mirror of
https://github.com/hs-web/hsweb-framework.git
synced 2026-05-31 18:03:52 +08:00
增加OAuth2
This commit is contained in:
zhouhao
@@ -26,9 +26,9 @@ import java.util.function.Supplier;
|
||||
|
||||
/**
|
||||
* 用户授权信息,当前登录用户的权限信息,包括用户的基本信息,角色,权限集合等常用信息<br>
|
||||
* 如何获取:
|
||||
* 获取方式:
|
||||
* <ul>
|
||||
* <li>springmvc 入参方式: ResponseMessage myTest(@AuthInfo Authorization auth){}</li>
|
||||
* <li>springmvc 入参方式: ResponseMessage myTest(Authorization auth){}</li>
|
||||
* <li>静态方法方式:AuthorizationHolder.get();</li>
|
||||
* </ul>
|
||||
*
|
||||
@@ -39,23 +39,17 @@ import java.util.function.Supplier;
|
||||
public interface Authorization extends Serializable {
|
||||
|
||||
/**
|
||||
* 获取用户基本信息
|
||||
*
|
||||
* @return 用户信息
|
||||
*/
|
||||
User getUser();
|
||||
|
||||
/**
|
||||
* 获取持有的角色集合
|
||||
*
|
||||
* @return 角色集合
|
||||
* @return 用户持有的角色集合
|
||||
*/
|
||||
List<Role> getRoles();
|
||||
|
||||
/**
|
||||
* 获取持有的权限集合
|
||||
*
|
||||
* @return 权限集合
|
||||
* @return 用户持有的权限集合
|
||||
*/
|
||||
List<Permission> getPermissions();
|
||||
|
||||
|
||||
@@ -0,0 +1,30 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface AuthorizationInitializeService {
|
||||
Authorization initUserAuthorization(String userId);
|
||||
|
||||
Authorization initAdminAuthorization(String userId);
|
||||
}
|
||||
@@ -24,7 +24,8 @@ import java.io.Serializable;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 用户持有的权限信息
|
||||
* 用户持有的权限信息,包含了权限基本信息、可操作范围(action)、行,列级权限控制规则。
|
||||
* 是用户权限的重要接口。
|
||||
*
|
||||
* @author zhouhao
|
||||
* @see Authorization
|
||||
|
||||
@@ -0,0 +1,39 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 http://www.hswebframework.org
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
~
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>hsweb-authorization-oauth2-server</artifactId>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<version>3.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>hsweb-authorization-oauth2-server-api</artifactId>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-authorization-oauth2-server-entity</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
@@ -0,0 +1,46 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.api;
|
||||
|
||||
import org.hswebframework.web.authorization.oauth2.entity.OAuth2AccessEntity;
|
||||
import org.hswebframework.web.authorization.oauth2.entity.OAuth2ClientEntity;
|
||||
|
||||
/**
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface OAuth2ServerService {
|
||||
|
||||
OAuth2ClientEntity getClient(String clientId);
|
||||
|
||||
OAuth2ClientEntity getClient(String clientId, String clientSecret);
|
||||
|
||||
OAuth2AccessEntity getAccessByToken(String accessToken);
|
||||
|
||||
String requestCode(String clientId, String userId, String scope);
|
||||
|
||||
OAuth2AccessEntity requestTokenByCode(String code, String clientId, String clientSecret, String scope);
|
||||
|
||||
OAuth2AccessEntity requestTokenByClientCredential(String clientId, String clientSecret);
|
||||
|
||||
OAuth2AccessEntity requestTokenByPassword(String username, String password);
|
||||
|
||||
OAuth2AccessEntity refreshToken(String clientId, String clientSecret, String refreshToken, String scope);
|
||||
|
||||
OAuth2AccessEntity getAccessToken(String accessToken);
|
||||
}
|
||||
@@ -0,0 +1,45 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 http://www.hswebframework.org
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
~
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>hsweb-authorization-oauth2-server-dao</artifactId>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<version>3.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>hsweb-authorization-oauth2-server-dao-api</artifactId>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-commons-dao-api</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-authorization-oauth2-server-entity</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
@@ -0,0 +1,36 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.dao;
|
||||
|
||||
import org.hswebframework.web.authorization.oauth2.entity.AuthorizationCodeEntity;
|
||||
import org.hswebframework.web.dao.InsertDao;
|
||||
import org.hswebframework.web.dao.dynamic.DeleteByEntityDao;
|
||||
import org.hswebframework.web.dao.dynamic.QueryByEntityDao;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface AuthorizationCodeDao extends
|
||||
InsertDao<AuthorizationCodeEntity>,
|
||||
DeleteByEntityDao,
|
||||
QueryByEntityDao<AuthorizationCodeEntity> {
|
||||
|
||||
}
|
||||
@@ -0,0 +1,35 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.dao;
|
||||
|
||||
import org.hswebframework.web.authorization.oauth2.entity.OAuth2AccessEntity;
|
||||
import org.hswebframework.web.dao.InsertDao;
|
||||
import org.hswebframework.web.dao.dynamic.DeleteByEntityDao;
|
||||
import org.hswebframework.web.dao.dynamic.QueryByEntityDao;
|
||||
import org.hswebframework.web.dao.dynamic.UpdateByEntityDao;
|
||||
|
||||
/**
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface OAuth2AccessDao extends
|
||||
InsertDao<OAuth2AccessEntity>,
|
||||
DeleteByEntityDao,
|
||||
UpdateByEntityDao,
|
||||
QueryByEntityDao<OAuth2AccessEntity> {
|
||||
}
|
||||
@@ -0,0 +1,30 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.dao;
|
||||
|
||||
import org.hswebframework.web.authorization.oauth2.entity.OAuth2ClientEntity;
|
||||
import org.hswebframework.web.dao.CrudDao;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface OAuth2ClientDao extends CrudDao<OAuth2ClientEntity, String> {
|
||||
}
|
||||
@@ -0,0 +1,37 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 http://www.hswebframework.org
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
~
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>hsweb-authorization-oauth2-server</artifactId>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<version>3.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>hsweb-authorization-oauth2-server-dao</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<modules>
|
||||
<module>hsweb-authorization-oauth2-server-dao-api</module>
|
||||
</modules>
|
||||
|
||||
|
||||
</project>
|
||||
@@ -0,0 +1,45 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 http://www.hswebframework.org
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
~
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>hsweb-authorization-oauth2-server</artifactId>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<version>3.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>hsweb-authorization-oauth2-server-entity</artifactId>
|
||||
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-commons-entity</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-authorization-api</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
@@ -0,0 +1,48 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.entity;
|
||||
|
||||
import org.hswebframework.web.commons.entity.Entity;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface AuthorizationCodeEntity extends Entity {
|
||||
String getClientId();
|
||||
|
||||
void setClientId(String clientId);
|
||||
|
||||
String getUserId();
|
||||
|
||||
void setUserId(String userId);
|
||||
|
||||
String getCode();
|
||||
|
||||
void setCode(String code);
|
||||
|
||||
Long getCreateTime();
|
||||
|
||||
void setCreateTime(Long createTime);
|
||||
|
||||
String getScope();
|
||||
|
||||
void setScope(String scope);
|
||||
}
|
||||
@@ -0,0 +1,61 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.entity;
|
||||
|
||||
import org.hswebframework.web.commons.entity.Entity;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface OAuth2AccessEntity extends Entity {
|
||||
|
||||
String getClientId();
|
||||
|
||||
void setClientId(String clientId);
|
||||
|
||||
String getUserId();
|
||||
|
||||
void setUserId(String userId);
|
||||
|
||||
String getAccessToken();
|
||||
|
||||
void setAccessToken(String accessToken);
|
||||
|
||||
String getRefreshToken();
|
||||
|
||||
void setRefreshToken(String refreshToken);
|
||||
|
||||
Long getExpireIn();
|
||||
|
||||
void setExpireIn(Long expireIn);
|
||||
|
||||
Long getCreateTime();
|
||||
|
||||
void setCreateTime(Long createTime);
|
||||
|
||||
Long getUpdateTime();
|
||||
|
||||
void setUpdateTime(Long updateTime);
|
||||
|
||||
String getScope();
|
||||
|
||||
void setScope(String scope);
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.entity;
|
||||
|
||||
import org.hswebframework.web.authorization.User;
|
||||
import org.hswebframework.web.commons.entity.GenericEntity;
|
||||
import org.hswebframework.web.commons.entity.RecordCreationEntity;
|
||||
|
||||
/**
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface OAuth2ClientEntity extends GenericEntity<String>, RecordCreationEntity {
|
||||
|
||||
// client_id
|
||||
@Override
|
||||
String getId();
|
||||
|
||||
String getName();
|
||||
|
||||
void setName(String name);
|
||||
|
||||
// client_secret
|
||||
String getSecret();
|
||||
|
||||
void setSecret(String secret);
|
||||
|
||||
//redirect_uri
|
||||
String getRedirectUri();
|
||||
|
||||
void setRedirectUri(String redirectUri);
|
||||
|
||||
/**
|
||||
* @return 客户端所有者
|
||||
* @see User#getId()
|
||||
*/
|
||||
String getOwnerId();
|
||||
|
||||
void setOwnerId(String ownerId);
|
||||
|
||||
String getComments();
|
||||
|
||||
void setComments(String comments);
|
||||
|
||||
String getType();
|
||||
|
||||
void setType(String type);
|
||||
}
|
||||
@@ -0,0 +1,77 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.entity;
|
||||
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public class SimpleAuthorizationCodeEntity implements AuthorizationCodeEntity {
|
||||
private String clientId;
|
||||
|
||||
private String userId;
|
||||
|
||||
private String code;
|
||||
|
||||
private Long createTime;
|
||||
|
||||
private String scope;
|
||||
|
||||
public String getScope() {
|
||||
return scope;
|
||||
}
|
||||
|
||||
public void setScope(String scope) {
|
||||
this.scope = scope;
|
||||
}
|
||||
|
||||
public String getClientId() {
|
||||
return clientId;
|
||||
}
|
||||
|
||||
public void setClientId(String clientId) {
|
||||
this.clientId = clientId;
|
||||
}
|
||||
|
||||
public String getUserId() {
|
||||
return userId;
|
||||
}
|
||||
|
||||
public void setUserId(String userId) {
|
||||
this.userId = userId;
|
||||
}
|
||||
|
||||
public String getCode() {
|
||||
return code;
|
||||
}
|
||||
|
||||
public void setCode(String code) {
|
||||
this.code = code;
|
||||
}
|
||||
|
||||
public Long getCreateTime() {
|
||||
return createTime;
|
||||
}
|
||||
|
||||
public void setCreateTime(Long createTime) {
|
||||
this.createTime = createTime;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,107 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.entity;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public class SimpleOAuth2AccessEntity implements OAuth2AccessEntity {
|
||||
|
||||
private String clientId;
|
||||
|
||||
private String userId;
|
||||
|
||||
private String accessToken;
|
||||
|
||||
private String refreshToken;
|
||||
|
||||
private Long expireIn;
|
||||
|
||||
private Long createTime;
|
||||
|
||||
private Long updateTime;
|
||||
|
||||
private String scope;
|
||||
|
||||
public String getClientId() {
|
||||
return clientId;
|
||||
}
|
||||
|
||||
public void setClientId(String clientId) {
|
||||
this.clientId = clientId;
|
||||
}
|
||||
|
||||
public String getUserId() {
|
||||
return userId;
|
||||
}
|
||||
|
||||
public void setUserId(String userId) {
|
||||
this.userId = userId;
|
||||
}
|
||||
|
||||
public String getAccessToken() {
|
||||
return accessToken;
|
||||
}
|
||||
|
||||
public void setAccessToken(String accessToken) {
|
||||
this.accessToken = accessToken;
|
||||
}
|
||||
|
||||
public String getRefreshToken() {
|
||||
return refreshToken;
|
||||
}
|
||||
|
||||
public void setRefreshToken(String refreshToken) {
|
||||
this.refreshToken = refreshToken;
|
||||
}
|
||||
|
||||
public Long getExpireIn() {
|
||||
return expireIn;
|
||||
}
|
||||
|
||||
public void setExpireIn(Long expireIn) {
|
||||
this.expireIn = expireIn;
|
||||
}
|
||||
|
||||
public Long getCreateTime() {
|
||||
return createTime;
|
||||
}
|
||||
|
||||
public void setCreateTime(Long createTime) {
|
||||
this.createTime = createTime;
|
||||
}
|
||||
|
||||
public Long getUpdateTime() {
|
||||
return updateTime;
|
||||
}
|
||||
|
||||
public void setUpdateTime(Long updateTime) {
|
||||
this.updateTime = updateTime;
|
||||
}
|
||||
|
||||
public String getScope() {
|
||||
return scope;
|
||||
}
|
||||
|
||||
public void setScope(String scope) {
|
||||
this.scope = scope;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,116 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.entity;
|
||||
|
||||
import org.hswebframework.web.commons.entity.SimpleGenericEntity;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public class SimpleOAuth2ClientEntity extends SimpleGenericEntity<String> implements OAuth2ClientEntity {
|
||||
private String name;
|
||||
|
||||
private String secret;
|
||||
|
||||
private String redirectUri;
|
||||
|
||||
private String ownerId;
|
||||
|
||||
private String creatorId;
|
||||
|
||||
private Long createTime;
|
||||
|
||||
private String type;
|
||||
|
||||
private String comments;
|
||||
|
||||
public String getComments() {
|
||||
return comments;
|
||||
}
|
||||
|
||||
public void setComments(String comments) {
|
||||
this.comments = comments;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public void setName(String name) {
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getSecret() {
|
||||
return secret;
|
||||
}
|
||||
|
||||
public void setSecret(String secret) {
|
||||
this.secret = secret;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getRedirectUri() {
|
||||
return redirectUri;
|
||||
}
|
||||
|
||||
public void setRedirectUri(String redirectUri) {
|
||||
this.redirectUri = redirectUri;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getOwnerId() {
|
||||
return ownerId;
|
||||
}
|
||||
|
||||
public void setOwnerId(String ownerId) {
|
||||
this.ownerId = ownerId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getCreatorId() {
|
||||
return creatorId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setCreatorId(String creatorId) {
|
||||
this.creatorId = creatorId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Long getCreateTime() {
|
||||
return createTime;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setCreateTime(Long createTime) {
|
||||
this.createTime = createTime;
|
||||
}
|
||||
|
||||
public String getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public void setType(String type) {
|
||||
this.type = type;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,55 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!--
|
||||
~ Copyright 2016 http://www.hswebframework.org
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
~
|
||||
~
|
||||
-->
|
||||
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<parent>
|
||||
<artifactId>hsweb-authorization-oauth2-server</artifactId>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<version>3.0-SNAPSHOT</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>hsweb-authorization-oauth2-server-simple</artifactId>
|
||||
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-authorization-oauth2-server-api</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-commons-service-simple</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-system-authorization-service-api</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.hswebframework.web</groupId>
|
||||
<artifactId>hsweb-authorization-oauth2-server-dao-api</artifactId>
|
||||
<version>${project.version}</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
@@ -0,0 +1,232 @@
|
||||
/*
|
||||
* Copyright 2016 http://www.hswebframework.org
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
package org.hswebframework.web.authorization.oauth2.simple;
|
||||
|
||||
import org.hswebframework.web.AuthorizeForbiddenException;
|
||||
import org.hswebframework.web.NotFoundException;
|
||||
import org.hswebframework.web.authorization.oauth2.api.OAuth2ServerService;
|
||||
import org.hswebframework.web.authorization.oauth2.dao.AuthorizationCodeDao;
|
||||
import org.hswebframework.web.authorization.oauth2.dao.OAuth2AccessDao;
|
||||
import org.hswebframework.web.authorization.oauth2.dao.OAuth2ClientDao;
|
||||
import org.hswebframework.web.authorization.oauth2.entity.AuthorizationCodeEntity;
|
||||
import org.hswebframework.web.authorization.oauth2.entity.OAuth2AccessEntity;
|
||||
import org.hswebframework.web.authorization.oauth2.entity.OAuth2ClientEntity;
|
||||
import org.hswebframework.web.commons.entity.GenericEntity;
|
||||
import org.hswebframework.web.commons.entity.factory.EntityFactory;
|
||||
import org.hswebframework.web.entity.authorization.UserEntity;
|
||||
import org.hswebframework.web.id.IDGenerator;
|
||||
import org.hswebframework.web.service.DefaultDSLQueryService;
|
||||
import org.hswebframework.web.service.authorization.UserService;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
|
||||
import static org.hswebframework.web.service.DefaultDSLDeleteService.createDelete;
|
||||
import static org.hswebframework.web.service.DefaultDSLQueryService.createQuery;
|
||||
import static org.hswebframework.web.service.DefaultDSLUpdateService.createUpdate;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public class SimpleOAuth2ServerService implements OAuth2ServerService {
|
||||
|
||||
private static final String cacheName = "hsweb.oauth2";
|
||||
@Resource
|
||||
private OAuth2ClientDao oAuth2ClientDao;
|
||||
|
||||
@Resource
|
||||
private OAuth2AccessDao oAuth2AccessDao;
|
||||
|
||||
@Resource
|
||||
private AuthorizationCodeDao authorizationCodeDao;
|
||||
@Resource
|
||||
private EntityFactory entityFactory;
|
||||
|
||||
@Resource
|
||||
private UserService userService;
|
||||
|
||||
@Override
|
||||
public OAuth2ClientEntity getClient(String clientId) {
|
||||
return createQuery(oAuth2ClientDao)
|
||||
.where(GenericEntity.id, clientId)
|
||||
.single();
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2ClientEntity getClient(String clientId, String clientSecret) {
|
||||
return createQuery(oAuth2ClientDao)
|
||||
.where(GenericEntity.id, clientId)
|
||||
// TODO: 17-2-28 key (clientSecret) 应该为常量
|
||||
.where("clientSecret", clientSecret)
|
||||
.single();
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessEntity getAccessByToken(String accessToken) {
|
||||
return createQuery(oAuth2AccessDao)
|
||||
// TODO: 17-2-28 key (accessToken) 应该为常量
|
||||
.where("accessToken", accessToken)
|
||||
.single();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String requestCode(String clientId, String userId, String scope) {
|
||||
String code = IDGenerator.MD5.generate();
|
||||
//删除旧的code
|
||||
createDelete(authorizationCodeDao)
|
||||
// TODO: 17-2-28 key 应该为常量
|
||||
.where("userId", userId)
|
||||
.and("clientId", userId)
|
||||
.exec();
|
||||
AuthorizationCodeEntity codeEntity = entityFactory.newInstance(AuthorizationCodeEntity.class);
|
||||
codeEntity.setCreateTime(System.currentTimeMillis());
|
||||
codeEntity.setClientId(clientId);
|
||||
codeEntity.setUserId(userId);
|
||||
codeEntity.setCode(code);
|
||||
codeEntity.setScope(scope);
|
||||
authorizationCodeDao.insert(codeEntity);
|
||||
return code;
|
||||
}
|
||||
|
||||
protected OAuth2AccessEntity createNewAccess() {
|
||||
OAuth2AccessEntity entity = entityFactory.newInstance(OAuth2AccessEntity.class);
|
||||
entity.setCreateTime(System.currentTimeMillis());
|
||||
entity.setAccessToken(IDGenerator.MD5.generate());
|
||||
entity.setRefreshToken(IDGenerator.MD5.generate());
|
||||
return entity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessEntity requestTokenByCode(String code, String clientId, String clientSecret, String scope) {
|
||||
OAuth2ClientEntity clientEntity = getClient(clientId, clientSecret);
|
||||
if (null == clientEntity) {
|
||||
// TODO: 17-2-28 自定义异常
|
||||
throw new NotFoundException("client not found!");
|
||||
}
|
||||
AuthorizationCodeEntity codeEntity = createQuery(authorizationCodeDao)
|
||||
.where("code", code)
|
||||
.and("clientId", clientId)
|
||||
.single();
|
||||
if (codeEntity == null) {
|
||||
throw new NotFoundException("code not found!");
|
||||
}
|
||||
//授权码已经创建超时(20s)
|
||||
if (System.currentTimeMillis() - codeEntity.getCreateTime() < 20 * 1000) {
|
||||
throw new NotFoundException("time out!");
|
||||
}
|
||||
// TODO: 17-2-28 验证scope
|
||||
|
||||
//删除使用过的授权码
|
||||
createDelete(authorizationCodeDao)
|
||||
.where("code", code)
|
||||
.and("clientId", clientId)
|
||||
.exec();
|
||||
|
||||
OAuth2AccessEntity accessEntity = createNewAccess();
|
||||
accessEntity.setUserId(codeEntity.getUserId());
|
||||
accessEntity.setClientId(clientId);
|
||||
// TODO: 17-2-28 过期时间应该可配置
|
||||
accessEntity.setExpireIn(3600L);
|
||||
accessEntity.setScope(scope);
|
||||
oAuth2AccessDao.insert(accessEntity);
|
||||
return accessEntity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessEntity requestTokenByClientCredential(String clientId, String clientSecret) {
|
||||
OAuth2ClientEntity clientEntity = getClient(clientId, clientSecret);
|
||||
if (null == clientEntity) {
|
||||
// TODO: 17-2-28 自定义异常
|
||||
throw new NotFoundException("client not found!");
|
||||
}
|
||||
OAuth2AccessEntity oldEntity = DefaultDSLQueryService
|
||||
.createQuery(oAuth2AccessDao)
|
||||
.where("clientId", clientEntity.getId())
|
||||
.and("userId", clientEntity.getOwnerId())
|
||||
.single();
|
||||
OAuth2AccessEntity newEntity = createNewAccess();
|
||||
if (null != oldEntity)
|
||||
createDelete(oAuth2AccessDao)
|
||||
.where("clientId", oldEntity.getClientId())
|
||||
.and("accessToken", oldEntity.getAccessToken())
|
||||
.exec();
|
||||
|
||||
if (oldEntity != null) {
|
||||
newEntity.setScope(oldEntity.getScope());
|
||||
newEntity.setExpireIn(oldEntity.getExpireIn());
|
||||
newEntity.setRefreshToken(oldEntity.getRefreshToken());
|
||||
} else {
|
||||
newEntity.setExpireIn(3600L);
|
||||
}
|
||||
newEntity.setUserId(clientEntity.getOwnerId());
|
||||
newEntity.setScope("public");
|
||||
oAuth2AccessDao.insert(newEntity);
|
||||
return newEntity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessEntity requestTokenByPassword(String username, String password) {
|
||||
UserEntity entity = userService.selectByUsername(username);
|
||||
if (null == entity) throw new NotFoundException("user not found");
|
||||
if (!userService.encodePassword(password, entity.getSalt()).equals(entity.getPassword()))
|
||||
throw new AuthorizeForbiddenException("password error");
|
||||
OAuth2AccessEntity accessEntity = createNewAccess();
|
||||
accessEntity.setUserId(entity.getId());
|
||||
accessEntity.setScope("public");
|
||||
accessEntity.setExpireIn(3600L);
|
||||
oAuth2AccessDao.insert(accessEntity);
|
||||
return accessEntity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessEntity refreshToken(String clientId, String clientSecret, String refreshToken, String scope) {
|
||||
OAuth2ClientEntity clientEntity = getClient(clientId, clientSecret);
|
||||
if (null == clientEntity) {
|
||||
// TODO: 17-2-28 自定义异常
|
||||
throw new NotFoundException("client not found!");
|
||||
}
|
||||
OAuth2AccessEntity accessEntity = DefaultDSLQueryService.createQuery(oAuth2AccessDao)
|
||||
.where("refreshToken", refreshToken)
|
||||
.and("clientId", clientId)
|
||||
.single();
|
||||
if (null == accessEntity) {
|
||||
throw new NotFoundException("access not found!");
|
||||
}
|
||||
//30天过期
|
||||
long refreshTokenTimeOut = 30 * 24 * 60 * 60 * 1000L;
|
||||
if (System.currentTimeMillis() - accessEntity.getCreateTime() > refreshTokenTimeOut) {
|
||||
throw new NotFoundException("refresh_token time out");
|
||||
}
|
||||
accessEntity.setAccessToken(IDGenerator.MD5.generate());
|
||||
accessEntity.setUpdateTime(System.currentTimeMillis());
|
||||
accessEntity.setScope(scope);
|
||||
createUpdate(oAuth2AccessDao, accessEntity)
|
||||
.includes("accessToken", "updateTime", "scope")
|
||||
.where("refreshToken", refreshToken)
|
||||
.and("clientId", clientId)
|
||||
.exec();
|
||||
return accessEntity;
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AccessEntity getAccessToken(String accessToken) {
|
||||
return DefaultDSLQueryService.createQuery(oAuth2AccessDao).where("accessToken", accessToken).single();
|
||||
}
|
||||
}
|
||||
@@ -28,6 +28,19 @@
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<artifactId>hsweb-authorization-oauth2-server</artifactId>
|
||||
<packaging>pom</packaging>
|
||||
<modules>
|
||||
<module>hsweb-authorization-oauth2-server-entity</module>
|
||||
<module>hsweb-authorization-oauth2-server-dao</module>
|
||||
<module>hsweb-authorization-oauth2-server-api</module>
|
||||
<module>hsweb-authorization-oauth2-server-simple</module>
|
||||
</modules>
|
||||
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.apache.oltu.oauth2</groupId>
|
||||
<artifactId>org.apache.oltu.oauth2.authzserver</artifactId>
|
||||
<version>1.0.2</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
Reference in New Issue
Block a user