新增 ClientToken 与自定义权限的对接

2025-06-28 13:34:18 +08:00 · 2024-08-18 19:06:36 +08:00 · 2024-08-18 19:06:36 +08:00 · c03bccd956
commit c03bccd956
parent 1ee1340192
6 changed files with 76 additions and 20 deletions
--- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerateDefaultImpl.java
+++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerateDefaultImpl.java
@ -82,10 +82,10 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
        // 3、生成token
        AccessTokenModel at = dataConverter.convertCodeToAccessToken(cm);
        SaOAuth2Strategy.instance.workAccessTokenByScope.accept(at);
        RefreshTokenModel rt = dataConverter.convertAccessTokenToRefreshToken(at);
        at.refreshToken = rt.refreshToken;
        at.refreshExpiresTime = rt.expiresTime;
        SaOAuth2Strategy.instance.workAccessTokenByScope.accept(at);
        // 4、保存token
        dao.saveAccessToken(at);
@ -205,10 +205,11 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
            dao.saveClientToken(oldCt);
        }
-        // 3、生成新Client-Token
+        // 3、生成新 Client-Token
        String clientTokenValue = SaOAuth2Strategy.instance.createClientToken.execute(clientId, scopes);
        ClientTokenModel ct = new ClientTokenModel(clientTokenValue, clientId, scopes);
        ct.expiresTime = System.currentTimeMillis() + (cm.getClientTokenTimeout() * 1000);
        SaOAuth2Strategy.instance.workClientTokenByScope.accept(ct);
        // 3、保存新Client-Token
        dao.saveClientToken(ct);
--- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/function/strategy/SaOAuth2ScopeWorkAccessTokenFunction.java
+++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/function/strategy/SaOAuth2ScopeWorkAccessTokenFunction.java
@ -26,9 +26,9 @@ import java.util.function.Consumer;
 * <p>  返回：无  </p>
 *
 * @author click33
- * @since 1.35.0
+ * @since 1.39.0
 */
@FunctionalInterface
-public interface SaScopeWorkFunction extends Consumer<AccessTokenModel> {
+public interface SaOAuth2ScopeWorkAccessTokenFunction extends Consumer<AccessTokenModel> {
 }
--- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/function/strategy/SaOAuth2ScopeWorkClientTokenFunction.java
+++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/function/strategy/SaOAuth2ScopeWorkClientTokenFunction.java
@ -0,0 +1,34 @@
 /*
 * Copyright 2020-2099 sa-token.cc
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package cn.dev33.satoken.oauth2.function.strategy;
 import cn.dev33.satoken.oauth2.data.model.ClientTokenModel;
 import java.util.function.Consumer;
 /**
 * 函数式接口：ClientTokenModel 加工
 *
 * <p>  参数：ClientTokenModel </p>
 * <p>  返回：无  </p>
 *
 * @author click33
 * @since 1.39.0
 */
@FunctionalInterface
 public interface SaOAuth2ScopeWorkClientTokenFunction extends Consumer<ClientTokenModel> {
 }
--- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/scope/handler/OpenIdScopeHandler.java
+++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/scope/handler/OpenIdScopeHandler.java
@ -17,10 +17,11 @@ package cn.dev33.satoken.oauth2.scope.handler;
 import cn.dev33.satoken.oauth2.SaOAuth2Manager;
 import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
 import cn.dev33.satoken.oauth2.data.model.ClientTokenModel;
 import cn.dev33.satoken.oauth2.scope.CommonScope;
 /**
- * 所有OAuth2 权限处理器的父接口
+ * OpenId 权限处理器
 *
 * @author click33
 * @since 1.39.0
@ -34,12 +35,15 @@ public class OpenIdScopeHandler implements SaOAuth2ScopeAbstractHandler {
        return CommonScope.OPENID;
    }
-    /**
+    @Override
-     * 所需要执行的方法
+    public void workAccessToken(AccessTokenModel at) {
     */
    public void work(AccessTokenModel at) {
        System.out.println("追加 openid " + at.accessToken);
        at.openid = SaOAuth2Manager.getDataLoader().getOpenid(at.clientId, at.loginId);
    }
    @Override
    public void workClientToken(ClientTokenModel ct) {
    }
 }
--- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/scope/handler/SaOAuth2ScopeAbstractHandler.java
+++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/scope/handler/SaOAuth2ScopeAbstractHandler.java
@ -16,9 +16,10 @@
 package cn.dev33.satoken.oauth2.scope.handler;
 import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
 import cn.dev33.satoken.oauth2.data.model.ClientTokenModel;
 /**
- * 所有OAuth2 权限处理器的父接口
+ * 所有 OAuth2 权限处理器的父接口
 *
 * @author click33
 * @since 1.39.0
@ -33,12 +34,17 @@ public interface SaOAuth2ScopeAbstractHandler {
    String getHandlerScope();
    /**
-     * 所需要执行的方法
+     * 当构建的 AccessToken 具有此权限时，所需要执行的方法
     *
     * @param at /
     */
-    default void work(AccessTokenModel at) {
+    void workAccessToken(AccessTokenModel at);
-    }
+    /**
     * 当构建的 ClientToken 具有此权限时，所需要执行的方法
     *
     * @param ct /
     */
    void workClientToken(ClientTokenModel ct);
 }
--- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/strategy/SaOAuth2Strategy.java
+++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/strategy/SaOAuth2Strategy.java
@ -79,18 +79,29 @@ public final class SaOAuth2Strategy {
 	/**
 	 * 根据 scope 信息对一个 AccessTokenModel 进行加工处理
 	 */
-	public SaScopeWorkFunction workAccessTokenByScope = (at) -> {
+	public SaOAuth2ScopeWorkAccessTokenFunction workAccessTokenByScope = (at) -> {
 		System.out.println("增强：" + at.accessToken);
 		System.out.println("权限：" + at.scopes);
 		// 遍历所有的权限处理器，如果此 AccessToken 具有这些权限，则开始加工
 		if(at.scopes != null && !at.scopes.isEmpty()) {
-			for (Map.Entry<String, SaOAuth2ScopeAbstractHandler> entry: scopeHandlerMap.entrySet()) {
+			for (String scope : at.scopes) {
-				if(at.scopes.contains(entry.getKey())) {
+				SaOAuth2ScopeAbstractHandler handler = scopeHandlerMap.get(scope);
-					entry.getValue().work(at);
+				if(handler != null) {
 					handler.workAccessToken(at);
 				}
 			}
 		}
 	};
 	/**
 	 * 根据 scope 信息对一个 ClientTokenModel 进行加工处理
 	 */
 	public SaOAuth2ScopeWorkClientTokenFunction workClientTokenByScope = (ct) -> {
 		if(ct.scopes != null && !ct.scopes.isEmpty()) {
 			for (String scope : ct.scopes) {
 				SaOAuth2ScopeAbstractHandler handler = scopeHandlerMap.get(scope);
 				if(handler != null) {
 					handler.workClientToken(ct);
 				}
 			}
 		}
 	};
 	/**