From 90b608d6e950ea809785ed77ab18b30453c07acf Mon Sep 17 00:00:00 2001
From: monkeyk7 <zhao@idsmanager.com>
Date: Thu, 14 Sep 2017 22:28:52 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=A0=A1=E9=AA=8C=20access?=
 =?UTF-8?q?=5Ftoken=20API:=20/oauth/check=5Ftoken?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md                                     |  1 +
 .../web/controller/OAuthRestController.java   | 56 +++++++++++++++++++
 2 files changed, 57 insertions(+)

diff --git a/README.md b/README.md
index 40e603f..8f26ed9 100644
--- a/README.md
+++ b/README.md
@@ -166,6 +166,7 @@
                 <li><p>更新UI,为了更易理解与使用</p></li>
                 <li><p>增加删除access_token API</p></li>
                 <li><p>增加删除 refresh_token API</p></li>
+                <li><p>增加校验 access_token API: /oauth/check_token</p></li>
                 <li><p>---</p></li>
             </ol>
             <br/>
diff --git a/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java b/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
index 8586e7c..4d6e2d0 100644
--- a/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
+++ b/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
@@ -34,7 +34,10 @@ import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswo
 import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
 import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestValidator;
+import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
+import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
 import org.springframework.stereotype.Controller;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
@@ -53,6 +56,7 @@ import java.util.Map;
  *
  * @author Shengzhao Li
  * @see org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
+ * @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint
  */
 @Controller
 public class OAuthRestController implements InitializingBean, ApplicationContextAware {
@@ -67,6 +71,10 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
     @Autowired
     private AuthorizationCodeServices authorizationCodeServices;
 
+    @Autowired
+    private ResourceServerTokenServices resourceServerTokenServices;
+
+
     private AuthenticationManager authenticationManager;
 
     private OAuth2RequestFactory oAuth2RequestFactory;
@@ -74,7 +82,40 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
     private OAuth2RequestValidator oAuth2RequestValidator = new DefaultOAuth2RequestValidator();
     private WebResponseExceptionTranslator providerExceptionHandler = new DefaultWebResponseExceptionTranslator();
 
+    private AccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
 
+
+    /**
+     * Verify access_token
+     *
+     * @param value token
+     * @return Map
+     * @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint
+     */
+    @RequestMapping(value = "/oauth/check_token", method = RequestMethod.POST)
+    @ResponseBody
+    public Map<String, ?> checkToken(@RequestParam("token") String value) {
+
+        OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value);
+        if (token == null) {
+            throw new InvalidTokenException("Token was not recognised");
+        }
+
+        if (token.isExpired()) {
+            throw new InvalidTokenException("Token has expired");
+        }
+
+        OAuth2Authentication authentication = resourceServerTokenServices.loadAuthentication(token.getValue());
+        return accessTokenConverter.convertAccessToken(token, authentication);
+    }
+
+
+    /**
+     * Restful API for get access_token
+     *
+     * @param parameters Map
+     * @return OAuth2AccessToken
+     */
     @RequestMapping(value = "/oauth/rest_token", method = RequestMethod.POST)
     @ResponseBody
     public OAuth2AccessToken postAccessToken(@RequestBody Map<String, String> parameters) {
@@ -168,6 +209,21 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
     }
 
 
+    /**
+     * Handle InvalidTokenException
+     *
+     * @param e Exception
+     * @return ResponseEntity
+     * @throws Exception
+     * @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint#handleException(Exception)
+     */
+    @ExceptionHandler(InvalidTokenException.class)
+    public ResponseEntity<OAuth2Exception> handleInvalidTokenException(InvalidTokenException e) throws Exception {
+        LOG.info("Handling error: " + e.getClass().getSimpleName() + ", " + e.getMessage());
+        return getExceptionTranslator().translate(e);
+    }
+
+
     private boolean isRefreshTokenRequest(Map<String, String> parameters) {
         return "refresh_token".equals(parameters.get("grant_type")) && parameters.get("refresh_token") != null;
     }