestParam String appKey,
     @RequestParam String accessToken,
     @RequestParam String refreshToken)
     throws TaobaoOauthException {
   Subject currentSubject = SecurityUtils.getSubject();
   if (!currentSubject.isAuthenticated()) {
     ShiroTaobaoAuthenticationToken token = new ShiroTaobaoAuthenticationToken();
     token.setUserId(userId);
     token.setAppKey(appKey);
     token.setAccessToken(accessToken);
     token.setRefreshToken(refreshToken);
     token.setAppKey(taobaoApiService.getAppKey());
     try {
       currentSubject.login(token);
     } catch (UnknownAccountException uae) {
       throw new AuthenticationException("UnknownAccountException occurred.", uae);
     } catch (IncorrectCredentialsException ice) {
       throw new AuthenticationException("IncorrectCredentialsException occurred.", ice);
     } catch (LockedAccountException lae) {
       throw new AuthenticationException("LockedAccountException occurred.", lae);
     }
   }
   return SecurityUtils.getSubject();
 }
  /**
   * cas 登录
   *
   * @param redirect
   * @param userId
   * @param appKey
   * @param accessToken
   * @param refreshToken
   * @return
   * @throws TaobaoSessionExpiredException
   * @throws TaobaoEnhancedApiException
   * @throws TaobaoOauthException
   * @throws TaobaoAccessControlException
   */
  @RequestMapping(value = "/signIn", method = RequestMethod.POST)
  public String signIn(
      @RequestParam String redirect,
      @RequestParam String nick,
      @RequestParam Long userId,
      @RequestParam String appKey,
      @RequestParam String accessToken,
      @RequestParam String refreshToken)
      throws TaobaoSessionExpiredException, TaobaoEnhancedApiException, TaobaoOauthException,
          TaobaoAccessControlException {

    Subject subject = SecurityUtils.getSubject();
    if (!subject.isAuthenticated()) {
      ShiroTaobaoAuthenticationToken token = new ShiroTaobaoAuthenticationToken();
      token.setNick(nick);
      token.setUserId(userId);
      token.setAppKey(appKey);
      token.setAccessToken(accessToken);
      token.setRefreshToken(refreshToken);
      subject.login(token);
    }
    return "redirect:" + redirect;
  }