@RequestMapping("/toBindWeibo")
public void toWeibo(HttpServletResponse response, HttpServletRequest request) {
response.setContentType("text/html;charset=utf-8");
try {
if (request.getSession().getAttribute("callback") == null) {
String callback = request.getHeader("REFERER");
request.getSession().setAttribute("callback", callback);
}
ThirdPartyAccess xinlang = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_XINLANG);
GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
response.sendRedirect(
new weibo4j.Oauth()
.authorize(
"code",
xinlang.getAccessKey(),
"http://" + globalSetting.getAppUrl() + "/profile/bindWeibo"));
} catch (IOException e) {
LOG.error("连接到新浪失败", e);
} catch (WeiboException e) {
LOG.error("重定向失败", e);
}
}
@RequestMapping("/toBindQQ")
public void toQQ(HttpServletResponse response, HttpServletRequest request) {
response.setContentType("text/html;charset=utf-8");
try {
if (request.getSession().getAttribute("callback") == null) {
String callback = request.getHeader("REFERER");
request.getSession().setAttribute("callback", callback);
}
ThirdPartyAccess qq = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_QQ);
GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
response.sendRedirect(
new Oauth()
.getAuthorizeURL(
request,
qq.getAccessKey(),
"http://" + globalSetting.getAppUrl() + "/profile/bindQQ"));
} catch (QQConnectException e) {
LOG.error("连接到QQ失败", e);
} catch (IOException e) {
LOG.error("重定向失败", e);
}
}
@RequestMapping("/bindWeibo")
public void weiboLogin(HttpServletRequest request, HttpServletResponse response, String code) {
try {
ThirdPartyAccess xinlang = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_XINLANG);
GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
weibo4j.Oauth oauth = new weibo4j.Oauth();
weibo4j.http.AccessToken accessTokenObj =
oauth.getAccessTokenByCode(
code,
xinlang.getAccessKey(),
xinlang.getAccessSecret(),
"http://" + globalSetting.getAppUrl() + "/profile/bindWeibo");
String accessToken = null, uid = null, tokenExpireIn = null;
if ("".equals(accessTokenObj.getAccessToken())) {
// 我们的网站被CSRF攻击了或者用户取消了授权
// 做一些数据统计工作
LOG.info("没有获取到响应参数");
} else {
accessToken = accessTokenObj.getAccessToken();
tokenExpireIn = accessTokenObj.getExpireIn();
request.getSession().setAttribute("token_expirein", String.valueOf(tokenExpireIn));
// 利用获取到的accessToken 去获取当前用的uid -------- start
Account am = new Account(accessToken);
JSONObject uidObj = am.getUid();
uid = uidObj.getString("uid");
request.getSession().setAttribute("openId", uid);
request.getSession().setAttribute("loginType", UserSession.TYPE_XINLANG);
// 利用获取到的accessToken 去获取当前用户的openid --------- end
// 为空代表首次登录,此处获取的信息尚未完全
ThirdPartyAccount tpa = tpaService.findByOpenId(uid);
if (tpa == null) {
// 获取新浪微博用户的信息
Users um = new Users(accessToken);
weibo4j.model.User wUser = um.showUserById(uid);
tpa = new ThirdPartyAccount();
tpa.setOpenId(uid);
tpa.setAccountType(UserSession.TYPE_XINLANG);
tpa.setAccessToken(accessToken);
tpa.setHeadIconHD(wUser.getAvatarHD());
tpa.setHeadIconBig(wUser.getAvatarLarge());
tpa.setHeadIconMid(wUser.getProfileImageUrl());
tpa.setHeadIconSmall(wUser.getProfileImageUrl());
tpa = tpaService.update(tpa);
}
UserSession userSession =
(UserSession) request.getSession(false).getAttribute("userSession");
tpa.setUser(userSession.getUser());
tpaService.update(tpa);
response.sendRedirect("thirdParty");
}
} catch (IOException e) {
LOG.error("重定向回本站失败", e);
} catch (WeiboException e) {
LOG.error("连接到新浪失败", e);
} catch (JSONException e) {
LOG.error("JSON解析错误", e);
}
}
@RequestMapping("/bindQQ")
public void bindQQ(HttpServletRequest request, HttpServletResponse response) {
try {
ThirdPartyAccess qq = thirdPartyAccessService.findByType(ThirdPartyAccess.TYPE_QQ);
GlobalSetting globalSetting = (GlobalSetting) request.getSession().getAttribute("setting");
AccessToken accessTokenObj =
(new Oauth())
.getAccessTokenByRequest(
request,
qq.getAccessKey(),
qq.getAccessSecret(),
"http://" + globalSetting.getAppUrl() + "/op/login/QQLogin");
String accessToken = null, openID = null;
long tokenExpireIn = 0L;
if ("".equals(accessTokenObj.getAccessToken())) {
// 我们的网站被CSRF攻击了或者用户取消了授权
// 做一些数据统计工作
LOG.info("没有获取到响应参数");
} else {
accessToken = accessTokenObj.getAccessToken();
tokenExpireIn = accessTokenObj.getExpireIn();
request.getSession().setAttribute("token_expirein", String.valueOf(tokenExpireIn));
// 利用获取到的accessToken 去获取当前用的openid -------- start
OpenID openIDObj = new OpenID(accessToken);
openID = openIDObj.getUserOpenID();
request.getSession().setAttribute("openId", openID);
request.getSession().setAttribute("loginType", UserSession.TYPE_QQ);
// 利用获取到的accessToken 去获取当前用户的openid --------- end
// 为空代表首次登录,此处获取的信息尚未完全
ThirdPartyAccount tpa = tpaService.findByOpenId(openID);
if (tpa == null) {
// 获取用户QQ空间的信息
UserInfo qzoneUserInfo = new UserInfo(accessToken, openID);
UserInfoBean userInfoBean = qzoneUserInfo.getUserInfo(qq.getAccessKey());
if (userInfoBean != null) {
tpa = new ThirdPartyAccount();
tpa.setOpenId(openID);
tpa.setAccountType(UserSession.TYPE_QQ);
tpa.setAccessToken(accessToken);
tpa.setHeadIconBig(userInfoBean.getAvatar().getAvatarURL100());
tpa.setHeadIconMid(userInfoBean.getAvatar().getAvatarURL50());
tpa.setHeadIconSmall(userInfoBean.getAvatar().getAvatarURL30());
tpa = tpaService.update(tpa);
}
}
UserSession userSession =
(UserSession) request.getSession(false).getAttribute("userSession");
tpa.setUser(userSession.getUser());
tpaService.update(tpa);
// fate.qq4j.weibo.UserInfo weiboUserInfo = new fate.qq4j.weibo.UserInfo(
// accessToken, openID);
// com.qq.connect.javabeans.weibo.UserInfoBean weiboUserInfoBean = weiboUserInfo
// .getUserInfo(qq.getAccessKey());
response.sendRedirect("thirdParty");
}
} catch (QQConnectException e) {
LOG.error("连接到QQ失败", e);
} catch (IOException e) {
LOG.error("重定向会本站失败", e);
}
}
public void sendEmail(String toMails, User user)
throws MessagingException, UnsupportedEncodingException {
GlobalSetting globalSetting = GlobalSetting.getInstance();
SecurityVerification securityVerification =
securityVerificationService.findBySecurityVerificationAndType(
user.getUid(), SecurityVerification.VERIFICATION_TYPE_EMAIL);
if (securityVerification == null) {
securityVerification = new SecurityVerification();
securityVerification.setUser(user);
}
Date now = Calendar.getInstance().getTime();
if (securityVerification.getCode() == null
|| now.getTime() - securityVerification.getVerificationTime().getTime()
> securityVerification.getTimeout() * 60 * 1000) {
String code = TokenUtil.getRandomString(8, 2);
securityVerification.setValue(toMails);
securityVerification.setCode(code);
securityVerification.setStatus(SecurityVerification.VERIFICATION_STATUS_FAIL);
securityVerification.setTimeout(Constants.EMAIL_TIMEOUT);
securityVerification.setVerificationType(SecurityVerification.VERIFICATION_TYPE_EMAIL);
securityVerification.setVerificationTime(new Date());
securityVerificationService.update(securityVerification);
GlobalSetting setting = GlobalSetting.getInstance();
// 建立邮件消息
MimeMessage mailMessage = setting.getJavaMailSender().createMimeMessage();
MimeMessageHelper messageHelper = new MimeMessageHelper(mailMessage);
// 设置收件人,寄件人 用数组发送多个邮件
messageHelper.setTo(toMails);
String nick = javax.mail.internet.MimeUtility.encodeText(globalSetting.getAppName());
messageHelper.setFrom(new InternetAddress(nick + " <" + setting.getSmtpFrom() + ">"));
messageHelper.setSubject(globalSetting.getSiteName() + "邮箱验证(请勿回复此邮件)");
messageHelper.setText(
"<!doctype html>"
+ "<html>"
+ "<head>"
+ "<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>"
+ "<title>祝福之风邮箱验证</title>"
+ "</head>"
+ "<body>"
+ "<div style='margin:0 auto;width:650px;'>"
+ "<h3>尊敬的用户:</h3>"
+ "<p>请点击以下地址,完成邮箱验证:</p>"
+ "<p><a href='http://"
+ globalSetting.getAppUrl()
+ "/op/security/verification/goVerifyEmail?uid="
+ user.getUid()
+ "&code="
+ URLEncoder.encode(Base64.encode(code.getBytes()), "UTF-8")
+ "'>http://"
+ globalSetting.getAppUrl()
+ "/op/security/verification/goVerifyEmail?uid="
+ user.getUid()
+ "&code="
+ URLEncoder.encode(Base64.encode(code.getBytes()), "UTF-8")
+ "</a></p>"
+ "<p>此链接有效期为"
+ Constants.EMAIL_TIMEOUT / 60
+ "小时<span style='color:#808080'>(如果您无法点击此链接,请将链接复制到浏览器地址栏后访问)</span>"
+ "</p>"
+ "</div>"
+ "</body>"
+ "</html>",
true);
setting.getJavaMailSender().send(mailMessage);
}
}
