This issue recommends an open source third party authorized login tool class library——JustAuth。

JustAuth, as you can see, is just a third party authorized login tool class library, it can let us out of the cumbersome third party login SDK, So easy to log in!

JustAuth integrates with dozens of third-party platforms at home and abroad such as Github, Gitee, Alipay, Sina Weibo, wechat, Google, Facebook, Twitter, StackOverflow, etc.

JustAuth features:

• Rich OAuth platform, supporting dozens of well-known third-party platforms at home and abroad OAuth login.
• Custom state, support custom State and cache mode, developers can choose any cache plug-in according to the actual situation.
• Customize OAuth, provide a unified interface, support access to any OAuth website, quickly achieve OAuth login function.
• Custom Http, interface HTTP tools, developers can choose the corresponding HTTP tools according to the actual situation of their own project.
• Custom Scope Supports custom scope to suit more business scenarios, not just for login.
• The code specification is simple, the code strictly abides by Alibaba’s code specification, the structure is clear and the logic is simple.

how to use

• Procedure of use

There are three steps to using JustAuth (these steps are also appropriate for any platform JustAuth supports) :

1. Apply to register a developer account for a third-party platform

2. Create applications for third-party platforms and obtain configuration information (accessKey, secretKey, redirectUri)

3. Use this tool to implement authorized login

• usage mode

Introduce dependency

<dependency>
    <groupId>me.zhyd.oauth</groupId>
    <artifactId>JustAuth</artifactId>
    <version>${latest.version}</version>
</dependency>

latest version：
https://search.maven.org/search?q=g:me.zhyd.oauth%20AND%20a:JustAuth

call api

// Create authorization request
AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder()
        .clientId("clientId")
        .clientSecret("clientSecret")
        .redirectUri("redirectUri")
        .build());
// Generate authorization page
authRequest.authorize("state");
// After authorized login, code (auth_code (Alipay only)) and state will be returned. After 1.8.0, the AuthCallback class can be used as the parameter of the callback interface
// Note: The default saving time of JustAuth state is 3 minutes. If the state is not used within 3 minutes, the expired state will be automatically cleared
authRequest.login(callback);

Attention: JustAuth has integrated simple-http as the HTTP universal interface by default since v1.14.0. Since HTTP tools have been integrated in common projects, such as OkHttp3, apache HttpClient, hutool-http, Therefore, in order to reduce unnecessary dependencies, JustAuth will not integrate hutool-http by default starting from v1.14.0. If the developer’s project is new or does not integrate HTTP implementation tools in the project, please add corresponding HTTP implementation classes by yourself.

• API decomposition

The core of JustAuth is a request, each platform corresponds to a specific request class, so before use, it is necessary to create a response request for a specific authorization platform

// Create authorization request
AuthRequest authRequest = new AuthGiteeRequest(AuthConfig.builder()
        .clientId("clientId")
        .clientSecret("clientSecret")
        .redirectUri("redirectUri")
        .build());

Get authorization link

String authorizeUrl = authRequest.authorize("state");

After obtaining authorizeUrl, you can manually redirect it to authorizeUrl

pseudo-code

/**
 * @param source Third-party authorization platforms, using this example as a reference, the value is gitee (because AuthGiteeRequest is declared above)
 */
@RequestMapping("/render/{source}")
public void renderAuth(@PathVariable("source") String source, HttpServletResponse response) throws IOException {
    AuthRequest authRequest = getAuthRequest(source);
    String authorizeUrl = authRequest.authorize(AuthStateUtils.createState());
    response.sendRedirect(authorizeUrl);
}

Note: state advice must pass! The primary role of state in OAuth’s flow is to ensure request integrity and prevent CSRF risks, and the state passed here will be returned on callback

Login (Get user information)

AuthResponse response = authRequest.login(callback);

After authorized login, code (auth_code (for Alipay only), authorization_code (for Huawei only)), and state are returned. After 1.8.0, the AuthCallback class is used as the input parameter of the callback interface

pseudocode

/**
 * @param source Third-party authorization platforms, using this example as a reference, the value is gitee (because AuthGiteeRequest is declared above)
 */
@RequestMapping("/callback/{source}")
public Object login(@PathVariable("source") String source, AuthCallback callback) {
    AuthRequest authRequest = getAuthRequest(source);
    AuthResponse response = authRequest.login(callback);
    return response;
}

Note: For the authorization callback address configured on the third-party platform, the callback address when creating an authorization application is set to：[host]/callback/gitee

Refresh token

Note: refresh is not supported on every platform

AuthResponse response = authRequest.refresh(AuthToken.builder().refreshToken(token).build());

pseudocode

/**
 * @param source Third-party authorization platforms, using this example as a reference, the value is gitee (because AuthGiteeRequest is declared above)
 * @param token  login Returned after success refreshToken
 */
@RequestMapping("/refresh/{source}")
public Object refreshAuth(@PathVariable("source") String source, String token){
    AuthRequest authRequest = getAuthRequest(source);
    return authRequest.refresh(AuthToken.builder().refreshToken(token).build());
}

cancel authorization

Note: revoke is not supported on every platform

AuthResponse response = authRequest.revoke(AuthToken.builder().accessToken(token).build());

pseudocode

/**
 * @param source Third-party authorization platforms, using this example as a reference, the value is gitee (because AuthGiteeRequest is declared above)
 * @param token  login Returned after success accessToken
 */
@RequestMapping("/revoke/{source}/{token}")
public Object revokeAuth(@PathVariable("source") String source, @PathVariable("token") String token) throws IOException {
    AuthRequest authRequest = getAuthRequest(source);
    return authRequest.revoke(AuthToken.builder().accessToken(token).build());
}

Integrated Tiktok login example

1.Apply for application

Visit the Tiktok Open Platform and log in, if you do not have an account, please register yourself.

After the login is complete, you need to perform enterprise authentication (only enterprise authentication).

After the authentication is successful, the following information is displayed:

On the Management Center – Application Management page, choose Create Application, create Application page, and select Website Application.

Note that the local host cannot be used. You only need to configure the root domain, for example, justauth.cn

The following is an example:

After completing the filling, submit it for review, wait for the completion of the platform review, and then proceed to the next step.

copy The following information: App ID, App Key, and website callback domain

2. Integrate JustAuth

The integration section refers to the previous chapter to introduce dependencies, create requests, and generate authorization addresses.

We can generate authorized links to third party platforms directly by:

String authorizeUrl = authRequest.authorize(AuthStateUtils.createState());

We can redirect this link directly in the background to jump, or we can return to the front end after the front end controls the jump. The benefit of front-end control is that third-party authorization pages can be embedded in the iframe to fit the website design.

You can read more on your own.