jsasg/orico-official-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

perf: openapi client授权过期

Browse Source
This commit is contained in:
jsasg
2025-07-15 14:20:36 +08:00
parent f27ff975b4
commit dcf0c88408
2 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/openapi/model/OAuthClientModel.php
View File

@@ -20,6 +20,8 @@ class OAuthClientModel extends Model
'client_secret' => 'string', 'client_secret' => 'string',
'redirect_uri' => 'string', 'redirect_uri' => 'string',
'enabled' => 'int', 'enabled' => 'int',
'expired_at' => 'datetime',
'remark' => 'string',
'created_at' => 'datetime', 'created_at' => 'datetime',
'updated_at' => 'datetime', 'updated_at' => 'datetime',
'deleted_at' => 'datetime' 'deleted_at' => 'datetime'

14
extend/oauth/OAuthStorage.php
View File

@@ -78,15 +78,18 @@ class OAuthStorage implements IOAuth2GrantCode, IOAuth2RefreshTokens, IOAuth2Gra
public function getClient($client_id): IOAuth2Client public function getClient($client_id): IOAuth2Client
{ {
// 实现获取客户端的逻辑 // 实现获取客户端的逻辑
$ret = OAuthClientModel::clientId($client_id)->find(); $client = OAuthClientModel::clientId($client_id)->find();
if (is_null($ret)) { if (is_null($client)) {
throw new \Exception('客户端不存在'); throw new \Exception('客户端不存在');
} }
if ($ret->enabled != 1) { if ($client->enabled != 1) {
throw new \Exception('客户端已禁用'); throw new \Exception('客户端已禁用');
} }
if (strtotime($client->expired_at) < time()) {
throw new \Exception('client_id 授权已过期');
}
return new OAuth2Client($ret->client_id, $ret->client_secret, [$ret->redirect_uri]); return new OAuth2Client($client->client_id, $client->client_secret, [$client->redirect_uri]);
} }
public function checkClientCredentials(IOAuth2Client $client, $client_secret = null): bool public function checkClientCredentials(IOAuth2Client $client, $client_secret = null): bool
@@ -96,6 +99,9 @@ class OAuthStorage implements IOAuth2GrantCode, IOAuth2RefreshTokens, IOAuth2Gra
if (is_null($client)) { if (is_null($client)) {
return false; return false;
} }
if (strtotime($client->expired_at) < time()) {
throw new \Exception('client_id 授权已过期');
}
return $client->client_secret == hash('sha1', $client->client_id . $client_secret . $this->salt); return $client->client_secret == hash('sha1', $client->client_id . $client_secret . $this->salt);
} }