diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java index 1250960a2..491036ddd 100644 --- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java +++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/annotation/Authorize.java @@ -107,4 +107,5 @@ public @interface Authorize { */ RequiresDataAccess dataAccess() default @RequiresDataAccess(ignore = true); + String[] description() default {}; } diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinition.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinition.java index ec74134fa..82ee84e7d 100644 --- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinition.java +++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinition.java @@ -15,6 +15,9 @@ import java.util.Set; */ public interface AuthorizeDefinition { + /** + * @return 验证时机 + */ Phased getPhased(); /** @@ -35,6 +38,10 @@ public interface AuthorizeDefinition { */ Set getPermissions(); + String[] getPermissionDescription(); + + String[] getActionDescription(); + /** * 要控制的权限事件,仅当{@link this#getPermissions()}不为空的时候生效 * diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinitionInitializedEvent.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinitionInitializedEvent.java new file mode 100644 index 000000000..778b4887e --- /dev/null +++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/define/AuthorizeDefinitionInitializedEvent.java @@ -0,0 +1,17 @@ +package org.hswebframework.web.authorization.define; + +import org.hswebframework.web.authorization.listener.event.AuthorizationEvent; +import org.springframework.context.ApplicationEvent; + +import java.util.List; + +public class AuthorizeDefinitionInitializedEvent extends ApplicationEvent implements AuthorizationEvent { + public AuthorizeDefinitionInitializedEvent(List all) { + super(all); + } + + @SuppressWarnings("unchecked") + public List getAllDefinition() { + return ((List) getSource()); + } +} diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java index aa0aac345..2a61e90a7 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.java @@ -1,29 +1,52 @@ package org.hswebframework.web.authorization.basic.aop; +import lombok.extern.slf4j.Slf4j; import org.aopalliance.intercept.MethodInterceptor; import org.hswebframework.web.AopUtils; import org.hswebframework.web.authorization.Authentication; import org.hswebframework.web.authorization.annotation.Authorize; +import org.hswebframework.web.authorization.basic.define.EmptyAuthorizeDefinition; import org.hswebframework.web.authorization.basic.handler.AuthorizingHandler; import org.hswebframework.web.authorization.define.AuthorizeDefinition; +import org.hswebframework.web.authorization.define.AuthorizeDefinitionInitializedEvent; import org.hswebframework.web.authorization.define.AuthorizingContext; import org.hswebframework.web.authorization.define.Phased; import org.hswebframework.web.authorization.exception.UnAuthorizedException; import org.hswebframework.web.boost.aop.context.MethodInterceptorContext; import org.hswebframework.web.boost.aop.context.MethodInterceptorHolder; import org.springframework.aop.support.StaticMethodMatcherPointcutAdvisor; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.CommandLineRunner; +import org.springframework.context.ApplicationEventPublisher; +import org.springframework.core.Ordered; +import org.springframework.core.annotation.Order; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RestController; import java.lang.reflect.Method; +import java.util.List; +import java.util.stream.Collectors; /** * @author zhouhao + * @see AuthorizeDefinitionInitializedEvent */ -public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor { +@Slf4j +public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor implements CommandLineRunner { private static final long serialVersionUID = 1154190623020670672L; + @Autowired + private ApplicationEventPublisher eventPublisher; + + private DefaultAopMethodAuthorizeDefinitionParser defaultParser = new DefaultAopMethodAuthorizeDefinitionParser(); + + private boolean autoParse = false; + + public void setAutoParse(boolean autoParse) { + this.autoParse = autoParse; + } + public AopAuthorizingController(AuthorizingHandler authorizingHandler, AopMethodAuthorizeDefinitionParser aopMethodAuthorizeDefinitionParser) { super((MethodInterceptor) methodInvocation -> { @@ -31,12 +54,13 @@ public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor MethodInterceptorContext paramContext = holder.createParamContext(); - AuthorizeDefinition definition = aopMethodAuthorizeDefinitionParser.parse(paramContext); + AuthorizeDefinition definition = aopMethodAuthorizeDefinitionParser.parse(methodInvocation.getThis().getClass(), methodInvocation.getMethod()); Object result = true; boolean isControl = false; if (null != definition) { Authentication authentication = Authentication.current().orElseThrow(UnAuthorizedException::new); if (!definition.isEmpty()) { + AuthorizingContext context = new AuthorizingContext(); context.setAuthentication(authentication); context.setDefinition(definition); @@ -84,16 +108,33 @@ public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor if (!isControl) { result = methodInvocation.proceed(); } - return result; }); } @Override public boolean matches(Method method, Class aClass) { - //对controller进行控制 - return AopUtils.findAnnotation(aClass, Controller.class) != null + boolean support = AopUtils.findAnnotation(aClass, Controller.class) != null || AopUtils.findAnnotation(aClass, RestController.class) != null || AopUtils.findAnnotation(aClass, method, Authorize.class) != null; + + if (support && autoParse) { + defaultParser.parse(aClass, method); + } + return support; + } + + @Override + public void run(String... args) throws Exception { + if (autoParse) { + List definitions = defaultParser.getAllParsed() + .stream().filter(def -> !def.isEmpty()).collect(Collectors.toList()); + + + log.info("publish AuthorizeDefinitionInitializedEvent,definition size:{}", definitions.size()); + eventPublisher.publishEvent(new AuthorizeDefinitionInitializedEvent(definitions)); + + defaultParser.destroy(); + } } } diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionCustomizerParser.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionCustomizerParser.java index 4adf51466..64fb9f50d 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionCustomizerParser.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionCustomizerParser.java @@ -3,11 +3,13 @@ package org.hswebframework.web.authorization.basic.aop; import org.hswebframework.web.authorization.define.AuthorizeDefinition; import org.hswebframework.web.boost.aop.context.MethodInterceptorContext; +import java.lang.reflect.Method; + /** * 自定义权限控制定义,在拦截到方法后,优先使用此接口来获取权限控制方式 * @see AuthorizeDefinition * @author zhouhao */ public interface AopMethodAuthorizeDefinitionCustomizerParser { - AuthorizeDefinition parse(MethodInterceptorContext context); + AuthorizeDefinition parse(Class target, Method method,MethodInterceptorContext context); } diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionParser.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionParser.java index 23c995bd1..b35fb3126 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionParser.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/AopMethodAuthorizeDefinitionParser.java @@ -3,6 +3,9 @@ package org.hswebframework.web.authorization.basic.aop; import org.hswebframework.web.authorization.define.AuthorizeDefinition; import org.hswebframework.web.boost.aop.context.MethodInterceptorContext; +import java.lang.reflect.Method; +import java.util.List; + /** * 权限控制定义解析器,用于解析被拦截的请求是否需要进行权限控制,以及权限控制的方式 * @@ -14,8 +17,15 @@ public interface AopMethodAuthorizeDefinitionParser { /** * 解析权限控制定义 * - * @param paramContext 被拦截的方法上下文 + * @param target class + * @param method method * @return 权限控制定义, 如果不进行权限控制则返回{@code null} */ - AuthorizeDefinition parse(MethodInterceptorContext paramContext); + AuthorizeDefinition parse(Class target, Method method, MethodInterceptorContext context); + + default AuthorizeDefinition parse(Class target, Method method) { + return parse(target, method, null); + } + + List getAllParsed(); } diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java index 2bdd2058b..4607669a0 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/aop/DefaultAopMethodAuthorizeDefinitionParser.java @@ -1,5 +1,6 @@ package org.hswebframework.web.authorization.basic.aop; +import lombok.extern.slf4j.Slf4j; import org.hswebframework.web.AopUtils; import org.hswebframework.web.authorization.annotation.Authorize; import org.hswebframework.web.authorization.annotation.RequiresDataAccess; @@ -13,10 +14,7 @@ import org.springframework.util.ClassUtils; import org.springframework.util.CollectionUtils; import java.lang.reflect.Method; -import java.util.Arrays; -import java.util.List; -import java.util.Map; -import java.util.Objects; +import java.util.*; import java.util.concurrent.ConcurrentHashMap; /** @@ -26,23 +24,32 @@ import java.util.concurrent.ConcurrentHashMap; * @see AopMethodAuthorizeDefinitionParser * @see AuthorizeDefinition */ - +@Slf4j public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAuthorizeDefinitionParser { private Map cache = new ConcurrentHashMap<>(); - private List parserCustomers; + private static Set excludeMethodName = new HashSet<>(Arrays.asList("toString", "clone", "hashCode", "getClass")); + @Autowired(required = false) public void setParserCustomers(List parserCustomers) { this.parserCustomers = parserCustomers; } + @Override + public List getAllParsed() { + return new ArrayList<>(cache.values()); + } + @Override @SuppressWarnings("all") - public AuthorizeDefinition parse(MethodInterceptorContext paramContext) { - CacheKey key = buildCacheKey(paramContext); + public AuthorizeDefinition parse(Class target, Method method, MethodInterceptorContext context) { + if (excludeMethodName.contains(method.getName())) { + return null; + } + CacheKey key = buildCacheKey(target, method); AuthorizeDefinition definition = cache.get(key); if (definition != null && (definition instanceof EmptyAuthorizeDefinition)) { @@ -51,7 +58,7 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho //使用自定义 if (!CollectionUtils.isEmpty(parserCustomers)) { definition = parserCustomers.stream() - .map(customer -> customer.parse(paramContext)) + .map(customer -> customer.parse(target, method, context)) .filter(Objects::nonNull) .findAny().orElse(null); if (definition == null || definition instanceof EmptyAuthorizeDefinition) { @@ -60,14 +67,14 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho } - Authorize classAuth = AopUtils.findAnnotation(paramContext.getTarget().getClass(), Authorize.class); - Authorize methodAuth = AopUtils.findMethodAnnotation(paramContext.getTarget().getClass(), paramContext.getMethod(), Authorize.class); + Authorize classAuth = AopUtils.findAnnotation(target, Authorize.class); + Authorize methodAuth = AopUtils.findMethodAnnotation(target, method, Authorize.class); - RequiresDataAccess classDataAccess = AopUtils.findAnnotation(paramContext.getTarget().getClass(), RequiresDataAccess.class); + RequiresDataAccess classDataAccess = AopUtils.findAnnotation(target, RequiresDataAccess.class); - RequiresDataAccess methodDataAccess = AopUtils.findMethodAnnotation(paramContext.getTarget().getClass(), paramContext.getMethod(), RequiresDataAccess.class); + RequiresDataAccess methodDataAccess = AopUtils.findMethodAnnotation(target, method, RequiresDataAccess.class); - RequiresExpression expression = AopUtils.findAnnotation(paramContext.getTarget().getClass(), RequiresExpression.class); + RequiresExpression expression = AopUtils.findAnnotation(target, RequiresExpression.class); if (classAuth == null && methodAuth == null && classDataAccess == null && methodDataAccess == null && expression == null) { cache.put(key, EmptyAuthorizeDefinition.instance); @@ -78,7 +85,6 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho cache.put(key, EmptyAuthorizeDefinition.instance); return null; } - DefaultBasicAuthorizeDefinition authorizeDefinition = new DefaultBasicAuthorizeDefinition(); if (methodAuth == null || methodAuth.merge()) { @@ -89,18 +95,43 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho authorizeDefinition.put(expression); - authorizeDefinition.put(methodAuth.dataAccess()); - + if (methodAuth != null) { + authorizeDefinition.put(methodAuth.dataAccess()); + } authorizeDefinition.put(classDataAccess); authorizeDefinition.put(methodDataAccess); + if (authorizeDefinition.getPermissionDescription().length == 0) { + if (classAuth != null) { + String[] desc = classAuth.description(); + if (desc.length > 0) { + authorizeDefinition.setPermissionDescription(desc); + } + } + } + + if (authorizeDefinition.getActionDescription().length == 0) { + if (methodAuth != null) { + if (methodAuth.description().length != 0) { + authorizeDefinition.setActionDescription(methodAuth.description()); + } + } + } + + log.info("parsed authorizeDefinition {}.{} => {}.{} permission:{} actions:{}", + target.getSimpleName(), + method.getName(), + authorizeDefinition.getPermissionDescription(), + authorizeDefinition.getActionDescription(), + authorizeDefinition.getPermissions(), + authorizeDefinition.getActions()); cache.put(key, authorizeDefinition); return authorizeDefinition; } - public CacheKey buildCacheKey(MethodInterceptorContext context) { - return new CacheKey(ClassUtils.getUserClass(context.getTarget()), context.getMethod()); + public CacheKey buildCacheKey(Class target, Method method) { + return new CacheKey(ClassUtils.getUserClass(target), method); } class CacheKey { @@ -123,4 +154,8 @@ public class DefaultAopMethodAuthorizeDefinitionParser implements AopMethodAutho } } + public void destroy() { + cache.clear(); + } + } diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AopAuthorizeAutoConfiguration.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AopAuthorizeAutoConfiguration.java index b9e5acdd1..de238898d 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AopAuthorizeAutoConfiguration.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AopAuthorizeAutoConfiguration.java @@ -6,6 +6,7 @@ import org.hswebframework.web.authorization.basic.aop.DefaultAopMethodAuthorizeD import org.hswebframework.web.authorization.basic.handler.AuthorizingHandler; import org.springframework.boot.autoconfigure.AutoConfigureAfter; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -24,8 +25,10 @@ public class AopAuthorizeAutoConfiguration { @Bean + @ConfigurationProperties(prefix = "hsweb.authorize") public AopAuthorizingController aopAuthorizingController(AuthorizingHandler authorizingHandler, AopMethodAuthorizeDefinitionParser aopMethodAuthorizeDefinitionParser) { - return new AopAuthorizingController(authorizingHandler, aopMethodAuthorizeDefinitionParser); + + return new AopAuthorizingController(authorizingHandler, aopMethodAuthorizeDefinitionParser); } } diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java index 947cd57c6..c2209704d 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultBasicAuthorizeDefinition.java @@ -25,9 +25,14 @@ import java.util.Set; @Setter @NoArgsConstructor @AllArgsConstructor +@ToString public class DefaultBasicAuthorizeDefinition implements AuthorizeDefinition { private boolean dataAccessControl; + private String[] permissionDescription = {}; + + private String[] actionDescription = {}; + private Set permissions = new HashSet<>(); private Set actions = new HashSet<>(); diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultDataAccessDefinition.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultDataAccessDefinition.java index a2817a8f8..c7c7f9422 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultDataAccessDefinition.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/DefaultDataAccessDefinition.java @@ -1,9 +1,6 @@ package org.hswebframework.web.authorization.basic.define; -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; +import lombok.*; import org.hswebframework.web.authorization.define.DataAccessDefinition; import org.hswebframework.web.authorization.define.Phased; @@ -14,6 +11,7 @@ import org.hswebframework.web.authorization.define.Phased; @Setter @AllArgsConstructor @NoArgsConstructor +@ToString public class DefaultDataAccessDefinition implements DataAccessDefinition { private static final long serialVersionUID = 8285566729547666068L; diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/EmptyAuthorizeDefinition.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/EmptyAuthorizeDefinition.java index bd73e1516..0993fa37e 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/EmptyAuthorizeDefinition.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/define/EmptyAuthorizeDefinition.java @@ -38,6 +38,16 @@ public class EmptyAuthorizeDefinition implements AuthorizeDefinition { throw new UnsupportedOperationException(); } + @Override + public String[] getPermissionDescription() { + throw new UnsupportedOperationException(); + } + + @Override + public String[] getActionDescription() { + throw new UnsupportedOperationException(); + } + @Override public Set getActions() { throw new UnsupportedOperationException(); diff --git a/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/AuthorizeTests.java b/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/AuthorizeTests.java index ca459ede1..e325ac4b4 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/AuthorizeTests.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/AuthorizeTests.java @@ -92,7 +92,7 @@ public class AuthorizeTests { @Test public void testParseAuthorizeDefinition() { - AuthorizeDefinition definition = parser.parse(queryById); + AuthorizeDefinition definition = parser.parse(queryById.getTarget().getClass(),queryById.getMethod()); Assert.assertNotNull(definition); Assert.assertEquals(definition.getPermissions().size(), 1); @@ -104,7 +104,7 @@ public class AuthorizeTests { public void testAuthorizingHandler() { DefaultAuthorizingHandler handler = new DefaultAuthorizingHandler(); - AuthorizeDefinition definition = parser.parse(queryById); + AuthorizeDefinition definition = parser.parse(queryById.getTarget().getClass(),queryById.getMethod()); AuthorizingContext authorizingContext = new AuthorizingContext(); authorizingContext.setAuthentication(authentication); @@ -127,7 +127,7 @@ public class AuthorizeTests { handler.setDataAccessController(controller); - AuthorizeDefinition definition = parser.parse(dynamicQuery); + AuthorizeDefinition definition = parser.parse(dynamicQuery.getTarget().getClass(),dynamicQuery.getMethod()); //获取到请求参数 QueryParamEntity entity = dynamicQuery.getParameter("paramEntity").orElseThrow(NullPointerException::new); @@ -158,7 +158,7 @@ public class AuthorizeTests { handler.setDataAccessController(controller); - AuthorizeDefinition definition = parser.parse(queryById); + AuthorizeDefinition definition = parser.parse(queryById.getTarget().getClass(),queryById.getMethod()); //响应结果 Object response = queryById.getInvokeResult(); diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/TokenRequest.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/TokenRequest.java index 9b92a5ea4..8f6ed7674 100644 --- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/TokenRequest.java +++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/TokenRequest.java @@ -22,8 +22,6 @@ import java.util.Map; import java.util.Optional; /** - * TODO 完成注释 - * * @author zhouhao */ public interface TokenRequest { diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/implicit/HttpImplicitRequest.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/implicit/HttpImplicitRequest.java index b709e84a9..5abe7fc06 100644 --- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/implicit/HttpImplicitRequest.java +++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/implicit/HttpImplicitRequest.java @@ -38,7 +38,7 @@ public class HttpImplicitRequest extends HttpTokenRequest implements ImplicitReq @Override public String getClientId() { return getParameter(OAuth2Constants.client_id) - .orElseThrow(()->ErrorType.ILLEGAL_CLIENT_ID.throwThis(GrantTokenException::new)); + .orElseGet(()->ErrorType.ILLEGAL_CLIENT_ID.throwThis(GrantTokenException::new)); } @Override diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/OAuth2ServerConfig.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/OAuth2ServerConfig.java index 7cea3185f..887d55913 100644 --- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/OAuth2ServerConfig.java +++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/OAuth2ServerConfig.java @@ -1,13 +1,20 @@ package org.hswebframework.web.authorization.oauth2.client; +import lombok.*; + import java.io.Serializable; /** * @author zhouhao - * @since + * @since 3.0 */ -public class OAuth2ServerConfig implements Serializable{ - +@Getter +@Setter +@Builder +@NoArgsConstructor +@AllArgsConstructor +public class OAuth2ServerConfig implements Serializable { + private static final long serialVersionUID = 2915370625863707033L; private String id; //服务名称 private String name; @@ -22,132 +29,10 @@ public class OAuth2ServerConfig implements Serializable{ //客户端密钥 private String clientSecret; //是否启用 - private Byte status; + private Byte status; //重定向地址 private String redirectUri; //服务提供商 private String provider; - public String getProvider() { - return provider; - } - - public void setProvider(String provider) { - this.provider = provider; - } - - public String getRedirectUri() { - return redirectUri; - } - - public void setRedirectUri(String redirectUri) { - this.redirectUri = redirectUri; - } - - /** - * @return 服务名称 - */ - public String getName() { - return this.name; - } - - /** - * 设置 服务名称 - */ - public void setName(String name) { - this.name = name; - } - - - /** - * @return api根地址 - */ - public String getApiBaseUrl() { - return this.apiBaseUrl; - } - - /** - * 设置 api根地址 - */ - public void setApiBaseUrl(String apiBaseUrl) { - this.apiBaseUrl = apiBaseUrl; - } - - /** - * @return 认证地址 - */ - public String getAuthUrl() { - return this.authUrl; - } - - /** - * 设置 认证地址 - */ - public void setAuthUrl(String authUrl) { - this.authUrl = authUrl; - } - - /** - * @return token获取地址 - */ - public String getAccessTokenUrl() { - return this.accessTokenUrl; - } - - /** - * 设置 token获取地址 - */ - public void setAccessTokenUrl(String accessTokenUrl) { - this.accessTokenUrl = accessTokenUrl; - } - - /** - * @return 客户端id - */ - public String getClientId() { - return this.clientId; - } - - /** - * 设置 客户端id - */ - public void setClientId(String clientId) { - this.clientId = clientId; - } - - /** - * @return 客户端密钥 - */ - public String getClientSecret() { - return this.clientSecret; - } - - /** - * 设置 客户端密钥 - */ - public void setClientSecret(String clientSecret) { - this.clientSecret = clientSecret; - } - - /** - * @return 是否启用 - */ - public Byte getStatus() { - return this.status; - } - - /** - * 设置 是否启用 - */ - public void setStatus(Byte status) { - this.status = status; - } - - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } } diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/listener/OAuth2Listener.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/listener/OAuth2Listener.java index 1b04cbb6c..f04c9337c 100644 --- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/listener/OAuth2Listener.java +++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/listener/OAuth2Listener.java @@ -19,8 +19,6 @@ package org.hswebframework.web.authorization.oauth2.client.listener; /** - * TODO 完成注释 - * * @author zhouhao */ public interface OAuth2Listener { diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/response/ResponseConvert.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/response/ResponseConvert.java index 91d4f33b3..d9bc179ad 100644 --- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/response/ResponseConvert.java +++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/response/ResponseConvert.java @@ -19,8 +19,6 @@ package org.hswebframework.web.authorization.oauth2.client.response; /** - * TODO 完成注释 - * * @author zhouhao */ public interface ResponseConvert { diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/provider/HswebResponseConvertSupport.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/provider/HswebResponseConvertSupport.java index 2f81f4fc2..01cd6e3f7 100644 --- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/provider/HswebResponseConvertSupport.java +++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-client/src/main/java/org/hswebframework/web/authorization/oauth2/client/simple/provider/HswebResponseConvertSupport.java @@ -50,7 +50,6 @@ public class HswebResponseConvertSupport implements ResponseConvertForProviderDe Function autzParser = obj -> convertAuthentication(JSON.toJSONString(obj)); - public HswebResponseConvertSupport(AuthenticationBuilderFactory authenticationBuilderFactory) { this.authenticationBuilderFactory = authenticationBuilderFactory; } @@ -68,7 +67,7 @@ public class HswebResponseConvertSupport implements ResponseConvertForProviderDe Integer status = message.getInteger("status"); if (status != 200) { - throw new BusinessException(message.getString("message"),status); + throw new BusinessException(message.getString("message"), status); } Object data = message.get("result"); if (data == null) { @@ -88,6 +87,7 @@ public class HswebResponseConvertSupport implements ResponseConvertForProviderDe } return ((JSONArray) data).toJavaList(type); } + //return data; return message.getObject("result", type); } return message.toJavaObject(type); @@ -108,7 +108,6 @@ public class HswebResponseConvertSupport implements ResponseConvertForProviderDe } } - @Override public T convert(OAuth2Response response, Class type) { String json = response.asString();