fix/bearer_oauth

85eb124c · zhourui · 01fd8b05 · 85eb124c · 85eb124c · 85eb124c
7 changed file
--- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/HttpToken.java
+++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/http/HttpToken.java
@@ -34,8 +34,6 @@ public class HttpToken {
 	public static final String X_Debugger = "x-debugger";
 	public static final String COOKIE_ANONYMOUS_VALUE = "anonymous";
 	public static final String SET_COOKIE = "Set-Cookie";
-	
-	

 	private static final String RegularExpression_IP = "([1-9]|[1-9]\\d|1\\d{2}|2[0-4]\\d|25[0-5])(\\.(\\d|[1-9]\\d|1\\d{2}|2[0-4]\\d|25[0-5])){3}";
 	private static final String RegularExpression_Token = "^(anonymous|user|manager|cipher)([2][0][1-2][0-9][0-1][0-9][0-3][0-9][0-5][0-9][0-5][0-9][0-5][0-9])(\\S{1,})$";
@@ -165,7 +163,10 @@ public class HttpToken {
 			token = request.getHeader(X_Token);
 		}
 		if (StringUtils.isEmpty(token)) {
-			token = request.getHeader(X_Authorization);
+			String value = request.getHeader(X_Authorization);
+			if (!StringUtils.contains(value, " ")) {
+				token = value;
+			}
 		}
 		// 此代码将导致input被关闭.
 		// if (StringUtils.isEmpty(token)) {
@@ -205,8 +206,5 @@ public class HttpToken {
 	private String userAgent(HttpServletRequest request) {
 		return Objects.toString(request.getHeader("User-Agent"), "");
 	}
-	
-	
- 

 }
\ No newline at end of file
--- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/ResponseFactory.java
+++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/ResponseFactory.java
@@ -97,7 +97,9 @@ public class ResponseFactory {
 				if (notModified(request, tag)) {
 					return Response.notModified().tag(tag).build();
 				}
-				return Response.ok(wo.getText()).type(HttpMediaType.TEXT_PLAIN_UTF_8).tag(tag).build();
+				// return
+				// Response.ok(wo.getText()).type(HttpMediaType.TEXT_PLAIN_UTF_8).tag(tag).build();
+				return Response.ok(wo.getText()).type(wo.getContentType()).tag(tag).build();
 			} else if ((null != result.getData()) && (result.getData() instanceof WoContentType)) {
 				WoContentType wo = (WoContentType) result.getData();
 				EntityTag tag = new EntityTag(etagWoContentType(wo));

--- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/WoText.java
+++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/jaxrs/WoText.java
 package com.x.base.core.project.jaxrs;

+import org.apache.commons.lang3.StringUtils;
+
 import com.x.base.core.project.annotation.FieldDescribe;
 import com.x.base.core.project.gson.GsonPropertyObject;
+import com.x.base.core.project.http.HttpMediaType;

-public class WoText  extends GsonPropertyObject {
+public class WoText extends GsonPropertyObject {

 	public WoText() {
 	}
@@ -15,6 +18,17 @@ public class WoText  extends GsonPropertyObject {
 	@FieldDescribe("text")
 	private String text;

+	@FieldDescribe("返回Content_Type")
+	private String contentType;
+
+	public String getContentType() {
+		return StringUtils.isEmpty(this.contentType) ? HttpMediaType.APPLICATION_JSON_UTF_8 : this.contentType;
+	}
+
+	public void setContentType(String contentType) {
+		this.contentType = contentType;
+	}
+
 	public String getText() {
 		return text;
 	}

--- a/o2server/x_base_core_project/src/main/java/com/x/base/core/project/logger/Logger.java
+++ b/o2server/x_base_core_project/src/main/java/com/x/base/core/project/logger/Logger.java
@@ -198,7 +198,8 @@ public class Logger {
 		sb.append(e.getMessage());
 		String headString = this.headToString(request);
 		String bodyString = this.bodyToString(body);
-		String requestUrl = request.getRequestURL().toString();
+		String requestUrl = request.getRequestURL().toString()
+				+ (StringUtils.isEmpty(request.getQueryString()) ? "" : "?" + request.getQueryString());
 		String stackTraceString = ExceptionUtils.getStackTrace(e);
 		Object[] arr = new String[] { effectivePerson.getDistinguishedName(), request.getMethod(), requestUrl,
 				request.getRemoteHost(), request.getRemoteAddr(), headString, bodyString };

--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/oauth/ActionInfo.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/oauth/ActionInfo.java
 package com.x.organization.assemble.authentication.jaxrs.oauth;

-import java.math.BigDecimal;
 import java.util.LinkedHashMap;
 import java.util.Objects;
 import java.util.Optional;
@@ -10,6 +9,7 @@ import java.util.regex.Pattern;
 import javax.script.CompiledScript;
 import javax.script.ScriptContext;
 import javax.script.SimpleScriptContext;
+import javax.servlet.http.HttpServletRequest;

 import org.apache.commons.beanutils.PropertyUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -18,11 +18,15 @@ import org.apache.commons.text.StringEscapeUtils;
 import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
 import com.x.base.core.entity.annotation.CheckRemoveType;
+import com.x.base.core.project.cache.Cache.CacheCategory;
+import com.x.base.core.project.cache.Cache.CacheKey;
+import com.x.base.core.project.cache.CacheManager;
 import com.x.base.core.project.config.Config;
 import com.x.base.core.project.config.Token.InitialManager;
 import com.x.base.core.project.config.Token.Oauth;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
+import com.x.base.core.project.http.HttpToken;
 import com.x.base.core.project.jaxrs.WoText;
 import com.x.base.core.project.logger.Logger;
 import com.x.base.core.project.logger.LoggerFactory;
@@ -30,9 +34,6 @@ import com.x.base.core.project.script.ScriptFactory;
 import com.x.organization.assemble.authentication.Business;
 import com.x.organization.core.entity.OauthCode;
 import com.x.organization.core.entity.Person;
-import com.x.base.core.project.cache.Cache.CacheCategory;
-import com.x.base.core.project.cache.Cache.CacheKey;
-import com.x.base.core.project.cache.CacheManager;

 class ActionInfo extends BaseAction {

@@ -42,10 +43,17 @@ class ActionInfo extends BaseAction {

 	private static CacheCategory cache = new CacheCategory(Person.class);

-	ActionResult<Wo> execute(EffectivePerson effectivePerson, String accessToken) throws Exception {
+	ActionResult<Wo> execute(HttpServletRequest request, EffectivePerson effectivePerson, String accessToken,
+			String contentType) throws Exception {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			ActionResult<Wo> result = new ActionResult<>();
 			Business business = new Business(emc);
+			if (StringUtils.isEmpty(accessToken)) {
+				String bearer = request.getHeader(HttpToken.X_Authorization);
+				if (StringUtils.isNotEmpty(bearer)) {
+					accessToken = StringUtils.substringAfter(bearer, " ");
+				}
+			}
 			if (StringUtils.isEmpty(accessToken)) {
 				throw new ExceptionAccessTokenEmpty();
 			}
@@ -63,6 +71,7 @@ class ActionInfo extends BaseAction {
 			Info info = this.info(business, oauthCode, oauth);
 			Wo wo = new Wo();
 			wo.setText(gson.toJson(info));
+			wo.setContentType(contentType);
 			result.setData(wo);
 			return result;
 		}

--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/oauth/ActionToken.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/oauth/ActionToken.java
@@ -4,7 +4,6 @@ import org.apache.commons.lang3.StringUtils;

 import com.x.base.core.container.EntityManagerContainer;
 import com.x.base.core.container.factory.EntityManagerContainerFactory;
-import com.x.base.core.project.config.Token.Oauth;
 import com.x.base.core.project.gson.GsonPropertyObject;
 import com.x.base.core.project.http.ActionResult;
 import com.x.base.core.project.http.EffectivePerson;
@@ -18,7 +17,8 @@ class ActionToken extends StandardJaxrsAction {

 	private static Logger logger = LoggerFactory.getLogger(ActionToken.class);

-	ActionResult<Wo> execute(EffectivePerson effectivePerson, String code, String grant_type) throws Exception {
+	ActionResult<Wo> execute(EffectivePerson effectivePerson, String code, String grant_type, String contentType)
+			throws Exception {
 		try (EntityManagerContainer emc = EntityManagerContainerFactory.instance().create()) {
 			ActionResult<Wo> result = new ActionResult<>();
 			if (StringUtils.isEmpty(code)) {
@@ -44,6 +44,7 @@ class ActionToken extends StandardJaxrsAction {
 			woToken.setExpires_in(3600);
 			Wo wo = new Wo();
 			wo.setText(gson.toJson(woToken));
+			wo.setContentType(contentType);
 			result.setData(wo);
 			return result;
 		}
@@ -52,15 +53,17 @@ class ActionToken extends StandardJaxrsAction {
 	public static class WoToken extends GsonPropertyObject {
 		private String access_token;
 		private Integer expires_in;
-		private String token_type = "bearer";
+//		private String token_type = "bearer";
+//		private String refresh_token = "123";
+//		private String scope = "read";

-		public String getToken_type() {
-			return token_type;
-		}
-
-		public void setToken_type(String token_type) {
-			this.token_type = token_type;
-		}
+//		public String getToken_type() {
+//			return token_type;
+//		}
+//
+//		public void setToken_type(String token_type) {
+//			this.token_type = token_type;
+//		}

 		public String getAccess_token() {
 			return access_token;

--- a/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/oauth/OauthAction.java
+++ b/o2server/x_organization_assemble_authentication/src/main/java/com/x/organization/assemble/authentication/jaxrs/oauth/OauthAction.java
@@ -7,7 +7,6 @@ import javax.ws.rs.FormParam;
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.container.AsyncResponse;
@@ -32,37 +31,6 @@ public class OauthAction extends StandardJaxrsAction {

 	private static Logger logger = LoggerFactory.getLogger(OauthAction.class);

-	// response_type：表示授权类型，必选项，此处的值固定为"code"
-	// client_id：表示客户端的ID，必选项
-	// client_secret：表示客户端的密钥，必选项
-	// redirect_uri：表示重定向URI，可选项
-	// scope：表示申请的权限范围，可选项
-	// state：表示客户端的当前状态，可以指定任意值，认证服务器会原封不动地返回这个值。
-
-//	@JaxrsMethodDescribe(value = "POST方法实现oauth认证auth方法", action = ActionAuth.class)
-//	@POST
-//	@Path("auth")
-//	@Consumes({ MediaType.MULTIPART_FORM_DATA, MediaType.APPLICATION_FORM_URLENCODED })
-//	public void postAuth(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
-//			@Context HttpServletResponse response,
-//			@JaxrsParameterDescribe("表示授权类型，必选项，此处的值固定为code") @FormParam("response_type") String response_type,
-//			@JaxrsParameterDescribe("表示客户端的ID") @FormParam("client_id") String client_id,
-//			@JaxrsParameterDescribe("表示客户端的密钥") @FormParam("client_secret") String client_secret,
-//			@JaxrsParameterDescribe("表示重定向URI") @FormParam("redirect_uri") String redirect_uri,
-//			@JaxrsParameterDescribe("表示申请的权限范围") @FormParam("scope") String scope,
-//			@JaxrsParameterDescribe("表示客户端的当前状态，可以指定任意值，认证服务器会原封不动地返回这个值") @FormParam("state") String state) {
-//		ActionResult<ActionAuth.Wo> result = new ActionResult<>();
-//		EffectivePerson effectivePerson = this.effectivePerson(request);
-//		try {
-//			result = new ActionAuth().execute(effectivePerson, response_type, client_id, client_secret, redirect_uri,
-//					scope, state);
-//		} catch (Exception e) {
-//			logger.error(e, effectivePerson, request, null);
-//			result.error(e);
-//		}
-//		asyncResponse.resume(ResponseFactory.getEntityTagActionResultResponse(request, result));
-//	}
-
 	@JaxrsMethodDescribe(value = "GET方法实现oauth认证auth方法", action = ActionAuth.class)
 	@GET
 	@Path("auth")
@@ -90,11 +58,12 @@ public class OauthAction extends StandardJaxrsAction {
 	@Consumes({ MediaType.MULTIPART_FORM_DATA, MediaType.APPLICATION_FORM_URLENCODED })
 	public void postToken(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
 			@Context HttpServletResponse response, @FormParam("code") String code,
-			@FormParam("grant_type") String grant_type) {
+			@FormParam("grant_type") String grant_type,
+			@JaxrsParameterDescribe("response CONTENT_TYPE 设置 默认为text/plain; charset=UTF-8") @FormParam("contentType") String contentType) {
 		ActionResult<ActionToken.Wo> result = new ActionResult<>();
 		EffectivePerson effectivePerson = this.effectivePerson(request);
 		try {
-			result = new ActionToken().execute(effectivePerson, code, grant_type);
+			result = new ActionToken().execute(effectivePerson, code, grant_type, contentType);
 		} catch (Exception e) {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);
@@ -107,11 +76,12 @@ public class OauthAction extends StandardJaxrsAction {
 	@Path("token")
 	public void getToken(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
 			@Context HttpServletResponse response, @QueryParam("code") String code,
-			@QueryParam("grant_type") String grant_type) {
+			@QueryParam("grant_type") String grant_type,
+			@JaxrsParameterDescribe("response CONTENT_TYPE 设置 默认为text/plain; charset=UTF-8") @QueryParam("contentType") String contentType) {
 		ActionResult<ActionToken.Wo> result = new ActionResult<>();
 		EffectivePerson effectivePerson = this.effectivePerson(request);
 		try {
-			result = new ActionToken().execute(effectivePerson, code, grant_type);
+			result = new ActionToken().execute(effectivePerson, code, grant_type, contentType);
 		} catch (Exception e) {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);
@@ -124,11 +94,12 @@ public class OauthAction extends StandardJaxrsAction {
 	@Path("info")
 	@Consumes({ MediaType.MULTIPART_FORM_DATA, MediaType.APPLICATION_FORM_URLENCODED })
 	public void postInfo(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
-			@Context HttpServletResponse response, @FormParam("access_token") String access_token) {
+			@Context HttpServletResponse response, @FormParam("access_token") String access_token,
+			@JaxrsParameterDescribe("response CONTENT_TYPE 设置 默认为text/plain; charset=UTF-8") @FormParam("contentType") String contentType) {
 		ActionResult<ActionInfo.Wo> result = new ActionResult<>();
 		EffectivePerson effectivePerson = this.effectivePerson(request);
 		try {
-			result = new ActionInfo().execute(effectivePerson, access_token);
+			result = new ActionInfo().execute(request, effectivePerson, access_token, contentType);
 		} catch (Exception e) {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);
@@ -141,11 +112,12 @@ public class OauthAction extends StandardJaxrsAction {
 	@Path("info")
 	@Produces(HttpMediaType.APPLICATION_JSON_UTF_8)
 	public void getInfo(@Suspended final AsyncResponse asyncResponse, @Context HttpServletRequest request,
-			@Context HttpServletResponse response, @QueryParam("access_token") String access_token) {
+			@Context HttpServletResponse response, @QueryParam("access_token") String access_token,
+			@JaxrsParameterDescribe("response CONTENT_TYPE 设置 默认为text/plain; charset=UTF-8") @QueryParam("contentType") String contentType) {
 		ActionResult<ActionInfo.Wo> result = new ActionResult<>();
 		EffectivePerson effectivePerson = this.effectivePerson(request);
 		try {
-			result = new ActionInfo().execute(effectivePerson, access_token);
+			result = new ActionInfo().execute(request, effectivePerson, access_token, contentType);
 		} catch (Exception e) {
 			logger.error(e, effectivePerson, request, null);
 			result.error(e);