添加Oauth授权方式为自定义UserDetails验证

Author: hengboy

api-boot-project/api-boot-plugins/api-boot-plugin-oauth/src/main/java/org/minbox/framework/api/boot/plugin/oauth/ApiBootAuthorizationServerConfiguration.java

@@ -1,6 +1,7 @@
 package org.minbox.framework.api.boot.plugin.oauth;
 
 import org.minbox.framework.api.boot.plugin.oauth.grant.ApiBootOauthTokenGranter;
+import org.minbox.framework.api.boot.plugin.oauth.grant.DefaultApiBootOauthTokenGranter;
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;

api-boot-project/api-boot-plugins/api-boot-plugin-oauth/src/main/java/org/minbox/framework/api/boot/plugin/oauth/exception/ApiBootTokenException.java

@@ -0,0 +1,43 @@
+/*
+ * Copyright [2019] [恒宇少年 - 于起宇]
+ *
+ *      Licensed under the Apache License, Version 2.0 (the "License");
+ *      you may not use this file except in compliance with the License.
+ *      You may obtain a copy of the License at
+ *
+ *          http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *      Unless required by applicable law or agreed to in writing, software
+ *      distributed under the License is distributed on an "AS IS" BASIS,
+ *      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *      See the License for the specific language governing permissions and
+ *      limitations under the License.
+ *
+ */
+
+package org.minbox.framework.api.boot.plugin.oauth.exception;
+
+import lombok.Getter;
+import org.springframework.security.core.AuthenticationException;
+
+/**
+ * ApiBoot Token Exception
+ *
+ * @author：恒宇少年 - 于起宇
+ * <p>
+ * DateTime：2019-05-28 11:00
+ * Blog：http://blog.yuqiyu.com
+ * WebSite：http://www.jianshu.com/u/092df3f77bca
+ * Gitee：https://gitee.com/hengboy
+ * GitHub：https://github.com/hengboy
+ */
+@Getter
+public class ApiBootTokenException extends AuthenticationException {
+    public ApiBootTokenException(String msg) {
+        super(msg);
+    }
+
+    public ApiBootTokenException(String msg, Throwable t) {
+        super(msg, t);
+    }
+}

api-boot-project/api-boot-plugins/api-boot-plugin-oauth/src/main/java/org/minbox/framework/api/boot/plugin/oauth/grant/ApiBootOauthTokenGranter.java

@@ -17,7 +17,8 @@
 
 package org.minbox.framework.api.boot.plugin.oauth.grant;
 
-import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
+import org.minbox.framework.api.boot.plugin.oauth.exception.ApiBootTokenException;
+import org.springframework.security.core.userdetails.UserDetails;
 
 import java.util.Map;
 
@@ -41,10 +42,12 @@ public interface ApiBootOauthTokenGranter {
     String grantType();
 
     /**
-     * Verify whether token can be generated
+     * load userDetails by parameter
      *
-     * @param parameters request parameters
-     * @throws InvalidGrantException grant exception
+     * @param parameters parameter map
+     * @return UserDetails
+     * @throws ApiBootTokenException
+     * @see UserDetails
      */
-    void valid(Map<String, String> parameters) throws InvalidGrantException;
+    UserDetails loadByParameter(Map<String, String> parameters) throws ApiBootTokenException;
 }

api-boot-project/api-boot-plugins/api-boot-plugin-oauth/src/main/java/org/minbox/framework/api/boot/plugin/oauth/DefaultApiBootOauthTokenGranter.java renamed to api-boot-project/api-boot-plugins/api-boot-plugin-oauth/src/main/java/org/minbox/framework/api/boot/plugin/oauth/grant/DefaultApiBootOauthTokenGranter.java

@@ -15,14 +15,13 @@
  *
  */
 
-package org.minbox.framework.api.boot.plugin.oauth;
+package org.minbox.framework.api.boot.plugin.oauth.grant;
 
-import org.minbox.framework.api.boot.plugin.oauth.grant.ApiBootOauthTokenGranter;
-import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.provider.ClientDetailsService;
-import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
-import org.springframework.security.oauth2.provider.TokenRequest;
+import org.springframework.security.authentication.AbstractAuthenticationToken;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.oauth2.provider.*;
 import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 
@@ -60,25 +59,22 @@ public DefaultApiBootOauthTokenGranter(AuthorizationServerTokenServices tokenSer
     }
 
     /**
-     * grant access token
+     * get oauth2 authentication
      *
-     * @param grantType    grant type
-     * @param tokenRequest create token parameter
-     * @return
+     * @param client       client detail
+     * @param tokenRequest token request
+     * @return oauth2 authentication
      */
     @Override
-    public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
-        // create token request parameters
-        Map<String, String> parameters = new LinkedHashMap(tokenRequest.getRequestParameters());
+    protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
+        Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
 
-        // valid
-        apiBootOauthTokenGranter.valid(parameters);
+        UserDetails userDetails = apiBootOauthTokenGranter.loadByParameter(parameters);
 
-        // create token
-        OAuth2AccessToken token = super.grant(grantType, tokenRequest);
-        if (token != null) {
-            token = new DefaultOAuth2AccessToken(token);
-        }
-        return token;
+        Authentication userAuth = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+        ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
+
+        OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
+        return new OAuth2Authentication(storedOAuth2Request, userAuth);
     }
 }