³×À̹ö ·Î±×ÀÎ ¿¬µ¿ ¿¹Á¦ 1
³×À̹ö ·Î±×ÀÎ ¿¬µ¿ ¿¹Á¦ 1
https://hdhdeveloper.tistory.com/11
Áö³ ½Ã°£¿¡ À̾î, ³×À̹ö ·Î±×ÀÎ ¿¹Á¦¸¦ ±¸ÇöÇغ¸·Á°í ÇÑ´Ù.
¸ÕÀú ³×À̹ö ·Î±×ÀÎ ÀÎÁõ URL À» »ý¼ºÇϱâ À§ÇÑ ¸Þ¼Òµå¸¦ È£ÃâÇؾßÇϴµ¥ ÇØ´ç ¸Þ¼Òµå´Â naverLoginVO¿¡ µé¾îÀÖ´Ù.
naverLoginVO ¿Í naverLoginApi Ŭ·¡½º¸¦ ±¸ÇöÇÏÀÚ
1.
servlet-context.xml ¼³Á¤
NaverloginVO Class¸¦ bean °´Ã¼·Î ¼³Á¤
2.
NaverLoginVO.java Ŭ·¡½º »ý¼º
Client_ID ¹× Client_secret Àº ÀÌÀü Æí¿¡ ¸¸µé¾ú´ø [³» ¾ÖÇø®ÄÉÀ̼Ç]¿¡ µé¾î°¡º¸¸é ´Ù ³ª¿Â´Ù.
ÇØ´ç Ŭ·¡½ºÀÇ getAuthorizationUrl() ¸Þ¼Òµå¿¡¼ ÀÎÁõ URLÀ» »ý¼ºÇÑ´Ù.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | package main.naver.com; import java.io.IOException; import java.util.UUID; import javax.servlet.http.HttpSession; import org.springframework.util.StringUtils; import com.github.scribejava.core.builder.ServiceBuilder; import com.github.scribejava.core.model.OAuth2AccessToken; import com.github.scribejava.core.model.OAuthRequest; import com.github.scribejava.core.model.Response; import com.github.scribejava.core.model.Verb; import com.github.scribejava.core.oauth.OAuth20Service; public class NaverLoginVO { /* ÀÎÁõ ¿äû¹®À» ±¸¼ºÇÏ´Â ÆĶó¹ÌÅÍ */ //client_id: ¾ÖÇø®ÄÉÀÌ¼Ç µî·Ï ÈÄ ¹ß±Þ¹ÞÀº Ŭ¶óÀ̾ðÆ® ¾ÆÀ̵ð //response_type: ÀÎÁõ °úÁ¤¿¡ ´ëÇÑ ±¸ºÐ°ª. code·Î °ªÀÌ °íÁ¤µÅ ÀÖ½À´Ï´Ù. //redirect_uri: ³×À̹ö ·Î±×ÀÎ ÀÎÁõÀÇ °á°ú¸¦ Àü´Þ¹ÞÀ» Äݹé URL(URL ÀÎÄÚµù). ¾ÖÇø®ÄÉÀ̼ÇÀ» µî·ÏÇÒ ¶§ Callback URL¿¡ ¼³Á¤ÇÑ Á¤º¸ÀÔ´Ï´Ù. //state: ¾ÖÇø®ÄÉÀ̼ÇÀÌ »ý¼ºÇÑ »óÅ ÅäÅ« private final static String CLIENT_ID = "Ŭ¶óÀ̾ðÆ® ¾ÆÀ̵ð"; private final static String CLIENT_SECRET = "Ŭ¶óÀ̾ðÆ® ºñ¹Ð¹øÈ£"; private final static String REDIRECT_URI = "http://localhost:8080/callback"; private final static String SESSION_STATE = "oauth_state"; /* ÇÁ·ÎÇÊ Á¶È¸ API URL */ private final static String PROFILE_API_URL = "https://openapi.naver.com/v1/nid/me"; /* ³×À̹ö ¾ÆÀ̵ð·Î ÀÎÁõ URL »ý¼º Method */ public String getAuthorizationUrl(HttpSession session) { /* ¼¼¼Ç À¯È¿¼º °ËÁõÀ» À§ÇÏ¿© ³¼ö¸¦ »ý¼º */ String state = generateRandomString(); /* »ý¼ºÇÑ ³¼ö °ªÀ» session¿¡ ÀúÀå */ setSession(session,state); /* Scribe¿¡¼ Á¦°øÇÏ´Â ÀÎÁõ URL »ý¼º ±â´ÉÀ» ÀÌ¿ëÇÏ¿© ³×¾Æ·Î ÀÎÁõ URL »ý¼º */ OAuth20Service oauthService = new ServiceBuilder() .apiKey(CLIENT_ID) .apiSecret(CLIENT_SECRET) .callback(REDIRECT_URI) .state(state) //¾Õ¼ »ý¼ºÇÑ ³¼ö°ªÀ» ÀÎÁõ URL»ý¼º½Ã »ç¿ëÇÔ .build(NaverLoginApi.instance()); return oauthService.getAuthorizationUrl(); } /* ³×À̹ö¾ÆÀ̵ð·Î Callback ó¸® ¹× AccessToken ȹµæ Method */ public OAuth2AccessToken getAccessToken(HttpSession session, String code, String state) throws IOException{ /* CallbackÀ¸·Î Àü´Þ¹ÞÀº ¼¼¼±°ËÁõ¿ë ³¼ö°ª°ú ¼¼¼Ç¿¡ ÀúÀåµÇ¾îÀÖ´Â °ªÀÌ ÀÏÄ¡ÇÏ´ÂÁö È®ÀÎ */ String sessionState = getSession(session); if(StringUtils.pathEquals(sessionState, state)){ OAuth20Service oauthService = new ServiceBuilder() .apiKey(CLIENT_ID) .apiSecret(CLIENT_SECRET) .callback(REDIRECT_URI) .state(state) .build(NaverLoginApi.instance()); /* Scribe¿¡¼ Á¦°øÇÏ´Â AccessToken ȹµæ ±â´ÉÀ¸·Î ³×¾Æ·Î Access TokenÀ» ȹµæ */ OAuth2AccessToken accessToken = oauthService.getAccessToken(code); return accessToken; } return null; } /* ¼¼¼Ç À¯È¿¼º °ËÁõÀ» À§ÇÑ ³¼ö »ý¼º±â */ private String generateRandomString() { return UUID.randomUUID().toString(); } /* http session¿¡ µ¥ÀÌÅÍ ÀúÀå */ private void setSession(HttpSession session,String state){ session.setAttribute(SESSION_STATE, state); } /* http session¿¡¼ µ¥ÀÌÅÍ °¡Á®¿À±â */ private String getSession(HttpSession session){ return (String) session.getAttribute(SESSION_STATE); } /* Access TokenÀ» ÀÌ¿ëÇÏ¿© ³×À̹ö »ç¿ëÀÚ ÇÁ·ÎÇÊ API¸¦ È£Ãâ */ public String getUserProfile(OAuth2AccessToken oauthToken) throws IOException{ OAuth20Service oauthService =new ServiceBuilder() .apiKey(CLIENT_ID) .apiSecret(CLIENT_SECRET) .callback(REDIRECT_URI).build(NaverLoginApi.instance()); OAuthRequest request = new OAuthRequest(Verb.GET, PROFILE_API_URL, oauthService); oauthService.signRequest(oauthToken, request); Response response = request.send(); return response.getBody(); } } | cs |
3.
NaverLoginApi.java
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | package main.naver.com; import com.github.scribejava.core.builder.api.DefaultApi20; public class NaverLoginApi extends DefaultApi20 { protected NaverLoginApi(){ } private static class InstanceHolder{ private static final NaverLoginApi INSTANCE = new NaverLoginApi(); } public static NaverLoginApi instance(){ return InstanceHolder.INSTANCE; } @Override public String getAccessTokenEndpoint() { return "https://nid.naver.com/oauth2.0/token?grant_type=authorization_code"; } @Override protected String getAuthorizationBaseUrl() { return "https://nid.naver.com/oauth2.0/authorize"; } } | cs |
¿©±â±îÁö°¡ ³×À̹ö ·Î±×ÀÎ API¸¦ ¿¬µ¿Çϱâ À§ÇÑ ±âº» ¼³Á¤ÀÌ ³¡³µ´Ù.
´ÙÀ½Àº Controller¿¡¼ ³×À̹ö ·Î±×ÀÎ URLÀ» È£ÃâÇϱâ À§ÇÑ ¸Þ¼Òµå¸¦ È£ÃâÇغ¸ÀÚ
naverAuthUrlÀ̶ó´Â º¯¼ö¸¦ ¼±¾ðÇؼ naverLoginVO¿¡ ÀÖ´Â URL »ý¼º ¸Þ¼Òµå¸¦ È£ÃâÇß´Ù.
ÇØ´ç º¯¼ö¸¦ modelMap¿¡ ´ã¾Æ home.jsp ÆäÀÌÁö¿¡ Àü´ÞÇÑ´Ù.
home.jsp ÆäÀÌÁö¿¡¼ ÇØ´ç Äڵ带 ÀÛ¼ºÇÑ´Ù.
a ű׿¡´Â Controller¿¡¼ ³Ñ°ÜÁØ url °ªÀ» ÇÏÀÌÆÛ¸µÅ©¿¡ ÀÔ·ÂÇØÁÖ¸é ³×À̹ö ·Î±×ÀÎ URL ÆäÀÌÁö·Î À̵¿ÇÏ°Ô µÈ´Ù.
ÇØ´ç URL·Î À̵¿ÇÏ°Ô µÇ¸é [·Î±×Àוּ¿_°³¹ß] À̶ó´Â ³» ¾ÖÇø®ÄÉÀÌ¼Ç ¸íĪÀÌ Á¶È¸µÇ°í,
·Î±×ÀÎÀ» ´©¸£¸é redirect ÆäÀÌÁö·Î JSON ÇüÅÂÀÇ °ªµéÀÌ ¸®ÅϵȴÙ.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | //³×À̹ö ·Î±×ÀÎ ¼º°ø½Ã callbackÈ£Ãâ ¸Þ¼Òµå @RequestMapping(value = "/callback", method = { RequestMethod.GET, RequestMethod.POST }) public String callback(Model model, @RequestParam String code, @RequestParam String state, HttpSession session) throws IOException, ParseException { OAuth2AccessToken oauthToken; oauthToken = naverLoginVO.getAccessToken(session, code, state); //1. ·Î±×ÀÎ »ç¿ëÀÚ Á¤º¸¸¦ Àоî¿Â´Ù. apiResult = naverLoginVO.getUserProfile(oauthToken); //StringÇü½ÄÀÇ jsonµ¥ÀÌÅÍ //2. StringÇü½ÄÀÎ apiResult¸¦ jsonÇüÅ·Π¹Ù²Þ JSONParser parser = new JSONParser(); Object obj = null; try { obj = parser.parse(apiResult); } catch (org.json.simple.parser.ParseException e) { // TODO Auto-generated catch block e.printStackTrace(); } JSONObject jsonObj = (JSONObject) obj; //3. µ¥ÀÌÅÍ ÆÄ½Ì //Top·¹º§ ´Ü°è _response ÆÄ½Ì JSONObject response_obj = (JSONObject)jsonObj.get("response"); //responseÀÇ nickname°ª ÆÄ½Ì String user_name = (String)response_obj.get("nickname"); String user_id = (String)response_obj.get("email"); String user_phone =(String)response_obj.get("mobile"); SessionConfigVO sessionConfigVO =new SessionConfigVO(); sessionConfigVO.setUser_id(user_id); sessionConfigVO.setUser_name(user_name); sessionConfigVO.setUser_id(user_phone); sessionConfigVO.setNaver_login(true); //4.ÆÄ½Ì ´Ð³×ÀÓ ¼¼¼ÇÀ¸·Î ÀúÀå session.setAttribute("sessionConfigVO", sessionConfigVO); session.setAttribute("user_name", sessionConfigVO.getUser_name()); return "redirect:/"; } | cs |
/callbackÀ¸·Î ¸®ÅϵǾîÁø µ¥ÀÌÅ͵éÀº JSON ÇüÅ·Π°ªÀÌ µé¾î¿À±â ¶§¹®¿¡
µ¥ÀÌÅ͵éÀ» ÆĽÌÇؼ »ç¿ëÇؾßÇÑ´Ù.
³ªÀÇ °æ¿ì¿£ ³×À̹ö ·Î±×ÀÎ À¯ÀúVO¿Í ÇÁ·ÎÁ§Æ® ³»¿¡ ÀÚüÀûÀÎ UserVO¸¦
°°ÀÌ »ç¿ëÇϱâ À§ÇØ SessionConfigVO·Î µû·Î Ŭ·¡½º¸¦ »ý¼ºÇؼ,
VO¸¦ session¿¡ º¸°üÇÏ¿© »ç¿ëÇÏ·Á°í ¼±¾ðÇß´Ù.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | <div class="container"> <div class="container-header"> <input type="hidden" value="<c:out value='${sessionConfigVO.user_id }'/>" id="session_id"/> <c:if test="${sessionConfigVO ne null}"> <ul style="height:30px;float:right;margin-bottom:20px;" class="fn-font"> <li><a style="color:blue;" class="" >${sessionConfigVO.user_name}' s come in</a></li> <c:if test="${sessionConfigVO.naver_login eq true }"> <li> <img src="../resources/images/naver_logo.png" style="width:30px;"> <a style="color:green;">NAVER °èÁ¤À¸·Î Á¢¼ÓÁß </a> </li> </c:if> </ul> </c:if> </div> | cs |
°á°ú¹° :