From ed68244ceba0d3d6b6e2e4013db68f6a33e19b86 Mon Sep 17 00:00:00 2001
From: zhou-hao <i@hsweb.me>
Date: Sun, 3 Dec 2017 20:28:32 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96OAuth2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../support/password/PasswordService.java     |  2 -
 .../server/simple/SimplePasswordService.java  |  2 -
 .../pom.xml                                   | 12 ++-
 .../OAuth2AuthorizationAutoConfiguration.java | 20 +++++
 .../authorization/OAuth2UserTokenParser.java  | 74 +++++++++++++++++++
 .../main/resources/META-INF/spring.factories  |  3 +-
 6 files changed, 107 insertions(+), 6 deletions(-)
 create mode 100644 hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/OAuth2AuthorizationAutoConfiguration.java
 create mode 100644 hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/authorization/OAuth2UserTokenParser.java

diff --git a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/password/PasswordService.java b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/password/PasswordService.java
index 5f62c2e0a..a72a457f5 100644
--- a/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/password/PasswordService.java
+++ b/hsweb-authorization/hsweb-authorization-oauth2/hsweb-authorization-oauth2-auth-server/src/main/java/org/hswebframework/web/authorization/oauth2/server/support/password/PasswordService.java
@@ -19,8 +19,6 @@
 package org.hswebframework.web.authorization.oauth2.server.support.password;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public interface PasswordService {
diff --git a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-simple/src/main/java/org/hswebframework/web/service/oauth2/server/simple/SimplePasswordService.java b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-simple/src/main/java/org/hswebframework/web/service/oauth2/server/simple/SimplePasswordService.java
index afdce8eb2..cd963c37f 100644
--- a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-simple/src/main/java/org/hswebframework/web/service/oauth2/server/simple/SimplePasswordService.java
+++ b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-simple/src/main/java/org/hswebframework/web/service/oauth2/server/simple/SimplePasswordService.java
@@ -23,8 +23,6 @@ import org.hswebframework.web.entity.authorization.UserEntity;
 import org.hswebframework.web.service.authorization.UserService;
 
 /**
- * TODO 完成注释
- *
  * @author zhouhao
  */
 public class SimplePasswordService implements PasswordService {
diff --git a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/pom.xml b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/pom.xml
index 0a5db08c8..a8c4034a0 100644
--- a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/pom.xml
+++ b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/pom.xml
@@ -53,12 +53,22 @@
             <artifactId>hsweb-system-oauth2-server-controller</artifactId>
             <version>${project.version}</version>
         </dependency>
-
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>servlet-api</artifactId>
+            <version>2.5</version>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.hswebframework.web</groupId>
             <artifactId>hsweb-spring-boot-starter</artifactId>
             <version>${project.version}</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>org.hswebframework.web</groupId>
+            <artifactId>hsweb-authorization-basic</artifactId>
+            <version>${project.version}</version>
+        </dependency>
     </dependencies>
 </project>
\ No newline at end of file
diff --git a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/OAuth2AuthorizationAutoConfiguration.java b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/OAuth2AuthorizationAutoConfiguration.java
new file mode 100644
index 000000000..a223dd086
--- /dev/null
+++ b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/OAuth2AuthorizationAutoConfiguration.java
@@ -0,0 +1,20 @@
+package org.hswebframework.web.oauth2;
+
+import org.hswebframework.web.authorization.basic.web.UserTokenParser;
+import org.hswebframework.web.authorization.oauth2.server.token.AccessTokenService;
+import org.hswebframework.web.oauth2.authorization.OAuth2UserTokenParser;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@ConditionalOnClass(UserTokenParser.class)
+@Configuration
+@AutoConfigureAfter(OAuth2GranterAutoConfiguration.class)
+public class OAuth2AuthorizationAutoConfiguration {
+
+    @Bean
+    public OAuth2UserTokenParser oAuth2UserTokenParser(AccessTokenService accessTokenService) {
+        return new OAuth2UserTokenParser(accessTokenService);
+    }
+}
diff --git a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/authorization/OAuth2UserTokenParser.java b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/authorization/OAuth2UserTokenParser.java
new file mode 100644
index 000000000..a389a6771
--- /dev/null
+++ b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/java/org/hswebframework/web/oauth2/authorization/OAuth2UserTokenParser.java
@@ -0,0 +1,74 @@
+package org.hswebframework.web.oauth2.authorization;
+
+import org.hswebframework.web.authorization.basic.web.AuthorizedToken;
+import org.hswebframework.web.authorization.basic.web.ParsedToken;
+import org.hswebframework.web.authorization.basic.web.UserTokenParser;
+import org.hswebframework.web.authorization.oauth2.server.OAuth2AccessToken;
+import org.hswebframework.web.authorization.oauth2.server.exception.GrantTokenException;
+import org.hswebframework.web.authorization.oauth2.server.token.AccessTokenService;
+import org.hswebframework.web.oauth2.core.ErrorType;
+import org.hswebframework.web.oauth2.core.OAuth2Constants;
+import org.springframework.util.StringUtils;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class OAuth2UserTokenParser implements UserTokenParser {
+
+    public static final String token_type = "oauth2-access-token";
+
+    private AccessTokenService accessTokenService;
+
+    public OAuth2UserTokenParser(AccessTokenService accessTokenService) {
+        this.accessTokenService = accessTokenService;
+    }
+
+    public void setAccessTokenService(AccessTokenService accessTokenService) {
+        this.accessTokenService = accessTokenService;
+    }
+
+    @Override
+    public ParsedToken parseToken(HttpServletRequest request) {
+        String accessToken = request.getHeader(OAuth2Constants.authorization);
+        if (StringUtils.isEmpty(accessToken)) {
+            accessToken = request.getParameter(OAuth2Constants.access_token);
+        } else {
+            String[] arr = accessToken.split("[ ]");
+            if (arr.length > 1) {
+                accessToken = arr[1];
+            }
+        }
+        if (StringUtils.isEmpty(accessToken)) {
+            return null;
+        }
+        OAuth2AccessToken auth2AccessToken = accessTokenService.getTokenByAccessToken(accessToken);
+        if (auth2AccessToken == null) {
+            throw new GrantTokenException(ErrorType.INVALID_TOKEN);
+        }
+        Long time = auth2AccessToken.getUpdateTime() != null ? auth2AccessToken.getUpdateTime() : auth2AccessToken.getCreateTime();
+        if (System.currentTimeMillis() - time > auth2AccessToken.getExpiresIn() * 1000) {
+            throw new GrantTokenException(ErrorType.EXPIRED_TOKEN);
+        }
+
+        return new AuthorizedToken() {
+            @Override
+            public String getUserId() {
+                return auth2AccessToken.getOwnerId();
+            }
+
+            @Override
+            public String getToken() {
+                return auth2AccessToken.getAccessToken();
+            }
+
+            @Override
+            public String getType() {
+                return token_type;
+            }
+
+            @Override
+            public long getMaxInactiveInterval() {
+                return auth2AccessToken.getExpiresIn() * 1000;
+            }
+        };
+    }
+}
diff --git a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/resources/META-INF/spring.factories b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/resources/META-INF/spring.factories
index 1bb7c0434..19eb0f7e4 100644
--- a/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/resources/META-INF/spring.factories
+++ b/hsweb-system/hsweb-system-oauth2-server/hsweb-system-oauth2-server-starter/src/main/resources/META-INF/spring.factories
@@ -1,3 +1,4 @@
 # Auto Configure
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-org.hswebframework.web.oauth2.OAuth2GranterAutoConfiguration
\ No newline at end of file
+org.hswebframework.web.oauth2.OAuth2GranterAutoConfiguration,\
+  org.hswebframework.web.oauth2.OAuth2AuthorizationAutoConfiguration
\ No newline at end of file