优化OAuth2.0

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-api/src/main/java/org/hswebframework/web/authorization/oauth2/api/OAuth2ServerService.java

@@ -18,8 +18,8 @@
 
 package org.hswebframework.web.authorization.oauth2.api;
 
-import org.hswebframework.web.authorization.oauth2.entity.OAuth2AccessEntity;
-import org.hswebframework.web.authorization.oauth2.entity.OAuth2ClientEntity;
+import org.hswebframework.web.entity.authorization.oauth2.OAuth2AccessEntity;
+import org.hswebframework.web.entity.authorization.oauth2.OAuth2ClientEntity;
 
 /**
  * @author zhouhao
@@ -40,6 +40,8 @@ public interface OAuth2ServerService {
 
     OAuth2AccessEntity requestTokenByPassword(String username, String password);
 
+    OAuth2AccessEntity requestTokenByImplicit(String clientId, String scope);
+
     OAuth2AccessEntity refreshToken(String clientId, String clientSecret, String refreshToken, String scope);
 
     OAuth2AccessEntity getAccessToken(String accessToken);

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-controller/pom.xml

@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-authorization-oauth2-server</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-authorization-oauth2-server-controller</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-commons-controller</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-server-model</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-server-api</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.oltu.oauth2</groupId>
+            <artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
+            <version>1.0.2</version>
+        </dependency>
+    </dependencies>
+</project>

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-dao/hsweb-authorization-oauth2-server-dao-api/src/main/java/org/hswebframework/web/authorization/oauth2/dao/OAuth2ClientDao.java

@@ -16,9 +16,9 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.dao;
+package org.hswebframework.web.dao.authorization.oauth2;
 
-import org.hswebframework.web.authorization.oauth2.entity.OAuth2ClientEntity;
+import org.hswebframework.web.entity.authorization.oauth2.OAuth2ClientEntity;
 import org.hswebframework.web.dao.CrudDao;
 
 /**

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-dao/hsweb-authorization-oauth2-server-dao-mybatis/src/main/resources/org/hswebframework/web/dao/mybatis/mappers/authorization/oauth2/OAuth2CodeMapper.xml

@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<!DOCTYPE mapper
+        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
+        "http://www.mybatis.org/dtd/mybatis-3-mapper.dtd">
+
+<mapper namespace="org.hswebframework.web.dao.authorization.oauth2.AuthorizationCodeDao">
+    <resultMap id="AuthorizationCodeResultMap" type="org.hswebframework.web.entity.authorization.oauth2.SimpleAuthorizationCodeEntity">
+        <result property="clientId" column="client_id" javaType="String" jdbcType="VARCHAR"/>
+        <result property="userId" column="user_id" javaType="String" jdbcType="VARCHAR"/>
+        <result property="code" column="code" javaType="String" jdbcType="VARCHAR"/>
+        <result property="createTime" column="create_time" javaType="Long" jdbcType="NUMERIC"/>
+        <result property="scope" column="scope" javaType="String" jdbcType="VARCHAR"/>
+    </resultMap>
+
+    <!--用于动态生成sql所需的配置-->
+    <sql id="config">
+        <bind name="resultMapId" value="'AuthorizationCodeResultMap'"/>
+        <bind name="tableName" value="'s_oauth2_auth_code'"/>
+    </sql>
+
+    <insert id="insert" parameterType="org.hswebframework.web.entity.authorization.oauth2.SimpleOAuth2ClientEntity">
+        <include refid="config"/>
+        <include refid="BasicMapper.buildInsertSql"/>
+    </insert>
+
+    <delete id="delete" parameterType="org.hswebframework.web.commons.entity.Entity">
+        <include refid="config"/>
+        <include refid="BasicMapper.buildDeleteSql"/>
+    </delete>
+
+    <select id="query" parameterType="org.hswebframework.web.commons.entity.Entity" resultMap="AuthorizationCodeResultMap">
+        <include refid="config"/>
+        <include refid="BasicMapper.buildSelectSql"/>
+    </select>
+
+    <select id="count" parameterType="org.hswebframework.web.commons.entity.Entity" resultType="int">
+        <include refid="config"/>
+        <include refid="BasicMapper.buildTotalSql"/>
+    </select>
+</mapper>

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-dao/pom.xml

@@ -31,6 +31,7 @@
     <packaging>pom</packaging>
     <modules>
         <module>hsweb-authorization-oauth2-server-dao-api</module>
+        <module>hsweb-authorization-oauth2-server-dao-mybatis</module>
     </modules>
 
 

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-entity/src/main/java/org.hswebframework.web.authorization.oauth2.entity/AuthorizationCodeEntity.java

@@ -16,7 +16,7 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.entity;
+package org.hswebframework.web.entity.authorization.oauth2;
 
 import org.hswebframework.web.commons.entity.Entity;
 

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-entity/src/main/java/org.hswebframework.web.authorization.oauth2.entity/OAuth2AccessEntity.java

@@ -16,13 +16,11 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.entity;
+package org.hswebframework.web.entity.authorization.oauth2;
 
 import org.hswebframework.web.commons.entity.Entity;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public interface OAuth2AccessEntity extends Entity {
@@ -58,4 +56,6 @@ public interface OAuth2AccessEntity extends Entity {
     String getScope();
 
     void setScope(String scope);
+
+
 }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-entity/src/main/java/org.hswebframework.web.authorization.oauth2.entity/OAuth2ClientEntity.java

@@ -16,12 +16,14 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.entity;
+package org.hswebframework.web.entity.authorization.oauth2;
 
 import org.hswebframework.web.authorization.User;
 import org.hswebframework.web.commons.entity.GenericEntity;
 import org.hswebframework.web.commons.entity.RecordCreationEntity;
 
+import java.util.List;
+
 /**
  * @author zhouhao
  */
@@ -53,11 +55,20 @@ public interface OAuth2ClientEntity extends GenericEntity<String>, RecordCreatio
 
     void setOwnerId(String ownerId);
 
-    String getComments();
+    String getDescribe();
 
-    void setComments(String comments);
+    void setDescribe(String describe);
 
     String getType();
 
     void setType(String type);
+
+    List<String> getSupportGrantType();
+
+    void setSupportGrantType(List<String> supportGrantType);
+
+    default boolean grantTypeIsSupport(String grantType) {
+        if (getSupportGrantType() == null) return false;
+        return getSupportGrantType().contains(grantType) || getSupportGrantType().contains("*");
+    }
 }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-entity/src/main/java/org.hswebframework.web.authorization.oauth2.entity/SimpleAuthorizationCodeEntity.java

@@ -16,12 +16,10 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.entity;
+package org.hswebframework.web.entity.authorization.oauth2;
 
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public class SimpleAuthorizationCodeEntity implements AuthorizationCodeEntity {

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-entity/src/main/java/org.hswebframework.web.authorization.oauth2.entity/SimpleOAuth2AccessEntity.java

@@ -16,7 +16,7 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.entity;
+package org.hswebframework.web.entity.authorization.oauth2;
 
 /**
  * TODO 完成注释
@@ -41,67 +41,84 @@ public class SimpleOAuth2AccessEntity implements OAuth2AccessEntity {
 
     private String scope;
 
+    @Override
     public String getClientId() {
         return clientId;
     }
 
+    @Override
     public void setClientId(String clientId) {
         this.clientId = clientId;
     }
 
+    @Override
     public String getUserId() {
         return userId;
     }
 
+    @Override
     public void setUserId(String userId) {
         this.userId = userId;
     }
 
+    @Override
     public String getAccessToken() {
         return accessToken;
     }
 
+    @Override
     public void setAccessToken(String accessToken) {
         this.accessToken = accessToken;
     }
 
+    @Override
     public String getRefreshToken() {
         return refreshToken;
     }
 
+    @Override
     public void setRefreshToken(String refreshToken) {
         this.refreshToken = refreshToken;
     }
 
+    @Override
     public Long getExpireIn() {
         return expireIn;
     }
 
+    @Override
     public void setExpireIn(Long expireIn) {
         this.expireIn = expireIn;
     }
 
+    @Override
     public Long getCreateTime() {
         return createTime;
     }
 
+    @Override
     public void setCreateTime(Long createTime) {
         this.createTime = createTime;
     }
 
+    @Override
     public Long getUpdateTime() {
         return updateTime;
     }
 
+    @Override
     public void setUpdateTime(Long updateTime) {
         this.updateTime = updateTime;
     }
 
+    @Override
     public String getScope() {
         return scope;
     }
 
+    @Override
     public void setScope(String scope) {
         this.scope = scope;
     }
+
 }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-entity/src/main/java/org.hswebframework.web.authorization.oauth2.entity/SimpleOAuth2ClientEntity.java

@@ -16,13 +16,13 @@
  *
  */
 
-package org.hswebframework.web.authorization.oauth2.entity;
+package org.hswebframework.web.entity.authorization.oauth2;
 
 import org.hswebframework.web.commons.entity.SimpleGenericEntity;
 
+import java.util.List;
+
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public class SimpleOAuth2ClientEntity extends SimpleGenericEntity<String> implements OAuth2ClientEntity {
@@ -40,14 +40,16 @@ public class SimpleOAuth2ClientEntity extends SimpleGenericEntity<String> implem
 
     private String type;
 
-    private String comments;
+    private String describe;
+
+    private List<String> supportGrantType;
 
-    public String getComments() {
-        return comments;
+    public String getDescribe() {
+        return describe;
     }
 
-    public void setComments(String comments) {
-        this.comments = comments;
+    public void setDescribe(String describe) {
+        this.describe = describe;
     }
 
     @Override
@@ -113,4 +115,14 @@ public class SimpleOAuth2ClientEntity extends SimpleGenericEntity<String> implem
     public void setType(String type) {
         this.type = type;
     }
+
+    @Override
+    public List<String> getSupportGrantType() {
+        return supportGrantType;
+    }
+
+    @Override
+    public void setSupportGrantType(List<String> supportGrantType) {
+        this.supportGrantType = supportGrantType;
+    }
 }

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-model/pom.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-authorization-oauth2-server</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-authorization-oauth2-server-model</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-commons-model</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+</project>

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-model/src/main/java/org/hswebframework/web/authorization/oauth2/model/AccessTokenModel.java

@@ -0,0 +1,79 @@
+/*
+ *  Copyright 2016 http://www.hswebframework.org
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.authorization.oauth2.model;
+
+import org.hswebframework.web.commons.model.Model;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class AccessTokenModel implements Model {
+
+    private String access_token;
+
+    private String refresh_token;
+
+    private String token_type;
+
+    private Long expire_in;
+
+    private String scope;
+
+    public String getScope() {
+        return scope;
+    }
+
+    public void setScope(String scope) {
+        this.scope = scope;
+    }
+
+    public String getAccess_token() {
+        return access_token;
+    }
+
+    public void setAccess_token(String access_token) {
+        this.access_token = access_token;
+    }
+
+    public String getRefresh_token() {
+        return refresh_token;
+    }
+
+    public void setRefresh_token(String refresh_token) {
+        this.refresh_token = refresh_token;
+    }
+
+    public String getToken_type() {
+        return token_type;
+    }
+
+    public void setToken_type(String token_type) {
+        this.token_type = token_type;
+    }
+
+    public Long getExpire_in() {
+        return expire_in;
+    }
+
+    public void setExpire_in(Long expire_in) {
+        this.expire_in = expire_in;
+    }
+}

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-model/src/main/java/org/hswebframework/web/authorization/oauth2/model/AuthorizationCodeModel.java

@@ -0,0 +1,55 @@
+/*
+ *  Copyright 2016 http://www.hswebframework.org
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.authorization.oauth2.model;
+
+import org.hswebframework.web.commons.model.Model;
+
+/**
+ *
+ * @author zhouhao
+ */
+public class AuthorizationCodeModel implements Model {
+    private String code;
+    private String state;
+    private String redirectUri;
+
+    public String getRedirectUri() {
+        return redirectUri;
+    }
+
+    public void setRedirectUri(String redirectUri) {
+        this.redirectUri = redirectUri;
+    }
+
+    public String getCode() {
+        return code;
+    }
+
+    public void setCode(String code) {
+        this.code = code;
+    }
+
+    public String getState() {
+        return state;
+    }
+
+    public void setState(String state) {
+        this.state = state;
+    }
+}

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-model/src/main/java/org/hswebframework/web/authorization/oauth2/model/ImplicitAccessTokenModel.java

@@ -0,0 +1,68 @@
+/*
+ *  Copyright 2016 http://www.hswebframework.org
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *
+ */
+
+package org.hswebframework.web.authorization.oauth2.model;
+
+import org.hswebframework.web.commons.model.Model;
+
+/**
+ * TODO 完成注释
+ *
+ * @author zhouhao
+ */
+public class ImplicitAccessTokenModel implements Model {
+    private String access_token;
+
+    private String token_type;
+
+    private Long expire_in;
+
+    private String state;
+
+    public String getState() {
+        return state;
+    }
+
+    public void setState(String state) {
+        this.state = state;
+    }
+
+    public String getAccess_token() {
+        return access_token;
+    }
+
+    public void setAccess_token(String access_token) {
+        this.access_token = access_token;
+    }
+
+    public String getToken_type() {
+        return token_type;
+    }
+
+    public void setToken_type(String token_type) {
+        this.token_type = token_type;
+    }
+
+    public Long getExpire_in() {
+        return expire_in;
+    }
+
+    public void setExpire_in(Long expire_in) {
+        this.expire_in = expire_in;
+    }
+}

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-simple/src/main/java/org/hswebframework/web/authorization/oauth2/simple/SimpleOAuth2ServerService.java

@@ -21,18 +21,20 @@ package org.hswebframework.web.authorization.oauth2.simple;
 import org.hswebframework.web.AuthorizeForbiddenException;
 import org.hswebframework.web.NotFoundException;
 import org.hswebframework.web.authorization.oauth2.api.OAuth2ServerService;
-import org.hswebframework.web.authorization.oauth2.dao.AuthorizationCodeDao;
-import org.hswebframework.web.authorization.oauth2.dao.OAuth2AccessDao;
-import org.hswebframework.web.authorization.oauth2.dao.OAuth2ClientDao;
-import org.hswebframework.web.authorization.oauth2.entity.AuthorizationCodeEntity;
-import org.hswebframework.web.authorization.oauth2.entity.OAuth2AccessEntity;
-import org.hswebframework.web.authorization.oauth2.entity.OAuth2ClientEntity;
+import org.hswebframework.web.dao.authorization.oauth2.AuthorizationCodeDao;
+import org.hswebframework.web.dao.authorization.oauth2.OAuth2AccessDao;
+import org.hswebframework.web.dao.authorization.oauth2.OAuth2ClientDao;
+import org.hswebframework.web.entity.authorization.oauth2.AuthorizationCodeEntity;
+import org.hswebframework.web.entity.authorization.oauth2.OAuth2AccessEntity;
+import org.hswebframework.web.entity.authorization.oauth2.OAuth2ClientEntity;
 import org.hswebframework.web.commons.entity.GenericEntity;
 import org.hswebframework.web.commons.entity.factory.EntityFactory;
 import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.id.IDGenerator;
 import org.hswebframework.web.service.DefaultDSLQueryService;
 import org.hswebframework.web.service.authorization.UserService;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
 import javax.annotation.Resource;
 
@@ -45,15 +47,15 @@ import static org.hswebframework.web.service.DefaultDSLUpdateService.createUpdat
  *
  * @author zhouhao
  */
+@Service("oAuth2ServerService")
+@Transactional(rollbackFor = Throwable.class)
 public class SimpleOAuth2ServerService implements OAuth2ServerService {
 
     private static final String cacheName = "hsweb.oauth2";
     @Resource
-    private OAuth2ClientDao oAuth2ClientDao;
-
+    private OAuth2ClientDao      oAuth2ClientDao;
     @Resource
-    private OAuth2AccessDao oAuth2AccessDao;
-
+    private OAuth2AccessDao      oAuth2AccessDao;
     @Resource
     private AuthorizationCodeDao authorizationCodeDao;
     @Resource
@@ -115,38 +117,44 @@ public class SimpleOAuth2ServerService implements OAuth2ServerService {
 
     @Override
     public OAuth2AccessEntity requestTokenByCode(String code, String clientId, String clientSecret, String scope) {
-        OAuth2ClientEntity clientEntity = getClient(clientId, clientSecret);
-        if (null == clientEntity) {
-            // TODO: 17-2-28 自定义异常
-            throw new NotFoundException("client not found!");
-        }
-        AuthorizationCodeEntity codeEntity = createQuery(authorizationCodeDao)
-                .where("code", code)
-                .and("clientId", clientId)
-                .single();
+        AuthorizationCodeEntity codeEntity =
+                createQuery(authorizationCodeDao)
+                        .where("code", code)
+                        .and("clientId", clientId)
+                        .single();
         if (codeEntity == null) {
             throw new NotFoundException("code not found!");
         }
-        //授权码已经创建超时(20s)
-        if (System.currentTimeMillis() - codeEntity.getCreateTime() < 20 * 1000) {
-            throw new NotFoundException("time out!");
-        }
-        // TODO: 17-2-28  验证scope
+        try {
+            //授权码已经创建超时(20s)
+            if (System.currentTimeMillis() - codeEntity.getCreateTime() < 20 * 1000) {
+                throw new NotFoundException("time out!");
+            }
+            // TODO: 17-2-28  验证scope
 
-        //删除使用过的授权码
-        createDelete(authorizationCodeDao)
-                .where("code", code)
-                .and("clientId", clientId)
-                .exec();
-
-        OAuth2AccessEntity accessEntity = createNewAccess();
-        accessEntity.setUserId(codeEntity.getUserId());
-        accessEntity.setClientId(clientId);
-        // TODO: 17-2-28 过期时间应该可配置
-        accessEntity.setExpireIn(3600L);
-        accessEntity.setScope(scope);
-        oAuth2AccessDao.insert(accessEntity);
-        return accessEntity;
+            OAuth2ClientEntity clientEntity = getClient(clientId, clientSecret);
+            if (null == clientEntity) {
+                // TODO: 17-2-28 自定义异常
+                throw new NotFoundException("client not found!");
+            }
+            if (!clientEntity.grantTypeIsSupport("authorization_code")) {
+                throw new UnsupportedOperationException("grant_type:authorization_code not support!");
+            }
+            OAuth2AccessEntity accessEntity = createNewAccess();
+            accessEntity.setUserId(codeEntity.getUserId());
+            accessEntity.setClientId(clientId);
+            // TODO: 17-2-28 过期时间应该可配置
+            accessEntity.setExpireIn(3600L);
+            accessEntity.setScope(scope);
+            oAuth2AccessDao.insert(accessEntity);
+            return accessEntity;
+        } finally {
+            //删除使用过的授权码
+            createDelete(authorizationCodeDao)
+                    .where("code", code)
+                    .and("clientId", clientId)
+                    .exec();
+        }
     }
 
     @Override
@@ -156,41 +164,64 @@ public class SimpleOAuth2ServerService implements OAuth2ServerService {
             // TODO: 17-2-28 自定义异常
             throw new NotFoundException("client not found!");
         }
+        if (!clientEntity.grantTypeIsSupport("client_credential")) {
+            throw new UnsupportedOperationException("grant_type:client_credential not support!");
+        }
+        return createNewTokenAndRemoveOld(clientEntity);
+    }
+
+    protected OAuth2AccessEntity createNewTokenAndRemoveOld(OAuth2ClientEntity clientEntity) {
         OAuth2AccessEntity oldEntity = DefaultDSLQueryService
                 .createQuery(oAuth2AccessDao)
                 .where("clientId", clientEntity.getId())
                 .and("userId", clientEntity.getOwnerId())
                 .single();
         OAuth2AccessEntity newEntity = createNewAccess();
-        if (null != oldEntity)
-            createDelete(oAuth2AccessDao)
-                    .where("clientId", oldEntity.getClientId())
-                    .and("accessToken", oldEntity.getAccessToken())
-                    .exec();
-
         if (oldEntity != null) {
             newEntity.setScope(oldEntity.getScope());
             newEntity.setExpireIn(oldEntity.getExpireIn());
             newEntity.setRefreshToken(oldEntity.getRefreshToken());
         } else {
             newEntity.setExpireIn(3600L);
+            newEntity.setScope("public");
         }
+        newEntity.setClientId(clientEntity.getId());
         newEntity.setUserId(clientEntity.getOwnerId());
-        newEntity.setScope("public");
         oAuth2AccessDao.insert(newEntity);
         return newEntity;
     }
 
+    @Override
+    public OAuth2AccessEntity requestTokenByImplicit(String clientId, String scope) {
+        OAuth2ClientEntity clientEntity = getClient(clientId);
+        if (null == clientEntity) {
+            // TODO: 17-2-28 自定义异常
+            throw new NotFoundException("client not found!");
+        }
+        if (!clientEntity.grantTypeIsSupport("implicit")) {
+            throw new UnsupportedOperationException("grant_type:implicit not support!");
+        }
+        return createNewTokenAndRemoveOld(clientEntity);
+    }
+
     @Override
     public OAuth2AccessEntity requestTokenByPassword(String username, String password) {
         UserEntity entity = userService.selectByUsername(username);
         if (null == entity) throw new NotFoundException("user not found");
         if (!userService.encodePassword(password, entity.getSalt()).equals(entity.getPassword()))
             throw new AuthorizeForbiddenException("password error");
+        OAuth2ClientEntity clientEntity = DefaultDSLQueryService.createQuery(oAuth2ClientDao).where("user_id", entity.getId()).single();
+        if (clientEntity == null) {
+            throw new NotFoundException("client not found");
+        }
+        if (!clientEntity.grantTypeIsSupport("password")) {
+            throw new UnsupportedOperationException("grant_type:password not support!");
+        }
         OAuth2AccessEntity accessEntity = createNewAccess();
         accessEntity.setUserId(entity.getId());
         accessEntity.setScope("public");
         accessEntity.setExpireIn(3600L);
+        accessEntity.setClientId(clientEntity.getId());
         oAuth2AccessDao.insert(accessEntity);
         return accessEntity;
     }
@@ -202,6 +233,9 @@ public class SimpleOAuth2ServerService implements OAuth2ServerService {
             // TODO: 17-2-28 自定义异常
             throw new NotFoundException("client not found!");
         }
+        if (!clientEntity.grantTypeIsSupport("refresh_token")) {
+            throw new UnsupportedOperationException("grant_type:refresh_token not support!");
+        }
         OAuth2AccessEntity accessEntity = DefaultDSLQueryService.createQuery(oAuth2AccessDao)
                 .where("refreshToken", refreshToken)
                 .and("clientId", clientId)

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-starter/pom.xml

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~  Copyright 2016 http://www.hswebframework.org
+  ~
+  ~  Licensed under the Apache License, Version 2.0 (the "License");
+  ~  you may not use this file except in compliance with the License.
+  ~  You may obtain a copy of the License at
+  ~
+  ~        http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~  Unless required by applicable law or agreed to in writing, software
+  ~  distributed under the License is distributed on an "AS IS" BASIS,
+  ~  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~  See the License for the specific language governing permissions and
+  ~  limitations under the License.
+  ~
+  ~
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>hsweb-authorization-oauth2-server</artifactId>
+        <groupId>org.hswebframework.web</groupId>
+        <version>3.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>hsweb-authorization-oauth2-server-starter</artifactId>
+
+    <build>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <filtering>true</filtering>
+            </resource>
+        </resources>
+    </build>
+    <dependencies>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-server-simple</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-server-dao-mybatis</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-server-controller</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-spring-boot-starter</artifactId>
+            <version>${project.version}</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+</project>

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/hsweb-authorization-oauth2-server-starter/src/main/resources/hsweb-starter.js

@@ -0,0 +1,85 @@
+/*
+ *  Copyright 2016 http://www.hswebframework.org
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *
+ */
+//组件信息
+var info = {
+    groupId: "${project.groupId}",
+    artifactId: "${project.artifactId}",
+    version: "${project.version}",
+    website: "http://github.com/hs-web/hsweb-framework",
+    author: "zh.sqy@qq.com",
+    comment: "OAuth2.0 server"
+};
+
+//版本更新信息
+var versions = [
+    // {
+    //     version: "3.0.0",
+    //     upgrade: function (context) {
+    //         java.lang.System.out.println("更新到3.0.2了");
+    //     }
+    // }
+];
+var JDBCType = java.sql.JDBCType;
+function install(context) {
+    var database = context.database;
+    database.createOrAlter("s_oauth2_client")
+        .addColumn().name("u_id").varchar(32).notNull().primaryKey().comment("client_id").commit()
+        .addColumn().name("secret").varchar(64).notNull().comment("client_secret").commit()
+        .addColumn().name("name").varchar(128).notNull().comment("客户端名称").commit()
+        .addColumn().name("describe").varchar(256).comment("备注").commit()
+        .addColumn().name("type").varchar(128).notNull().comment("客户端类型").commit()
+        .addColumn().name("owner_id").varchar(32).notNull().comment("绑定的用户ID").commit()
+        .addColumn().name("creator_id").varchar(32).notNull().comment("创建者ID").commit()
+        .addColumn().name("redirect_uri").varchar(1024).notNull().comment("redirect_uri").commit()
+        .addColumn().name("create_time").number(32).notNull().comment("创建时间").commit()
+        .addColumn().name("support_grant_type").clob().notNull().comment("支持的授权列表").commit()
+        .comment("OAuth2客户端").commit();
+
+    database.createOrAlter("s_oauth2_access")
+        .addColumn().name("client_id").varchar(32).notNull().comment("client_id").commit()
+        .addColumn().name("user_id").varchar(32).notNull().comment("授权对应的用户ID").commit()
+        .addColumn().name("access_token").varchar(32).notNull().comment("授权码").commit()
+        .addColumn().name("expire_in").varchar(32).notNull().comment("有效期").commit()
+        .addColumn().name("refresh_token").varchar(32).notNull().comment("用于更新授权的token").commit()
+        .addColumn().name("create_time").number(32).notNull().comment("创建时间").commit()
+        .addColumn().name("update_time").number(32).comment("更新时间").commit()
+        .addColumn().name("scope").clob().notNull().comment("授权范围").commit()
+        .comment("OAuth2授权认证信息").commit();
+
+    database.createOrAlter("s_oauth2_auth_code")
+        .addColumn().name("client_id").varchar(32).notNull().comment("client_id").commit()
+        .addColumn().name("user_id").varchar(32).notNull().comment("授权对应的用户ID").commit()
+        .addColumn().name("code").varchar(32).notNull().comment("授权码").commit()
+        .addColumn().name("create_time").number(32).notNull().comment("创建时间").commit()
+        .addColumn().name("scope").clob().notNull().comment("授权范围").commit()
+        .comment("OAuth2授权码信息").commit();
+}
+
+//设置依赖
+dependency.setup(info)
+    .onInstall(install)
+    .onUpgrade(function (context) { //更新时执行
+        var upgrader = context.upgrader;
+        upgrader.filter(versions)
+            .upgrade(function (newVer) {
+                newVer.upgrade(context);
+            });
+    })
+    .onUninstall(function (context) { //卸载时执行
+
+    });

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-server/pom.xml

@@ -34,13 +34,9 @@
         <module>hsweb-authorization-oauth2-server-dao</module>
         <module>hsweb-authorization-oauth2-server-api</module>
         <module>hsweb-authorization-oauth2-server-simple</module>
+        <module>hsweb-authorization-oauth2-server-controller</module>
+        <module>hsweb-authorization-oauth2-server-model</module>
+        <module>hsweb-authorization-oauth2-server-starter</module>
     </modules>
 
-    <dependencies>
-        <dependency>
-            <groupId>org.apache.oltu.oauth2</groupId>
-            <artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
-            <version>1.0.2</version>
-        </dependency>
-    </dependencies>
 </project>

hsweb-authorization/hsweb-authorization-shiro/README.md

@@ -7,7 +7,7 @@
 
 | 注解名称       | 实现类       | 
 | ------------- |:-------------:| 
-| [`@Authorize`](../hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java)    |      暂未实现        |
+| [`@Authorize`](../hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java)    |      [ExpressionAnnotationMethodInterceptor](src/main/java/org/hswebframework/web/authorization/shiro/boost/SimpleAuthorizeMethodInterceptor.java)        |
 | [`@RequiresExpression`](../hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/RequiresExpression.java)    | [ExpressionAnnotationMethodInterceptor](src/main/java/org/hswebframework/web/authorization/shiro/boost/ExpressionAnnotationMethodInterceptor.java)      | 
 | [`@RequiresDataAccess`](../hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/RequiresDataAccess.java)    | [DataAccessAnnotationMethodInterceptor](src/main/java/org/hswebframework/web/authorization/shiro/boost/DataAccessAnnotationMethodInterceptor.java)      | 
 | [`@RequiresFieldAccess`](../hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/RequiresFieldAccess.java)  | [FieldAccessAnnotationMethodInterceptor](src/main/java/org/hswebframework/web/authorization/shiro/boost/FieldAccessAnnotationMethodInterceptor.java)   | 

hsweb-examples/hsweb-examples-simple/pom.xml

@@ -113,6 +113,11 @@
             <artifactId>hsweb-authorization-shiro</artifactId>
             <version>${project.version}</version>
         </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-oauth2-server-starter</artifactId>
+            <version>${project.version}</version>
+        </dependency>
 
         <dependency>
             <groupId>io.springfox</groupId>

hsweb-examples/hsweb-examples-simple/src/main/java/org/hswebframework/web/example/simple/SpringBootExample.java

@@ -23,11 +23,13 @@ import org.hswebframework.web.authorization.Authorization;
 import org.hswebframework.web.authorization.Permission;
 import org.hswebframework.web.authorization.access.DataAccess;
 import org.hswebframework.web.commons.entity.factory.EntityFactory;
+import org.hswebframework.web.dao.authorization.oauth2.OAuth2ClientDao;
 import org.hswebframework.web.dao.datasource.DataSourceHolder;
 import org.hswebframework.web.dao.datasource.DatabaseType;
 import org.hswebframework.web.entity.authorization.*;
 import org.hswebframework.web.entity.authorization.bind.BindPermissionRoleEntity;
 import org.hswebframework.web.entity.authorization.bind.BindRoleUserEntity;
+import org.hswebframework.web.entity.authorization.oauth2.OAuth2ClientEntity;
 import org.hswebframework.web.service.authorization.PermissionService;
 import org.hswebframework.web.service.authorization.RoleService;
 import org.hswebframework.web.service.authorization.UserService;
@@ -115,6 +117,8 @@ public class SpringBootExample implements CommandLineRunner {
     @Autowired
     EntityFactory     entityFactory;
 
+    @Autowired
+    OAuth2ClientDao oAuth2ClientDao;
 
     public static void main(String[] args) {
         SpringApplication.run(SpringBootExample.class);
@@ -171,5 +175,18 @@ public class SpringBootExample implements CommandLineRunner {
         userEntity.setPassword("admin");
         userEntity.setRoles(Arrays.asList("admin"));
         userService.insert(userEntity);
+
+        OAuth2ClientEntity clientEntity = entityFactory.newInstance(OAuth2ClientEntity.class);
+
+        clientEntity.setId("test");
+        clientEntity.setSecret("test");
+        clientEntity.setOwnerId("admin");
+        clientEntity.setName("测试");
+        clientEntity.setType("test");
+        clientEntity.setCreatorId("admin");
+        clientEntity.setRedirectUri("http://localhost");
+        clientEntity.setCreateTime(System.currentTimeMillis());
+        clientEntity.setSupportGrantType(Arrays.asList("*"));
+        oAuth2ClientDao.insert(clientEntity);
     }
 }

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-controller/src/main/java/org/hswebframework/web/controller/authorization/AuthorizationController.java

@@ -39,14 +39,12 @@ import java.util.function.Function;
 import static org.hswebframework.web.controller.message.ResponseMessage.ok;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 @RestController
 @RequestMapping("${hsweb.web.mappings.authorize:authorize}")
 @AccessLogger("授权")
-@Api(tags = "authorize-simple", description = "提供基本的授权功能")
+@Api(tags = "hsweb-authorization", description = "提供基本的授权功能")
 public class AuthorizationController {
 
 //    private static final String RSA_PRIVATE_KEY_NAME  = "RSA_PRIVATE_KEY";

hsweb-system/hsweb-system-authorization/hsweb-system-authorization-starter/pom.xml

@@ -28,7 +28,6 @@
 
     <artifactId>hsweb-system-authorization-starter</artifactId>
 
-
     <build>
         <resources>
             <resource>