lsm/sa-token
1
0
Fork 0
mirror of https://gitee.com/dromara/sa-token.git synced 2025-12-21 19:09:45 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'dev' into dev

Browse Source
This commit is contained in:
click33
2021-12-23 01:26:23 +08:00
committed by GitHub
parent 079f87ef4f 05c8a6b6f2
commit cf2f64ce78
15 changed files with 281 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/config/SaOAuth2Config.java
View File

@@ -1,11 +1,11 @@
package cn.dev33.satoken.oauth2.config;
import cn.dev33.satoken.util.SaResult;
import java.io.Serializable;
import java.util.function.BiFunction;
import java.util.function.Supplier;
import cn.dev33.satoken.util.SaResult;
/**
* Sa-Token-OAuth2 配置类 Model
* @author kong
@@ -16,15 +16,19 @@ public class SaOAuth2Config implements Serializable {
private static final long serialVersionUID = -6541180061782004705L;
/** 是否打开模式授权码Authorization Code */
@Deprecated
public Boolean isCode = true;
/** 是否打开模式隐藏式Implicit */
@Deprecated
public Boolean isImplicit = false;
/** 是否打开模式密码式Password */
@Deprecated
public Boolean isPassword = false;
/** 是否打开模式凭证式Client Credentials */
@Deprecated
public Boolean isClient = false;
/** 是否在每次 Refresh-Token 刷新 Access-Token 时,产生一个新的 Refresh-Token */

1
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Consts.java
View File

@@ -59,6 +59,7 @@ public class SaOAuth2Consts {
public static String refresh_token = "refresh_token";
public static String password = "password";
public static String client_credentials = "client_credentials";
public static String implicit = "implicit";
}
/** 表示OK的返回结果 */

11
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Handle.java
View File

@@ -35,10 +35,13 @@ public class SaOAuth2Handle {
SaResponse res = SaHolder.getResponse();
SaOAuth2Config cfg = SaOAuth2Manager.getConfig();
//读取client_id,此参数在所有模式中必填
String clientId = req.getParamNotNull(Param.client_id);
// ------------------ 路由分发 ------------------
// 模式一Code授权码
if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.code) && cfg.isCode) {
if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.code) && (SaOAuth2Util.supportType(clientId,GrantType.authorization_code) || cfg.isCode)) {
return authorize(req, res, cfg);
}
@@ -68,17 +71,17 @@ public class SaOAuth2Handle {
}
// 模式二:隐藏式
if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.token) && cfg.isImplicit) {
if(req.isPath(Api.authorize) && req.isParam(Param.response_type, ResponseType.token) && (SaOAuth2Util.supportType(clientId,GrantType.implicit) || cfg.isImplicit)) {
return authorize(req, res, cfg);
}
// 模式三:密码式
if(req.isPath(Api.token) && req.isParam(Param.grant_type, GrantType.password) && cfg.isPassword) {
if(req.isPath(Api.token) && req.isParam(Param.grant_type, GrantType.password) && (SaOAuth2Util.supportType(clientId,GrantType.password) || cfg.isPassword)) {
return password(req, res, cfg);
}
// 模式四:凭证式
if(req.isPath(Api.client_token) && req.isParam(Param.grant_type, GrantType.client_credentials) && cfg.isClient) {
if(req.isPath(Api.client_token) && req.isParam(Param.grant_type, GrantType.client_credentials) && (SaOAuth2Util.supportType(clientId,GrantType.client_credentials) || cfg.isClient)) {
return clientToken(req, res, cfg);
}

11
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Template.java
View File

@@ -9,6 +9,7 @@ import cn.dev33.satoken.oauth2.model.*;
import cn.dev33.satoken.strategy.SaStrategy;
import cn.dev33.satoken.util.SaFoxUtil;
import java.util.Arrays;
import java.util.List;
/**
@@ -302,7 +303,7 @@ public class SaOAuth2Template {
// 删除 Access-Token
deleteAccessToken(accessToken);
deleteAccessTokenIndex(at.clientId, at.accessToken);
deleteAccessTokenIndex(at.clientId, at.loginId);
// 删除对应的 Refresh-Token
String refreshToken = getRefreshTokenValue(at.clientId, at.loginId);
@@ -917,4 +918,12 @@ public class SaOAuth2Template {
return SaManager.getConfig().getTokenName() + ":oauth2:grant-scope:" + clientId + ":" + loginId;
}
/**
* 检查是否支持的type类型
*/
public Boolean supportType(String clientId,String type){
SaClientModel saClientModel = checkClientModel(clientId);
return Arrays.asList(saClientModel.getAllowType().split(",")).contains(type);
}
}

10
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/logic/SaOAuth2Util.java
View File

@@ -292,6 +292,16 @@ public class SaOAuth2Util {
public static String getGrantScope(String clientId, Object loginId) {
return saOAuth2Template.getGrantScope(clientId, loginId);
}
/**
* 获取:检查是否支持的授权类型
* @param clientId 应用id
* @param type 授权类型
* @return 是否
*/
public static Boolean supportType(String clientId, String type) {
return saOAuth2Template.supportType(clientId, type);
}

24
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/model/SaClientModel.java
View File

@@ -31,15 +31,21 @@ public class SaClientModel implements Serializable {
*/
public String allowUrl;
/**
* 应用允许授权的所有URL, 多个用逗号隔开
*/
public String allowType;
public SaClientModel() {
}
public SaClientModel(String clientId, String clientSecret, String contractScope, String allowUrl) {
public SaClientModel(String clientId, String clientSecret, String contractScope, String allowUrl,String allowType) {
super();
this.clientId = clientId;
this.clientSecret = clientSecret;
this.contractScope = contractScope;
this.allowUrl = allowUrl;
this.allowType = allowType;
}
/**
@@ -105,6 +111,22 @@ public class SaClientModel implements Serializable {
this.allowUrl = allowUrl;
return this;
}
/**
* @return 应用允许的授权模式, 多个用逗号隔开
*/
public String getAllowType() {
return allowType;
}
/**
* @param allowType 应用允许的授权模式, 多个用逗号隔开
* @return 对象自身
*/
public SaClientModel setAllowType(String allowType) {
this.allowType = allowType;
return this;
}
@Override
public String toString() {