http://blog.****.net/binyao02123202/article/details/12204411
1、软件下载
Oauth服务端: http://code.google.com/p/oauth/
通过SVN,下载源码。
或者下载站长整合好的示例源码:http://115.com/file/aqvpzqhz
客户端下载:http://code.google.com/p/oauth-signpost/ oauth-signpost
或者下载站长整合好的示例源码:http://115.com/file/bhy1d2ce
2、服务端源码下载后,把相关代码整合在一起(或直接下载站长整合好的代码),修改net.oauth.provider.core.SampleOAuthProvider 类,把从 provider.properties 读取的信息改为从数据库中读取,如APP_KEY、APP_SCERET、描述、回调地址。
3、net.oauth.example.provider.servlets下面的四个类,这里对应着oauth3个请求url,跟一个用于测试的链接,可以根据需求修改,如将调用Oauth的用户信息记录下来。
4、修改web.xml 增加三个请求url
02
|
< servlet-name >request_token</ servlet-name >
|
03
|
< servlet-class >net.oauth.provider.servlets.RequestTokenServlet</ servlet-class >
|
06
|
< servlet-name >request_token</ servlet-name >
|
07
|
< url-pattern >/oauth/request_token</ url-pattern >
|
11
|
< servlet-name >access_token</ servlet-name >
|
12
|
< servlet-class >net.oauth.provider.servlets.AccessTokenServlet</ servlet-class >
|
15
|
< servlet-name >access_token</ servlet-name >
|
16
|
< url-pattern >/oauth/access_token</ url-pattern >
|
20
|
< servlet-name >authorize</ servlet-name >
|
21
|
< servlet-class >net.oauth.provider.servlets.AuthorizationServlet</ servlet-class >
|
24
|
< servlet-name >authorize</ servlet-name >
|
25
|
< url-pattern >/oauth/authorize</ url-pattern >
|
5、做个拦截器,只要通过某url访问的都需要进行Oauth认证:
web.xml
2
|
< filter-name >OauthFilter</ filter-name >
|
3
|
< filter-class >web.school.phone.OauthFilter</ filter-class >
|
6
|
< filter-name >OauthFilter</ filter-name >
|
7
|
< url-pattern >/phone/*</ url-pattern >
|
web.school.phone.OauthFilter
01
|
package web.school.phone;
|
02
|
import java.io.IOException;
|
04
|
import javax.servlet.Filter;
|
05
|
import javax.servlet.FilterChain;
|
06
|
import javax.servlet.FilterConfig;
|
07
|
import javax.servlet.ServletException;
|
08
|
import javax.servlet.ServletRequest;
|
09
|
import javax.servlet.ServletResponse;
|
10
|
import javax.servlet.http.HttpServletRequest;
|
11
|
import javax.servlet.http.HttpServletResponse;
|
13
|
import net.oauth.OAuthAccessor;
|
14
|
import net.oauth.OAuthMessage;
|
15
|
import net.oauth.provider.core.SampleOAuthProvider;
|
16
|
import net.oauth.server.OAuthServlet;
|
18
|
public class OauthFilter implements Filter
{
|
20
|
public void destroy()
{
|
23
|
public void init(FilterConfig
fConfig) throws ServletException
{
|
26
|
public void doFilter(ServletRequest
request, ServletResponse response, FilterChain chain)
|
27
|
throws IOException,
ServletException {
|
28
|
HttpServletRequest
req=(HttpServletRequest)request;
|
29
|
HttpServletResponse
res=(HttpServletResponse)response;
|
32
|
OAuthMessage
requestMessage = OAuthServlet.getMessage(req, null );
|
33
|
OAuthAccessor
accessor = SampleOAuthProvider.getAccessor(requestMessage);
|
34
|
SampleOAuthProvider.VALIDATOR.validateMessage(requestMessage,
accessor);
|
36
|
System.out.println( "[OauthFilter:passed]:" +req.getRequestURI());
|
37
|
chain.doFilter(request,
response); //验证通过则转向
|
39
|
} catch (Exception
e){
|
41
|
SampleOAuthProvider.handleException(e,
req, res, false );
|
6、执行客户端代码,提示输入验证码时,把控制台打印的URL放到浏览器里打开,输入授权码:
(服务端AuthorizationServlet 里面修改验证不通过要跳转的页面,页面上会打印一些参数)