/*
* Copyright (c) 2018-2999 武汉三只猴子科技有限公司 All rights reserved.
*
* https://www.3monkeys.shop/
*
* 未经允许,不可做商业用途!
*
* 版权所有,侵权必究!
*/
package com.monkey.shop.security.util;
import java.util.Date;
import java.util.Set;
import java.util.UUID;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken;
import org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.security.oauth2.common.exceptions.InvalidScopeException;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.TokenRequest;
import org.springframework.security.oauth2.provider.token.*;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;
/**
* Base implementation for token services using random UUID values for the access token and refresh token values. The
* main extension point for customizations is the {@link TokenEnhancer} which will be called after the access and
* refresh tokens have been generated but before they are stored.
* <p>
* Persistence is delegated to a {@code TokenStore} implementation and customization of the access token to a
* {@link TokenEnhancer}.
*
* @author Ryan Heaton
* @author Luke Taylor
* @author Dave Syer
* @author zkk
*/
public class MonkeyTokenServices implements AuthorizationServerTokenServices, ResourceServerTokenServices,
ConsumerTokenServices, InitializingBean {
// default 30 days.
private int refreshTokenValiditySeconds = 60 * 60 * 24 * 30;
// default 12 hours.
private int accessTokenValiditySeconds = 60 * 60 * 12;
private boolean supportRefreshToken = false;
private boolean reuseRefreshToken = true;
private TokenStore tokenStore;
private ClientDetailsService clientDetailsService;
private TokenEnhancer accessTokenEnhancer;
private AuthenticationManager authenticationManager;
/**
* Initialize these token services. If no random generator is set, one will be created.
*/
@Override
public void afterPropertiesSet() throws Exception {
Assert.notNull(tokenStore, "tokenStore must be set");
}
@Transactional(rollbackFor = Exception.class)
@Override
public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) {
OAuth2AccessToken existingAccessToken = tokenStore.getAccessToken(authentication);
OAuth2RefreshToken refreshToken = null;
// 如果有token,直接删除,更新token,避免出现缓存问题
// if (existingAccessToken != null) {
// if (existingAccessToken.getRefreshToken() != null) {
// refreshToken = existingAccessToken.getRefreshToken();
// // The token store could remove the refresh token when the
// // access token is removed, but we want to
// // be sure...
// tokenStore.removeRefreshToken(refreshToken);
// }
// tokenStore.removeAccessToken(existingAccessToken);
//
// }
// Only create a new refresh token if there wasn't an existing one
// associated with an expired access token.
// Clients might be holding existing refresh tokens, so we re-use it in
// the case that the old access token
// expired.
if (refreshToken == null) {
refreshToken = createRefreshToken(authentication);
}
// But the refresh token itself might need to be re-issued if it has
// expired.
else if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
ExpiringOAuth2RefreshToken expiring = (ExpiringOAuth2RefreshToken) refreshToken;
if (System.currentTimeMillis() > expiring.getExpiration().getTime()) {
refreshToken = createRefreshToken(authentication);
}
}
OAuth2AccessToken accessToken = createAccessToken(authentication, refreshToken);
tokenStore.storeAccessToken(accessToken, authentication);
// In case it was modified
refreshToken = accessToken.getRefreshToken();
if (refreshToken != null) {
tokenStore.storeRefreshToken(refreshToken, authentication);
}
return accessToken;
}
@Override
@Transactional(noRollbackFor={InvalidTokenException.class, InvalidGrantException.class}, rollbackFor = Exception.class)
public OAuth2AccessToken refreshAccessToken(String refreshTokenValue, TokenRequest tokenRequest)
throws AuthenticationException {
if (!supportRefreshToken) {
throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue);
}
OAuth2RefreshToken refreshToken = tokenStore.readRefreshToken(refreshTokenValue);
if (refreshToken == null) {
throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue);
}
OAuth2Authentication authentication = tokenStore.readAuthenticationForRefreshToken(refreshToken);
if (this.authenticationManager != null && !authentication.isClientOnly()) {
// The client has already been authenticated, but the user authentication might be old now, so give it a
// chance to re-authenticate.
Authentication user = new PreAuthenticatedAuthenticationToken(authentication.getUserAuthentication(), "", authentication.getAuthorities());
user = authenticationManager.authenticate(user);
Object details = authentication.getDetails();
authentication = new OAuth2Authentication(authentication.getOAuth2Request(), user);
authentication.setDetails(details);
}
String clientId = authentication.getOAuth2Request().getClientId();
if (clientId == null || !clientId.equals(tokenRequest.getClientId())) {
throw new InvalidGrantException("Wrong client for this refresh token: " + refreshTokenValue);
}
// clear out any access tokens already associated with the refresh
// token.
tokenStore.removeAccessTokenUsingRefreshToken(refreshToken);
if (isExpired(refreshToken)) {
tokenStore.removeRefreshToken(refreshToken);
throw new InvalidTokenException("Invalid refresh token (expired): " + refreshToken);
}
authentication = createRefreshedAuthentication(authentication, tokenRequest);
if (!reuseRefreshToken) {
tokenStore.removeRefreshToken(refreshToken);
refreshToken = createRefreshToken(authentication);
}
OAuth2AccessToken accessToken = createAccessToken(authentication, refreshToken);
tokenStore.storeAccessToken(accessToken, authentication);
if (!reuseRefreshToken) {
没有合适的资源?快使用搜索试试~ 我知道了~
基于Java和多种前端技术集成的开源小程序商城设计源码
共1497个文件
java:441个
js:301个
png:144个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 158 浏览量
2024-10-06
07:57:08
上传
评论
收藏 19.34MB ZIP 举报
温馨提示
本项目是一款开源小程序商城设计源码,采用Java作为后端开发语言,并集成了多种前端技术,包括微信小程序、TypeScript、Vue、CSS、HTML等。整个项目包含1491个文件,其中Java源文件441个,JavaScript文件298个,PNG图片文件144个,JSON文件83个,wxss文件83个,wxml文件78个,TypeScript文件74个,Vue文件67个,xml文件60个,svg文件39个。该商城系统设计灵活,功能完善,适用于各类电商场景。
资源推荐
资源详情
资源评论
收起资源包目录
基于Java和多种前端技术集成的开源小程序商城设计源码 (1497个子文件)
.babelrc 337B
style.css 212KB
skin.min.css 43KB
skin.mobile.min.css 27KB
visualblocks.css 5KB
content.min.css 4KB
content.inline.min.css 3KB
prism.css 2KB
content.mobile.min.css 234B
Dockerfile 466B
Dockerfile 464B
Dockerfile 172B
.editorconfig 147B
tinymce.eot 18KB
tinymce-small.eot 9KB
.eslintignore 74B
.eslintrc 58B
loader.gif 3KB
smiley-cool.gif 354B
smiley-wink.gif 350B
smiley-smile.gif 344B
smiley-laughing.gif 343B
smiley-foot-in-mouth.gif 342B
smiley-frown.gif 340B
smiley-kiss.gif 338B
smiley-surprised.gif 338B
smiley-undecided.gif 337B
smiley-innocent.gif 336B
smiley-yell.gif 336B
smiley-embarassed.gif 331B
smiley-cry.gif 329B
smiley-tongue-out.gif 328B
smiley-sealed.gif 323B
smiley-money-mouth.gif 321B
object.gif 152B
anchor.gif 53B
trans.gif 43B
.gitignore 561B
.gitignore 212B
index.html 935B
MonkeyTokenServices.java 18KB
OrderController.java 12KB
PaymentApi.java 11KB
ShopCartController.java 11KB
SubmitOrderListener.java 11KB
ProdController.java 10KB
WXPayUtil.java 10KB
MyOrderController.java 9KB
HttpKit.java 8KB
ProductController.java 8KB
BasketServiceImpl.java 8KB
Tools.java 8KB
OrderController.java 8KB
SmsLogServiceImpl.java 8KB
ProductServiceImpl.java 7KB
AddrController.java 7KB
OrderServiceImpl.java 6KB
SysUserController.java 6KB
TransportServiceImpl.java 6KB
SysMenuController.java 6KB
TransportManagerServiceImpl.java 6KB
XmlHelper.java 6KB
LoginAuthenticationFilter.java 6KB
LoginAuthenticationFilter.java 5KB
ScheduleManager.java 5KB
CategoryController.java 5KB
ShopDetailController.java 5KB
Json.java 5KB
CategoryServiceImpl.java 5KB
PayServiceImpl.java 5KB
CategoryController.java 5KB
ScheduleJobController.java 5KB
ShopDetailParam.java 5KB
UserCollectionController.java 4KB
ProdTagController.java 4KB
ProdTagController.java 4KB
SpecController.java 4KB
WxPortalController.java 4KB
WxMaInRedisConfig.java 4KB
RedisUtil.java 4KB
MonkeyUserServiceImpl.java 4KB
TransportController.java 4KB
MessageController.java 4KB
MpAuthenticationProvider.java 4KB
SearchController.java 4KB
ProdPropServiceImpl.java 4KB
Arith.java 4KB
NoticeController.java 4KB
HotSearchController.java 4KB
PaymentKit.java 4KB
IndexImgController.java 4KB
ProdCommController.java 4KB
ConfirmOrderListener.java 3KB
AttributeController.java 3KB
ScheduleJobServiceImpl.java 3KB
PickAddrController.java 3KB
AreaController.java 3KB
SysRoleController.java 3KB
MonkeySysUserDetailsServiceImpl.java 3KB
RedisCacheConfig.java 3KB
共 1497 条
- 1
- 2
- 3
- 4
- 5
- 6
- 15
资源评论
lsx202406
- 粉丝: 2482
- 资源: 5595
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功