upgrade shopify OAuth process

master
ycfxx 3 years ago
parent 296fafef74
commit 20eb867b11

@ -55,12 +55,10 @@ public class ShopifyMerchantAuthApplication {
/**
* shopifyurl
* @param shopifyStoreHost
* @param hmac
* @param timestamp
* @return
*/
public ShopifyPermissionURL getShopifyPermissionUrl(String shopifyStoreHost, String hmac, String timestamp) {
ShopifyPermissionURL shopifyPermissionURL = shopifyAuthService.shopifyPermission(shopifyStoreHost, hmac, timestamp);
public ShopifyPermissionURL getShopifyPermissionUrl(String shopifyStoreHost) {
ShopifyPermissionURL shopifyPermissionURL = shopifyAuthService.shopifyPermission(shopifyStoreHost);
return shopifyPermissionURL;
}

@ -10,6 +10,7 @@ import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestClientException;
@ -38,9 +39,17 @@ public class ShopifyAuthService {
@Qualifier("shopifyRestTemplate")
private RestTemplate restTemplate;
public ShopifyPermissionURL shopifyPermission(String shopifyStoreHost, String hmac, String timestamp) {
@Autowired
private StringRedisTemplate stringRedisTemplate;
public ShopifyPermissionURL shopifyPermission(String shopifyStoreHost) {
String redirectUri = PlatformEnvironment.getEnv().concatUrl("/auth.html");
String permissionUrl = String.format(PERMISSION_URL, shopifyStoreHost, clientId, scope, redirectUri, String.valueOf(new Date().getTime()).substring(0,10));
String state = String.valueOf(new Date().getTime()).substring(0,10);
stringRedisTemplate.boundValueOps("shopifyAuthState:"+shopifyStoreHost).set(state);
String permissionUrl = String.format(PERMISSION_URL, shopifyStoreHost, clientId, scope, redirectUri, state);
return ShopifyPermissionURL.builder().url(permissionUrl).build();
}

@ -8,6 +8,7 @@ import au.com.royalpay.payment.manage.shopify.auth.web.command.ShopifyPermission
import au.com.royalpay.payment.manage.shopify.auth.web.command.ShopifyVerifyRequest;
import com.alibaba.fastjson.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@ -28,6 +29,9 @@ public class ShopifyAuthController {
@Autowired
private ShopifyRequestValidator shopifyRequestValidator;
@Autowired
private StringRedisTemplate stringRedisTemplate;
/**
* shopify
*
@ -36,6 +40,11 @@ public class ShopifyAuthController {
*/
@PostMapping("/verify")
public JSONObject verifyRequest(@RequestBody @Valid ShopifyVerifyRequest request) {
String state = stringRedisTemplate.boundValueOps("shopifyAuthState:" + request.getShop()).get();
if (!request.getState().equals(state)) {
throw new ShopifyRequestVerifyException("This request parameters is invalid");
}
stringRedisTemplate.delete("shopifyAuthState:" + request.getShop());
if (!shopifyRequestValidator.valid(request.build())) {
throw new ShopifyRequestVerifyException("This request parameters is invalid");
}

@ -36,7 +36,7 @@ public class ShopifyAuthTemplateController {
if (!shopifyRequestValidator.verifyPermission(shopifyStoreHost, hmac, timestamp)) {
throw new ShopifyRequestVerifyException("This request parameters is invalid");
}
ShopifyPermissionURL shopifyPermissionURL = shopifyMerchantAuthApplication.getShopifyPermissionUrl(shopifyStoreHost, hmac, timestamp);
ShopifyPermissionURL shopifyPermissionURL = shopifyMerchantAuthApplication.getShopifyPermissionUrl(shopifyStoreHost);
return new RedirectView(shopifyPermissionURL.getUrl());
}

Loading…
Cancel
Save