mirror of
https://gitee.com/dromara/sa-token.git
synced 2025-06-28 13:34:18 +08:00
TokenType 指定方式细节重构
This commit is contained in:
click33
parent
2d13e908b1
commit
06b06cdb5e
@ -233,6 +233,11 @@ http://{host}:{port}/oauth2/userinfo?access_token={access_token}
|
|||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
除了直接在 url 中以 query 参数方式提交 `access_token`,你也可以在 `Authorization` 请求头以 `Bearer Token` 方式提交:
|
||||||
|
``` js
|
||||||
|
header['Authorization'] = 'Bearer access_token';
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
## 2、模式二:隐藏式(Implicit)
|
## 2、模式二:隐藏式(Implicit)
|
||||||
|
|
||||||
|
|||||||
@ -20,8 +20,9 @@ sa-token-oauth2 提供两种模式,让 access_token 可以得到更多信息
|
|||||||
``` java
|
``` java
|
||||||
// 获取 userinfo 信息:昵称、头像、性别等等
|
// 获取 userinfo 信息:昵称、头像、性别等等
|
||||||
@RequestMapping("/oauth2/userinfo")
|
@RequestMapping("/oauth2/userinfo")
|
||||||
public SaResult userinfo(@RequestParam("access_token") String accessToken) {
|
public SaResult userinfo() {
|
||||||
// 获取 Access-Token 对应的账号id
|
// 获取 Access-Token 对应的账号id
|
||||||
|
String accessToken = SaOAuth2Manager.getDataResolver().readAccessToken(SaHolder.getRequest());
|
||||||
Object loginId = SaOAuth2Util.getLoginIdByAccessToken(accessToken);
|
Object loginId = SaOAuth2Util.getLoginIdByAccessToken(accessToken);
|
||||||
System.out.println("-------- 此Access-Token对应的账号id: " + loginId);
|
System.out.println("-------- 此Access-Token对应的账号id: " + loginId);
|
||||||
|
|
||||||
|
|||||||
@ -16,6 +16,7 @@
|
|||||||
package cn.dev33.satoken.oauth2.data.convert;
|
package cn.dev33.satoken.oauth2.data.convert;
|
||||||
|
|
||||||
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
|
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
|
||||||
|
import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts;
|
||||||
import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
|
import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
|
||||||
import cn.dev33.satoken.oauth2.data.model.CodeModel;
|
import cn.dev33.satoken.oauth2.data.model.CodeModel;
|
||||||
import cn.dev33.satoken.oauth2.data.model.RefreshTokenModel;
|
import cn.dev33.satoken.oauth2.data.model.RefreshTokenModel;
|
||||||
@ -78,6 +79,7 @@ public class SaOAuth2DataConverterDefaultImpl implements SaOAuth2DataConverter {
|
|||||||
at.clientId = cm.clientId;
|
at.clientId = cm.clientId;
|
||||||
at.loginId = cm.loginId;
|
at.loginId = cm.loginId;
|
||||||
at.scopes = cm.scopes;
|
at.scopes = cm.scopes;
|
||||||
|
at.tokenType = SaOAuth2Consts.TokenType.bearer;
|
||||||
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(cm.clientId);
|
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(cm.clientId);
|
||||||
at.expiresTime = System.currentTimeMillis() + (clientModel.getAccessTokenTimeout() * 1000);
|
at.expiresTime = System.currentTimeMillis() + (clientModel.getAccessTokenTimeout() * 1000);
|
||||||
at.extraData = new LinkedHashMap<>();
|
at.extraData = new LinkedHashMap<>();
|
||||||
@ -118,6 +120,7 @@ public class SaOAuth2DataConverterDefaultImpl implements SaOAuth2DataConverter {
|
|||||||
at.clientId = rt.clientId;
|
at.clientId = rt.clientId;
|
||||||
at.loginId = rt.loginId;
|
at.loginId = rt.loginId;
|
||||||
at.scopes = rt.scopes;
|
at.scopes = rt.scopes;
|
||||||
|
at.tokenType = SaOAuth2Consts.TokenType.bearer;
|
||||||
at.extraData = new LinkedHashMap<>(rt.extraData);
|
at.extraData = new LinkedHashMap<>(rt.extraData);
|
||||||
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(rt.clientId);
|
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(rt.clientId);
|
||||||
at.expiresTime = System.currentTimeMillis() + (clientModel.getAccessTokenTimeout() * 1000);
|
at.expiresTime = System.currentTimeMillis() + (clientModel.getAccessTokenTimeout() * 1000);
|
||||||
|
|||||||
@ -166,6 +166,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
|
|||||||
// 2、生成 新Access-Token
|
// 2、生成 新Access-Token
|
||||||
String newAtValue = SaOAuth2Strategy.instance.createAccessToken.execute(ra.clientId, ra.loginId, ra.scopes);
|
String newAtValue = SaOAuth2Strategy.instance.createAccessToken.execute(ra.clientId, ra.loginId, ra.scopes);
|
||||||
AccessTokenModel at = new AccessTokenModel(newAtValue, ra.clientId, ra.loginId, ra.scopes);
|
AccessTokenModel at = new AccessTokenModel(newAtValue, ra.clientId, ra.loginId, ra.scopes);
|
||||||
|
at.tokenType = SaOAuth2Consts.TokenType.bearer;
|
||||||
|
|
||||||
// 3、根据权限构建额外参数
|
// 3、根据权限构建额外参数
|
||||||
at.extraData = new LinkedHashMap<>();
|
at.extraData = new LinkedHashMap<>();
|
||||||
@ -220,6 +221,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
|
|||||||
// 3、生成新 Client-Token
|
// 3、生成新 Client-Token
|
||||||
String clientTokenValue = SaOAuth2Strategy.instance.createClientToken.execute(clientId, scopes);
|
String clientTokenValue = SaOAuth2Strategy.instance.createClientToken.execute(clientId, scopes);
|
||||||
ClientTokenModel ct = new ClientTokenModel(clientTokenValue, clientId, scopes);
|
ClientTokenModel ct = new ClientTokenModel(clientTokenValue, clientId, scopes);
|
||||||
|
ct.tokenType = SaOAuth2Consts.TokenType.bearer;
|
||||||
ct.expiresTime = System.currentTimeMillis() + (cm.getClientTokenTimeout() * 1000);
|
ct.expiresTime = System.currentTimeMillis() + (cm.getClientTokenTimeout() * 1000);
|
||||||
ct.extraData = new LinkedHashMap<>();
|
ct.extraData = new LinkedHashMap<>();
|
||||||
SaOAuth2Strategy.instance.workClientTokenByScope.accept(ct);
|
SaOAuth2Strategy.instance.workClientTokenByScope.accept(ct);
|
||||||
|
|||||||
@ -64,6 +64,11 @@ public class AccessTokenModel implements Serializable {
|
|||||||
*/
|
*/
|
||||||
public List<String> scopes;
|
public List<String> scopes;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Token 类型
|
||||||
|
*/
|
||||||
|
public String tokenType;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 扩展数据
|
* 扩展数据
|
||||||
*/
|
*/
|
||||||
@ -152,6 +157,15 @@ public class AccessTokenModel implements Serializable {
|
|||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getTokenType() {
|
||||||
|
return tokenType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public AccessTokenModel setTokenType(String tokenType) {
|
||||||
|
this.tokenType = tokenType;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
public Map<String, Object> getExtraData() {
|
public Map<String, Object> getExtraData() {
|
||||||
return extraData;
|
return extraData;
|
||||||
}
|
}
|
||||||
@ -163,9 +177,17 @@ public class AccessTokenModel implements Serializable {
|
|||||||
|
|
||||||
@Override
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
return "AccessTokenModel [accessToken=" + accessToken + ", refreshToken=" + refreshToken
|
return "AccessTokenModel{" +
|
||||||
+ ", accessTokenTimeout=" + expiresTime + ", refreshTokenTimeout=" + refreshExpiresTime
|
"accessToken='" + accessToken + '\'' +
|
||||||
+ ", clientId=" + clientId + ", scopes=" + scopes + ", extraData=" + extraData + "]";
|
", refreshToken='" + refreshToken + '\'' +
|
||||||
|
", expiresTime=" + expiresTime +
|
||||||
|
", refreshExpiresTime=" + refreshExpiresTime +
|
||||||
|
", clientId='" + clientId + '\'' +
|
||||||
|
", loginId=" + loginId +
|
||||||
|
", scopes=" + scopes +
|
||||||
|
", tokenType='" + tokenType + '\'' +
|
||||||
|
", extraData=" + extraData +
|
||||||
|
'}';
|
||||||
}
|
}
|
||||||
|
|
||||||
// 追加只读属性
|
// 追加只读属性
|
||||||
|
|||||||
@ -49,6 +49,11 @@ public class ClientTokenModel implements Serializable {
|
|||||||
*/
|
*/
|
||||||
public List<String> scopes;
|
public List<String> scopes;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Token 类型
|
||||||
|
*/
|
||||||
|
public String tokenType;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 扩展数据
|
* 扩展数据
|
||||||
*/
|
*/
|
||||||
@ -91,6 +96,15 @@ public class ClientTokenModel implements Serializable {
|
|||||||
return this;
|
return this;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getTokenType() {
|
||||||
|
return tokenType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public ClientTokenModel setTokenType(String tokenType) {
|
||||||
|
this.tokenType = tokenType;
|
||||||
|
return this;
|
||||||
|
}
|
||||||
|
|
||||||
public Map<String, Object> getExtraData() {
|
public Map<String, Object> getExtraData() {
|
||||||
return extraData;
|
return extraData;
|
||||||
}
|
}
|
||||||
@ -118,10 +132,11 @@ public class ClientTokenModel implements Serializable {
|
|||||||
@Override
|
@Override
|
||||||
public String toString() {
|
public String toString() {
|
||||||
return "ClientTokenModel{" +
|
return "ClientTokenModel{" +
|
||||||
"clientToken='" + clientToken + '\'' +
|
"clientToken='" + clientToken +
|
||||||
", expiresTime=" + expiresTime +
|
", expiresTime=" + expiresTime +
|
||||||
", clientId='" + clientId + '\'' +
|
", clientId='" + clientId +
|
||||||
", scopes=" + scopes +
|
", scopes=" + scopes +
|
||||||
|
", tokenType=" + tokenType +
|
||||||
", extraData=" + extraData +
|
", extraData=" + extraData +
|
||||||
'}';
|
'}';
|
||||||
}
|
}
|
||||||
|
|||||||
@ -122,7 +122,7 @@ public class SaOAuth2DataResolverDefaultImpl implements SaOAuth2DataResolver {
|
|||||||
@Override
|
@Override
|
||||||
public Map<String, Object> buildTokenReturnValue(AccessTokenModel at) {
|
public Map<String, Object> buildTokenReturnValue(AccessTokenModel at) {
|
||||||
Map<String, Object> map = new LinkedHashMap<>();
|
Map<String, Object> map = new LinkedHashMap<>();
|
||||||
map.put("token_type", TokenType.bearer);
|
map.put("token_type", at.tokenType);
|
||||||
map.put("access_token", at.accessToken);
|
map.put("access_token", at.accessToken);
|
||||||
map.put("refresh_token", at.refreshToken);
|
map.put("refresh_token", at.refreshToken);
|
||||||
map.put("expires_in", at.getExpiresIn());
|
map.put("expires_in", at.getExpiresIn());
|
||||||
@ -139,6 +139,7 @@ public class SaOAuth2DataResolverDefaultImpl implements SaOAuth2DataResolver {
|
|||||||
@Override
|
@Override
|
||||||
public Map<String, Object> buildClientTokenReturnValue(ClientTokenModel ct) {
|
public Map<String, Object> buildClientTokenReturnValue(ClientTokenModel ct) {
|
||||||
Map<String, Object> map = new LinkedHashMap<>();
|
Map<String, Object> map = new LinkedHashMap<>();
|
||||||
|
map.put("token_type", ct.tokenType);
|
||||||
map.put("client_token", ct.clientToken);
|
map.put("client_token", ct.clientToken);
|
||||||
// map.put("access_token", ct.clientToken); // 兼容 OAuth2 协议
|
// map.put("access_token", ct.clientToken); // 兼容 OAuth2 协议
|
||||||
map.put("expires_in", ct.getExpiresIn());
|
map.put("expires_in", ct.getExpiresIn());
|
||||||
|
|||||||
@ -303,8 +303,7 @@ public class SaOAuth2ServerProcessor {
|
|||||||
ClientIdAndSecretModel clientIdAndSecret = SaOAuth2Manager.getDataResolver().readClientIdAndSecret(req);
|
ClientIdAndSecretModel clientIdAndSecret = SaOAuth2Manager.getDataResolver().readClientIdAndSecret(req);
|
||||||
String clientId = clientIdAndSecret.clientId;
|
String clientId = clientIdAndSecret.clientId;
|
||||||
String clientSecret = clientIdAndSecret.clientSecret;
|
String clientSecret = clientIdAndSecret.clientSecret;
|
||||||
String scope = req.getParam(Param.scope, "");
|
List<String> scopes = SaOAuth2Manager.getDataConverter().convertScopeStringToList(req.getParam(Param.scope));
|
||||||
List<String> scopes = SaOAuth2Manager.getDataConverter().convertScopeStringToList(scope);
|
|
||||||
|
|
||||||
//校验 ClientScope
|
//校验 ClientScope
|
||||||
oauth2Template.checkContract(clientId, scopes);
|
oauth2Template.checkContract(clientId, scopes);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user