增加校验 access_token API: /oauth/check_token

2017-09-14 22:28:52 +08:00 · 2017-09-14 22:28:52 +08:00 · 90b608d6e9
parent 15e7fc1c21
commit 90b608d6e9
2 changed files with 57 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -166,6 +166,7 @@
                <li><p>更新UI,为了更易理解与使用</p></li>
                <li><p>增加删除access_token API</p></li>
                <li><p>增加删除 refresh_token API</p></li>
+                <li><p>增加校验 access_token API: /oauth/check_token</p></li>
                <li><p>---</p></li>
            </ol>
            <br/>
--- a/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
+++ b/src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
@ -34,7 +34,10 @@ import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswo
 import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
 import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestValidator;
+import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
+import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
 import org.springframework.stereotype.Controller;
 import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
@ -53,6 +56,7 @@ import java.util.Map;
 *
 * @author Shengzhao Li
 * @see org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
+ * @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint
 */
@Controller
 public class OAuthRestController implements InitializingBean, ApplicationContextAware {
@ -67,6 +71,10 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
    @Autowired
    private AuthorizationCodeServices authorizationCodeServices;

+    @Autowired
+    private ResourceServerTokenServices resourceServerTokenServices;
+
+
    private AuthenticationManager authenticationManager;

    private OAuth2RequestFactory oAuth2RequestFactory;
@ -74,7 +82,40 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
    private OAuth2RequestValidator oAuth2RequestValidator = new DefaultOAuth2RequestValidator();
    private WebResponseExceptionTranslator providerExceptionHandler = new DefaultWebResponseExceptionTranslator();

+    private AccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();

+
+    /**
+     * Verify access_token
+     *
+     * @param value token
+     * @return Map
+     * @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint
+     */
+    @RequestMapping(value = "/oauth/check_token", method = RequestMethod.POST)
+    @ResponseBody
+    public Map<String, ?> checkToken(@RequestParam("token") String value) {
+
+        OAuth2AccessToken token = resourceServerTokenServices.readAccessToken(value);
+        if (token == null) {
+            throw new InvalidTokenException("Token was not recognised");
+        }
+
+        if (token.isExpired()) {
+            throw new InvalidTokenException("Token has expired");
+        }
+
+        OAuth2Authentication authentication = resourceServerTokenServices.loadAuthentication(token.getValue());
+        return accessTokenConverter.convertAccessToken(token, authentication);
+    }
+
+
+    /**
+     * Restful API for get access_token
+     *
+     * @param parameters Map
+     * @return OAuth2AccessToken
+     */
    @RequestMapping(value = "/oauth/rest_token", method = RequestMethod.POST)
    @ResponseBody
    public OAuth2AccessToken postAccessToken(@RequestBody Map<String, String> parameters) {
@ -168,6 +209,21 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
    }


+    /**
+     * Handle InvalidTokenException
+     *
+     * @param e Exception
+     * @return ResponseEntity
+     * @throws Exception
+     * @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint#handleException(Exception)
+     */
+    @ExceptionHandler(InvalidTokenException.class)
+    public ResponseEntity<OAuth2Exception> handleInvalidTokenException(InvalidTokenException e) throws Exception {
+        LOG.info("Handling error: " + e.getClass().getSimpleName() + ", " + e.getMessage());
+        return getExceptionTranslator().translate(e);
+    }
+
+
    private boolean isRefreshTokenRequest(Map<String, String> parameters) {
        return "refresh_token".equals(parameters.get("grant_type")) && parameters.get("refresh_token") != null;
    }