lsm/sa-token
1
0
Fork 0
mirror of https://gitee.com/dromara/sa-token.git synced 2025-06-28 04:35:16 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(oauth2): 新增:多 Access-Token 并存 & 多 Refresh-Token 并存 & 多 Client-Token 并存 & 移除 Lower-Client-Token 模块

Browse Source 
Closes: #IBHFD1, #IBLL4Q
fix: #724
This commit is contained in:
click33 2025-05-13 02:38:31 +08:00
parent 1304cb248d
commit f1089f697c
11 changed files with 959 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/mock/SaClientMockDao.java
View File

@ -16,12 +16,14 @@ import java.util.List;
@Component
public class SaClientMockDao {
public List<SaClientModel> list = new ArrayList<>();
public List<SaClientModel> list;
/**
* 构造方法添加三个模拟应用
*/
public SaClientMockDao(){
public void init(){
list = new ArrayList<>();
// 模拟应用1
SaClientModel client1 = new SaClientModel()
.setClientId("1001") // client id
@ -77,6 +79,9 @@ public class SaClientMockDao {
* @return 应用对象
*/
public SaClientModel getClientModel(String clientId) {
if(list == null) {
init();
}
return list.stream()
.filter(e -> e.getClientId().equals(clientId))
.findFirst()

83
sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/test/Test2Controller.java Normal file
View File

@ -0,0 +1,83 @@
package com.pj.test;
import cn.dev33.satoken.oauth2.template.SaOAuth2Util;
import cn.dev33.satoken.util.SaResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.List;
/**
* 测试 OAuth2 相关 token 增删查
*
* @author click33
* @since 2024/8/25
*/
@RestController
@RequestMapping("/test")
public class Test2Controller {
// 测试查询全部 Access-Token --- http://localhost:8000/test/getAccessTokenValueList?clientId=1001&loginId=10001
@RequestMapping("/getAccessTokenValueList")
public SaResult getAccessTokenValueList(String clientId, long loginId) {
List<String> accessTokenValueList = SaOAuth2Util.getAccessTokenValueList(clientId, loginId);
return SaResult.data(accessTokenValueList);
}
// 测试回收指定 Access-Token --- http://localhost:8000/test/revokeAccessToken?access_token=xxxxxxxxxx
@RequestMapping("/revokeAccessToken")
public SaResult revokeAccessToken(String access_token) {
SaOAuth2Util.revokeAccessToken(access_token);
return SaResult.ok();
}
// 测试回收全部 Access-Token --- http://localhost:8000/test/revokeAccessTokenByIndex?clientId=1001&loginId=10001
@RequestMapping("/revokeAccessTokenByIndex")
public SaResult revokeAccessTokenByIndex(String clientId, long loginId) {
SaOAuth2Util.revokeAccessTokenByIndex(clientId, loginId);
return SaResult.ok();
}
// 测试查询全部 Refresh-Token --- http://localhost:8000/test/getRefreshTokenValueList?clientId=1001&loginId=10001
@RequestMapping("/getRefreshTokenValueList")
public SaResult getRefreshTokenValueList(String clientId, long loginId) {
List<String> refreshTokenValueList = SaOAuth2Util.getRefreshTokenValueList(clientId, loginId);
return SaResult.data(refreshTokenValueList);
}
// 测试回收指定 Refresh-Token --- http://localhost:8000/test/revokeRefreshToken?refresh_token=xxxxxxxxxx
@RequestMapping("/revokeRefreshToken")
public SaResult revokeRefreshToken(String refresh_token) {
SaOAuth2Util.revokeRefreshToken(refresh_token);
return SaResult.ok();
}
// 测试回收全部 Refresh-Token --- http://localhost:8000/test/revokeRefreshTokenByIndex?clientId=1001&loginId=10001
@RequestMapping("/revokeRefreshTokenByIndex")
public SaResult revokeRefreshTokenByIndex(String clientId, long loginId) {
SaOAuth2Util.revokeRefreshTokenByIndex(clientId, loginId);
return SaResult.ok();
}
// 测试查询全部 Client-Token --- http://localhost:8000/test/getClientTokenValueList?clientId=1001
@RequestMapping("/getClientTokenValueList")
public SaResult getClientTokenValueList(String clientId) {
List<String> clientTokenValueList = SaOAuth2Util.getClientTokenValueList(clientId);
return SaResult.data(clientTokenValueList);
}
// 测试回收指定 Client-Token --- http://localhost:8000/test/revokeClientToken?client_token=xxxxxxxxxxx
@RequestMapping("/revokeClientToken")
public SaResult revokeClientToken(String client_token) {
SaOAuth2Util.revokeClientToken(client_token);
return SaResult.ok();
}
// 测试回收全部 Client-Token --- http://localhost:8000/test/revokeClientTokenByIndex?clientId=1001
@RequestMapping("/revokeClientTokenByIndex")
public SaResult revokeClientTokenByIndex(String clientId) {
SaOAuth2Util.revokeClientTokenByIndex(clientId);
return SaResult.ok();
}
}

3
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/SaOAuth2Manager.java
View File

@ -17,7 +17,6 @@ package cn.dev33.satoken.oauth2;
import cn.dev33.satoken.oauth2.config.SaOAuth2ServerConfig;
import cn.dev33.satoken.oauth2.dao.SaOAuth2Dao;
import cn.dev33.satoken.oauth2.dao.SaOAuth2DaoDefaultImpl;
import cn.dev33.satoken.oauth2.data.convert.SaOAuth2DataConverter;
import cn.dev33.satoken.oauth2.data.convert.SaOAuth2DataConverterDefaultImpl;
import cn.dev33.satoken.oauth2.data.generate.SaOAuth2DataGenerate;
@ -137,7 +136,7 @@ public class SaOAuth2Manager {
if (dao == null) {
synchronized (SaOAuth2Manager.class) {
if (dao == null) {
setDao(new SaOAuth2DaoDefaultImpl());
setDao(new SaOAuth2Dao());
}
}
}

64
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/config/SaOAuth2ServerConfig.java
View File

@ -62,6 +62,15 @@ public class SaOAuth2ServerConfig implements Serializable {
/** Lower-Client-Token 保存的时间(单位:秒) 默认为 -1代表延续 Client-Token 有效期 */
public long lowerClientTokenTimeout = -1;
/** 全局默认配置所有应用:单个应用单个用户最多同时存在的 Access-Token 数量 */
public int maxAccessTokenCount = 12;
/** 全局默认配置所有应用:单个应用单个用户最多同时存在的 Refresh-Token 数量 */
public int maxRefreshTokenCount = 12;
/** 全局默认配置所有应用:单个应用最多同时存在的 Client-Token 数量 */
public int maxClientTokenCount = 12;
/** 默认 openid 生成算法中使用的摘要前缀 */
public String openidDigestPrefix = SaOAuth2Consts.OPENID_DEFAULT_DIGEST_PREFIX;
@ -264,6 +273,58 @@ public class SaOAuth2ServerConfig implements Serializable {
return this;
}
/**
* @return maxAccessTokenCount
*/
public int getMaxAccessTokenCount() {
return maxAccessTokenCount;
}
/**
* @param maxAccessTokenCount 要设置的 maxAccessTokenCount
* @return 对象自身
*/
public SaOAuth2ServerConfig setMaxAccessTokenCount(int maxAccessTokenCount) {
this.maxAccessTokenCount = maxAccessTokenCount;
return this;
}
/**
* 全局默认配置所有应用单个应用单个用户最多同时存在的 Refresh-Token 数量
* @return /
*/
public int getMaxRefreshTokenCount() {
return maxRefreshTokenCount;
}
/**
* 全局默认配置所有应用单个应用单个用户最多同时存在的 Refresh-Token 数量
* @param maxRefreshTokenCount /
* @return 对象自身
*/
public SaOAuth2ServerConfig setMaxRefreshTokenCount(int maxRefreshTokenCount) {
this.maxRefreshTokenCount = maxRefreshTokenCount;
return this;
}
/**
* 全局默认配置所有应用单个应用单个用户最多同时存在的 Client-Token 数量
* @return /
*/
public int getMaxClientTokenCount() {
return maxClientTokenCount;
}
/**
* 全局默认配置所有应用单个应用单个用户最多同时存在的 Client-Token 数量
* @param maxClientTokenCount /
* @return 对象自身
*/
public SaOAuth2ServerConfig setMaxClientTokenCount(int maxClientTokenCount) {
this.maxClientTokenCount = maxClientTokenCount;
return this;
}
/**
* @return openidDigestPrefix
*/
@ -416,6 +477,9 @@ public class SaOAuth2ServerConfig implements Serializable {
", refreshTokenTimeout=" + refreshTokenTimeout +
", clientTokenTimeout=" + clientTokenTimeout +
", lowerClientTokenTimeout=" + lowerClientTokenTimeout +
", maxAccessTokenCount=" + maxAccessTokenCount +
", maxRefreshTokenCount=" + maxRefreshTokenCount +
", maxClientTokenCount=" + maxClientTokenCount +
", openidDigestPrefix='" + openidDigestPrefix +
", unionidDigestPrefix='" + unionidDigestPrefix +
", higherScope='" + higherScope +

916
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/dao/SaOAuth2Dao.java
View File

File diff suppressed because it is too large Load Diff

26
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/dao/SaOAuth2DaoDefaultImpl.java
View File

@ -1,26 +0,0 @@
/*
* Copyright 2020-2099 sa-token.cc
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package cn.dev33.satoken.oauth2.dao;
/**
* Sa-Token OAuth2 数据持久层默认实现
*
* @author click33
* @since 1.39.0
*/
public class SaOAuth2DaoDefaultImpl implements SaOAuth2Dao {
}

2
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerate.java
View File

@ -39,7 +39,7 @@ public interface SaOAuth2DataGenerate {
CodeModel generateCode(RequestAuthModel ra);
/**
* 构建ModelAccess-Token
* 构建ModelAccess-Token (根据 code 授权码)
* @param code 授权码Model
* @return AccessToken Model
*/

49
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerateDefaultImpl.java
View File

@ -74,7 +74,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
}
/**
* 构建ModelAccess-Token
* 构建ModelAccess-Token (根据 code 授权码)
* @param code 授权码
* @return AccessToken Model
*/
@ -88,9 +88,9 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
CodeModel cm = dao.getCode(code);
SaOAuth2AuthorizationCodeException.throwBy(cm == null, "无效 code: " + code, code, SaOAuth2ErrorCode.CODE_30110);
// 2删除旧Token
dao.deleteAccessToken(dao.getAccessTokenValue(cm.clientId, cm.loginId));
dao.deleteRefreshToken(dao.getRefreshTokenValue(cm.clientId, cm.loginId));
// 2删除旧TokenTODO 目测不用删保存索引的时候如果超出了会自动删
// dao.deleteAccessToken(dao.getAccessTokenList(cm.clientId, cm.loginId));
// dao.deleteRefreshToken(dao.getRefreshTokenValue(cm.clientId, cm.loginId));
// 3生成token
AccessTokenModel at = dataConverter.convertCodeToAccessToken(cm);
@ -100,10 +100,11 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
at.refreshExpiresTime = rt.expiresTime;
// 4保存token
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(cm.clientId);
dao.saveAccessToken(at);
dao.saveAccessTokenIndex(at);
dao.saveAccessTokenIndex(at, clientModel.getMaxAccessTokenCount());
dao.saveRefreshToken(rt);
dao.saveRefreshTokenIndex(rt);
dao.saveRefreshTokenIndex(rt, clientModel.getMaxRefreshTokenCount());
// 5删除此Code
dao.deleteCode(code);
@ -131,16 +132,16 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(rt.clientId);
if(clientModel.getIsNewRefresh()) {
// 删除旧 Refresh-Token
dao.deleteRefreshToken(rt.refreshToken);
// dao.deleteRefreshToken(rt.refreshToken);
// 创建并保存新的 Refresh-Token
rt = SaOAuth2Manager.getDataConverter().convertRefreshTokenToRefreshToken(rt);
dao.saveRefreshToken(rt);
dao.saveRefreshTokenIndex(rt);
dao.saveRefreshTokenIndex(rt, clientModel.getMaxRefreshTokenCount());
}
// 删除旧 Access-Token
dao.deleteAccessToken(dao.getAccessTokenValue(rt.clientId, rt.loginId));
// dao.deleteAccessToken(dao.getAccessTokenList(rt.clientId, rt.loginId));
// 生成新 Access-Token
AccessTokenModel at = SaOAuth2Manager.getDataConverter().convertRefreshTokenToAccessToken(rt);
@ -148,7 +149,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
// 保存新 Access-Token
dao.saveAccessToken(at);
dao.saveAccessTokenIndex(at);
dao.saveAccessTokenIndex(at, clientModel.getMaxAccessTokenCount());
// 返回新 Access-Token
return at;
@ -168,10 +169,10 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
// 1删除 旧Token
dao.deleteAccessToken(dao.getAccessTokenValue(ra.clientId, ra.loginId));
if(isCreateRt) {
dao.deleteRefreshToken(dao.getRefreshTokenValue(ra.clientId, ra.loginId));
}
// dao.deleteAccessToken(dao.getAccessTokenList(ra.clientId, ra.loginId));
// if(isCreateRt) {
// dao.deleteRefreshToken(dao.getRefreshTokenValue(ra.clientId, ra.loginId));
// }
// 2生成 新Access-Token
String newAtValue = SaOAuth2Strategy.instance.createAccessToken.execute(ra.clientId, ra.loginId, ra.scopes);
@ -195,12 +196,12 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
at.refreshExpiresTime = rt.expiresTime;
dao.saveRefreshToken(rt);
dao.saveRefreshTokenIndex(rt);
dao.saveRefreshTokenIndex(rt, clientModel.getMaxRefreshTokenCount());
}
// 5保存 新Access-Token
dao.saveAccessToken(at);
dao.saveAccessTokenIndex(at);
dao.saveAccessTokenIndex(at, clientModel.getMaxAccessTokenCount());
// 6返回 新Access-Token
return at;
@ -218,18 +219,18 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
// 1删掉旧 Lower-Client-Token
dao.deleteClientToken(dao.getLowerClientTokenValue(clientId));
// dao.deleteClientToken(dao.getLowerClientTokenValue(clientId));
// 2将旧Client-Token 标记为新 Lower-Client-Token
ClientTokenModel oldCt = dao.getClientToken(dao.getClientTokenValue(clientId));
dao.saveLowerClientTokenIndex(oldCt);
// ClientTokenModel oldCt = dao.getClientToken(dao.getClientTokenValue(clientId));
// dao.saveLowerClientTokenIndex(oldCt);
// 2.5如果配置了 Lower-Client-Token ttl 则需要更新一下
SaClientModel cm = SaOAuth2Manager.getDataLoader().getClientModelNotNull(clientId);
if(oldCt != null && cm.getLowerClientTokenTimeout() != -1) {
oldCt.expiresTime = System.currentTimeMillis() + (cm.getLowerClientTokenTimeout() * 1000);
dao.saveClientToken(oldCt);
}
// if(oldCt != null && cm.getLowerClientTokenTimeout() != -1) {
// oldCt.expiresTime = System.currentTimeMillis() + (cm.getLowerClientTokenTimeout() * 1000);
// dao.saveClientToken(oldCt);
// }
// 3生成新 Client-Token
String clientTokenValue = SaOAuth2Strategy.instance.createClientToken.execute(clientId, scopes);
@ -242,7 +243,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
// 3保存新Client-Token
dao.saveClientToken(ct);
dao.saveClientTokenIndex(ct);
dao.saveClientTokenIndex(ct, cm.getMaxClientTokenCount());
// 4返回
return ct;

152
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/loader/SaClientModel.java
View File

@ -81,6 +81,15 @@ public class SaClientModel implements Serializable {
/** 是否允许此应用自动确认授权(高危配置,禁止向不被信任的第三方开启此选项) */
public Boolean isAutoConfirm = false;
/** 此应用单个用户最多同时存在的 Access-Token 数量 */
public int maxAccessTokenCount;
/** 此应用单个用户最多同时存在的 Refresh-Token 数量 */
public int maxRefreshTokenCount;
/** 此应用最多同时存在的 Client-Token 数量 */
public int maxClientTokenCount;
public SaClientModel() {
SaOAuth2ServerConfig config = SaOAuth2Manager.getServerConfig();
@ -89,6 +98,9 @@ public class SaClientModel implements Serializable {
this.refreshTokenTimeout = config.getRefreshTokenTimeout();
this.clientTokenTimeout = config.getClientTokenTimeout();
this.lowerClientTokenTimeout = config.getLowerClientTokenTimeout();
this.maxAccessTokenCount = config.getMaxAccessTokenCount();
this.maxRefreshTokenCount = config.getMaxRefreshTokenCount();
this.maxClientTokenCount = config.getMaxClientTokenCount();
}
public SaClientModel(String clientId, String clientSecret, List<String> contractScopes, List<String> allowRedirectUris) {
this();
@ -98,6 +110,48 @@ public class SaClientModel implements Serializable {
this.allowRedirectUris = allowRedirectUris;
}
// 追加方法
/**
* @param scopes 添加应用签约的所有权限
* @return 对象自身
*/
public SaClientModel addContractScopes(String... scopes) {
if(this.contractScopes == null) {
this.contractScopes = new ArrayList<>();
}
this.contractScopes.addAll(Arrays.asList(scopes));
return this;
}
/**
* @param redirectUris 添加应用允许授权的所有 redirect_uri
* @return 对象自身
*/
public SaClientModel addAllowRedirectUris(String... redirectUris) {
if(this.allowRedirectUris == null) {
this.allowRedirectUris = new ArrayList<>();
}
this.allowRedirectUris.addAll(Arrays.asList(redirectUris));
return this;
}
/**
* @param grantTypes 应用允许的所有 grant_type
* @return 对象自身
*/
public SaClientModel addAllowGrantTypes(String... grantTypes) {
if(this.allowGrantTypes == null) {
this.allowGrantTypes = new ArrayList<>();
}
this.allowGrantTypes.addAll(Arrays.asList(grantTypes));
return this;
}
// get set
/**
* @return 应用id
*/
@ -297,7 +351,60 @@ public class SaClientModel implements Serializable {
this.isAutoConfirm = isAutoConfirm;
return this;
}
//
/**
* 此应用单个用户最多同时存在的 Access-Token 数量
* @return /
*/
public int getMaxAccessTokenCount() {
return maxAccessTokenCount;
}
/**
* 设置 此应用单个用户最多同时存在的 Access-Token 数量
* @param maxAccessTokenCount /
* @return 对象自身
*/
public SaClientModel setMaxAccessTokenCount(int maxAccessTokenCount) {
this.maxAccessTokenCount = maxAccessTokenCount;
return this;
}
/**
* 此应用单个用户最多同时存在的 Refresh-Token 数量
* @return /
*/
public int getMaxRefreshTokenCount() {
return maxRefreshTokenCount;
}
/**
* 此应用单个用户最多同时存在的 Refresh-Token 数量
* @param maxRefreshTokenCount /
* @return 对象自身
*/
public SaClientModel setMaxRefreshTokenCount(int maxRefreshTokenCount) {
this.maxRefreshTokenCount = maxRefreshTokenCount;
return this;
}
/**
* 此应用单个用户最多同时存在的 Client-Token 数量
* @return /
*/
public int getMaxClientTokenCount() {
return maxClientTokenCount;
}
/**
* 此应用单个用户最多同时存在的 Client-Token 数量
* @param maxClientTokenCount /
* @return 对象自身
*/
public SaClientModel setMaxClientTokenCount(int maxClientTokenCount) {
this.maxClientTokenCount = maxClientTokenCount;
return this;
}
@Override
public String toString() {
@ -314,47 +421,10 @@ public class SaClientModel implements Serializable {
", clientTokenTimeout=" + clientTokenTimeout +
", lowerClientTokenTimeout=" + lowerClientTokenTimeout +
", isAutoConfirm=" + isAutoConfirm +
", maxAccessTokenCount=" + maxAccessTokenCount +
", refreshTokenTimeout=" + refreshTokenTimeout +
", maxClientTokenCount=" + maxClientTokenCount +
'}';
}
// 追加方法
/**
* @param scopes 添加应用签约的所有权限
* @return 对象自身
*/
public SaClientModel addContractScopes(String... scopes) {
if(this.contractScopes == null) {
this.contractScopes = new ArrayList<>();
}
this.contractScopes.addAll(Arrays.asList(scopes));
return this;
}
/**
* @param redirectUris 添加应用允许授权的所有 redirect_uri
* @return 对象自身
*/
public SaClientModel addAllowRedirectUris(String... redirectUris) {
if(this.allowRedirectUris == null) {
this.allowRedirectUris = new ArrayList<>();
}
this.allowRedirectUris.addAll(Arrays.asList(redirectUris));
return this;
}
/**
* @param grantTypes 应用允许的所有 grant_type
* @return 对象自身
*/
public SaClientModel addAllowGrantTypes(String... grantTypes) {
if(this.allowGrantTypes == null) {
this.allowGrantTypes = new ArrayList<>();
}
this.allowGrantTypes.addAll(Arrays.asList(grantTypes));
return this;
}
}

88
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/template/SaOAuth2Template.java
View File

@ -428,13 +428,14 @@ public class SaOAuth2Template {
}
/**
* 获取 Access-Token根据索引 clientIdloginId
* 获取 Access-Token 列表此应用下 某个用户 签发的所有 Access-token
*
* @param clientId /
* @param loginId /
* @return /
*/
public String getAccessTokenValue(String clientId, Object loginId) {
return SaOAuth2Manager.getDao().getAccessTokenValue(clientId, loginId);
public List<String> getAccessTokenValueList(String clientId, Object loginId) {
return SaOAuth2Manager.getDao().getAccessTokenValueList(clientId, loginId);
}
/**
@ -490,7 +491,7 @@ public class SaOAuth2Template {
}
/**
* 回收 Access-Token
* 回收一个 Access-Token
* @param accessToken Access-Token值
*/
public void revokeAccessToken(String accessToken) {
@ -502,21 +503,24 @@ public class SaOAuth2Template {
// at索引
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
dao.deleteAccessToken(accessToken);
dao.deleteAccessTokenIndex(at.clientId, at.loginId);
dao.deleteAccessTokenIndexBySingleData(at.clientId, at.loginId, accessToken);
}
/**
* 回收 Access-Token根据索引 clientIdloginId
* 回收全部 Access-Token指定应用下 指定用户 的全部 Access-Token
* @param clientId /
* @param loginId /
*/
public void revokeAccessTokenByIndex(String clientId, Object loginId) {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
// at删索引
String accessToken = getAccessTokenValue(clientId, loginId);
if(accessToken != null) {
dao.deleteAccessToken(accessToken);
List<String> accessTokenList = getAccessTokenValueList(clientId, loginId);
if( ! accessTokenList.isEmpty()) {
// AT
for (String accessToken : accessTokenList) {
dao.deleteAccessToken(accessToken);
}
// 删索引
dao.deleteAccessTokenIndex(clientId, loginId);
}
}
@ -549,17 +553,19 @@ public class SaOAuth2Template {
}
/**
* 获取 Refresh-Token根据索引 clientIdloginId
* 获取 Refresh-Token 列表此应用下 某个用户 签发的所有 Refresh-Token
*
* @param clientId /
* @param loginId /
* @return /
*/
public String getRefreshTokenValue(String clientId, Object loginId) {
return SaOAuth2Manager.getDao().getRefreshTokenValue(clientId, loginId);
public List<String> getRefreshTokenValueList(String clientId, Object loginId) {
return SaOAuth2Manager.getDao().getRefreshTokenValueList(clientId, loginId);
}
/**
* 回收 Refresh-Token
* 回收一个 Refresh-Token
*
* @param refreshToken Refresh-Token
*/
public void revokeRefreshToken(String refreshToken) {
@ -571,21 +577,25 @@ public class SaOAuth2Template {
// rt索引
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
dao.deleteRefreshToken(refreshToken);
dao.deleteRefreshTokenIndex(rt.clientId, rt.loginId);
dao.deleteRefreshTokenIndexBySingleData(rt.clientId, rt.loginId, refreshToken);
}
/**
* 回收 Refresh-Token根据索引 clientIdloginId
* 回收全部 Refresh-Token指定应用下 指定用户 的全部 Refresh-Token
*
* @param clientId /
* @param loginId /
*/
public void revokeRefreshTokenByIndex(String clientId, Object loginId) {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
// rt删索引
String refreshToken = getRefreshTokenValue(clientId, loginId);
if(refreshToken != null) {
dao.deleteRefreshToken(refreshToken);
List<String> refreshTokenList = getRefreshTokenValueList(clientId, loginId);
if( ! refreshTokenList.isEmpty()) {
// RT
for (String refreshToken : refreshTokenList) {
dao.deleteRefreshToken(refreshToken);
}
// 删索引
dao.deleteRefreshTokenIndex(clientId, loginId);
}
}
@ -627,12 +637,13 @@ public class SaOAuth2Template {
}
/**
* 获取 ClientToken根据索引 clientId
* 获取 Client-Token 列表此应用下 某个用户 签发的所有 Client-token
*
* @param clientId /
* @return /
*/
public String getClientTokenValue(String clientId) {
return SaOAuth2Manager.getDao().getClientTokenValue(clientId);
public List<String> getClientTokenValueList(String clientId) {
return SaOAuth2Manager.getDao().getClientTokenValueList(clientId);
}
/**
@ -670,7 +681,7 @@ public class SaOAuth2Template {
}
/**
* 回收 ClientToken
* 回收一个 ClientToken
*
* @param clientToken /
*/
@ -682,10 +693,11 @@ public class SaOAuth2Template {
// ct删索引
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
dao.deleteClientToken(clientToken);
dao.deleteClientTokenIndex(ct.clientId);
dao.deleteClientTokenIndexBySingleData(ct.clientId, clientToken);
}
/**
* 回收全部 Client-Token指定应用下的全部 Client-Token
* 回收 ClientToken根据索引 clientId
*
* @param clientId /
@ -693,29 +705,17 @@ public class SaOAuth2Template {
public void revokeClientTokenByIndex(String clientId) {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
// clientToken
String clientToken = getClientTokenValue(clientId);
if(clientToken != null) {
dao.deleteClientToken(clientToken);
List<String> clientTokenList = getClientTokenValueList(clientId);
if( ! clientTokenList.isEmpty()) {
// AT
for (String clientToken : clientTokenList) {
dao.deleteClientToken(clientToken);
}
// 删索引
dao.deleteClientTokenIndex(clientId);
}
}
/**
* 回收 Lower-Client-Token根据索引 clientId
*
* @param clientId /
*/
public void revokeLowerClientTokenByIndex(String clientId) {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
// Lower-Client-Token
String lowerClientToken = dao.getLowerClientTokenValue(clientId);
if(lowerClientToken != null) {
dao.deleteLowerClientToken(lowerClientToken);
dao.deleteLowerClientTokenIndex(clientId);
}
}
// ----------------- 包装其它 bean 的方法 -----------------

42
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/template/SaOAuth2Util.java
View File

@ -181,13 +181,13 @@ public class SaOAuth2Util {
}
/**
* 获取 Access-Token根据索引 clientIdloginId
* 获取 Access-Token 列表此应用下 某个用户 签发的所有 Access-token
* @param clientId /
* @param loginId /
* @return /
*/
public static String getAccessTokenValue(String clientId, Object loginId) {
return SaOAuth2Manager.getTemplate().getAccessTokenValue(clientId, loginId);
public static List<String> getAccessTokenValueList(String clientId, Object loginId) {
return SaOAuth2Manager.getTemplate().getAccessTokenValueList(clientId, loginId);
}
/**
@ -227,7 +227,7 @@ public class SaOAuth2Util {
}
/**
* 回收 Access-Token
* 回收一个 Access-Token
* @param accessToken Access-Token值
*/
public static void revokeAccessToken(String accessToken) {
@ -235,7 +235,7 @@ public class SaOAuth2Util {
}
/**
* 回收 Access-Token根据索引 clientIdloginId
* 回收全部 Access-Token指定应用下 指定用户 的全部 Access-Token
* @param clientId /
* @param loginId /
*/
@ -265,17 +265,19 @@ public class SaOAuth2Util {
}
/**
* 获取 Refresh-Token根据索引 clientIdloginId
* 获取 Refresh-Token 列表此应用下 某个用户 签发的所有 Refresh-Token
*
* @param clientId /
* @param loginId /
* @return /
*/
public static String getRefreshTokenValue(String clientId, Object loginId) {
return SaOAuth2Manager.getTemplate().getRefreshTokenValue(clientId, loginId);
public static List<String> getRefreshTokenValueList(String clientId, Object loginId) {
return SaOAuth2Manager.getTemplate().getRefreshTokenValueList(clientId, loginId);
}
/**
* 回收 Refresh-Token
* 回收一个 Refresh-Token
*
* @param refreshToken Refresh-Token
*/
public static void revokeRefreshToken(String refreshToken) {
@ -283,7 +285,7 @@ public class SaOAuth2Util {
}
/**
* 回收 Refresh-Token根据索引 clientIdloginId
* 回收全部 Refresh-Token指定应用下 指定用户 的全部 Refresh-Token
* @param clientId /
* @param loginId /
*/
@ -322,12 +324,13 @@ public class SaOAuth2Util {
}
/**
* 获取 ClientToken根据索引 clientId
* 获取 Client-Token 列表此应用下 某个用户 签发的所有 Client-token
*
* @param clientId /
* @return /
*/
public static String getClientTokenValue(String clientId) {
return SaOAuth2Manager.getTemplate().getClientTokenValue(clientId);
public static List<String> getClientTokenValueList(String clientId) {
return SaOAuth2Manager.getTemplate().getClientTokenValueList(clientId);
}
/**
@ -349,7 +352,7 @@ public class SaOAuth2Util {
}
/**
* 回收 ClientToken
* 回收一个 ClientToken
*
* @param clientToken /
*/
@ -358,7 +361,7 @@ public class SaOAuth2Util {
}
/**
* 回收 ClientToken根据索引 clientId
* 回收全部 Client-Token指定应用下的全部 Client-Token
*
* @param clientId /
*/
@ -366,13 +369,4 @@ public class SaOAuth2Util {
SaOAuth2Manager.getTemplate().revokeClientTokenByIndex(clientId);
}
/**
* 回收 Lower-Client-Token根据索引 clientId
*
* @param clientId /
*/
public static void revokeLowerClientTokenByIndex(String clientId) {
SaOAuth2Manager.getTemplate().revokeLowerClientTokenByIndex(clientId);
}
}