From 9e22cde6bab5187eeba81ccebaeeb6785250c495 Mon Sep 17 00:00:00 2001
From: jsasg <735273025@qq.com>
Date: Tue, 15 Jul 2025 14:20:36 +0800
Subject: [PATCH] =?UTF-8?q?perf:=20openapi=20client=E6=8E=88=E6=9D=83?=
 =?UTF-8?q?=E8=BF=87=E6=9C=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/openapi/model/OAuthClientModel.php |  2 ++
 extend/oauth/OAuthStorage.php          | 14 ++++++++++----
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/app/openapi/model/OAuthClientModel.php b/app/openapi/model/OAuthClientModel.php
index dc126189..7a00c1ef 100644
--- a/app/openapi/model/OAuthClientModel.php
+++ b/app/openapi/model/OAuthClientModel.php
@@ -20,6 +20,8 @@ class OAuthClientModel extends Model
         'client_secret' => 'string',
         'redirect_uri'  => 'string',
         'enabled'       => 'int',
+        'expired_at'    => 'datetime',
+        'remark'        => 'string',
         'created_at'    => 'datetime',
         'updated_at'    => 'datetime',
         'deleted_at'    => 'datetime'
diff --git a/extend/oauth/OAuthStorage.php b/extend/oauth/OAuthStorage.php
index ade0f5d7..a303fb33 100644
--- a/extend/oauth/OAuthStorage.php
+++ b/extend/oauth/OAuthStorage.php
@@ -78,15 +78,18 @@ class OAuthStorage implements IOAuth2GrantCode, IOAuth2RefreshTokens, IOAuth2Gra
     public function getClient($client_id): IOAuth2Client
     {
         // 实现获取客户端的逻辑
-        $ret = OAuthClientModel::clientId($client_id)->find();
-        if (is_null($ret)) {
+        $client = OAuthClientModel::clientId($client_id)->find();
+        if (is_null($client)) {
             throw new \Exception('客户端不存在');
         }
-        if ($ret->enabled != 1) {
+        if ($client->enabled != 1) {
             throw new \Exception('客户端已禁用');
         }
+        if (strtotime($client->expired_at) < time()) {
+            throw new \Exception('client_id 授权已过期');
+        }
 
-        return new OAuth2Client($ret->client_id, $ret->client_secret, [$ret->redirect_uri]);
+        return new OAuth2Client($client->client_id, $client->client_secret, [$client->redirect_uri]);
     }
 
     public function checkClientCredentials(IOAuth2Client $client, $client_secret = null): bool
@@ -96,6 +99,9 @@ class OAuthStorage implements IOAuth2GrantCode, IOAuth2RefreshTokens, IOAuth2Gra
         if (is_null($client)) {
             return false;
         }
+        if (strtotime($client->expired_at) < time()) {
+            throw new \Exception('client_id 授权已过期');
+        }
 
         return $client->client_secret == hash('sha1', $client->client_id . $client_secret . $this->salt);
     }