将检测授权类型交给client去校验而非全局

sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/config/SaOAuth2Config.java

@@ -1,11 +1,11 @@
 package cn.dev33.satoken.oauth2.config;
 
+import cn.dev33.satoken.util.SaResult;
+
 import java.io.Serializable;
 import java.util.function.BiFunction;
 import java.util.function.Supplier;
 
-import cn.dev33.satoken.util.SaResult;
-
 /**
  * Sa-Token-OAuth2 配置类 Model 
  * @author kong
@@ -16,15 +16,19 @@ public class SaOAuth2Config implements Serializable {
 	private static final long serialVersionUID = -6541180061782004705L;
 
 	/** 是否打开模式：授权码（Authorization Code） */
+	@Deprecated
 	public Boolean isCode = true;
 
 	/** 是否打开模式：隐藏式（Implicit） */
+	@Deprecated
 	public Boolean isImplicit = false;
 
 	/** 是否打开模式：密码式（Password） */
+	@Deprecated
 	public Boolean isPassword = false;
 
 	/** 是否打开模式：凭证式（Client Credentials） */
+	@Deprecated
 	public Boolean isClient = false;
 
 	/** 是否在每次 Refresh-Token 刷新 Access-Token 时，产生一个新的 Refresh-Token */

sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Consts.java

@@ -59,6 +59,7 @@ public class SaOAuth2Consts {
 		public static String refresh_token = "refresh_token";
 		public static String password = "password";
 		public static String client_credentials = "client_credentials";
+		public static String implicit = "implicit";
 	}
 	
 	/** 表示OK的返回结果 */

sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Handle.java

@@ -35,10 +35,13 @@ public class SaOAuth2Handle {
 		SaResponse res = SaHolder.getResponse();
 		SaOAuth2Config cfg = SaOAuth2Manager.getConfig();
 
+		//读取client_id,此参数在所有模式中必填
+		String clientId = req.getParamNotNull(Param.client_id);
+
 		// ------------------ 路由分发 ------------------
 
 		// 模式一：Code授权码
-		if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.code) && cfg.isCode) {
+		if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.code) && (SaOAuth2Util.supportType(clientId,GrantType.authorization_code) || cfg.isCode)) {
 			return authorize(req, res, cfg);
 		}
 
@@ -68,17 +71,17 @@ public class SaOAuth2Handle {
 		}
 
 		// 模式二：隐藏式
-		if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.token) && cfg.isImplicit) {
+		if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.token) && (SaOAuth2Util.supportType(clientId,GrantType.implicit) || cfg.isImplicit)) {
 			return authorize(req, res, cfg);
 		}
 
 		// 模式三：密码式
-		if(req.isPath(Api.token) && req.isParam(Param.grant_type, GrantType.password) && cfg.isPassword) {
+		if(req.isPath(Api.token) && req.isParam(Param.grant_type, GrantType.password) && (SaOAuth2Util.supportType(clientId,GrantType.password) || cfg.isPassword)) {
 			return password(req, res, cfg);
 		}
 
 		// 模式四：凭证式
-		if(req.isPath(Api.client_token) && req.isParam(Param.grant_type, GrantType.client_credentials) && cfg.isClient) {
+		if(req.isPath(Api.client_token) && req.isParam(Param.grant_type, GrantType.client_credentials) && (SaOAuth2Util.supportType(clientId,GrantType.client_credentials) || cfg.isClient)) {
 			return clientToken(req, res, cfg);
 		}
 

sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Template.java

@@ -1,21 +1,17 @@
 package cn.dev33.satoken.oauth2.logic;
 
-import java.util.List;
-
 import cn.dev33.satoken.SaManager;
 import cn.dev33.satoken.context.model.SaRequest;
 import cn.dev33.satoken.oauth2.SaOAuth2Manager;
 import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception;
 import cn.dev33.satoken.oauth2.logic.SaOAuth2Consts.Param;
-import cn.dev33.satoken.oauth2.model.AccessTokenModel;
+import cn.dev33.satoken.oauth2.model.*;
-import cn.dev33.satoken.oauth2.model.ClientTokenModel;
-import cn.dev33.satoken.oauth2.model.CodeModel;
-import cn.dev33.satoken.oauth2.model.RefreshTokenModel;
-import cn.dev33.satoken.oauth2.model.RequestAuthModel;
-import cn.dev33.satoken.oauth2.model.SaClientModel;
 import cn.dev33.satoken.strategy.SaStrategy;
 import cn.dev33.satoken.util.SaFoxUtil;
 
+import java.util.Arrays;
+import java.util.List;
+
 /**
  * Sa-Token-OAuth2 模块 代码实现
  * @author kong
@@ -922,4 +918,12 @@ public class SaOAuth2Template {
 		return SaManager.getConfig().getTokenName() + ":oauth2:grant-scope:" + clientId + ":" + loginId;
 	}
 
+	/**
+	 * 检查是否支持的type类型
+	 */
+	public Boolean supportType(String clientId,String type){
+		SaClientModel saClientModel = checkClientModel(clientId);
+	 	return Arrays.asList(saClientModel.getAllowType().split(",")).contains(type);
+	}
+
 }

sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Util.java

@@ -293,6 +293,16 @@ public class SaOAuth2Util {
 		return saOAuth2Template.getGrantScope(clientId, loginId);
 	}
 
+	/**
+	 * 获取：检查是否支持的授权类型
+	 * @param clientId 应用id
+	 * @param type 授权类型
+	 * @return 是否
+	 */
+	public static Boolean supportType(String clientId, String type) {
+		return saOAuth2Template.supportType(clientId, type);
+	}
+	
 	
 
 }

sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/model/SaClientModel.java

@@ -31,15 +31,21 @@ public class SaClientModel implements Serializable {
 	 */
 	public String allowUrl;
 
+	/**
+	 * 应用允许授权的所有URL, 多个用逗号隔开
+	 */
+	public String allowType;
+
 	public SaClientModel() {
 		
 	}
-	public SaClientModel(String clientId, String clientSecret, String contractScope, String allowUrl) {
+	public SaClientModel(String clientId, String clientSecret, String contractScope, String allowUrl,String allowType) {
 		super();
 		this.clientId = clientId;
 		this.clientSecret = clientSecret;
 		this.contractScope = contractScope;
 		this.allowUrl = allowUrl;
+		this.allowType = allowType;
 	}
 
 	/**
@@ -106,6 +112,22 @@ public class SaClientModel implements Serializable {
 		return this;
 	}
 
+	/**
+	 * @return 应用允许的授权模式, 多个用逗号隔开
+	 */
+	public String getAllowType() {
+		return allowType;
+	}
+
+	/**
+	 * @param allowType 应用允许的授权模式, 多个用逗号隔开
+	 * @return 对象自身
+	 */
+	public SaClientModel setAllowType(String allowType) {
+		this.allowType = allowType;
+		return this;
+	}
+	
 	@Override
 	public String toString() {
 		return "SaClientModel [clientId=" + clientId + ", clientSecret=" + clientSecret + ", contractScope="