From 3e6be99411cf11e0ef792e1a189bd93a06e23d1a Mon Sep 17 00:00:00 2001
From: "shengzhaoli.shengz" <monkeyk1987@gmail.com>
Date: Tue, 17 Oct 2023 10:18:07 +0800
Subject: [PATCH] oauth2.1 flow test

---
 .../service/dto/OauthClientDetailsDto.java    | 23 +++++++++++++++++--
 .../clientdetails/register_client.html        | 16 +++++++++++++
 .../templates/clientdetails/test_client.html  |  2 +-
 3 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java b/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
index 0e7aafd..5888c46 100644
--- a/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
+++ b/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
@@ -203,12 +203,31 @@ public class OauthClientDetailsDto implements Serializable {
 
 
     public boolean isContainsAuthorizationCode() {
-        return this.authorizationGrantTypes.contains("authorization_code");
+        if (!this.authorizationGrantTypes.contains("authorization_code")) {
+            return false;
+        }
+        if (clientSettings == null) {
+            return true;
+        }
+        return !clientSettings.isRequireProofKey();
+    }
+
+    /**
+     * PKCE   flow
+     *
+     * @since 3.0.0
+     */
+    public boolean isContainsAuthorizationCodeWithPKCE() {
+        if (!isContainsAuthorizationCode()) {
+            return false;
+        }
+        return clientSettings != null && clientSettings.isRequireProofKey();
     }
 
     /**
      * OAuth2.1不支持
-     * @deprecated  from OAuth2.1
+     *
+     * @deprecated from OAuth2.1
      */
     public boolean isContainsPassword() {
         return this.authorizationGrantTypes.contains("password");
diff --git a/src/main/resources/templates/clientdetails/register_client.html b/src/main/resources/templates/clientdetails/register_client.html
index 12b9ebb..0a791fa 100644
--- a/src/main/resources/templates/clientdetails/register_client.html
+++ b/src/main/resources/templates/clientdetails/register_client.html
@@ -197,6 +197,22 @@
                         <p class="help-block">是否在<em>authorization_code</em>流程中支持PKCE(Proof Key for Code Exchange)</p>
                     </div>
                 </div>
+                <div class="form-group">
+                    <label class="col-sm-2 control-label">授权需要用户确认</label>
+
+                    <div class="col-sm-10">
+                        <label class="checkbox-inline">
+                            <input type="radio" th:name="clientSettings.requireAuthorizationConsent" th:value="true"
+                                   th:field="*{clientSettings.requireAuthorizationConsent}"/> Yes
+                        </label>
+                        <label class="checkbox-inline">
+                            <input type="radio" th:name="clientSettings.requireAuthorizationConsent" th:value="false"
+                                   th:field="*{clientSettings.requireAuthorizationConsent}"/> No
+                        </label>
+
+                        <p class="help-block">是否在<em>authorization_code</em>流程中授权时需要用户进行确认</p>
+                    </div>
+                </div>
                 <div class="form-group">
                     <label for="easa" class="col-sm-2 control-label">获取token认证签名算法</label>
 
diff --git a/src/main/resources/templates/clientdetails/test_client.html b/src/main/resources/templates/clientdetails/test_client.html
index 315dab5..8d0c9e2 100644
--- a/src/main/resources/templates/clientdetails/test_client.html
+++ b/src/main/resources/templates/clientdetails/test_client.html
@@ -76,7 +76,7 @@
             </div>
         </div>
 
-        <div th:if="${clientDetailsDto.containsAuthorizationCode}" class="panel panel-default">
+        <div th:if="${clientDetailsDto.containsAuthorizationCodeWithPKCE}" class="panel panel-default">
             <div class="panel-heading">Test [authorization_code + PKCE]</div>
             <div class="panel-body">
                 <p class="text-muted">输入每一步必要的信息后点击其下面的链接地址.</p>