diff --git a/sop-example/sop-auth/readme.md b/sop-example/sop-auth/readme.md index 71f3b53c..6c11e032 100644 --- a/sop-example/sop-auth/readme.md +++ b/sop-example/sop-auth/readme.md @@ -1,9 +1,11 @@ -# 应用授权 +# 应用授权服务 - 启动注册中心、网关、本服务(sop-auth) - 浏览器访问:http://localhost:8087/oauth2/appToAppAuth?app_id=2019032617262200001&redirect_uri=http%3a%2f%2flocalhost%3a8087%2foauth2callback - 输入用户名密码登录,这里是`zhangsan/123456` -授权接口在`OAuth2Controller`中,查看回调在`CallbackController`中 +授权接口在`OAuth2Controller`中,查看回调接口在`CallbackController`中 + +回调接口应该由开发者实现,这里为了演示,写在一起。 token的维护,重点关注`OAuth2ManagerRedis.java` diff --git a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/OAuth2Manager.java b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/OAuth2Manager.java index 9f5d1c06..5f28f956 100644 --- a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/OAuth2Manager.java +++ b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/OAuth2Manager.java @@ -4,7 +4,6 @@ package com.gitee.sop.sopauth.auth; import com.gitee.sop.sopauth.auth.exception.LoginErrorException; import javax.servlet.http.HttpServletRequest; -import java.util.Map; /** * 认证服务,需要自己实现 @@ -68,7 +67,7 @@ public interface OAuth2Manager { OpenUser getUserByAuthCode(String authCode); /** - * 根据access token获取用户名 + * 根据access token获取用户 * * @param accessToken * token值 @@ -76,13 +75,6 @@ public interface OAuth2Manager { */ OpenUser getUserByAccessToken(String accessToken); - /** - * 返回accessToken中追加的参数 - * @param user - * @return 返回追加的参数 - */ - Map getParam(OpenUser user); - /** * 用户登录,需判断是否已经登录 * @param request diff --git a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerCache.java b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerCache.java index 102ed522..0055759e 100644 --- a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerCache.java +++ b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerCache.java @@ -16,12 +16,12 @@ import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletRequest; -import java.util.HashMap; -import java.util.Map; import java.util.concurrent.TimeUnit; /** - * oauth2管理,默认谷歌缓存实现,跟redis实现只能用一个。正式环境推荐使用redis保存 + * oauth2管理,默认谷歌缓存实现,跟redis实现只能用一个。 + * 这里为了演示,使用本地缓存,正式环境请使用redis保存 + * @see OAuth2ManagerRedis OAuth2ManagerRedis * @author tanghc * */ @@ -104,13 +104,6 @@ public class OAuth2ManagerCache implements OAuth2Manager { return accessTokenCache.getIfPresent(accessToken); } - @Override - public Map getParam(OpenUser user) { - Map map = new HashMap<>(); - map.put("username", user.getUsername()); - return map; - } - @Override public OpenUser login(HttpServletRequest request) throws LoginErrorException { // 这里应该先检查用户有没有登录,如果登录直接返回openUser diff --git a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerRedis.java b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerRedis.java index c22d98c2..50becff9 100644 --- a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerRedis.java +++ b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ManagerRedis.java @@ -15,15 +15,15 @@ import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletRequest; -import java.util.HashMap; -import java.util.Map; import java.util.concurrent.TimeUnit; /** * * oauth2管理redis实现,这个类跟OAuth2ManagerCache类只能用一个, - * 如果要用这个类,注释掉OAuth2ManagerCache的@Service - * 启用这个类的@Service + * 如果要用这个类, + * 1、注释掉OAuth2ManagerCache的@Service。 + * 2、打开yml中redis部分 + * 3、启用这个类的@Service */ //@Service public class OAuth2ManagerRedis implements OAuth2Manager { @@ -32,8 +32,6 @@ public class OAuth2ManagerRedis implements OAuth2Manager { private static String ACCESS_TOKEN_PREFIX = "com.gitee.sop.oauth2_access_token:"; private static String REFRESH_TOKEN_PREFIX = "com.gitee.sop.oauth2_refresh_token:"; - private int codeTimeoutSeconds = OAuth2Config.getInstance().getCodeTimeoutSeconds(); - @Autowired private StringRedisTemplate redisTemplate; @@ -54,6 +52,7 @@ public class OAuth2ManagerRedis implements OAuth2Manager { @Override public void addAuthCode(String authCode, OpenUser authUser) { + long codeTimeoutSeconds = OAuth2Config.getInstance().getCodeTimeoutSeconds(); redisTemplate.opsForValue().set(getCodeKey(authCode), JSON.toJSONString(authUser), codeTimeoutSeconds, @@ -90,6 +89,7 @@ public class OAuth2ManagerRedis implements OAuth2Manager { public void removeAccessToken(String accessToken) { String accessTokenKey = getAccessTokenKey(accessToken); int afterRefreshExpiresIn = OAuth2Config.getInstance().getAfterRefreshExpiresIn(); + // 刷新令牌后,保证老的app_auth_token从刷新开始10分钟内可继续使用 redisTemplate.expire(accessTokenKey, afterRefreshExpiresIn, TimeUnit.SECONDS); } @@ -139,12 +139,6 @@ public class OAuth2ManagerRedis implements OAuth2Manager { return JSON.parseObject(json, UserInfo.class); } - @Override - public Map getParam(OpenUser user) { - Map map = new HashMap<>(); - map.put("username", user.getUsername()); - return map; - } @Override public OpenUser login(HttpServletRequest request) throws LoginErrorException { diff --git a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ServiceImpl.java b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ServiceImpl.java index 7fdc8674..e09cb220 100644 --- a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ServiceImpl.java +++ b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/auth/impl/OAuth2ServiceImpl.java @@ -16,7 +16,6 @@ import org.apache.oltu.oauth2.as.issuer.OAuthIssuer; import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl; import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest; import org.apache.oltu.oauth2.as.response.OAuthASResponse; -import org.apache.oltu.oauth2.as.response.OAuthASResponse.OAuthTokenResponseBuilder; import org.apache.oltu.oauth2.common.OAuth; import org.apache.oltu.oauth2.common.error.OAuthError; import org.apache.oltu.oauth2.common.exception.OAuthProblemException; @@ -32,9 +31,6 @@ import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.net.URISyntaxException; -import java.util.Map; -import java.util.Map.Entry; -import java.util.Set; /** * oauth2服务端默认实现 @@ -261,24 +257,4 @@ public class OAuth2ServiceImpl implements OAuth2Service { return fetchTokenResult; } - private OAuthResponse buildAccessTokenResponse(TokenPair tokenPair, long expiresIn, OpenUser user) throws OAuthSystemException { - OAuthTokenResponseBuilder resp = OAuthASResponse.tokenResponse(HttpServletResponse.SC_OK); - - Map param = oauth2Manager.getParam(user); - if (param != null) { - Set> entrySet = param.entrySet(); - for (Entry entry : entrySet) { - resp.setParam(entry.getKey(), entry.getValue()); - } - } - - return resp - .setAccessToken(tokenPair.getAccessToken()) - .setRefreshToken(tokenPair.getRefreshToken()) - .setTokenType(TOKEN_TYPE) - .setExpiresIn(String.valueOf(expiresIn)) - .buildJSONMessage(); - - } - } diff --git a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/controller/CallbackController.java b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/controller/CallbackController.java index 02018d43..3c4d519e 100644 --- a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/controller/CallbackController.java +++ b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/controller/CallbackController.java @@ -32,7 +32,6 @@ public class CallbackController { @GetMapping("oauth2callback") @ResponseBody public String callback(HttpServletRequest servletRequest, HttpServletResponse servletResponse) { - servletResponse.setCharacterEncoding("UTF-8"); String app_id = servletRequest.getParameter("app_id"); String code = servletRequest.getParameter("code"); @@ -49,6 +48,7 @@ public class CallbackController { // 后续使用token进行接口访问 log.info("授权成功,body:{}", response.getBody()); } + System.out.println(response.getBody()); return response.getBody(); } } diff --git a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/entity/UserInfo.java b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/entity/UserInfo.java index e4eaa0a4..bf0ec7c3 100644 --- a/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/entity/UserInfo.java +++ b/sop-example/sop-auth/src/main/java/com/gitee/sop/sopauth/entity/UserInfo.java @@ -1,5 +1,6 @@ package com.gitee.sop.sopauth.entity; +import com.alibaba.fastjson.annotation.JSONField; import com.gitee.sop.sopauth.auth.OpenUser; import lombok.Data; @@ -30,6 +31,7 @@ public class UserInfo implements OpenUser { private String username; /** 密码, 数据库字段:password */ + @JSONField(serialize = false) private String password; /** 昵称, 数据库字段:nickname */ diff --git a/sop-example/sop-auth/src/main/resources/application-dev.yml b/sop-example/sop-auth/src/main/resources/application-dev.yml index 636aaf6e..128c2dae 100644 --- a/sop-example/sop-auth/src/main/resources/application-dev.yml +++ b/sop-example/sop-auth/src/main/resources/application-dev.yml @@ -29,6 +29,13 @@ spring: thymeleaf: cache: false + # redis设置 +# redis: +# host: localhost +# database: 0 + + + logging: level: com: