iSharkFly-Open/Sa-Token
1
0
Fork 0
mirror of synced 2026-05-22 14:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(oauth2): 修复 oidc 协议下,当用户数据变动后,id_token 仍是旧信息的问题

Browse Source
This commit is contained in:
click33
2025-05-10 21:45:52 +08:00
parent a3c7568fc3
commit 2523d4b8df
5 changed files with 35 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/data/generate/SaOAuth2DataGenerateDefaultImpl.java
+1
View File
@@ -144,6 +144,7 @@ public class SaOAuth2DataGenerateDefaultImpl implements SaOAuth2DataGenerate {
// 生成新 Access-Token
AccessTokenModel at = SaOAuth2Manager.getDataConverter().convertRefreshTokenToAccessToken(rt);
SaOAuth2Strategy.instance.refreshAccessTokenWorkByScope.accept(at);
// 保存新 Access-Token
dao.saveAccessToken(at);
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/scope/handler/OidcScopeHandler.java
+5 -1
View File
@@ -23,7 +23,6 @@ import cn.dev33.satoken.jwt.error.SaJwtErrorCode;
import cn.dev33.satoken.jwt.exception.SaJwtException;
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
import cn.dev33.satoken.oauth2.consts.SaOAuth2Consts;
import cn.dev33.satoken.oauth2.dao.SaOAuth2Dao;
import cn.dev33.satoken.oauth2.data.model.AccessTokenModel;
import cn.dev33.satoken.oauth2.data.model.ClientTokenModel;
import cn.dev33.satoken.oauth2.data.model.oidc.IdTokenModel;
@@ -83,6 +82,11 @@ public class OidcScopeHandler implements SaOAuth2ScopeHandlerInterface {
}
@Override
public boolean refreshAccessTokenIsWork() {
return true;
}
/**
* 获取 iss
* @return /
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/scope/handler/SaOAuth2ScopeHandlerInterface.java
+9
View File
@@ -47,4 +47,13 @@ public interface SaOAuth2ScopeHandlerInterface {
*/
void workClientToken(ClientTokenModel ct);
/**
* 当使用 RefreshToken 刷新 AccessToken 时,是否重新执行 workAccessToken 构建方法
*
* @return /
*/
default boolean refreshAccessTokenIsWork() {
return false;
}
}
sa-token-plugin/sa-token-oauth2/src/main/java/cn/dev33/satoken/oauth2/strategy/SaOAuth2Strategy.java
+18
View File
@@ -105,6 +105,24 @@ public final class SaOAuth2Strategy {
}
};
/**
* 当使用 RefreshToken 刷新 AccessToken 时,根据 scope 信息对一个 AccessTokenModel 进行加工处理
*/
public SaOAuth2ScopeWorkAccessTokenFunction refreshAccessTokenWorkByScope = (at) -> {
if(at.scopes != null && !at.scopes.isEmpty()) {
for (String scope : at.scopes) {
SaOAuth2ScopeHandlerInterface handler = scopeHandlerMap.get(scope);
if(handler != null && handler.refreshAccessTokenIsWork()) {
handler.workAccessToken(at);
}
}
}
SaOAuth2ScopeHandlerInterface finallyWorkScopeHandler = scopeHandlerMap.get(SaOAuth2Consts._FINALLY_WORK_SCOPE);
if(finallyWorkScopeHandler != null && finallyWorkScopeHandler.refreshAccessTokenIsWork()) {
finallyWorkScopeHandler.workAccessToken(at);
}
};
/**
* 根据 scope 信息对一个 ClientTokenModel 进行加工处理
*/