forked from kidgrow-microservices-platform
blame | history | raw
zhaoxiaohao
2021-03-11 0c9ff5198c54ec5d2f3bbb8c5a406d270df1e188 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

package com.kidgrow.oauth2.handler;


 


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.oauth2.common.*;


import org.springframework.security.oauth2.provider.ClientDetailsService;


import org.springframework.security.oauth2.provider.OAuth2Authentication;


import org.springframework.security.oauth2.provider.token.DefaultTokenServices;


import org.springframework.security.oauth2.provider.token.TokenEnhancer;


import org.springframework.security.oauth2.provider.token.TokenStore;


 


import java.util.Date;


import java.util.UUID;


 


/**


 * 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>


 *


 * @Description: <br>


 * @Project: <br>


 * @CreateDate: Created in 2020/6/18 12:41 <br>


 * @Author: <a href="4345453@kidgrow.com">liuke</a>


 */


public class KidgrowTokenServices extends DefaultTokenServices {


 


    private int refreshTokenValiditySeconds = 2592000;


    private int accessTokenValiditySeconds = 43200;


    private boolean supportRefreshToken = false;


    private boolean reuseRefreshToken = true;


    private ClientDetailsService clientDetailsService;


    private TokenEnhancer accessTokenEnhancer;


    private AuthenticationManager authenticationManager;


 


    @Autowired


    private TokenStore tokenStore;


 


 


 


    @Override


    public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException {


        OAuth2AccessToken existingAccessToken = super.getAccessToken(authentication);


        OAuth2RefreshToken refreshToken = null;


        if (existingAccessToken != null) {


//            if (!existingAccessToken.isExpired()) {


//                this.tokenStore.storeAccessToken(existingAccessToken, authentication);


//                return existingAccessToken;


//            }


            existingAccessToken.getRefreshToken();


            if (existingAccessToken.getRefreshToken() != null) {


                refreshToken = existingAccessToken.getRefreshToken();


                this.tokenStore.removeRefreshToken(refreshToken);


            }


 


            this.tokenStore.removeAccessToken(existingAccessToken);


        }


 


 


        if (refreshToken == null) {


            refreshToken = this.createRefreshToken(authentication);


        } else if (refreshToken instanceof ExpiringOAuth2RefreshToken) {


            ExpiringOAuth2RefreshToken expiring = (ExpiringOAuth2RefreshToken)refreshToken;


            if (System.currentTimeMillis() > expiring.getExpiration().getTime()) {


                refreshToken = this.createRefreshToken(authentication);


            }


        }


 


        OAuth2AccessToken accessToken = this.createAccessToken(authentication, refreshToken);


        this.tokenStore.storeAccessToken(accessToken, authentication);


        refreshToken = accessToken.getRefreshToken();


        if (refreshToken != null) {


            this.tokenStore.storeRefreshToken(refreshToken, authentication);


        }


 


        return accessToken;


    }


 


//    @Override


//    public void setTokenStore(TokenStore tokenStore) {


//        this.tokenStore = tokenStore;


//    }


 


 


 


    @Override


    public void setSupportRefreshToken(boolean supportRefreshToken) {


        this.supportRefreshToken = supportRefreshToken;


    }


 


    @Override


    public void setReuseRefreshToken(boolean reuseRefreshToken) {


        this.reuseRefreshToken = reuseRefreshToken;


    }


 


    private OAuth2AccessToken createAccessToken(OAuth2Authentication authentication, OAuth2RefreshToken refreshToken) {


        DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());


        int validitySeconds = this.getAccessTokenValiditySeconds(authentication.getOAuth2Request());


        if (validitySeconds > 0) {


            token.setExpiration(new Date(System.currentTimeMillis() + (long)validitySeconds * 1000L));


        }


 


        token.setRefreshToken(refreshToken);


        token.setScope(authentication.getOAuth2Request().getScope());


        return (OAuth2AccessToken)(this.accessTokenEnhancer != null ? this.accessTokenEnhancer.enhance(token, authentication) : token);


    }


 


    private OAuth2RefreshToken createRefreshToken(OAuth2Authentication authentication) {


        if (!this.isSupportRefreshToken(authentication.getOAuth2Request())) {


            return null;


        } else {


            int validitySeconds = this.getRefreshTokenValiditySeconds(authentication.getOAuth2Request());


            String value = UUID.randomUUID().toString();


            return (OAuth2RefreshToken)(validitySeconds > 0 ? new DefaultExpiringOAuth2RefreshToken(value, new Date(System.currentTimeMillis() + (long)validitySeconds * 1000L)) : new DefaultOAuth2RefreshToken(value));


        }


    }


}