From 23826f0cd5c5f4d87c551ebb9e1d3d432cc9771d Mon Sep 17 00:00:00 2001 From: wanglei <34475144@qq.com> Date: Sat, 15 Nov 2025 16:07:07 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E5=BA=94=E7=94=A8=E7=A8=8B?= =?UTF-8?q?=E5=BA=8F=E7=94=9F=E6=88=90token=E5=AD=98=E5=82=A8=E5=88=B0?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E8=A1=A8=E4=B8=AD=EF=BC=8C=E4=BF=AE=E6=94=B9?= =?UTF-8?q?=E7=AC=AC=E4=B8=89=E6=96=B9=E8=AE=A4=E8=AF=81=E7=9A=84=E4=B8=9A?= =?UTF-8?q?=E5=8A=A1=E6=B5=81=E7=A8=8B=EF=BC=8C=E4=BC=98=E5=8C=96=E9=83=A8?= =?UTF-8?q?=E5=88=86=E5=87=BD=E6=95=B0=E4=BB=A3=E7=A0=81=E5=92=8C=E5=87=BD?= =?UTF-8?q?=E6=95=B0=E7=9A=84=E5=90=8D=E7=A7=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/api/oauth/oauth.lua | 6 -- src/dao/oauth/oauth.lua | 19 +++--- src/dao/system/account.lua | 18 ++---- src/dao/system/application.lua | 11 +--- src/dao/system/applicationtoken.lua | 86 ++++++++++++++++++++++++++++ src/dao/system/department.lua | 18 ++---- src/dao/system/login.lua | 9 +-- src/dao/system/permission.lua | 18 ++---- src/dao/system/position.lua | 18 ++---- src/dao/system/role.lua | 18 ++---- src/dao/system/user.lua | 18 ++---- src/service/oauth/oauth.lua | 46 +++++++-------- src/service/system/account.lua | 6 +- src/service/system/application.lua | 6 +- src/service/system/department.lua | 6 +- src/service/system/permission.lua | 6 +- src/service/system/position.lua | 6 +- src/service/system/role.lua | 6 +- src/service/system/user.lua | 6 +- src/util/token.lua | 6 +- src/validator/oauth/oauth.lua | 7 ++- src/validator/system/account.lua | 2 +- src/validator/system/application.lua | 2 +- src/validator/system/department.lua | 2 +- src/validator/system/permission.lua | 2 +- src/validator/system/position.lua | 2 +- src/validator/system/role.lua | 2 +- src/validator/system/user.lua | 2 +- 28 files changed, 194 insertions(+), 160 deletions(-) create mode 100644 src/dao/system/applicationtoken.lua diff --git a/src/api/oauth/oauth.lua b/src/api/oauth/oauth.lua index 4aeb27b..b04681c 100644 --- a/src/api/oauth/oauth.lua +++ b/src/api/oauth/oauth.lua @@ -31,12 +31,6 @@ local routes = { methods = { "POST" }, handler = oauthService.userinfo, }, - --根据Refresh-Token刷新Access-Token - { - paths = { "/yum/v1/oauth/v2/refresh" }, - methods = { "GET", "POST" }, - handler = oauthService.refresh, - }, } -- 初始化路由 diff --git a/src/dao/oauth/oauth.lua b/src/dao/oauth/oauth.lua index 32d945a..7021ea2 100644 --- a/src/dao/oauth/oauth.lua +++ b/src/dao/oauth/oauth.lua @@ -5,6 +5,7 @@ --- local userDao = require("dao.system.user") local applicationDao = require("dao.system.application") +local applicationTokenDao = require("dao.system.applicationtoken") local _M = {} @@ -12,13 +13,10 @@ local _M = {} function _M.authenticateUserPasswd(username, passwd) --验证用户名是否为空 local code, res = userDao:getUserByUsername(username) --authenticate(name, passwd) - if code ~= 0 then + if code ~= 0 or res == nil then return 0x000001, res end - local num = 0 - if res ~= nil then - num = table.getn(res) - end + local num = table.getn(res) --用户不存在时返回 if num <= 0 then return 0x01000C,nil @@ -40,13 +38,10 @@ function _M.login(jsonData) local checkKey = jsonData["checkKey"] --验证用户名是否为空 local code, res = userDao:getUserByUsername(name) --authenticate(name, passwd) - if code ~= 0 then + if code ~= 0 or res == nil then return 0x000001,res end - local num = 0 - if res ~= nil then - num = table.getn(res) - end + local num = table.getn(res) --用户不存在时返回 if num <= 0 then return 0x01000C,nil @@ -93,4 +88,8 @@ function _M.getApplicationByUserid(user_id, client_id, client_secret) return applicationDao.getApplicationByUserid(user_id, client_id, client_secret) end +function _M.updateApplicationToken(client_id, ret) + return applicationTokenDao.updateApplicationToken(client_id, ret) +end + return _M \ No newline at end of file diff --git a/src/dao/system/account.lua b/src/dao/system/account.lua index 30b3111..bb77f03 100644 --- a/src/dao/system/account.lua +++ b/src/dao/system/account.lua @@ -16,13 +16,10 @@ local _M = {} local function isExistAccount(id) --根据账户id进行验证账户是否存在 local code, res = accountModel:find(id) - if code ~= 0 then - return false - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --账户不存在返回错误 if num <= 0 then return false @@ -47,13 +44,10 @@ function _M.addSystemAccount(jsonData) --根据账户进行验证账户是否存在 local code, res = accountModel:where("name", "=", name):get() - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --账户存在时返回账户已经存在 if num > 0 then return 0x01000C,nil diff --git a/src/dao/system/application.lua b/src/dao/system/application.lua index f7cb4a0..e52ab36 100644 --- a/src/dao/system/application.lua +++ b/src/dao/system/application.lua @@ -59,17 +59,10 @@ function _M.addSystemApplication(jsonData) --根据应用进行验证是否存在 local code, res = applicationModel:where("name", "=", name):get() - if code ~= 0 then + if code ~= 0 or res == nil then return 0x000001, res end - local num = 0 - if res ~= nil then - num = table.getn(res) - end - --用户存在时返回用户已经存在 - if num > 0 then - return 0x01000C,nil - end + local num = table.getn(res) --应用存在时返回应用已经存在 if num > 0 then return 0x01000C, nil diff --git a/src/dao/system/applicationtoken.lua b/src/dao/system/applicationtoken.lua new file mode 100644 index 0000000..1526413 --- /dev/null +++ b/src/dao/system/applicationtoken.lua @@ -0,0 +1,86 @@ +--- +--- Generated by EmmyLua(https://github.com/EmmyLua) +--- Created by admin. +--- DateTime: 2025/11/15 09:38 +--- 应用程序token数据表模型文件 + +local helpers = require("share.helpers") +--引用使用的库文件 +local model = require("share.model") +--创建一个数据表相关的模型 +local applicationTokenModel = model:new('sys_application_token') + +local _M = {} + +--判断应用是否存在 +local function isExistApplicationToken(client_id) + --根据应用id进行验证应用是否存在 + local code, res = applicationTokenModel:find(client_id) + if code ~= 0 or res == nil then + return false + end + local num = table.getn(res) + --应用不存在返回错误 + if num <= 0 then + return false + end + return true +end + +-- 查询数据表中的所有应用信息 +function _M.getApplicationTokens(pageNum, pageSize) + return applicationTokenModel:paginate(pageNum, pageSize) +end + +--根据应用id获取应用信息 +function _M.getApplicationToken(id) + return applicationTokenModel.find(id) +end + +--增加应用信息到数据表 +function _M.addSystemApplicationToken(client_id, jsonData) + --根据应用进行验证是否存在 + local code, res = applicationTokenModel:where("application_id", "=", client_id):get() + if code ~= 0 or res == nil then + return 0x000001, res + end + local num = table.getn(res) + --应用存在时返回应用已经存在 + if num > 0 then + return 0x01000C, nil + end + -- 创建一个应用 + return applicationTokenModel:create(jsonData) +end + +--删除应用信息到数据表 +function _M.deleteApplicationToken(id) + --根据用户id进行验证用户是否存在 + local ok = isExistApplicationToken(id) + --用户不存在则返回 + if ok == false then + return 0x000001,nil + end + return applicationTokenModel:delete(id) +end + +--更新应用信息到数据表 +function _M.updateApplicationToken(id, jsonData) + --根据用户id进行验证用户是否存在 + local ok = isExistApplicationToken(id) + --用户不存在则返回 + if ok == false then + return 0x000001,nil + end + --对数据内容进行更 + jsonData.update_time = ngx.time() + return applicationTokenModel:where('application_id', '=', id):update(jsonData) +end + +--根据客户端id和重定向地址获取应用程序 +function _M.getApplicationTokenBy(client_id, redirect_uri) + --print("getApplicationTokenBy client_id:", client_id, " redirect_uri:", redirect_uri) + return applicationTokenModel:where('app_id', '=', client_id):where('redirect_uris', '=', redirect_uri):get() +end + +return _M \ No newline at end of file diff --git a/src/dao/system/department.lua b/src/dao/system/department.lua index 4c87898..9445a0f 100644 --- a/src/dao/system/department.lua +++ b/src/dao/system/department.lua @@ -16,13 +16,10 @@ local _M = {} local function isExistDepartment(id) --根据组织id进行验证组织是否存在 local code, res = departmentModel:find(id) - if code ~= 0 then - return false - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --组织不存在返回错误 if num <= 0 then return false @@ -47,13 +44,10 @@ function _M.addSystemDepartment(jsonData) --根据组织名称进行验证组织是否存在 local code, res = departmentModel:where("name", "=", name):get() - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --组织架构存在时返回组织架构已经存在 if num > 0 then return 0x01000C, nil diff --git a/src/dao/system/login.lua b/src/dao/system/login.lua index 885f1e8..a007c2d 100644 --- a/src/dao/system/login.lua +++ b/src/dao/system/login.lua @@ -34,13 +34,10 @@ function _M.login(jsonData) local checkKey = jsonData["checkKey"] --验证用户名是否为空 local code, res = userDao:getUserByUsername(name) --authenticate(name, passwd) - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --用户不存在时返回 if num <= 0 then return 0x01000C,nil diff --git a/src/dao/system/permission.lua b/src/dao/system/permission.lua index 1d15224..2990b27 100644 --- a/src/dao/system/permission.lua +++ b/src/dao/system/permission.lua @@ -16,13 +16,10 @@ local _M = {} local function isExistPermission(id) --根据权限id进行验证权限是否存在 local code, res = permissionModel:find(id) - if code ~= 0 then - return false - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --权限不存在返回错误 if num <= 0 then return false @@ -54,13 +51,10 @@ function _M.addSystemPermission(jsonData) --根据权限名称进行验证权限是否存在 local code, res = permissionModel:where("name", "=", name):get() - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --权限存在时返回权限已经存在 if num > 0 then return 0x01000C,nil diff --git a/src/dao/system/position.lua b/src/dao/system/position.lua index b20004c..83050ab 100644 --- a/src/dao/system/position.lua +++ b/src/dao/system/position.lua @@ -16,13 +16,10 @@ local _M = {} local function isExistPosition(id) --根据岗位id进行验证岗位是否存在 local code, res = positionModel:find(id) - if code ~= 0 then - return false - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --岗位不存在返回错误 if num <= 0 then return false @@ -47,13 +44,10 @@ function _M.addSystemPosition(jsonData) --根据岗位id进行验证岗位是否存在 local code, res = positionModel:where("post_id", "=", post_id):get() - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --岗位存在时返回岗位已经存在 if num > 0 then return 0x01000C, nil diff --git a/src/dao/system/role.lua b/src/dao/system/role.lua index 460c33a..8668932 100644 --- a/src/dao/system/role.lua +++ b/src/dao/system/role.lua @@ -16,13 +16,10 @@ local _M = {} local function isExistRole(id) --根据角色id进行验证角色是否存在 local code, res = roleModel:find(id) - if code ~= 0 then - return false - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --角色不存在返回错误 if num <= 0 then return false @@ -52,13 +49,10 @@ function _M.addSystemRole(jsonData) --根据角色、手机号、邮箱进行验证角色是否存在 local code, res = roleModel:where("role_name", "=", roleName):get() - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --角色存在时返回角色已经存在 if num > 0 then return 0x01000C,nil diff --git a/src/dao/system/user.lua b/src/dao/system/user.lua index 8959115..e8e03ac 100644 --- a/src/dao/system/user.lua +++ b/src/dao/system/user.lua @@ -23,13 +23,10 @@ local user = { local function isExistUser(id) --根据用户id进行验证用户是否存在 local code, res = userModel:find(id) - if code ~= 0 then - return false - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --用户不存在返回错误 if num <= 0 then return false @@ -68,13 +65,10 @@ function _M:addSystemUser(jsonData) --根据用户、手机号、邮箱进行验证用户是否存在 local code, res = self.getUserByUsername(userName) - if code ~= 0 then - return 0x000001,res - end - local num = 0 - if res ~= nil then - num = table.getn(res) + if code ~= 0 or res == nil then + return 0x000001, res end + local num = table.getn(res) --用户存在时返回用户已经存在 if num > 0 then return 0x01000C,nil diff --git a/src/service/oauth/oauth.lua b/src/service/oauth/oauth.lua index 87291a7..2089ff7 100644 --- a/src/service/oauth/oauth.lua +++ b/src/service/oauth/oauth.lua @@ -172,17 +172,36 @@ local function authorizateCode(args) -- 生存id_token local new_id_token = token.generate_id_token(priv_key, user_id, client_id, scope) --ngx.say("Generated JWT: ", jwt_obj) - -- 6.返回结果 local ret = {} ret.access_token = new_access_token ret.token_type = "Bearer" ret.expires_in = 10 * 60 ret.refresh_token = new_refresh_token ret.id_token = new_id_token + -- 6.将生成的数据存储到数据库中 + local code, res = oauthDao.addSystemApplicationToken(client_id, ret) + if code ~= 0 then + local result = resp:json(0x000001) + resp:send(result) + return + end + -- 7.返回结果 local result = resp:json(ngx.HTTP_OK, ret) resp:send(result) end +-- 刷新令牌 +local function authorizateRefresh(args) + -- 1.校验必填参数验证数据是否符合json + local ok = validator.validateRefresh(args) + if not ok then + local result = resp:json(0x000001) + resp:send(result) + return + end + -- 2. +end + -- 根据授权码获取Access-Token function _M:token() -- 1. 解析请求参数(支持 form-data 和 json) @@ -217,6 +236,8 @@ function _M:token() authorizatePassword(args) elseif grant_type == "authorization_code" then authorizateCode(args) + elseif grant_type == "refresh_token" then + authorizateRefresh(args) end end @@ -292,27 +313,4 @@ function _M:userinfo() resp:send(result) end ---根据Refresh-Token刷新Access-Token -function _M:refresh() - --读取请求体的数据 - ngx.req.read_body() - --获取请求数据 - local body_data = ngx.req.get_body_data() - --验证json数据是否正确 - local ok, data = pcall(cjson.decode, body_data) - if not ok then - local result = resp:json(0x000001) - resp:send(result) - return - end - -- 验证数据是否符合json - local ok = validator.validateRefresh(data) - --验证失败则返回 - if not ok then - local result = resp:json(0x000001) - resp:send(result) - return - end -end - return _M \ No newline at end of file diff --git a/src/service/system/account.lua b/src/service/system/account.lua index cfc7e7b..8f4a9bb 100644 --- a/src/service/system/account.lua +++ b/src/service/system/account.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对账户数据表进行数据表业务处理 local resp = require("util.response") local accountDao = require("dao.system.account") -local validatorJson = require("validator.system.account") +local validator = require("validator.system.account") local cjson = require("cjson.safe") local perm = require("util.permissionfilter") @@ -56,7 +56,7 @@ function _M.addSystemAccount() --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -97,7 +97,7 @@ function _M.updateSystemAccount(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/service/system/application.lua b/src/service/system/application.lua index 309f956..7699998 100644 --- a/src/service/system/application.lua +++ b/src/service/system/application.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对应用数据表进行数据表业务处理 local resp = require("util.response") local applicationDao = require("dao.system.application") -local validatorJson = require("validator.system.application") +local validator = require("validator.system.application") local cjson = require("cjson.safe") local perm = require("util.permissionfilter") @@ -84,7 +84,7 @@ function _M.addSystemApplication() --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -125,7 +125,7 @@ function _M.updateSystemApplication(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/service/system/department.lua b/src/service/system/department.lua index ef3bbd4..eaa05de 100644 --- a/src/service/system/department.lua +++ b/src/service/system/department.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对组织架构数据表进行数据表业务处理 local resp = require("util.response") local departmentDao = require("dao.system.department") -local validatorJson = require("validator.system.department") +local validator = require("validator.system.department") local cjson = require("cjson.safe") local perm = require("util.permissionfilter") @@ -53,7 +53,7 @@ function _M.addSystemDepartment() --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -95,7 +95,7 @@ function _M.updateSystemDepartment(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/service/system/permission.lua b/src/service/system/permission.lua index 6ef04ac..648582a 100644 --- a/src/service/system/permission.lua +++ b/src/service/system/permission.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对权限数据表进行数据表业务处理 local resp = require("util.response") local permissionDao = require("dao.system.permission") -local validatorJson = require("validator.system.permission") +local validator = require("validator.system.permission") local cjson = require("cjson.safe") local perm = require("util.permissionfilter") @@ -70,7 +70,7 @@ function _M.addSystemPermission() --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -111,7 +111,7 @@ function _M.updateSystemPermission(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/service/system/position.lua b/src/service/system/position.lua index 6e724c8..15984f3 100644 --- a/src/service/system/position.lua +++ b/src/service/system/position.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对岗位数据表进行数据表业务处理 local resp = require("util.response") local positionDao = require("dao.system.position") -local validatorJson = require("validator.system.position") +local validator = require("validator.system.position") local cjson = require("cjson.safe") local perm = require("util.permissionfilter") @@ -56,7 +56,7 @@ function _M.addSystemPosition() --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -97,7 +97,7 @@ function _M.updateSystemPosition(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/service/system/role.lua b/src/service/system/role.lua index e910c28..ee28575 100644 --- a/src/service/system/role.lua +++ b/src/service/system/role.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对用户角色数据表进行数据表业务处理 local resp = require("util.response") local roleDao = require("dao.system.role") -local validatorJson = require("validator.system.role") +local validator = require("validator.system.role") local cjson = require("cjson.safe") local perm = require("util.permissionfilter") @@ -57,7 +57,7 @@ function _M.addSystemRole() --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -98,7 +98,7 @@ function _M.updateSystemRole(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合schema - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/service/system/user.lua b/src/service/system/user.lua index 31eb819..40a8f97 100644 --- a/src/service/system/user.lua +++ b/src/service/system/user.lua @@ -5,7 +5,7 @@ --- 业务逻辑 对用户数据表进行数据表业务处理 local resp = require("util.response") local userDao = require("dao.system.user") -local validatorJson = require("validator.system.user") +local validator = require("validator.system.user") local cjson = require("cjson.safe") local token = require("util.token") local perm = require("util.permissionfilter") @@ -86,7 +86,7 @@ function _M.addSystemUser(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合json - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) @@ -135,7 +135,7 @@ function _M.updateSystemUser(m) --获取请求数据 local body_data = ngx.req.get_body_data() -- 验证数据是否符合json - local ok = validatorJson.validatorJson(body_data) + local ok = validator.validateJson(body_data) --验证失败则返回 if not ok then local result = resp:json(0x000001) diff --git a/src/util/token.lua b/src/util/token.lua index c654bc2..1f41425 100644 --- a/src/util/token.lua +++ b/src/util/token.lua @@ -19,7 +19,7 @@ local schema = { --设置JWT的有效载荷 local obj = { - header = {typ="JWT", alg="HS256"}, + header = { typ = "JWT", alg = "HS256" }, payload = { -- 自定义数据 userid = "", -- 用户id username = "", -- 用户名 @@ -103,7 +103,7 @@ function _M.generate_access_token(priv_key, sub, client_id, scope) local payload = { --iss = OP_DOMAIN, sub = sub, - client_id = client_id, + aud = client_id, exp = now + access_token_ttl, iat = now, scope = scope, --"openid profile email" @@ -122,7 +122,7 @@ function _M.generate_refresh_token(priv_key, sub, client_id, scope) local payload = { --iss = OP_DOMAIN, sub = sub, - client_id = client_id, + aud = client_id, exp = now + refresh_token_ttl, iat = now, scope = scope, --"openid profile email" diff --git a/src/validator/oauth/oauth.lua b/src/validator/oauth/oauth.lua index e7bfb59..9c6333c 100644 --- a/src/validator/oauth/oauth.lua +++ b/src/validator/oauth/oauth.lua @@ -82,12 +82,15 @@ function _M.validateUserinfo(jsonData) return result end +--grant_type=refresh_token&refresh_token=fbde81ee-f419-42b1-1234-9191f1f95be9&client_id=demoClientId&client_secret=demoClientSecret local schemaRefresh = { type = "object", properties = { - Authorization = { type = "string" }, + grant_type = { type = "string" }, + client_id = { type = "string" }, + client_secret = { type = "string" }, }, - required = { "Authorization" } + required = { "grant_type", "client_id", "client_secret" } } --根据Refresh-Token刷新Access-Token diff --git a/src/validator/system/account.lua b/src/validator/system/account.lua index 821fd33..59561df 100644 --- a/src/validator/system/account.lua +++ b/src/validator/system/account.lua @@ -22,7 +22,7 @@ local schema = { required = { "name", "redirect_uris" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData) diff --git a/src/validator/system/application.lua b/src/validator/system/application.lua index f01ed0b..a6f47ed 100644 --- a/src/validator/system/application.lua +++ b/src/validator/system/application.lua @@ -23,7 +23,7 @@ local schema = { required = { "name", "redirect_uris" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData) diff --git a/src/validator/system/department.lua b/src/validator/system/department.lua index c0601d7..cc9b0eb 100644 --- a/src/validator/system/department.lua +++ b/src/validator/system/department.lua @@ -23,7 +23,7 @@ local schema = { required = { "name" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData) diff --git a/src/validator/system/permission.lua b/src/validator/system/permission.lua index 32ea93d..27ab208 100644 --- a/src/validator/system/permission.lua +++ b/src/validator/system/permission.lua @@ -20,7 +20,7 @@ local schema = { required = { "permission_name", "permission_code" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData) diff --git a/src/validator/system/position.lua b/src/validator/system/position.lua index 7f150fc..9f1217f 100644 --- a/src/validator/system/position.lua +++ b/src/validator/system/position.lua @@ -22,7 +22,7 @@ local schema = { required = { "post_id" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData) diff --git a/src/validator/system/role.lua b/src/validator/system/role.lua index 33256ef..70ccd6f 100644 --- a/src/validator/system/role.lua +++ b/src/validator/system/role.lua @@ -19,7 +19,7 @@ local schema = { required = { "role_name" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData) diff --git a/src/validator/system/user.lua b/src/validator/system/user.lua index 4c049dd..bed9aa8 100644 --- a/src/validator/system/user.lua +++ b/src/validator/system/user.lua @@ -22,7 +22,7 @@ local schema = { required = { "username", "phone", "email", "idcard" } } -function _M.validatorJson(jsonData) +function _M.validateJson(jsonData) -- 验证数据是否符合schema local validator = jsonschema.generate_validator(schema) local result = validator(jsonData)