perf: openapi client授权过期

app/openapi/model/OAuthClientModel.php

@@ -20,6 +20,8 @@ class OAuthClientModel extends Model
         'client_secret' => 'string',
         'redirect_uri'  => 'string',
         'enabled'       => 'int',
+        'expired_at'    => 'datetime',
+        'remark'        => 'string',
         'created_at'    => 'datetime',
         'updated_at'    => 'datetime',
         'deleted_at'    => 'datetime'

extend/oauth/OAuthStorage.php

@@ -78,15 +78,18 @@ class OAuthStorage implements IOAuth2GrantCode, IOAuth2RefreshTokens, IOAuth2Gra
     public function getClient($client_id): IOAuth2Client
     {
         // 实现获取客户端的逻辑
-        $ret = OAuthClientModel::clientId($client_id)->find();
-        if (is_null($ret)) {
+        $client = OAuthClientModel::clientId($client_id)->find();
+        if (is_null($client)) {
             throw new \Exception('客户端不存在');
         }
-        if ($ret->enabled != 1) {
+        if ($client->enabled != 1) {
             throw new \Exception('客户端已禁用');
         }
+        if (strtotime($client->expired_at) < time()) {
+            throw new \Exception('client_id 授权已过期');
+        }
 
-        return new OAuth2Client($ret->client_id, $ret->client_secret, [$ret->redirect_uri]);
+        return new OAuth2Client($client->client_id, $client->client_secret, [$client->redirect_uri]);
     }
 
     public function checkClientCredentials(IOAuth2Client $client, $client_secret = null): bool
@@ -96,6 +99,9 @@ class OAuthStorage implements IOAuth2GrantCode, IOAuth2RefreshTokens, IOAuth2Gra
         if (is_null($client)) {
             return false;
         }
+        if (strtotime($client->expired_at) < time()) {
+            throw new \Exception('client_id 授权已过期');
+        }
 
         return $client->client_secret == hash('sha1', $client->client_id . $client_secret . $this->salt);
     }