githubbadguy
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java
Lines changed: 11 additions & 0 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Authentication.java
Lines changed: 11 additions & 0 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java
Lines changed: 4 additions & 2 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/Permission.java
Lines changed: 4 additions & 2 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/DefaultAuthorizationAutoConfiguration.java
Lines changed: 1 addition & 4 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/DefaultAuthorizationAutoConfiguration.java
Lines changed: 1 addition & 4 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleAuthentication.java
Lines changed: 19 additions & 1 deletion b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimpleAuthentication.java
Lines changed: 19 additions & 1 deletion
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimplePermission.java
Lines changed: 11 additions & 3 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/SimplePermission.java
Lines changed: 11 additions & 3 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/ParsedToken.java
Lines changed: 4 additions & 0 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/ParsedToken.java
Lines changed: 4 additions & 0 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/ReactiveTokenAuthenticationSupplier.java
Lines changed: 32 additions & 0 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/ReactiveTokenAuthenticationSupplier.java
Lines changed: 32 additions & 0 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/SimpleParsedToken.java
Lines changed: 17 additions & 0 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/SimpleParsedToken.java
Lines changed: 17 additions & 0 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/TokenAuthenticationManager.java
Lines changed: 6 additions & 0 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/TokenAuthenticationManager.java
Lines changed: 6 additions & 0 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/redis/RedisTokenAuthenticationManager.java
Lines changed: 7 additions & 0 deletions b/‎hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/redis/RedisTokenAuthenticationManager.java
Lines changed: 7 additions & 0 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java
Lines changed: 0 additions & 6 deletions b/‎hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java
Lines changed: 0 additions & 6 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/OAuth2Exception.java
Lines changed: 3 additions & 2 deletions b/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/OAuth2Exception.java
Lines changed: 3 additions & 2 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/AccessToken.java
Lines changed: 10 additions & 6 deletions b/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/AccessToken.java
Lines changed: 10 additions & 6 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/AccessTokenManager.java
Lines changed: 3 additions & 1 deletion b/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/AccessTokenManager.java
Lines changed: 3 additions & 1 deletion
diff --git a/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2GrantService.java
Lines changed: 1 addition & 4 deletions b/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2GrantService.java
Lines changed: 1 addition & 4 deletions
diff --git a/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Response.java
Lines changed: 2 additions & 1 deletion b/‎hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Response.java
Lines changed: 2 additions & 1 deletion
@@ -22,6 +22,8 @@
 
 import java.io.Serializable;
 import java.util.*;
+import java.util.function.BiPredicate;
+import java.util.function.Predicate;
 import java.util.stream.Collectors;
 
 /**
@@ -207,4 +209,13 @@ default boolean hasPermission(String permissionId, Collection<String> actions) {
      */
     Authentication merge(Authentication source);
 
+    /**
+     * copy为新的权限信息
+     *
+     * @param permissionFilter 权限过滤
+     * @param dimension        维度过滤
+     * @return 新的权限信息
+     */
+    Authentication copy(BiPredicate<Permission, String> permissionFilter,
+                        Predicate<Dimension> dimension);
 }
@@ -153,7 +153,7 @@ default <T extends DataAccessConfig> Optional<T> findDataAccess(DataAccessPredic
      * @see FieldFilterDataAccessConfig#getFields()
      */
     default Optional<FieldFilterDataAccessConfig> findFieldFilter(String action) {
-        return findDataAccess(conf -> FieldFilterDataAccessConfig.class.isInstance(conf) && conf.getAction().equals(action));
+        return findDataAccess(conf -> conf instanceof FieldFilterDataAccessConfig && conf.getAction().equals(action));
     }
 
     /**
@@ -164,7 +164,7 @@ default Optional<FieldFilterDataAccessConfig> findFieldFilter(String action) {
      */
     default Set<String> findDenyFields(String action) {
         return findFieldFilter(action)
-                .filter(conf -> DENY_FIELDS.equals(conf.getType()))
+                .filter(conf -> DENY_FIELDS.equals(conf.getType().getId()))
                 .map(FieldFilterDataAccessConfig::getFields)
                 .orElseGet(Collections::emptySet);
     }
@@ -210,6 +210,8 @@ static Permission.DataAccessPredicate<ScopeDataAccessConfig> scope(String action
 
     Permission copy();
 
+    Permission copy(Predicate<String> actionFilter,Predicate<DataAccessConfig> dataAccessFilter);
+
     /**
      * 数据权限查找判断逻辑接口
      *
 
@@ -6,10 +6,7 @@
 import org.hswebframework.web.authorization.simple.builder.DataAccessConfigConverter;
 import org.hswebframework.web.authorization.simple.builder.SimpleAuthenticationBuilderFactory;
 import org.hswebframework.web.authorization.simple.builder.SimpleDataAccessConfigBuilderFactory;
-import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
-import org.hswebframework.web.authorization.token.UserTokenAuthenticationSupplier;
-import org.hswebframework.web.authorization.token.UserTokenReactiveAuthenticationSupplier;
-import org.hswebframework.web.authorization.token.UserTokenManager;
+import org.hswebframework.web.authorization.token.*;
 import org.hswebframework.web.authorization.twofactor.TwoFactorValidatorManager;
 import org.hswebframework.web.authorization.twofactor.defaults.DefaultTwoFactorValidatorManager;
 import org.hswebframework.web.convert.CustomMessageConverter;
 
@@ -23,7 +23,9 @@
 
 import java.io.Serializable;
 import java.util.*;
+import java.util.function.BiPredicate;
 import java.util.function.Function;
+import java.util.function.Predicate;
 import java.util.stream.Collectors;
 
 @Getter
@@ -40,9 +42,10 @@ public class SimpleAuthentication implements Authentication {
 
     private Map<String, Serializable> attributes = new HashMap<>();
 
-    public static Authentication of(){
+    public static Authentication of() {
         return new SimpleAuthentication();
     }
+
     @Override
     @SuppressWarnings("unchecked")
     public <T extends Serializable> Optional<T> getAttribute(String name) {
@@ -77,4 +80,19 @@ public SimpleAuthentication merge(Authentication authentication) {
         }
         return this;
     }
+
+    @Override
+    public Authentication copy(BiPredicate<Permission, String> permissionFilter,
+                               Predicate<Dimension> dimension) {
+        SimpleAuthentication authentication = new SimpleAuthentication();
+        authentication.setUser(user);
+        authentication.setDimensions(dimensions.stream().filter(dimension).collect(Collectors.toList()));
+        authentication.setPermissions(permissions
+                .stream()
+                .map(permission -> permission.copy(action -> permissionFilter.test(permission, action), conf -> true))
+                .filter(per -> !per.getActions().isEmpty())
+                .collect(Collectors.toList())
+        );
+        return authentication;
+    }
 }
@@ -5,6 +5,8 @@
 import org.hswebframework.web.authorization.access.DataAccessConfig;
 
 import java.util.*;
+import java.util.function.Predicate;
+import java.util.stream.Collectors;
 
 /**
  * @author zhouhao
@@ -42,16 +44,22 @@ public Set<DataAccessConfig> getDataAccesses() {
         return dataAccesses;
     }
 
-    public Permission copy() {
+    @Override
+    public Permission copy(Predicate<String> actionFilter,
+                           Predicate<DataAccessConfig> dataAccessFilter) {
         SimplePermission permission = new SimplePermission();
 
         permission.setId(id);
         permission.setName(name);
-        permission.setActions(new HashSet<>(getActions()));
-        permission.setDataAccesses(new HashSet<>(getDataAccesses()));
+        permission.setActions(getActions().stream().filter(actionFilter).collect(Collectors.toSet()));
+        permission.setDataAccesses(getDataAccesses().stream().filter(dataAccessFilter).collect(Collectors.toSet()));
         if (options != null) {
             permission.setOptions(new HashMap<>(options));
         }
         return permission;
     }
+
+    public Permission copy() {
+        return copy(action -> true, conf -> true);
+    }
 }
@@ -15,4 +15,8 @@ public interface ParsedToken {
      * @return 令牌类型
      */
     String getType();
+
+    static ParsedToken of(String type, String token) {
+        return SimpleParsedToken.of(type, token);
+    }
 }
@@ -0,0 +1,32 @@
+package org.hswebframework.web.authorization.token;
+
+import lombok.AllArgsConstructor;
+import org.hswebframework.web.authorization.Authentication;
+import org.hswebframework.web.authorization.ReactiveAuthenticationSupplier;
+import org.hswebframework.web.context.ContextKey;
+import org.hswebframework.web.context.ContextUtils;
+import org.hswebframework.web.logger.ReactiveLogger;
+import reactor.core.publisher.Mono;
+
+@AllArgsConstructor
+public class ReactiveTokenAuthenticationSupplier implements ReactiveAuthenticationSupplier {
+
+    private final TokenAuthenticationManager tokenManager;
+
+    @Override
+    public Mono<Authentication> get(String userId) {
+        return Mono.empty();
+    }
+
+    @Override
+    public Mono<Authentication> get() {
+        return ContextUtils.reactiveContext()
+                .flatMap(context ->
+                        context.get(ContextKey.of(ParsedToken.class))
+                                .map(t -> tokenManager.getByToken(t.getToken()))
+                                .orElseGet(Mono::empty))
+                .flatMap(auth -> ReactiveLogger.mdc("userId", auth.getUser().getId())
+                        .then(ReactiveLogger.mdc("username", auth.getUser().getName()))
+                        .thenReturn(auth));
+    }
+}
@@ -0,0 +1,17 @@
+package org.hswebframework.web.authorization.token;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+@AllArgsConstructor(staticName = "of")
+public class SimpleParsedToken implements ParsedToken{
+
+    private String type;
+
+    private String token;
+
+
+}
@@ -31,4 +31,10 @@ public interface TokenAuthenticationManager {
      */
     Mono<Void> putAuthentication(String token, Authentication auth, Duration ttl);
 
+    /**
+     * 删除token
+     * @param token token
+     * @return void
+     */
+    Mono<Void> removeToken(String token);
 }
@@ -38,6 +38,13 @@ public Mono<Authentication> getByToken(String token) {
                 .get("token-auth:" + token);
     }
 
+    @Override
+    public Mono<Void> removeToken(String token) {
+        return operations
+                .delete(token)
+                .then();
+    }
+
     @Override
     public Mono<Void> putAuthentication(String token, Authentication auth, Duration ttl) {
         return ttl.isNegative()
 
@@ -17,11 +17,8 @@
 
 package org.hswebframework.web.authorization.basic.web;
 
-import io.swagger.annotations.ApiOperation;
-import io.swagger.annotations.ApiParam;
 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
-import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.SneakyThrows;
 import org.hswebframework.web.authorization.Authentication;
@@ -33,12 +30,10 @@
 import org.hswebframework.web.authorization.events.AuthorizationSuccessEvent;
 import org.hswebframework.web.authorization.exception.AuthenticationException;
 import org.hswebframework.web.authorization.exception.UnAuthorizedException;
-import org.hswebframework.web.authorization.simple.CompositeReactiveAuthenticationManager;
 import org.hswebframework.web.authorization.simple.PlainTextUsernamePasswordAuthenticationRequest;
 import org.hswebframework.web.logging.AccessLogger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
-import org.springframework.data.repository.query.Param;
 import org.springframework.http.MediaType;
 import org.springframework.util.Assert;
 import org.springframework.web.bind.annotation.*;
@@ -71,7 +66,6 @@ public Mono<Authentication> me() {
     }
 
     @PostMapping(value = "/login", consumes = MediaType.APPLICATION_JSON_VALUE)
-    @ApiOperation("用户名密码登录,json方式")
     @Authorize(ignore = true)
     @AccessLogger(ignore = true)
     @Operation(summary = "登录",description = "必要参数:username,password.根据配置不同,其他参数也不同,如:验证码等.")
 
@@ -1,13 +1,14 @@
 package org.hswebframework.web.oauth2;
 
 import lombok.Getter;
+import org.hswebframework.web.exception.BusinessException;
 
 @Getter
-public class OAuth2Exception extends RuntimeException {
+public class OAuth2Exception extends BusinessException {
     private final ErrorType type;
 
     public OAuth2Exception(ErrorType type) {
-        super(type.message());
+        super(type.message(), type.name(), type.code());
         this.type = type;
     }
 
 
@@ -2,23 +2,27 @@
 
 import com.fasterxml.jackson.annotation.JsonProperty;
 import io.swagger.v3.oas.annotations.media.Schema;
-import lombok.Getter;
-import lombok.Setter;
+import lombok.*;
 
 @Getter
 @Setter
+@AllArgsConstructor
+@NoArgsConstructor
+@ToString
 public class AccessToken extends OAuth2Response {
 
+    private static final long serialVersionUID = -6849794470754667710L;
+
     @Schema(name="access_token")
     @JsonProperty("access_token")
     private String accessToken;
 
-    @Schema(name="expires_in")
-    @JsonProperty("expires_in")
-    private int expiresIn;
-
     @Schema(name="refresh_token")
     @JsonProperty("refresh_token")
     private String refreshToken;
 
+    @Schema(name="expires_in")
+    @JsonProperty("expires_in")
+    private int expiresIn;
+
 }
@@ -7,7 +7,9 @@ public interface AccessTokenManager {
 
     Mono<Authentication> getAuthenticationByToken(String accessToken);
 
-    Mono<AccessToken> createAccessToken(String clientId, Authentication authentication);
+    Mono<AccessToken> createAccessToken(String clientId,
+                                        Authentication authentication,
+                                        boolean singleton);
 
     Mono<AccessToken> refreshAccessToken(String clientId, String refreshToken);
 
 
@@ -1,15 +1,12 @@
 package org.hswebframework.web.oauth2.server;
 
 
-import org.hswebframework.web.authorization.Authentication;
 import org.hswebframework.web.oauth2.server.code.AuthorizationCodeGranter;
-import reactor.core.publisher.Mono;
 
 public interface OAuth2GrantService {
 
-    AuthorizationCodeGranter code();
+    AuthorizationCodeGranter authorizationCode();
 
     ClientCredentialGranter clientCredential();
 
-    Mono<Authentication> grant(String scope, Authentication authentication);
 }
@@ -5,12 +5,13 @@
 import lombok.Getter;
 import lombok.Setter;
 
+import java.io.Serializable;
 import java.util.HashMap;
 import java.util.Map;
 
 @Getter
 @Setter
-public class OAuth2Response {
+public class OAuth2Response implements Serializable {
     @Hidden
     private Map<String,Object> parameters;
Original file line number	Diff line number	Diff line change
`@@ -15,4 +15,8 @@ public interface ParsedToken {`
`15`	`15`	`* @return 令牌类型`
`16`	`16`	`*/`
`17`	`17`	`String getType();`
	`18`	`+`
	`19`	`+ static ParsedToken of(String type, String token) {`
	`20`	`+ return SimpleParsedToken.of(type, token);`
	`21`	`+ }`
`18`	`22`	`}`