oauth2.1 flow test

2023-10-17 10:18:07 +08:00 · 2023-10-17 10:18:07 +08:00 · 3e6be99411
parent a2110804be
commit 3e6be99411
3 changed files with 38 additions and 3 deletions
--- a/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
+++ b/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
@ -203,12 +203,31 @@ public class OauthClientDetailsDto implements Serializable {


    public boolean isContainsAuthorizationCode() {
-        return this.authorizationGrantTypes.contains("authorization_code");
+        if (!this.authorizationGrantTypes.contains("authorization_code")) {
+            return false;
+        }
+        if (clientSettings == null) {
+            return true;
+        }
+        return !clientSettings.isRequireProofKey();
+    }
+
+    /**
+     * PKCE   flow
+     *
+     * @since 3.0.0
+     */
+    public boolean isContainsAuthorizationCodeWithPKCE() {
+        if (!isContainsAuthorizationCode()) {
+            return false;
+        }
+        return clientSettings != null && clientSettings.isRequireProofKey();
    }

    /**
     * OAuth2.1不支持
-     * @deprecated  from OAuth2.1
+     *
+     * @deprecated from OAuth2.1
     */
    public boolean isContainsPassword() {
        return this.authorizationGrantTypes.contains("password");
--- a/src/main/resources/templates/clientdetails/register_client.html
+++ b/src/main/resources/templates/clientdetails/register_client.html
@ -197,6 +197,22 @@
                        <p class="help-block">是否在<em>authorization_code</em>流程中支持PKCE(Proof Key for Code Exchange)</p>
                    </div>
                </div>
+                <div class="form-group">
+                    <label class="col-sm-2 control-label">授权需要用户确认</label>
+
+                    <div class="col-sm-10">
+                        <label class="checkbox-inline">
+                            <input type="radio" th:name="clientSettings.requireAuthorizationConsent" th:value="true"
+                                   th:field="*{clientSettings.requireAuthorizationConsent}"/> Yes
+                        </label>
+                        <label class="checkbox-inline">
+                            <input type="radio" th:name="clientSettings.requireAuthorizationConsent" th:value="false"
+                                   th:field="*{clientSettings.requireAuthorizationConsent}"/> No
+                        </label>
+
+                        <p class="help-block">是否在<em>authorization_code</em>流程中授权时需要用户进行确认</p>
+                    </div>
+                </div>
                <div class="form-group">
                    <label for="easa" class="col-sm-2 control-label">获取token认证签名算法</label>

--- a/src/main/resources/templates/clientdetails/test_client.html
+++ b/src/main/resources/templates/clientdetails/test_client.html
@ -76,7 +76,7 @@
            </div>
        </div>

-        <div th:if="${clientDetailsDto.containsAuthorizationCode}" class="panel panel-default">
+        <div th:if="${clientDetailsDto.containsAuthorizationCodeWithPKCE}" class="panel panel-default">
            <div class="panel-heading">Test [authorization_code + PKCE]</div>
            <div class="panel-body">
                <p class="text-muted">输入每一步必要的信息后点击其下面的链接地址.</p>