gitee
/
spring-oauth-server
mirror of https://gitee.com/shengzhao/spring-oauth-server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

!1 合并1.0版本代码到指定分支 

Merge pull request !1 from monkeyk7/master
pull/1/MERGE
李胜钊 2018-10-14 22:51:51 +08:00 committed by monkeyk7
parent d0f0e22dc2 d04bd2036f
commit b49ce7eecd
12 changed files with 334 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
README.md
View File

@ -5,6 +5,7 @@
项目用Maven管理, 字符编码: UTF-8
<em>授权协议:<a href="https://gitee.com/shengzhao/spring-oauth-server/tree/master/LICENSE">GPL-2.0</a></em>
使用的技术与版本号
<ol>
@ -17,22 +18,26 @@
<li>MySQL (5.6.23)</li>
<li>EhCache (2.0.4)</li>
</ol>
<h4>技术视频</h4>
<a href="http://list.youku.com/albumlist/show/id_51900110.html" target="_blank">http://list.youku.com/albumlist/show/id_51900110.html</a>
(持续更新...)
<hr/>
<strong>Java Config版本请访问Branch: <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/config/">config</a></strong>
<h3>Spring-Boot版本请访问Branch: <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/config/">config</a></h3>
<strong>MongoDB版本请访问Branch: <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/mongodb/">mongodb</a></strong>
<strong>MongoDB版本请访问Branch: <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/mongodb/">mongodb</a></strong>
<strong>OAuth2下一代身份认证授权协议OIDC实现: <a href="https://git.oschina.net/mkk/MyOIDC">MyOIDC</a></strong>
<hr/>
<h3>
OAuth2客户端项目请访问 <a href="http://git.oschina.net/mkk/spring-oauth-client">spring-oauth-client</a>
OAuth2客户端项目请访问 <a href="https://gitee.com/mkk/spring-oauth-client">spring-oauth-client</a>
</h3>
<h3>
在线测试访问地址 <a href="http://andaily.com/spring-oauth-server/">http://andaily.com/spring-oauth-server/</a>
</h3>
<h4>
Shiro与OLTU整合的OAuth2项目 <a href="http://git.oschina.net/mkk/oauth2-shiro">http://git.oschina.net/mkk/oauth2-shiro</a>
Shiro与OLTU整合的OAuth2项目 <a href="https://gitee.com/mkk/oauth2-shiro">https://gitee.com/mkk/oauth2-shiro</a><br/>
(相比spring-oauth-server, 该项目入门门槛相对较低, 代码更加透明, 理解更容易,可扩展性更强, 且模块化开发)
</h4>
<hr/>
@ -44,7 +49,7 @@
项目是Maven管理的, 需要本地安装maven(开发用的maven版本号为3.1.0), 还有MySql(开发用的mysql版本号为5.6)
</li>
<li>
<a href="http://git.oschina.net/shengzhao/spring-oauth-server/repository/archive?ref=master">下载</a>(或clone)项目到本地
<a href="https://gitee.com/shengzhao/spring-oauth-server/repository/archive?ref=master">下载</a>(或clone)项目到本地
</li>
<li>
创建MySQL数据库(如数据库名oauth2), 并运行相应的SQL脚本(脚本文件位于others/database目录),
@ -52,7 +57,7 @@
运行脚本的顺序: initial_db.ddl -> oauth.ddl -> initial_data.ddl
</li>
<li>
修改<a href="http://git.oschina.net/shengzhao/spring-oauth-server/blob/master/src/main/resources/spring-oauth-server.properties">spring-oauth-server.properties</a>(位于src/main/resources目录)中的数据库连接信息(包括username, password等)
修改<a href="https://gitee.com/shengzhao/spring-oauth-server/blob/master/src/main/resources/spring-oauth-server.properties">spring-oauth-server.properties</a>(位于src/main/resources目录)中的数据库连接信息(包括username, password等)
</li>
<li>
将本地项目导入到IDE(如Intellij IDEA)中,配置Tomcat(或类似的servlet运行服务器), 并启动Tomcat(默认端口为8080);
@ -63,7 +68,7 @@
将war放在Tomcat中并启动(注意: 这种方式需要将spring-oauth-server.properties加入到classpath中并正确配置数据库连接信息).
</li>
<li>
参考<a href="http://git.oschina.net/shengzhao/spring-oauth-server/blob/master/others/oauth_test.txt">oauth_test.txt</a>(位于others目录)的内容并测试之(也可在浏览器中访问相应的地址,如: http://localhost:8080/spring-oauth-server).
参考<a href="https://gitee.com/shengzhao/spring-oauth-server/blob/master/others/oauth_test.txt">oauth_test.txt</a>(位于others目录)的内容并测试之(也可在浏览器中访问相应的地址,如: http://localhost:8080/spring-oauth-server).
</li>
</ol>
</p>
@ -93,8 +98,8 @@
</li>
<li>
<p>
如果在使用过程中遇到特殊的问题(如:如何将oauth_code存入数据库),请访问项目的 <a href="http://git.oschina.net/shengzhao/spring-oauth-server/wikis/pages">Wiki</a>
<a href="http://git.oschina.net/shengzhao/spring-oauth-server/attach_files">附件</a>.
如果在使用过程中遇到特殊的问题(如:如何将oauth_code存入数据库),请访问项目的 <a href="https://gitee.com/shengzhao/spring-oauth-server/wikis/pages">Wiki</a>
<a href="https://gitee.com/shengzhao/spring-oauth-server/attach_files">附件</a>.
<br/>
我会把大家反馈的问题解决办法添加在这里.
<br/>
@ -105,7 +110,7 @@
<li>
<p>
如果在使用项目的过程中发现任何的BUG或者更好的提议, 建议将其提交到项目的 <a href="http://git.oschina.net/shengzhao/spring-oauth-server/issues">Issues</a> 中,
如果在使用项目的过程中发现任何的BUG或者更好的提议, 建议将其提交到项目的 <a href="https://gitee.com/shengzhao/spring-oauth-server/issues">Issues</a> 中,
我会一直关注并不断改进项目.
</p>
</li>
@ -115,10 +120,10 @@
<strong>功能扩展</strong>
<ol>
<li>
<code>oauth_code存入数据库的配置</code>, 请下载文件 <a href="http://git.oschina.net/shengzhao/spring-oauth-server/attach_files">oauth_code存入数据库的配置.jpg</a>
<code>oauth_code存入数据库的配置</code>, 请下载文件 <a href="https://gitee.com/shengzhao/spring-oauth-server/attach_files">oauth_code存入数据库的配置.jpg</a>
</li>
<li>
<code>改变token过期的时间的配置</code>, 请下载文件<a href="http://git.oschina.net/shengzhao/spring-oauth-server/attach_files">改变token过期的时间的配置.jpg</a>
<code>改变token过期的时间的配置</code>, 请下载文件<a href="https://gitee.com/shengzhao/spring-oauth-server/attach_files">改变token过期的时间的配置.jpg</a>
</li>
<li>
<code>自定义 grant_type</code>, 默认情况支持的grant_type包括 [password,authorization_code,refresh_token,implicit], 若不需要其中的某些grant_type,
@ -152,14 +157,40 @@
<p>
从 0.3版本开始将项目的所有计划的开发内容列出来, 方便大家跟进, 也欢迎你加入.
<br/>
项目的开发管理使用开源项目 <a href="http://git.oschina.net/mkk/andaily-developer">andaily-developer</a>.
项目的开发管理使用开源项目 <a href="https://gitee.com/mkk/andaily-developer">andaily-developer</a>.
</p>
<ul>
<li>
<p>
Version: <strong>1.0</strong> [pending]
Version: <strong>2.0.1</strong> [pending]
<br/>
Date: 2017-03-30 / ---
Date: 2018-05-01 / ---
</p>
<ol>
<li><p>增加 /oauth/check_token 可使用 #IJO9H</p></li>
<li><p><del>Fix issue #IJO9R /oauth/rest_token 接口 client_secret字段没有校验</del></p></li>
<li><p><del>升级spring-boot 版本为 2.0.2.RELEASE</del></p></li>
<li><p><del>将项目用视频方式展现出来,更直观. <a href="http://list.youku.com/albumlist/show/id_51900110.html" target="_blank>视频链接</a></del></p></li>
</ol>
<br/>
</li>
<li>
<p>
Version: <strong>2.0.0</strong> [finished]
<br/>
Date: 2018-04-09 / 2018-04-21
</p>
<ol>
<li><p><del>更新UI,为了更易理解与使用,场景化</del></p></li>
<li><strong><del>使用 spring-boot 重构</del></strong></li>
</ol>
<br/>
</li>
<li>
<p>
Version: <strong>1.0</strong> [finished]
<br/>
Date: 2017-03-30 / 2018-04-04
</p>
<ol>
<li><p><del>implicit测试时 取消掉 client secret</del></p></li>
@ -227,7 +258,7 @@
<ol>
<li><p>#73 - Upgrade 'spring-security-oauth2' version to '2.0.6.RELEASE' (current: 1.0.5.RELEASE) [CANCELED]</p></li>
<li><p><del>#74 - oauth mysql ddl add create_time, default is now() </del></p></li>
<li><p><del>#75 - Add user information API, for <a href="http://git.oschina.net/mkk/spring-oauth-client"><code>spring-oauth-client</code></a> project use
<li><p><del>#75 - Add user information API, for <a href="https://gitee.com/mkk/spring-oauth-client"><code>spring-oauth-client</code></a> project use
<pre>
URL: /unity/user_info
Login: Yes (ROLE_UNITY)
@ -266,23 +297,24 @@
<p>
<ol>
<li><p><em>2013-11-19</em> Initial project, start push code</p></li>
<li><p><em>2013-11-20</em> 发布<a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/0.1/">0.1</a>版本</p></li>
<li><p><em>2013-11-20</em> 发布<a href="https://gitee.com/shengzhao/spring-oauth-server/tree/0.1/">0.1</a>版本</p></li>
<li><p><em>2015-05-06</em> 发布<a href="http://www.oschina.net/news/62176/spring-oauth-server-0-2">0.2</a>版本</p></li>
<li><p><em>2015-05-27</em> 创建项目博客,访问地址 <a href="http://andaily.com/blog/?cat=19">http://andaily.com/blog/?cat=19</a></p></li>
<li><p><em>2015-06-07</em> 发布<a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/0.3/">0.3</a>版本</p></li>
<li><p><em>2015-06-07</em> 发布<a href="https://gitee.com/shengzhao/spring-oauth-server/tree/0.3/">0.3</a>版本</p></li>
<li><p>
<em>2015-06-16</em> 添加github访问: <a href="https://github.com/monkeyk/spring-oauth-server">https://github.com/monkeyk/spring-oauth-server</a>,
以后的更新将同步github与gitosc.
</p></li>
<li><p><em>2015-11-09</em> 开始开发 0.4-beta 版本</p></li>
<li><p><em>2015-11-18</em> 发布 <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/0.4-beta/">0.4-beta</a> 版本</p></li>
<li><p><em>2016-01-02</em> 发布 <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/0.4/">0.4</a> 版本</p></li>
<li><p><em>2015-11-18</em> 发布 <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/0.4-beta/">0.4-beta</a> 版本</p></li>
<li><p><em>2016-01-02</em> 发布 <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/0.4/">0.4</a> 版本</p></li>
<li><p><em>2016-02-19</em> Add 0.5 version development planning</p></li>
<li><p><em>2016-04-03</em> Add <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/config/">config</a> branch</p></li>
<li><p><em>2016-04-14</em> Add <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/mongodb/">mongodb</a> branch</p></li>
<li><p><em>2016-06-02</em> 发布 <a href="http://git.oschina.net/shengzhao/spring-oauth-server/tree/0.5/">0.5</a> 版本</p></li>
<li><p><em>2016-04-03</em> Add <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/config/">config</a> branch</p></li>
<li><p><em>2016-04-14</em> Add <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/mongodb/">mongodb</a> branch</p></li>
<li><p><em>2016-06-02</em> 发布 <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/0.5/">0.5</a> 版本</p></li>
<li><p><em>2016-07-06</em> Add 0.6 version planning</p></li>
<li><p><em>2016-10-13</em> 发布0.6版本</p></li>
<li><p><em>2018-04-21</em> 发布2.0.0版本, <a href="https://gitee.com/shengzhao/spring-oauth-server/tree/config/" target="_blank">spring-boot版本</a></p></li>
</ol>
</p>
@ -359,6 +391,9 @@
与项目相关的与OAuth2相关的问题与回答以及各类讨论请访问<br/>
<a href="http://andaily.com/blog/?dwqa-question_category=oauth">http://andaily.com/blog/?dwqa-question_category=oauth</a>
</p>
<p>
GitHub项目地址: <a href="https://github.com/monkeyk/spring-oauth-server.git">https://github.com/monkeyk/spring-oauth-server.git</a>
</p>
<hr/>
@ -388,6 +423,7 @@
<li><p>南京索特科技 -- 200元 (2016-12-16)</p></li>
<li><p>周广文 -- 6.66元 (2017-02-17)</p></li>
<li><p>境随心转 -- 20元 (2017-06-09)</p></li>
<li><p>Xyz(秦) -- 50元 (2018-06-05)</p></li>
</ul>
</div>

15
src/main/java/com/monkeyk/sos/infrastructure/CacheConstants.java
View File

@ -9,35 +9,32 @@ package com.monkeyk.sos.infrastructure;
*
* @author Shengzhao Li
*/
public abstract class CacheConstants {
public interface CacheConstants {
/**
* client Details Cache, key is clientId
*/
public static final String CLIENT_DETAILS_CACHE = "clientDetailsCache";
String CLIENT_DETAILS_CACHE = "clientDetailsCache";
/**
* access Token Cache, key is token
*/
public static final String ACCESS_TOKEN_CACHE = "accessTokenCache";
String ACCESS_TOKEN_CACHE = "accessTokenCache";
/**
* refresh Token Cache, key is token
*/
public static final String REFRESH_TOKEN_CACHE = "refreshTokenCache";
String REFRESH_TOKEN_CACHE = "refreshTokenCache";
/**
* authorization Code Cache, key is code
*/
public static final String AUTHORIZATION_CODE_CACHE = "authorizationCodeCache";
String AUTHORIZATION_CODE_CACHE = "authorizationCodeCache";
/**
* user Cache, key is username
*/
public static final String USER_CACHE = "userCache";
String USER_CACHE = "userCache";
private CacheConstants() {
}
}

41
src/main/java/com/monkeyk/sos/infrastructure/SOSCacheUtils.java Normal file
View File

@ -0,0 +1,41 @@
package com.monkeyk.sos.infrastructure;
import com.monkeyk.sos.web.context.BeanProvider;
import org.springframework.cache.Cache;
import org.springframework.cache.CacheManager;
import org.springframework.util.Assert;
/**
* 2018/10/14
* <p>
* <p>
* Cache
*
* @author Shengzhao Li
* @since 1.0
*/
public class SOSCacheUtils implements CacheConstants {
private SOSCacheUtils() {
}
/**
* Cache
*
* @return Cache instance
*/
public static Cache userCache() {
final CacheManager cacheManager = getCacheManager();
return cacheManager.getCache(USER_CACHE);
}
private static CacheManager getCacheManager() {
final CacheManager cacheManager = BeanProvider.getBean(CacheManager.class);
Assert.notNull(cacheManager, "cacheManager is null");
return cacheManager;
}
}

40
src/main/java/com/monkeyk/sos/service/business/CurrentUserJsonDtoLoader.java Normal file
View File

@ -0,0 +1,40 @@
package com.monkeyk.sos.service.business;
import com.monkeyk.sos.domain.dto.UserJsonDto;
import com.monkeyk.sos.domain.shared.security.WdcyUserDetails;
import com.monkeyk.sos.domain.user.UserRepository;
import com.monkeyk.sos.web.context.BeanProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
/**
* 2018/10/14
*
* @author Shengzhao Li
* @since 1.0
*/
public class CurrentUserJsonDtoLoader {
private transient UserRepository userRepository = BeanProvider.getBean(UserRepository.class);
public CurrentUserJsonDtoLoader() {
}
public UserJsonDto load() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
final Object principal = authentication.getPrincipal();
if (authentication instanceof OAuth2Authentication &&
(principal instanceof String || principal instanceof org.springframework.security.core.userdetails.User)) {
OauthUserJsonDtoLoader jsonDtoLoader = new OauthUserJsonDtoLoader((OAuth2Authentication) authentication);
return jsonDtoLoader.load();
} else {
final WdcyUserDetails userDetails = (WdcyUserDetails) principal;
return new UserJsonDto(userRepository.findByGuid(userDetails.user().guid()));
}
}
}

35
src/main/java/com/monkeyk/sos/service/business/OauthUserJsonDtoLoader.java Normal file
View File

@ -0,0 +1,35 @@
package com.monkeyk.sos.service.business;
import com.monkeyk.sos.domain.dto.UserJsonDto;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import java.util.Collection;
/**
* 2018/10/14
*
* @author Shengzhao Li
* @since 1.0
*/
public class OauthUserJsonDtoLoader {
private OAuth2Authentication oAuth2Authentication;
public OauthUserJsonDtoLoader(OAuth2Authentication oAuth2Authentication) {
this.oAuth2Authentication = oAuth2Authentication;
}
public UserJsonDto load() {
UserJsonDto userJsonDto = new UserJsonDto();
userJsonDto.setUsername(oAuth2Authentication.getName());
final Collection<GrantedAuthority> authorities = oAuth2Authentication.getAuthorities();
for (GrantedAuthority authority : authorities) {
userJsonDto.getPrivileges().add(authority.getAuthority());
}
return userJsonDto;
}
}

43
src/main/java/com/monkeyk/sos/service/business/UserFormSaver.java Normal file
View File

@ -0,0 +1,43 @@
package com.monkeyk.sos.service.business;
import com.monkeyk.sos.domain.dto.UserFormDto;
import com.monkeyk.sos.domain.user.User;
import com.monkeyk.sos.domain.user.UserRepository;
import com.monkeyk.sos.infrastructure.SOSCacheUtils;
import com.monkeyk.sos.web.WebUtils;
import com.monkeyk.sos.web.context.BeanProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* 2018/10/14
*
* @author Shengzhao Li
* @since 1.0
*/
public class UserFormSaver {
private static final Logger LOG = LoggerFactory.getLogger(UserFormSaver.class);
private transient UserRepository userRepository = BeanProvider.getBean(UserRepository.class);
private UserFormDto formDto;
public UserFormSaver(UserFormDto formDto) {
this.formDto = formDto;
}
public String save() {
User user = formDto.newUser();
userRepository.saveUser(user);
LOG.debug("{}|Save User: {}", WebUtils.getIp(), user);
//Add to cache
SOSCacheUtils.userCache().put(user.username(), user);
return user.guid();
}
}

35
src/main/java/com/monkeyk/sos/service/impl/UserServiceImpl.java
View File

@ -8,16 +8,13 @@ import com.monkeyk.sos.domain.shared.security.WdcyUserDetails;
import com.monkeyk.sos.domain.user.User;
import com.monkeyk.sos.domain.user.UserRepository;
import com.monkeyk.sos.service.UserService;
import com.monkeyk.sos.service.business.CurrentUserJsonDtoLoader;
import com.monkeyk.sos.service.business.UserFormSaver;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Service;
import java.util.Collection;
import java.util.List;
/**
@ -43,16 +40,8 @@ public class UserServiceImpl implements UserService {
@Override
public UserJsonDto loadCurrentUserJsonDto() {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
final Object principal = authentication.getPrincipal();
if (authentication instanceof OAuth2Authentication &&
(principal instanceof String || principal instanceof org.springframework.security.core.userdetails.User)) {
return loadOauthUserJsonDto((OAuth2Authentication) authentication);
} else {
final WdcyUserDetails userDetails = (WdcyUserDetails) principal;
return new UserJsonDto(userRepository.findByGuid(userDetails.user().guid()));
}
CurrentUserJsonDtoLoader dtoLoader = new CurrentUserJsonDtoLoader();
return dtoLoader.load();
}
@Override
@ -70,21 +59,9 @@ public class UserServiceImpl implements UserService {
@Override
public String saveUser(UserFormDto formDto) {
User user = formDto.newUser();
userRepository.saveUser(user);
return user.guid();
UserFormSaver saver = new UserFormSaver(formDto);
return saver.save();
}
private UserJsonDto loadOauthUserJsonDto(OAuth2Authentication oAuth2Authentication) {
UserJsonDto userJsonDto = new UserJsonDto();
userJsonDto.setUsername(oAuth2Authentication.getName());
final Collection<GrantedAuthority> authorities = oAuth2Authentication.getAuthorities();
for (GrantedAuthority authority : authorities) {
userJsonDto.getPrivileges().add(authority.getAuthority());
}
return userJsonDto;
}
}

39
src/main/java/com/monkeyk/sos/web/context/BeanProvider.java Normal file
View File

@ -0,0 +1,39 @@
package com.monkeyk.sos.web.context;
import org.springframework.context.ApplicationContext;
/**
* 2018/10/14
* <p>
* Spring bean
*
* @author Shengzhao Li
* @see SOSContextLoaderListener
* @since 1.0
*/
public abstract class BeanProvider {
private static ApplicationContext springApplicationContext;
//private
private BeanProvider() {
}
static void initialize(ApplicationContext applicationContext) {
BeanProvider.springApplicationContext = applicationContext;
}
public static <T> T getBean(Class<T> clazz) {
return springApplicationContext == null ? null : springApplicationContext.getBean(clazz);
}
@SuppressWarnings("unchecked")
public static <T> T getBean(String beanId) {
if (springApplicationContext == null) {
return null;
}
return (T) springApplicationContext.getBean(beanId);
}
}

28
src/main/java/com/monkeyk/sos/web/context/SOSContextLoaderListener.java Normal file
View File

@ -0,0 +1,28 @@
package com.monkeyk.sos.web.context;
import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import javax.servlet.ServletContextEvent;
/**
* 2018/10/14
* <p>
* <p>
* Spring Context, 便 bean
*
* @author Shengzhao Li
* @since 1.0
*/
public class SOSContextLoaderListener extends ContextLoaderListener {
@Override
public void contextInitialized(ServletContextEvent event) {
super.contextInitialized(event);
//ext
WebApplicationContext applicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(event.getServletContext());
BeanProvider.initialize(applicationContext);
}
}

27
src/main/java/com/monkeyk/sos/web/controller/OAuthRestController.java
View File

@ -137,6 +137,16 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
String clientId = getClientId(parameters);
ClientDetails authenticatedClient = clientDetailsService.loadClientByClientId(clientId);
//validate client_secret
String clientSecret = getClientSecret(parameters);
if (clientSecret == null || clientSecret.equals("")) {
throw new InvalidClientException("Bad client credentials");
} else {
if (!clientSecret.equals(authenticatedClient.getClientSecret())) {
throw new InvalidClientException("Bad client credentials");
}
}
TokenRequest tokenRequest = oAuth2RequestFactory.createTokenRequest(parameters, authenticatedClient);
if (clientId != null && !"".equals(clientId)) {
@ -149,9 +159,7 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
}
}
if (authenticatedClient != null) {
oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient);
}
oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient);
final String grantType = tokenRequest.getGrantType();
if (!StringUtils.hasText(grantType)) {
@ -227,7 +235,7 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
*
* @param e Exception
* @return ResponseEntity
* @throws Exception
* @throws Exception Exception
* @see org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint#handleException(Exception)
*/
@ExceptionHandler(InvalidTokenException.class)
@ -238,18 +246,23 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
private boolean isRefreshTokenRequest(Map<String, String> parameters) {
return "refresh_token".equals(parameters.get("grant_type")) && parameters.get("refresh_token") != null;
return "refresh_token".equals(parameters.get(OAuth2Utils.GRANT_TYPE)) && parameters.get("refresh_token") != null;
}
private boolean isAuthCodeRequest(Map<String, String> parameters) {
return "authorization_code".equals(parameters.get("grant_type")) && parameters.get("code") != null;
return "authorization_code".equals(parameters.get(OAuth2Utils.GRANT_TYPE)) && parameters.get("code") != null;
}
protected String getClientId(Map<String, String> parameters) {
return parameters.get("client_id");
return parameters.get(OAuth2Utils.CLIENT_ID);
}
protected String getClientSecret(Map<String, String> parameters) {
return parameters.get("client_secret");
}
private AuthenticationManager getAuthenticationManager() {
return this.authenticationManager;
}

4
src/main/webapp/WEB-INF/web.xml
View File

@ -132,11 +132,11 @@
</listener>
<!--
Spring Context 监听
Spring Context 监听, 扩展实现l
-->
<!-- Spring context listener -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
<listener-class>com.monkeyk.sos.web.context.SOSContextLoaderListener</listener-class>
</listener>

20
src/main/webapp/index.jsp
View File

@ -5,6 +5,7 @@
<%@ page contentType="text/html;charset=UTF-8" language="java" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
<!DOCTYPE HTML>
<html>
<head>
@ -17,11 +18,20 @@
<small class="badge" title="Version">1.0</small>
</h2>
<p>
<a href="${contextPath}/login.jsp">Login</a>
&nbsp;|&nbsp;
<a href="${contextPath}/logout.do">Logout</a>
</p>
<c:if test="${not empty SPRING_SECURITY_CONTEXT.authentication.principal.username}" var="logged">
Logged: <sec:authentication property="principal.username"/>
<p>
<a href="${contextPath}/logout.do">Logout</a>
</p>
</c:if>
<c:if test="${not logged}">
<p>
<a href="${contextPath}/login.jsp">Login</a>
&nbsp;|&nbsp;
<a href="${contextPath}/logout.do">Logout</a>
</p>
</c:if>
<div>
操作说明: