增加灵活性配置参数<code>sos.reuse.refresh-token</code>可实时延长token时效(类似session机制)

README.md

@@ -165,13 +165,24 @@ Base on Spring-Boot
 <ul>    
 	   <li>
             <p>
-                Version: <strong>2.1.0</strong> [pending]
+                Version: <strong>2.1.1</strong> [pending]
                 <br/>
-                Date: 2020-06-05 / ---
+                Date: 2022-05-05 / ---
             </p>
             <ol>
-                <li><p>升级access_token, refresh_token为JWT(Json Web Token), 提高性能</p></li>    
-                <li><p>增加灵活性配置参数<code>reuse.refresh-token</code>可延长token时效</p></li>                     
+                <li><p>尝试升级替换spring-security-oauth2, 详见<a href="https://andaily.com/blog/?p=20077">背景说明</a></p></li>     
+            </ol>
+            <br/>
+       </li>   	   
+        <li>
+            <p>
+                Version: <strong>2.1.0</strong> [finished]
+                <br/>
+                Date: 2020-06-05 / 2022-05-01
+            </p>
+            <ol>
+                <li><p><del>升级access_token, refresh_token为JWT(Json Web Token), 提高性能</del></p></li>    
+                <li><p><del>增加灵活性配置参数<code>sos.reuse.refresh-token</code>可实时延长token时效(类似session机制)</del></p></li>                     
                 <li><p><del>升级spring-security oauth2版本为2.3.8.RELEASE, 增加spring-security-jwt版本1.1.1.RELEASE</del></p></li>                        
             </ol>
             <br/>

src/main/java/com/monkeyk/sos/config/JWTTokenStoreConfiguration.java

@@ -18,7 +18,7 @@ import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
  * <p>
  * <p>
  * JWT TokenStore config
- *
+ * <p>
  * 使用时配置参数
  * <pre>sos.token.store=jwt</pre>
  *
@@ -32,13 +32,21 @@ public class JWTTokenStoreConfiguration {
 
     /**
      * 不同的系统用不同的jwtKey；不推荐共用一样的
-     *
+     * <p>
      * HMAC key, default: IH6S2dhCEMwGr7uE4fBakSuDh9SoIrRa
      * alg: HMACSHA256
      */
     @Value("${sos.token.store.jwt.key:IH6S2dhCEMwGr7uE4fBakSuDh9SoIrRa}")
     private String jwtKey;
 
+    /**
+     * 是否重复使用已经有的 refresh_token 直到过期，默认true
+     *
+     * @since 2.1.0
+     */
+    @Value("${sos.reuse.refresh-token:true}")
+    private boolean reuseRefreshToken;
+
 
     @Bean
     public JwtAccessTokenConverter accessTokenConverter(UserService userService) {
@@ -77,6 +85,7 @@ public class JWTTokenStoreConfiguration {
         //support refresh token
         tokenServices.setSupportRefreshToken(true);
         tokenServices.setTokenEnhancer(tokenEnhancer);
+        tokenServices.setReuseRefreshToken(this.reuseRefreshToken);
         return tokenServices;
     }
 

src/main/java/com/monkeyk/sos/config/JdbcTokenStoreConfiguration.java

@@ -1,5 +1,6 @@
 package com.monkeyk.sos.config;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -26,6 +27,14 @@ import javax.sql.DataSource;
 public class JdbcTokenStoreConfiguration {
 
 
+    /**
+     * 是否重复使用已经有的 refresh_token 直到过期，默认true
+     *
+     * @since 2.1.0
+     */
+    @Value("${sos.reuse.refresh-token:true}")
+    private boolean reuseRefreshToken;
+
     /**
      * JDBC TokenStore
      */
@@ -42,6 +51,7 @@ public class JdbcTokenStoreConfiguration {
         tokenServices.setClientDetailsService(clientDetailsService);
         //support refresh token
         tokenServices.setSupportRefreshToken(true);
+        tokenServices.setReuseRefreshToken(this.reuseRefreshToken);
         return tokenServices;
     }