LiRuochen_WorkFlow/MaxKey
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

oauth client_credentials Optimize

Browse Source
This commit is contained in:
MaxKey
2021-11-13 18:35:01 +08:00
parent 57f340a5d8
commit 26de7922e5
10 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/client/JdbcClientDetailsService.java
View File

@@ -152,6 +152,7 @@ public class JdbcClientDetailsService implements ClientDetailsService, ClientReg
if (count != 1) {
throw new NoSuchClientException("No client found with id = " + clientDetails.getClientId());
}
clientDetailsCache.invalidate(clientDetails.getClientId());
}
public void updateClientSecret(String clientId, String secret) throws NoSuchClientException {

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/endpoint/TokenEndpointAuthenticationFilter.java
View File

@@ -155,14 +155,17 @@ public class TokenEndpointAuthenticationFilter implements Filter {
try {
String grantType = request.getParameter(OAuth2Constants.PARAMETER.GRANT_TYPE);
if (grantType != null && grantType.equals(OAuth2Constants.PARAMETER.GRANT_TYPE_PASSWORD)) {
//password
usernamepassword(request,response);
}else {
Authentication authentication=ClientCredentials(request,response);
logger.trace("getPrincipal " + authentication.getPrincipal().getClass());
SigninPrincipal auth = null;
if(authentication.getPrincipal() instanceof SigninPrincipal) {
//authorization_code
auth = (SigninPrincipal)authentication.getPrincipal();
}else {
//client_credentials
auth =new SigninPrincipal((User)authentication.getPrincipal());
}
auth.setAuthenticated(true);
@@ -242,7 +245,7 @@ public class TokenEndpointAuthenticationFilter implements Filter {
public Authentication ClientCredentials(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException, IOException, ServletException {
if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) {
throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST","G" });
}
String clientId = request.getParameter(OAuth2Constants.PARAMETER.CLIENT_ID);

5
maxkey-protocols/maxkey-protocol-oauth-2.0/src/main/java/org/maxkey/authz/oauth2/provider/request/DefaultOAuth2RequestFactory.java
View File

@@ -17,6 +17,7 @@ import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.maxkey.authz.oauth2.common.OAuth2Constants;
import org.maxkey.authz.oauth2.common.exceptions.InvalidClientException;
import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
@@ -109,6 +110,10 @@ public class DefaultOAuth2RequestFactory implements OAuth2RequestFactory {
}
}
String grantType = requestParameters.get(OAuth2Constants.PARAMETER.GRANT_TYPE);
if(StringUtils.isBlank(grantType)) {
//default client_credentials
grantType = OAuth2Constants.PARAMETER.GRANT_TYPE_CLIENT_CREDENTIALS;
}
Set<String> scopes = extractScopes(requestParameters, clientId);
TokenRequest tokenRequest = new TokenRequest(requestParameters, clientId, scopes, grantType);