floraachy/sa-token
1
0
Fork 0
mirror of https://gitee.com/dromara/sa-token.git synced 2024-11-29 18:37:49 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(oauth2): 为 Access-Token、Client-Token 添加 grantType 字段,以记录该数据的授权类型

Browse Source
This commit is contained in:
click33 2024-11-27 07:41:30 +08:00
parent d6b5975bdf
commit 4e70438ba8
9 changed files with 55 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/oauth2/custom/PhoneCodeGrantTypeHandler.java
View File

@ -51,7 +51,7 @@
// ra.scopes = scopes;
//
// // 5生成 Access-Token
// AccessTokenModel at = SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true);
// AccessTokenModel at = SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true, atm -> atm.grantType = "phone_code");
// return at;
// }
//}

2
sa-token-doc/oauth2/oauth2-custom-grant_type.md
View File

@ -83,7 +83,7 @@ public class PhoneCodeGrantTypeHandler implements SaOAuth2GrantTypeHandlerInterf
ra.scopes = scopes;
// 5、生成 Access-Token
AccessTokenModel at = SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true);
AccessTokenModel at = SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true, atm -> atm.grantType = "phone_code");
return at;
}
}

3
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/convert/SaOAuth2DataConverterDefaultImpl.java
View File

@ -16,6 +16,7 @@
package cn.dev33.satoken.oauth2.data.convert;
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
import cn.dev33.satoken.oauth2.consts.GrantType;
import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts;
import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
import cn.dev33.satoken.oauth2.data.model.CodeModel;
@ -80,6 +81,7 @@ public class SaOAuth2DataConverterDefaultImpl implements SaOAuth2DataConverter {
at.loginId = cm.loginId;
at.scopes = cm.scopes;
at.tokenType = SaOAuth2Consts.TokenType.bearer;
at.grantType = GrantType.authorization_code;
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(cm.clientId);
at.expiresTime = System.currentTimeMillis() + (clientModel.getAccessTokenTimeout() * 1000);
at.extraData = new LinkedHashMap<>();
@ -121,6 +123,7 @@ public class SaOAuth2DataConverterDefaultImpl implements SaOAuth2DataConverter {
at.loginId = rt.loginId;
at.scopes = rt.scopes;
at.tokenType = SaOAuth2Consts.TokenType.bearer;
at.grantType = GrantType.refresh_token;
at.extraData = new LinkedHashMap<>(rt.extraData);
SaClientModel clientModel = SaOAuth2Manager.getDataLoader().getClientModelNotNull(rt.clientId);
at.expiresTime = System.currentTimeMillis() + (clientModel.getAccessTokenTimeout() * 1000);

4
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerate.java
View File

@ -21,6 +21,7 @@ import cn.dev33.satoken.oauth2.data.model.CodeModel;
import cn.dev33.satoken.oauth2.data.model.request.RequestAuthModel;
import java.util.List;
import java.util.function.Consumer;
/**
* Sa-Token OAuth2 数据构建器负责相关 Model 数据构建
@ -55,9 +56,10 @@ public interface SaOAuth2DataGenerate {
* 构建ModelAccess-Token (根据RequestAuthModel构建用于隐藏式 and 密码式)
* @param ra 请求参数Model
* @param isCreateRt 是否生成对应的Refresh-Token
* @param appendWork 对生成的 AccessTokenModel 进行追加操作
* @return Access-Token Model
*/
AccessTokenModel generateAccessToken(RequestAuthModel ra, boolean isCreateRt);
AccessTokenModel generateAccessToken(RequestAuthModel ra, boolean isCreateRt, Consumer<AccessTokenModel> appendWork);
/**
* 构建ModelClient-Token

13
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerateDefaultImpl.java
View File

@ -16,6 +16,7 @@
package cn.dev33.satoken.oauth2.data.generate;
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
import cn.dev33.satoken.oauth2.consts.GrantType;
import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts;
import cn.dev33.satoken.oauth2.dao.SaOAuth2Dao;
import cn.dev33.satoken.oauth2.data.convert.SaOAuth2DataConverter;
@ -31,10 +32,10 @@ import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception;
import cn.dev33.satoken.oauth2.exception.SaOAuth2RefreshTokenException;
import cn.dev33.satoken.oauth2.strategy.SaOAuth2Strategy;
import cn.dev33.satoken.util.SaFoxUtil;
import cn.dev33.satoken.util.SaResult;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.function.Consumer;
/**
* Sa-Token OAuth2 数据构建器默认实现类
@ -74,7 +75,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
/**
* 构建ModelAccess-Token
* @param code 授权码Model
* @param code 授权码
* @return AccessToken Model
*/
@Override
@ -156,10 +157,12 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
* 构建ModelAccess-Token (根据RequestAuthModel构建用于隐藏式 and 密码式)
* @param ra 请求参数Model
* @param isCreateRt 是否生成对应的Refresh-Token
* @param appendWork 对生成的 AccessTokenModel 进行追加操作
*
* @return Access-Token Model
*/
@Override
public AccessTokenModel generateAccessToken(RequestAuthModel ra, boolean isCreateRt) {
public AccessTokenModel generateAccessToken(RequestAuthModel ra, boolean isCreateRt, Consumer<AccessTokenModel> appendWork) {
SaOAuth2Dao dao = SaOAuth2Manager.getDao();
@ -173,6 +176,9 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
String newAtValue = SaOAuth2Strategy.instance.createAccessToken.execute(ra.clientId, ra.loginId, ra.scopes);
AccessTokenModel at = new AccessTokenModel(newAtValue, ra.clientId, ra.loginId, ra.scopes);
at.tokenType = SaOAuth2Consts.TokenType.bearer;
if(appendWork != null) {
appendWork.accept(at);
}
// 3根据权限构建额外参数
at.extraData = new LinkedHashMap<>();
@ -229,6 +235,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
ClientTokenModel ct = new ClientTokenModel(clientTokenValue, clientId, scopes);
ct.tokenType = SaOAuth2Consts.TokenType.bearer;
ct.expiresTime = System.currentTimeMillis() + (cm.getClientTokenTimeout() * 1000);
ct.grantType = GrantType.client_credentials;
ct.extraData = new LinkedHashMap<>();
SaOAuth2Strategy.instance.workClientTokenByScope.accept(ct);

23
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/AccessTokenModel.java
View File

@ -69,6 +69,11 @@ public class AccessTokenModel implements Serializable {
*/
public String tokenType;
/**
* 授权类型
*/
public String grantType;
/**
* 扩展数据
*/
@ -172,6 +177,15 @@ public class AccessTokenModel implements Serializable {
return this;
}
public String getGrantType() {
return grantType;
}
public AccessTokenModel setGrantType(String grantType) {
this.grantType = grantType;
return this;
}
public Map<String, Object> getExtraData() {
return extraData;
}
@ -193,14 +207,15 @@ public class AccessTokenModel implements Serializable {
@Override
public String toString() {
return "AccessTokenModel{" +
"accessToken='" + accessToken + '\'' +
", refreshToken='" + refreshToken + '\'' +
"accessToken='" + accessToken +
", refreshToken='" + refreshToken +
", expiresTime=" + expiresTime +
", refreshExpiresTime=" + refreshExpiresTime +
", clientId='" + clientId + '\'' +
", clientId='" + clientId +
", loginId=" + loginId +
", scopes=" + scopes +
", tokenType='" + tokenType + '\'' +
", tokenType='" + tokenType +
", grantType='" + grantType +
", extraData=" + extraData +
", createTime=" + createTime +
'}';

15
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/ClientTokenModel.java
View File

@ -54,6 +54,11 @@ public class ClientTokenModel implements Serializable {
*/
public String tokenType;
/**
* 授权类型
*/
public String grantType;
/**
* 扩展数据
*/
@ -126,6 +131,15 @@ public class ClientTokenModel implements Serializable {
return this;
}
public String getGrantType() {
return grantType;
}
public ClientTokenModel setGrantType(String grantType) {
this.grantType = grantType;
return this;
}
public Map<String, Object> getExtraData() {
return extraData;
}
@ -152,6 +166,7 @@ public class ClientTokenModel implements Serializable {
", clientId='" + clientId +
", scopes=" + scopes +
", tokenType=" + tokenType +
", grantType=" + grantType +
", extraData=" + extraData +
", createTime=" + createTime +
'}';

2
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/granttype/handler/PasswordGrantTypeHandler.java
View File

@ -60,7 +60,7 @@ public class PasswordGrantTypeHandler implements SaOAuth2GrantTypeHandlerInterfa
ra.scopes = scopes;
// 5生成 Access-Token
AccessTokenModel at = SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true);
AccessTokenModel at = SaOAuth2Manager.getDataGenerate().generateAccessToken(ra, true, atm -> atm.grantType = GrantType.password);
return at;
}

4
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/processor/SaOAuth2ServerProcessor.java
View File

@ -151,7 +151,7 @@ public class SaOAuth2ServerProcessor {
// 如果是 隐藏式开始重定向授权下放 token
if(ResponseType.token.equals(ra.responseType)) {
AccessTokenModel at = dataGenerate.generateAccessToken(ra, false);
AccessTokenModel at = dataGenerate.generateAccessToken(ra, false, null);
String redirectUri = dataGenerate.buildImplicitRedirectUri(ra.redirectUri, at.accessToken, ra.state);
return res.redirect(redirectUri);
}
@ -269,7 +269,7 @@ public class SaOAuth2ServerProcessor {
// 如果是 隐藏式开始重定向授权下放 token
if(ResponseType.token.equals(ra.responseType)) {
AccessTokenModel at = dataGenerate.generateAccessToken(ra, false);
AccessTokenModel at = dataGenerate.generateAccessToken(ra, false, null);
String redirectUri = dataGenerate.buildImplicitRedirectUri(ra.redirectUri, at.accessToken, ra.state);
return SaResult.ok().set(Param.redirect_uri, redirectUri);
}