在 Spring 项目里运用 Spring Social 达成第三方登录,可按以下步骤操作:
1. 添加依赖
在 pom.xml 里添加 Spring Social 相关依赖:
<dependencies>
<!-- Spring Social Core -->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-core</artifactId>
<version>1.1.6.RELEASE</version>
</dependency>
<!-- Spring Social Web -->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-web</artifactId>
<version>1.1.6.RELEASE</version>
</dependency>
<!-- 以 GitHub 为例 -->
<dependency>
<groupId>org.springframework.social</groupId>
<artifactId>spring-social-github</artifactId>
<version>1.0.0.RELEASE</version>
</dependency>
</dependencies>
2. 配置 Spring Social
创建一个配置类来配置 Spring Social:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
import org.springframework.social.config.annotation.EnableSocial;
import org.springframework.social.config.annotation.SocialConfigurerAdapter;
import org.springframework.social.connect.ConnectionFactoryLocator;
import org.springframework.social.connect.UsersConnectionRepository;
import org.springframework.social.connect.mem.InMemoryUsersConnectionRepository;
import org.springframework.social.github.connect.GitHubConnectionFactory;
@Configuration
@EnableSocial
public class SocialConfig extends SocialConfigurerAdapter {
@Override
public void addConnectionFactories(ConnectionFactoryConfigurer cfConfig, org.springframework.core.env.Environment env) {
// 以 GitHub 为例,需要替换为你的 clientId 和 clientSecret
cfConfig.addConnectionFactory(new GitHubConnectionFactory(
"your-client-id",
"your-client-secret"
));
}
@Override
public UsersConnectionRepository getUsersConnectionRepository(ConnectionFactoryLocator connectionFactoryLocator) {
return new InMemoryUsersConnectionRepository(connectionFactoryLocator);
}
}
3. 创建控制器
创建一个控制器来处理第三方登录请求:
import org.springframework.social.connect.Connection;
import org.springframework.social.connect.web.ProviderSignInUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.context.request.WebRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@Controller
public class LoginController {
@GetMapping("/login")
public String login() {
return "login";
}
@GetMapping("/signin")
public String signin(WebRequest request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
ProviderSignInUtils providerSignInUtils = new ProviderSignInUtils();
Connection<?> connection = providerSignInUtils.getConnectionFromSession(request);
if (connection != null) {
// 处理登录成功逻辑
return "redirect:/home";
}
return "redirect:/login";
}
}
4. 创建登录页面
创建一个简单的登录页面 login.html:
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title>第三方登录</title>
</head>
<body>
<h1>使用第三方账号登录</h1>
<a href="/auth/github">使用 GitHub 登录</a>
</body>
</html>
5. 配置 Spring Security(可选)
若要对登录进行保护,可配置 Spring Security:
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/login", "/auth/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
return http.build();
}
}
总结
以上步骤涵盖了在 Spring 项目里使用 Spring Social 实现第三方登录的主要内容。要注意,需把 your-client-id 和 your-client-secret 替换成你从第三方平台获取的实际值。同时,你可以依据自身需求,添加更多的第三方平台(如 Facebook、Twitter 等)。