From dd359b20d638b27c5db0e1b59d38d5273bdabed1 Mon Sep 17 00:00:00 2001 From: click33 <2393584716@qq.com> Date: Sun, 18 Aug 2024 21:11:34 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=20addAllowUrls=20addContract?= =?UTF-8?q?Scopes=20=E6=96=B9=E6=B3=95=EF=BC=8C=E7=AE=80=E5=8C=96=20SaClie?= =?UTF-8?q?ntModel=20=E6=9E=84=E5=BB=BA=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/pj/oauth2/SaOAuth2DataLoaderImpl.java | 6 +- .../data/model/loader/SaClientModel.java | 82 ++++++++++++++----- .../oauth2/template/SaOAuth2Template.java | 10 ++- 3 files changed, 69 insertions(+), 29 deletions(-) diff --git a/sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/oauth2/SaOAuth2DataLoaderImpl.java b/sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/oauth2/SaOAuth2DataLoaderImpl.java index f6ca372f..e8358a24 100644 --- a/sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/oauth2/SaOAuth2DataLoaderImpl.java +++ b/sa-token-demo/sa-token-demo-oauth2/sa-token-demo-oauth2-server/src/main/java/com/pj/oauth2/SaOAuth2DataLoaderImpl.java @@ -4,8 +4,6 @@ import cn.dev33.satoken.oauth2.data.loader.SaOAuth2DataLoader; import cn.dev33.satoken.oauth2.data.model.loader.SaClientModel; import org.springframework.stereotype.Component; -import java.util.Arrays; - /** * Sa-Token OAuth2:自定义数据加载器 * @@ -22,8 +20,8 @@ public class SaOAuth2DataLoaderImpl implements SaOAuth2DataLoader { return new SaClientModel() .setClientId("1001") .setClientSecret("aaaa-bbbb-cccc-dddd-eeee") - .setAllowUrl("*") - .setContractScopes(Arrays.asList("openid", "userid", "userinfo")) + .addAllowUrls("*") + .addContractScopes("openid", "userid", "userinfo") .setIsAutoMode(true); } return null; diff --git a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/loader/SaClientModel.java b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/loader/SaClientModel.java index 04dcce98..2cc8dc5f 100644 --- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/loader/SaClientModel.java +++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/model/loader/SaClientModel.java @@ -19,6 +19,8 @@ import cn.dev33.satoken.oauth2.SaOAuth2Manager; import cn.dev33.satoken.oauth2.config.SaOAuth2Config; import java.io.Serializable; +import java.util.ArrayList; +import java.util.Arrays; import java.util.List; /** @@ -42,14 +44,14 @@ public class SaClientModel implements Serializable { public String clientSecret; /** - * 应用签约的所有权限, 多个用逗号隔开 + * 应用签约的所有权限 */ public List contractScopes; /** - * 应用允许授权的所有URL, 多个用逗号隔开 + * 应用允许授权的所有URL */ - public String allowUrl; + public List allowUrls; /** 此 Client 是否打开模式:授权码(Authorization Code) */ public Boolean isCode = false; @@ -94,12 +96,12 @@ public class SaClientModel implements Serializable { this.clientTokenTimeout = config.getClientTokenTimeout(); this.pastClientTokenTimeout = config.getPastClientTokenTimeout(); } - public SaClientModel(String clientId, String clientSecret, List contractScopes, String allowUrl) { + public SaClientModel(String clientId, String clientSecret, List contractScopes, List allowUrls) { super(); this.clientId = clientId; this.clientSecret = clientSecret; this.contractScopes = contractScopes; - this.allowUrl = allowUrl; + this.allowUrls = allowUrls; } /** @@ -142,7 +144,7 @@ public class SaClientModel implements Serializable { } /** - * @param contractScopes 应用签约的所有权限, 多个用逗号隔开 + * @param contractScopes 应用签约的所有权限 * @return 对象自身 */ public SaClientModel setContractScopes(List contractScopes) { @@ -151,18 +153,18 @@ public class SaClientModel implements Serializable { } /** - * @return 应用允许授权的所有URL, 多个用逗号隔开 + * @return 应用允许授权的所有URL */ - public String getAllowUrl() { - return allowUrl; + public List getAllowUrls() { + return allowUrls; } /** - * @param allowUrl 应用允许授权的所有URL, 多个用逗号隔开 + * @param allowUrls 应用允许授权的所有URL * @return 对象自身 */ - public SaClientModel setAllowUrl(String allowUrl) { - this.allowUrl = allowUrl; + public SaClientModel setAllowUrls(List allowUrls) { + this.allowUrls = allowUrls; return this; } @@ -327,16 +329,54 @@ public class SaClientModel implements Serializable { return this; } - // + // + @Override public String toString() { - return "SaClientModel [clientId=" + clientId + ", clientSecret=" + clientSecret + ", contractScopes=" - + contractScopes + ", allowUrl=" + allowUrl + ", isCode=" + isCode + ", isImplicit=" + isImplicit - + ", isPassword=" + isPassword + ", isClient=" + isClient + ", isAutoMode=" + isAutoMode - + ", isNewRefresh=" + isNewRefresh + ", accessTokenTimeout=" + accessTokenTimeout - + ", refreshTokenTimeout=" + refreshTokenTimeout + ", clientTokenTimeout=" + clientTokenTimeout - + ", pastClientTokenTimeout=" + pastClientTokenTimeout + "]"; + return "SaClientModel{" + + "clientId='" + clientId + '\'' + + ", clientSecret='" + clientSecret + '\'' + + ", contractScopes=" + contractScopes + + ", allowUrls=" + allowUrls + + ", isCode=" + isCode + + ", isImplicit=" + isImplicit + + ", isPassword=" + isPassword + + ", isClient=" + isClient + + ", isAutoMode=" + isAutoMode + + ", isNewRefresh=" + isNewRefresh + + ", accessTokenTimeout=" + accessTokenTimeout + + ", refreshTokenTimeout=" + refreshTokenTimeout + + ", clientTokenTimeout=" + clientTokenTimeout + + ", pastClientTokenTimeout=" + pastClientTokenTimeout + + '}'; } - - + + + // 追加方法 + + /** + * @param scopes 添加应用签约的所有权限 + * @return 对象自身 + */ + public SaClientModel addContractScopes(String... scopes) { + if(this.contractScopes == null) { + this.contractScopes = new ArrayList<>(); + } + this.contractScopes.addAll(Arrays.asList(scopes)); + return this; + } + + /** + * @param urls 添加应用签约的所有权限 + * @return 对象自身 + */ + public SaClientModel addAllowUrls(String... urls) { + if(this.allowUrls == null) { + this.allowUrls = new ArrayList<>(); + } + this.allowUrls.addAll(Arrays.asList(urls)); + return this; + } + + } diff --git a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/template/SaOAuth2Template.java b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/template/SaOAuth2Template.java index c8536a0b..73422fae 100644 --- a/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/template/SaOAuth2Template.java +++ b/sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/template/SaOAuth2Template.java @@ -17,7 +17,10 @@ package cn.dev33.satoken.oauth2.template; import cn.dev33.satoken.oauth2.SaOAuth2Manager; import cn.dev33.satoken.oauth2.dao.SaOAuth2Dao; -import cn.dev33.satoken.oauth2.data.model.*; +import cn.dev33.satoken.oauth2.data.model.AccessTokenModel; +import cn.dev33.satoken.oauth2.data.model.ClientTokenModel; +import cn.dev33.satoken.oauth2.data.model.CodeModel; +import cn.dev33.satoken.oauth2.data.model.RefreshTokenModel; import cn.dev33.satoken.oauth2.data.model.loader.SaClientModel; import cn.dev33.satoken.oauth2.error.SaOAuth2ErrorCode; import cn.dev33.satoken.oauth2.exception.SaOAuth2Exception; @@ -187,9 +190,8 @@ public class SaOAuth2Template { // 4、是否在[允许地址列表]之中 SaClientModel clientModel = checkClientModel(clientId); - List allowList = SaOAuth2Manager.getDataConverter().convertAllowUrlStringToList(clientModel.allowUrl); - checkAllowUrlList(allowList); - if( ! SaStrategy.instance.hasElement.apply(allowList, url)) { + checkAllowUrlList(clientModel.allowUrls); + if( ! SaStrategy.instance.hasElement.apply(clientModel.allowUrls, url)) { throw new SaOAuth2Exception("非法 redirect_url: " + url).setCode(SaOAuth2ErrorCode.CODE_30114); } }