Home Explore Help
Sign In
iot
/
hsweb-framework
4
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

优化OAuth2

zhou-hao 4 years ago
parent
64ad82275a
commit
430678e5a8
10 changed files with 102 additions and 6 deletions
Split View Show Diff Stats
  1. 2 0
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2GrantService.java
  2. 11 1
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2ServerAutoConfiguration.java
  3. 2 1
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/AuthorizationCodeResponse.java
  4. 3 2
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/AuthorizationCodeTokenRequest.java
  5. 2 1
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/DefaultAuthorizationCodeGranter.java
  6. 8 0
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/impl/CompositeOAuth2GrantService.java
  7. 24 0
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/refresh/DefaultRefreshTokenGranter.java
  8. 18 0
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/refresh/RefreshTokenGranter.java
  9. 23 0
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/refresh/RefreshTokenRequest.java
  10. 9 1
      hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/web/OAuth2AuthorizeController.java

+ 2 - 0
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2GrantService.java
View File 

@@ -3,6 +3,7 @@ package org.hswebframework.web.oauth2.server;
 
 
 import org.hswebframework.web.oauth2.server.code.AuthorizationCodeGranter;
 
 import org.hswebframework.web.oauth2.server.credential.ClientCredentialGranter;
 
+import org.hswebframework.web.oauth2.server.refresh.RefreshTokenGranter;
 
 
 public interface OAuth2GrantService {
 
 
@@ -10,4 +11,5 @@ public interface OAuth2GrantService {
 
 
     ClientCredentialGranter clientCredential();
 
 
+    RefreshTokenGranter refreshToken();
 
 }

+ 11 - 1
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2ServerAutoConfiguration.java
View File 

@@ -10,6 +10,8 @@ import org.hswebframework.web.oauth2.server.credential.ClientCredentialGranter;
 
 import org.hswebframework.web.oauth2.server.credential.DefaultClientCredentialGranter;
 
 import org.hswebframework.web.oauth2.server.impl.CompositeOAuth2GrantService;
 
 import org.hswebframework.web.oauth2.server.impl.RedisAccessTokenManager;
 
+import org.hswebframework.web.oauth2.server.refresh.DefaultRefreshTokenGranter;
 
+import org.hswebframework.web.oauth2.server.refresh.RefreshTokenGranter;
 
 import org.hswebframework.web.oauth2.server.web.OAuth2AuthorizeController;
 
 import org.springframework.beans.factory.ObjectProvider;
 
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
 
@@ -62,13 +64,21 @@ public class OAuth2ServerAutoConfiguration {
 
             return new DefaultAuthorizationCodeGranter(tokenManager, redisConnectionFactory);
 
         }
 
 
+        @Bean
 
+        @ConditionalOnMissingBean
 
+        public RefreshTokenGranter refreshTokenGranter(AccessTokenManager tokenManager) {
 
+            return new DefaultRefreshTokenGranter(tokenManager);
 
+        }
 
+
 
         @Bean
 
         @ConditionalOnMissingBean
 
         public OAuth2GrantService oAuth2GrantService(ObjectProvider<AuthorizationCodeGranter> codeProvider,
 
-                                                     ObjectProvider<ClientCredentialGranter> credentialProvider) {
 
+                                                     ObjectProvider<ClientCredentialGranter> credentialProvider,
 
+                                                     ObjectProvider<RefreshTokenGranter> refreshProvider) {
 
             CompositeOAuth2GrantService grantService = new CompositeOAuth2GrantService();
 
             grantService.setAuthorizationCodeGranter(codeProvider.getIfAvailable());
 
             grantService.setClientCredentialGranter(credentialProvider.getIfAvailable());
 
+            grantService.setRefreshTokenGranter(refreshProvider.getIfAvailable());
 
 
             return grantService;
 
         }

+ 2 - 1
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/AuthorizationCodeResponse.java
View File 

@@ -4,6 +4,7 @@ package org.hswebframework.web.oauth2.server.code;
 
 import lombok.Getter;
 
 import lombok.Setter;
 
 import lombok.ToString;
 
+import org.hswebframework.web.oauth2.OAuth2Constants;
 
 import org.hswebframework.web.oauth2.server.OAuth2Client;
 
 import org.hswebframework.web.oauth2.server.OAuth2Request;
 
 import org.hswebframework.web.oauth2.server.OAuth2Response;
 
@@ -18,6 +19,6 @@ public class AuthorizationCodeResponse extends OAuth2Response {
 
 
     public AuthorizationCodeResponse(String code) {
 
         this.code = code;
 
-        with("code", code);
 
+        with(OAuth2Constants.code, code);
 
     }
 
 }

+ 3 - 2
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/AuthorizationCodeTokenRequest.java
View File 

@@ -2,6 +2,7 @@ package org.hswebframework.web.oauth2.server.code;
 
 
 import lombok.Getter;
 
 import lombok.Setter;
 
+import org.hswebframework.web.oauth2.OAuth2Constants;
 
 import org.hswebframework.web.oauth2.server.OAuth2Client;
 
 import org.hswebframework.web.oauth2.server.OAuth2Request;
 
 
@@ -21,10 +22,10 @@ public class AuthorizationCodeTokenRequest extends OAuth2Request {
 
     }
 
 
     public Optional<String> code() {
 
-        return getParameter("code").map(String::valueOf);
 
+        return getParameter(OAuth2Constants.code).map(String::valueOf);
 
     }
 
 
     public Optional<String> scope() {
 
-        return getParameter("scope").map(String::valueOf);
 
+        return getParameter(OAuth2Constants.scope).map(String::valueOf);
 
     }
 
 }

+ 2 - 1
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/code/DefaultAuthorizationCodeGranter.java
View File 

@@ -4,6 +4,7 @@ import lombok.AllArgsConstructor;
 
 import org.hswebframework.web.authorization.Authentication;
 
 import org.hswebframework.web.id.IDGenerator;
 
 import org.hswebframework.web.oauth2.ErrorType;
 
+import org.hswebframework.web.oauth2.OAuth2Constants;
 
 import org.hswebframework.web.oauth2.OAuth2Exception;
 
 import org.hswebframework.web.oauth2.server.AccessToken;
 
 import org.hswebframework.web.oauth2.server.AccessTokenManager;
 
@@ -44,7 +45,7 @@ public class DefaultAuthorizationCodeGranter implements AuthorizationCodeGranter
 
         Authentication authentication = request.getAuthentication();
 
         AuthorizationCodeCache codeCache = new AuthorizationCodeCache();
 
         String code = IDGenerator.MD5.generate();
 
-        request.getParameter("scope").map(String::valueOf).ifPresent(codeCache::setScope);
 
+        request.getParameter(OAuth2Constants.scope).map(String::valueOf).ifPresent(codeCache::setScope);
 
         codeCache.setCode(code);
 
         codeCache.setClientId(client.getClientId());
 
         ScopePredicate permissionPredicate = OAuth2ScopeUtils.createScopePredicate(codeCache.getScope());

+ 8 - 0
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/impl/CompositeOAuth2GrantService.java
View File 

@@ -5,6 +5,7 @@ import lombok.Setter;
 
 import org.hswebframework.web.oauth2.server.credential.ClientCredentialGranter;
 
 import org.hswebframework.web.oauth2.server.OAuth2GrantService;
 
 import org.hswebframework.web.oauth2.server.code.AuthorizationCodeGranter;
 
+import org.hswebframework.web.oauth2.server.refresh.RefreshTokenGranter;
 
 
 @Getter
 
 @Setter
 
@@ -14,6 +15,8 @@ public class CompositeOAuth2GrantService implements OAuth2GrantService {
 
 
     private ClientCredentialGranter clientCredentialGranter;
 
 
+    private RefreshTokenGranter refreshTokenGranter;
 
+
 
     @Override
 
     public AuthorizationCodeGranter authorizationCode() {
 
         return authorizationCodeGranter;
 
@@ -23,4 +26,9 @@ public class CompositeOAuth2GrantService implements OAuth2GrantService {
 
     public ClientCredentialGranter clientCredential() {
 
         return clientCredentialGranter;
 
     }
 
+
 
+    @Override
 
+    public RefreshTokenGranter refreshToken() {
 
+        return refreshTokenGranter;
 
+    }
 
 }

+ 24 - 0
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/refresh/DefaultRefreshTokenGranter.java
View File 

@@ -0,0 +1,24 @@
 
+package org.hswebframework.web.oauth2.server.refresh;
 
+
 
+import lombok.AllArgsConstructor;
 
+import org.hswebframework.web.oauth2.ErrorType;
 
+import org.hswebframework.web.oauth2.OAuth2Exception;
 
+import org.hswebframework.web.oauth2.server.AccessToken;
 
+import org.hswebframework.web.oauth2.server.AccessTokenManager;
 
+import reactor.core.publisher.Mono;
 
+
 
+@AllArgsConstructor
 
+public class DefaultRefreshTokenGranter implements RefreshTokenGranter {
 
+
 
+    private final AccessTokenManager accessTokenManager;
 
+
 
+    @Override
 
+    public Mono<AccessToken> requestToken(RefreshTokenRequest request) {
 
+
 
+        return accessTokenManager
 
+                .refreshAccessToken(
 
+                        request.getClient().getClientId(),
 
+                        request.refreshToken().orElseThrow(()->new OAuth2Exception(ErrorType.ILLEGAL_REFRESH_TOKEN))
 
+                        );
 
+    }
 
+}

+ 18 - 0
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/refresh/RefreshTokenGranter.java
View File 

@@ -0,0 +1,18 @@
 
+package org.hswebframework.web.oauth2.server.refresh;
 
+
 
+import org.hswebframework.web.oauth2.server.AccessToken;
 
+import org.hswebframework.web.oauth2.server.credential.ClientCredentialRequest;
 
+import reactor.core.publisher.Mono;
 
+
 
+public interface RefreshTokenGranter {
 
+
 
+    /**
 
+     * 刷新token
 
+     *
 
+     * @param request 请求
 
+     * @return token
 
+     */
 
+    Mono<AccessToken> requestToken(RefreshTokenRequest request);
 
+
 
+
 
+}

+ 23 - 0
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/refresh/RefreshTokenRequest.java
View File 

@@ -0,0 +1,23 @@
 
+package org.hswebframework.web.oauth2.server.refresh;
 
+
 
+import lombok.Getter;
 
+import org.hswebframework.web.oauth2.OAuth2Constants;
 
+import org.hswebframework.web.oauth2.server.OAuth2Client;
 
+import org.hswebframework.web.oauth2.server.OAuth2Request;
 
+
 
+import java.util.Map;
 
+import java.util.Optional;
 
+
 
+@Getter
 
+public class RefreshTokenRequest extends OAuth2Request {
 
+    private final OAuth2Client client;
 
+
 
+    public RefreshTokenRequest(OAuth2Client client, Map<String, String> parameters) {
 
+        super(parameters);
 
+        this.client = client;
 
+    }
 
+
 
+    public Optional<String> refreshToken(){
 
+        return getParameter(OAuth2Constants.refresh_token);
 
+    }
 
+}

+ 9 - 1
hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/web/OAuth2AuthorizeController.java
View File 

@@ -7,7 +7,6 @@ import io.swagger.v3.oas.annotations.tags.Tag;
 
 import lombok.AllArgsConstructor;
 
 import lombok.SneakyThrows;
 
 import org.hswebframework.web.authorization.Authentication;
 
-import org.hswebframework.web.authorization.ReactiveAuthenticationManager;
 
 import org.hswebframework.web.authorization.annotation.Authorize;
 
 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
 
 import org.hswebframework.web.oauth2.ErrorType;
 
@@ -19,6 +18,7 @@ import org.hswebframework.web.oauth2.server.OAuth2GrantService;
 
 import org.hswebframework.web.oauth2.server.code.AuthorizationCodeRequest;
 
 import org.hswebframework.web.oauth2.server.code.AuthorizationCodeTokenRequest;
 
 import org.hswebframework.web.oauth2.server.credential.ClientCredentialRequest;
 
+import org.hswebframework.web.oauth2.server.refresh.RefreshTokenRequest;
 
 import org.springframework.http.MediaType;
 
 import org.springframework.http.ResponseEntity;
 
 import org.springframework.util.MultiValueMap;
 
@@ -131,6 +131,14 @@ public class OAuth2AuthorizeController {
 
                         .clientCredential()
 
                         .requestToken(new ClientCredentialRequest(client, param));
 
             }
 
+        },
 
+        refresh_token{
 
+            @Override
 
+            Mono<AccessToken> requestToken(OAuth2GrantService service, OAuth2Client client, Map<String, String> param) {
 
+                return service
 
+                        .refreshToken()
 
+                        .requestToken(new RefreshTokenRequest(client, param));
 
+            }
 
         };
 
 
         abstract Mono<AccessToken> requestToken(OAuth2GrantService service, OAuth2Client client, Map<String, String> param);