Merge remote-tracking branch 'origin/master'

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/request/ReTry.java

@@ -19,9 +19,11 @@
 package org.hswebframework.web.authorization.oauth2.client.request;
 
 
+
 /**
  * @author zhouhao
  */
+@FunctionalInterface
 public interface ReTry {
     void doReTry();
 }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/request/SimpleOAuth2Request.java

@@ -154,6 +154,14 @@ public class SimpleOAuth2Request implements OAuth2Request {
                 //返回重试后的response
                 return auth2Response;
             });
+
+            //如果是invalid token 也将重新生成token
+            auth2Response.judgeError(ErrorType.INVALID_TOKEN,() -> {
+                //调用回调,并指定重试的操作(重新请求)
+                refreshTokenExpiredCallBack.call(() -> createNativeResponse(responseSupplier));
+                //返回重试后的response
+                return auth2Response;
+            });
         }
         return auth2Response;
     }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/request/SimpleOAuth2Response.java

@@ -64,8 +64,7 @@ public class SimpleOAuth2Response implements OAuth2Response {
 
                 if (type == ifError) {
                     //重试后依然是相同的错误,可能是错误类型判断错误或者服务端的问题?
-                    logger.error("still error [{}], maybe judge error or auth server error！ response:{}"
-                            ,ifError,retryResponse.asString());
+                    logger.error("still error [{}], maybe judge error or auth server error！ {}",ifError,retryResponse,Thread.currentThread().getStackTrace());
                 } else {
                     errorType = type;
                 }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/session/DefaultOAuth2Session.java

@@ -19,7 +19,9 @@
 package org.hswebframework.web.authorization.oauth2.client.simple.session;
 
 import org.apache.commons.codec.binary.Base64;
+import org.hswebframework.web.BusinessException;
 import org.hswebframework.web.authorization.oauth2.client.*;
+import org.hswebframework.web.authorization.oauth2.client.exception.OAuth2RequestException;
 import org.hswebframework.web.authorization.oauth2.client.request.OAuth2Request;
 import org.hswebframework.web.authorization.oauth2.client.request.OAuth2Session;
 import org.hswebframework.web.authorization.oauth2.client.response.OAuth2Response;
@@ -90,6 +92,8 @@ public class DefaultOAuth2Session implements OAuth2Session {
 
     protected void applyTokenParam(OAuth2Request request) {
         request.param(access_token, getAccessToken().getAccessToken());
+        String tokenType = getAccessToken().getTokenType();
+
         request.header(authorization, "Bearer " + getAccessToken().getAccessToken());
     }
 
@@ -114,7 +118,7 @@ public class DefaultOAuth2Session implements OAuth2Session {
         if (accessTokenInfo == null) {
             authorize();
         }
-        if(accessTokenInfo.isExpire()){
+        if (accessTokenInfo.isExpire()) {
             refreshToken();
         }
         OAuth2Request request = createRequest(getRealUrl(uriOrUrl));
@@ -125,9 +129,9 @@ public class DefaultOAuth2Session implements OAuth2Session {
         });
         request.onRefreshTokenExpired(reTry -> {
             //重新请求token
-           setAccessTokenInfo(requestAccessToken());
-           applyTokenParam(request);
-           reTry.doReTry();
+            setAccessTokenInfo(requestAccessToken());
+            applyTokenParam(request);
+            reTry.doReTry();
         });
         applyTokenParam(request);
         return request;
@@ -143,7 +147,8 @@ public class DefaultOAuth2Session implements OAuth2Session {
     public AccessTokenInfo requestAccessToken() {
         AccessTokenInfo accessTokenInfo = accessTokenRequest
                 .param(OAuth2Constants.scope, scope)
-                .post().onError(OAuth2Response.throwOnError)
+                .post()
+                .onError(OAuth2Response.throwOnError)
                 .as(AccessTokenInfo.class);
         accessTokenInfo.setCreateTime(System.currentTimeMillis());
         accessTokenInfo.setUpdateTime(System.currentTimeMillis());
@@ -155,34 +160,43 @@ public class DefaultOAuth2Session implements OAuth2Session {
             return;
         }
         OAuth2Request request = createRequest(getRealUrl(serverConfig.getAccessTokenUrl()));
-        request.onRefreshTokenExpired(reTry -> {
+        //request.onRefreshTokenExpired(reTry -> {
             //重新请求token
-            setAccessTokenInfo(requestAccessToken());
-            applyTokenParam(request);
-            reTry.doReTry();
-        });
+          //  setAccessTokenInfo(requestAccessToken());
+            //applyTokenParam(request);
+            //reTry.doReTry();
+        //});
         applyBasicAuthParam(request);
         boolean[] skip = new boolean[1];
-        AccessTokenInfo tokenInfo = request
-                .param(OAuth2Constants.scope, scope)
-                .param(OAuth2Constants.grant_type, org.hswebframework.web.oauth2.core.GrantType.refresh_token)
-                .param(org.hswebframework.web.oauth2.core.GrantType.refresh_token, accessTokenInfo.getRefreshToken())
-                .post().onError((oAuth2Response, type) -> {
-                    if(type== ErrorType.EXPIRED_REFRESH_TOKEN){
-                        setAccessTokenInfo(requestAccessToken());
-                        skip[0]=true;
-                        return;
-                    }
-                    OAuth2Response.throwOnError.accept(oAuth2Response,type);
-                })
-                .as(AccessTokenInfo.class);
-
-        if(skip[0]){
-            return;
+        try {
+            AccessTokenInfo tokenInfo = request
+                    .param(OAuth2Constants.scope, scope)
+                    .param(OAuth2Constants.grant_type, org.hswebframework.web.oauth2.core.GrantType.refresh_token)
+                    .param(org.hswebframework.web.oauth2.core.GrantType.refresh_token, accessTokenInfo.getRefreshToken())
+                    .post()
+                    .onError((oAuth2Response, type) -> {
+                        if (type == ErrorType.EXPIRED_REFRESH_TOKEN) {
+                            setAccessTokenInfo(requestAccessToken());
+                            skip[0] = true;
+                            return;
+                        }
+                        OAuth2Response.throwOnError.accept(oAuth2Response, type);
+                    })
+                    .as(AccessTokenInfo.class);
+            if (skip[0]) {
+                return;
+            }
+            tokenInfo.setCreateTime(accessTokenInfo.getCreateTime());
+            tokenInfo.setUpdateTime(System.currentTimeMillis());
+            setAccessTokenInfo(tokenInfo);
+        } catch (OAuth2RequestException|BusinessException e) {
+            if (!skip[0]) {
+                //refresh token success
+                throw e;
+            }
         }
-        tokenInfo.setCreateTime(accessTokenInfo.getCreateTime());
-        tokenInfo.setUpdateTime(System.currentTimeMillis());
-        setAccessTokenInfo(tokenInfo);
+
+
     }
 
 

hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/authorization/OAuth2UserTokenParser.java

@@ -28,10 +28,14 @@ public class OAuth2UserTokenParser implements UserTokenParser {
 
     @Override
     public ParsedToken parseToken(HttpServletRequest request) {
+        if (request.getRequestURI().contains("oauth2")&&request.getParameter(OAuth2Constants.grant_type) != null) {
+            return null;
+        }
         String accessToken = request.getHeader(OAuth2Constants.authorization);
         if (StringUtils.isEmpty(accessToken)) {
             accessToken = request.getParameter(OAuth2Constants.access_token);
         } else {
+
             String[] arr = accessToken.split("[ ]");
             if (arr.length > 1) {
                 accessToken = arr[1];