增加使用代码生成AccessToken功能

2019-07-05 00:47:43 +08:00 · 2019-07-05 00:47:43 +08:00 · a3bbe775a0
parent ce5e7f93be
commit a3bbe775a0
7 changed files with 354 additions and 0 deletions
--- a/src/main/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvoker.java
+++ b/src/main/java/com/monkeyk/sos/service/business/ClientCredentialsInlineAccessTokenInvoker.java
@ -0,0 +1,28 @@
 package com.monkeyk.sos.service.business;
 import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.TokenGranter;
 import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
 /**
 * 2019/7/5
 * <p>
 * <p>
 * grant_type = client_credentials
 *
 * @author Shengzhao Li
 * @since 2.0.1
 */
 public class ClientCredentialsInlineAccessTokenInvoker extends InlineAccessTokenInvoker {
    public ClientCredentialsInlineAccessTokenInvoker() {
    }
    @Override
    protected TokenGranter getTokenGranter(OAuth2RequestFactory oAuth2RequestFactory) {
        return new ClientCredentialsTokenGranter(this.tokenServices, this.clientDetailsService, oAuth2RequestFactory);
    }
 }
--- a/src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java
+++ b/src/main/java/com/monkeyk/sos/service/business/InlineAccessTokenInvoker.java
@ -0,0 +1,158 @@
 package com.monkeyk.sos.service.business;
 import com.monkeyk.sos.service.dto.AccessTokenDto;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.*;
 import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 import org.springframework.util.Assert;
 import java.util.Map;
 import static org.springframework.security.oauth2.common.util.OAuth2Utils.CLIENT_ID;
 import static org.springframework.security.oauth2.common.util.OAuth2Utils.GRANT_TYPE;
 import static org.springframework.security.oauth2.common.util.OAuth2Utils.SCOPE;
 /**
 * 2019/7/5
 *
 * @author Shengzhao Li
 * @see org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
 * @since 2.0.1
 */
 public abstract class InlineAccessTokenInvoker implements InitializingBean {
    private static final Logger LOG = LoggerFactory.getLogger(InlineAccessTokenInvoker.class);
    protected transient AuthenticationManager authenticationManager;
    protected transient AuthorizationServerTokenServices tokenServices;
    protected transient ClientDetailsService clientDetailsService;
    public InlineAccessTokenInvoker() {
    }
    /**
     * 根据不同的 params 生成 AccessTokenDto
     * <p>
     * 适合以下几类 grant_type:
     * password
     * refresh_token
     * client_credentials
     *
     * @param params Params Map
     * @return AccessTokenDto instance
     */
    public AccessTokenDto invoke(Map<String, String> params) {
        if (params == null || params.isEmpty()) {
            throw new IllegalStateException("Null or empty params");
        }
        String clientId = validateParams(params);
        final ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
        if (clientDetails == null) {
            LOG.warn("Not found ClientDetails by clientId: {}", clientId);
            return null;
        }
        OAuth2RequestFactory oAuth2RequestFactory = createOAuth2RequestFactory();
        TokenGranter tokenGranter = getTokenGranter(oAuth2RequestFactory);
        LOG.debug("Use TokenGranter: {}", tokenGranter);
        TokenRequest tokenRequest = oAuth2RequestFactory.createTokenRequest(params, clientDetails);
        final OAuth2AccessToken oAuth2AccessToken = tokenGranter.grant(getGrantType(params), tokenRequest);
        AccessTokenDto accessTokenDto = new AccessTokenDto(oAuth2AccessToken);
        LOG.debug("Invoked accessTokenDto: {}", accessTokenDto);
        return accessTokenDto;
    }
    /**
     * 校验各类 grant_type时 需要的参数
     *
     * @param params params
     * @return clientId
     */
    protected String validateParams(Map<String, String> params) {
        //validate client_id
        String clientId = params.get(CLIENT_ID);
        if (StringUtils.isBlank(clientId)) {
            throw new IllegalStateException("Null or empty '" + CLIENT_ID + "' from params");
        }
        //validate grant_type
        final String grantType = params.get(GRANT_TYPE);
        if (StringUtils.isBlank(grantType)) {
            throw new IllegalStateException("Null or empty '" + GRANT_TYPE + "' from params");
        }
        //validate scope
        final String scope = params.get(SCOPE);
        if (StringUtils.isBlank(scope)) {
            throw new IllegalStateException("Null or empty '" + SCOPE + "' from params");
        }
        return clientId;
    }
    /**
     * Get grant_type from params
     *
     * @param params Map
     * @return Grant Type
     */
    protected String getGrantType(Map<String, String> params) {
        return params.get(GRANT_TYPE);
    }
    /**
     * Get TokenGranter implement
     *
     * @return TokenGranter
     */
    protected abstract TokenGranter getTokenGranter(OAuth2RequestFactory oAuth2RequestFactory);
    /**
     * Create  OAuth2RequestFactory
     *
     * @return OAuth2RequestFactory instance
     */
    protected OAuth2RequestFactory createOAuth2RequestFactory() {
        return new DefaultOAuth2RequestFactory(this.clientDetailsService);
    }
    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }
    public void setTokenServices(AuthorizationServerTokenServices tokenServices) {
        this.tokenServices = tokenServices;
    }
    public void setClientDetailsService(ClientDetailsService clientDetailsService) {
        this.clientDetailsService = clientDetailsService;
    }
    @Override
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.authenticationManager, "authenticationManager is null");
        Assert.notNull(this.tokenServices, "tokenServices is null");
        Assert.notNull(this.clientDetailsService, "clientDetailsService is null");
    }
 }
--- a/src/main/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvoker.java
+++ b/src/main/java/com/monkeyk/sos/service/business/PasswordInlineAccessTokenInvoker.java
@ -0,0 +1,29 @@
 package com.monkeyk.sos.service.business;
 import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.TokenGranter;
 import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;
 /**
 * 2019/7/5
 * <p>
 * <p>
 * grant_type = password
 *
 * @author Shengzhao Li
 * @since 2.0.1
 */
 public class PasswordInlineAccessTokenInvoker extends InlineAccessTokenInvoker {
    public PasswordInlineAccessTokenInvoker() {
    }
    @Override
    protected TokenGranter getTokenGranter(OAuth2RequestFactory oAuth2RequestFactory) {
        return new ResourceOwnerPasswordTokenGranter(this.authenticationManager, this.tokenServices, this.clientDetailsService, oAuth2RequestFactory);
    }
 }
--- a/src/main/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvoker.java
+++ b/src/main/java/com/monkeyk/sos/service/business/RefreshTokenInlineAccessTokenInvoker.java
@ -0,0 +1,28 @@
 package com.monkeyk.sos.service.business;
 import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.TokenGranter;
 import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
 /**
 * 2019/7/5
 * <p>
 * <p>
 * grant_type = refresh_token
 *
 * @author Shengzhao Li
 * @since 2.0.1
 */
 public class RefreshTokenInlineAccessTokenInvoker extends InlineAccessTokenInvoker {
    public RefreshTokenInlineAccessTokenInvoker() {
    }
    @Override
    protected TokenGranter getTokenGranter(OAuth2RequestFactory oAuth2RequestFactory) {
        return new RefreshTokenGranter(this.tokenServices, this.clientDetailsService, oAuth2RequestFactory);
    }
 }
--- a/src/main/java/com/monkeyk/sos/service/dto/AccessTokenDto.java
+++ b/src/main/java/com/monkeyk/sos/service/dto/AccessTokenDto.java
@ -0,0 +1,107 @@
 package com.monkeyk.sos.service.dto;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import java.io.Serializable;
 /**
 * 2019/7/5
 * <p>
 * {"access_token":"iuy0fbfe-da2c-4840-8b66-848168ad8d00","token_type":"bearer","refresh_token":"9406e12f-d62e-42bd-ad40-0206d94ae7ds","expires_in":7199,"scope":"read"}
 *
 * @author Shengzhao Li
 * @since 2.0.1
 */
 public class AccessTokenDto implements Serializable {
    private static final long serialVersionUID = -8894979171517528312L;
    @JsonProperty("access_token")
    private String accessToken;
    @JsonProperty("token_type")
    private String tokenType;
    @JsonProperty("refresh_token")
    private String refreshToken;
    @JsonProperty("scope")
    private String scope;
    @JsonProperty("expires_in")
    private int expiresIn;
    public AccessTokenDto() {
    }
    public AccessTokenDto(OAuth2AccessToken token) {
        this.accessToken = token.getValue();
        this.expiresIn = token.getExpiresIn();
        this.scope = StringUtils.join(token.getScope(), ",");
        this.tokenType = token.getTokenType();
        final OAuth2RefreshToken oAuth2RefreshToken = token.getRefreshToken();
        if (oAuth2RefreshToken != null) {
            this.refreshToken = oAuth2RefreshToken.getValue();
        }
    }
    public String getAccessToken() {
        return accessToken;
    }
    public void setAccessToken(String accessToken) {
        this.accessToken = accessToken;
    }
    public String getTokenType() {
        return tokenType;
    }
    public void setTokenType(String tokenType) {
        this.tokenType = tokenType;
    }
    public String getRefreshToken() {
        return refreshToken;
    }
    public void setRefreshToken(String refreshToken) {
        this.refreshToken = refreshToken;
    }
    public String getScope() {
        return scope;
    }
    public void setScope(String scope) {
        this.scope = scope;
    }
    public int getExpiresIn() {
        return expiresIn;
    }
    public void setExpiresIn(int expiresIn) {
        this.expiresIn = expiresIn;
    }
    @Override
    public String toString() {
        return "{" +
                "accessToken='" + accessToken + '\'' +
                ", tokenType='" + tokenType + '\'' +
                ", refreshToken='" + refreshToken + '\'' +
                ", scope='" + scope + '\'' +
                ", expiresIn=" + expiresIn +
                '}';
    }
 }
--- a/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
+++ b/src/main/java/com/monkeyk/sos/service/dto/OauthClientDetailsDto.java
@ -16,6 +16,8 @@ import java.util.List;
 public class OauthClientDetailsDto implements Serializable {
    private static final long serialVersionUID = 4011292111995231569L;
    private String createTime;
    private boolean archived;
--- a/src/main/java/com/monkeyk/sos/service/dto/UserJsonDto.java
+++ b/src/main/java/com/monkeyk/sos/service/dto/UserJsonDto.java
@ -13,6 +13,8 @@ import java.util.List;
 public class UserJsonDto implements Serializable {
    private static final long serialVersionUID = -704681024783524371L;
    private String guid;
    private boolean archived;