优化OAuth2

hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/password/PasswordService.java

@@ -19,8 +19,6 @@
 package org.hswebframework.web.authorization.oauth2.server.support.password;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public interface PasswordService {

hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-simple/src/main/java/org/hswebframework/web/service/oauth2/server/simple/SimplePasswordService.java

@@ -23,8 +23,6 @@ import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.service.authorization.UserService;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public class SimplePasswordService implements PasswordService {

hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/pom.xml

@@ -53,12 +53,22 @@
             <artifactId>hsweb-system-oauth2-server-controller</artifactId>
             <version>${project.version}</version>
         </dependency>
-
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.hswebframework.web</groupId>
             <artifactId>hsweb-spring-boot-starter</artifactId>
             <version>${project.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-basic</artifactId>
+            <version>${project.version}</version>
+        </dependency>
     </dependencies>
 </project>

hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/OAuth2AuthorizationAutoConfiguration.java

@@ -0,0 +1,20 @@
+package org.hswebframework.web.oauth2;
+
+import org.hswebframework.web.authorization.basic.web.UserTokenParser;
+import org.hswebframework.web.authorization.oauth2.server.token.AccessTokenService;
+import org.hswebframework.web.oauth2.authorization.OAuth2UserTokenParser;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@ConditionalOnClass(UserTokenParser.class)
+@Configuration
+@AutoConfigureAfter(OAuth2GranterAutoConfiguration.class)
+public class OAuth2AuthorizationAutoConfiguration {
+
+    @Bean
+    public OAuth2UserTokenParser oAuth2UserTokenParser(AccessTokenService accessTokenService) {
+        return new OAuth2UserTokenParser(accessTokenService);
+    }
+}

hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/authorization/OAuth2UserTokenParser.java

@@ -0,0 +1,74 @@
+package org.hswebframework.web.oauth2.authorization;
+
+import org.hswebframework.web.authorization.basic.web.AuthorizedToken;
+import org.hswebframework.web.authorization.basic.web.ParsedToken;
+import org.hswebframework.web.authorization.basic.web.UserTokenParser;
+import org.hswebframework.web.authorization.oauth2.server.OAuth2AccessToken;
+import org.hswebframework.web.authorization.oauth2.server.exception.GrantTokenException;
+import org.hswebframework.web.authorization.oauth2.server.token.AccessTokenService;
+import org.hswebframework.web.oauth2.core.ErrorType;
+import org.hswebframework.web.oauth2.core.OAuth2Constants;
+import org.springframework.util.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class OAuth2UserTokenParser implements UserTokenParser {
+
+    public static final String token_type = "oauth2-access-token";
+
+    private AccessTokenService accessTokenService;
+
+    public OAuth2UserTokenParser(AccessTokenService accessTokenService) {
+        this.accessTokenService = accessTokenService;
+    }
+
+    public void setAccessTokenService(AccessTokenService accessTokenService) {
+        this.accessTokenService = accessTokenService;
+    }
+
+    @Override
+    public ParsedToken parseToken(HttpServletRequest request) {
+        String accessToken = request.getHeader(OAuth2Constants.authorization);
+        if (StringUtils.isEmpty(accessToken)) {
+            accessToken = request.getParameter(OAuth2Constants.access_token);
+        } else {
+            String[] arr = accessToken.split("[ ]");
+            if (arr.length > 1) {
+                accessToken = arr[1];
+            }
+        }
+        if (StringUtils.isEmpty(accessToken)) {
+            return null;
+        }
+        OAuth2AccessToken auth2AccessToken = accessTokenService.getTokenByAccessToken(accessToken);
+        if (auth2AccessToken == null) {
+            throw new GrantTokenException(ErrorType.INVALID_TOKEN);
+        }
+        Long time = auth2AccessToken.getUpdateTime() != null ? auth2AccessToken.getUpdateTime() : auth2AccessToken.getCreateTime();
+        if (System.currentTimeMillis() - time > auth2AccessToken.getExpiresIn() * 1000) {
+            throw new GrantTokenException(ErrorType.EXPIRED_TOKEN);
+        }
+
+        return new AuthorizedToken() {
+            @Override
+            public String getUserId() {
+                return auth2AccessToken.getOwnerId();
+            }
+
+            @Override
+            public String getToken() {
+                return auth2AccessToken.getAccessToken();
+            }
+
+            @Override
+            public String getType() {
+                return token_type;
+            }
+
+            @Override
+            public long getMaxInactiveInterval() {
+                return auth2AccessToken.getExpiresIn() * 1000;
+            }
+        };
+    }
+}

hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/resources/META-INF/spring.factories

@@ -1,3 +1,4 @@
 # Auto Configure
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-org.hswebframework.web.oauth2.OAuth2GranterAutoConfiguration
+org.hswebframework.web.oauth2.OAuth2GranterAutoConfiguration,\
+  org.hswebframework.web.oauth2.OAuth2AuthorizationAutoConfiguration