From cf23ce4776bfe6f9fc7dc7598e37706506ff34d0 Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Tue, 21 May 2019 10:39:42 +0800
Subject: [PATCH 1/8] =?UTF-8?q?1=E3=80=81oauth=20sms=E7=99=BB=E5=BD=95?=
 =?UTF-8?q?=E7=9B=B8=E5=85=B3=E4=BF=AE=E6=94=B9=20AuthorizationServerConfi?=
 =?UTF-8?q?guration=20=E7=94=B1=E4=BA=8Eprivate=20List<TokenGranter>=20tok?=
 =?UTF-8?q?enGranters=E5=92=8CAuthorizationServerConfiguration=20=E8=BF=98?=
 =?UTF-8?q?=E6=9C=89=E4=B8=80=E4=B8=AA=E7=B1=BB=E5=AD=98=E5=9C=A8=E7=9B=B8?=
 =?UTF-8?q?=E4=BA=92=E4=BE=9D=E8=B5=96=EF=BC=8C=E5=AF=BC=E8=87=B4Authoriza?=
 =?UTF-8?q?tionServerConfiguration=20=E5=88=9D=E5=A7=8B=E5=8C=96=E6=97=B6?=
 =?UTF-8?q?=EF=BC=8C=E4=B8=8D=E8=83=BD=E8=8E=B7=E5=8F=96=E5=88=B0tokenGran?=
 =?UTF-8?q?ters=E5=AF=BC=E8=87=B4=E6=89=A9=E5=B1=95=E8=AE=A4=E8=AF=81?=
 =?UTF-8?q?=E6=96=B9=E5=BC=8F=E4=B8=8D=E8=83=BD=E6=88=90=E5=8A=9F=E6=B3=A8?=
 =?UTF-8?q?=E5=86=8C=EF=BC=8C=E6=89=80=E4=BB=A5=E4=BF=AE=E6=94=B9tokenGran?=
 =?UTF-8?q?ters=E7=9A=84=E9=85=8D=E7=BD=AE=E6=96=B9=E5=BC=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

2、oauth接口也增加token验证，与web接口保持一致才能登陆成功
---
 .../auth/common/client/app/SsoAuthClient.java | 229 +++++++++---------
 .../oauth2/sms/SmsAccessTokenProvider.java    | 153 ++++++------
 .../common/oauth2/sms/SmsResourceDetails.java |  72 +++---
 .../AuthorizationServerConfiguration.java     |  46 +++-
 .../cola-auth-oauth2-sms/pom.xml              |   6 -
 .../cola/sso/smaple/app/AuthController.java   |  96 ++++----
 .../app/ResourceServerConfiguration.java      |  50 ++--
 7 files changed, 351 insertions(+), 301 deletions(-)

diff --git a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
index 6dc8c61..c832545 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
@@ -1,114 +1,115 @@
-package com.honvay.cola.auth.common.client.app;
-
-import com.honvay.cola.auth.client.common.oauth2.ac.AcAccessTokenProvider;
-import com.honvay.cola.auth.client.common.oauth2.ac.AcResourceDetails;
-import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdAccessTokenProvider;
-import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdResourceDetails;
-import com.honvay.cola.auth.client.common.oauth2.sms.SmsAccessTokenProvider;
-import com.honvay.cola.auth.client.common.oauth2.sms.SmsResourceDetails;
-import com.honvay.cola.framework.core.protocol.Result;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
-import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
-import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-
-/**
- * @author LIQIU
- * created on 2018-11-27
- **/
-public class SsoAuthClient {
-
-	private SsoClientProperties properties;
-
-
-	public SsoAuthClient(SsoClientProperties properties) {
-		this.properties = properties;
-	}
-
-	/**
-	 * 登录
-	 *
-	 * @param username
-	 * @param password
-	 * @return
-	 */
-	public OAuth2AccessToken login(String username, String password) {
-		ResourceOwnerPasswordResourceDetails details = new ResourceOwnerPasswordResourceDetails();
-		details.setUsername(username);
-		details.setPassword(password);
-		details.setAccessTokenUri(this.properties.getAccessTokenUri());
-		details.setClientId(this.properties.getClientId());
-		details.setClientSecret(this.properties.getClientSecret());
-		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
-		auth2RestTemplate.setAccessTokenProvider(new ResourceOwnerPasswordAccessTokenProvider());
-		return auth2RestTemplate.getAccessToken();
-	}
-
-	/**
-	 * 退出
-	 *
-	 * @return
-	 */
-	public Result<String> logout() {
-		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(properties);
-		auth2RestTemplate.getForObject(properties.getRevokeTokenUri(), String.class);
-		return Result.success();
-	}
-
-	/**
-	 * openId登录
-	 *
-	 * @param openId   openid
-	 * @param provider 供应商
-	 * @return
-	 */
-	public OAuth2AccessToken loginByOpenId(String openId, String provider) {
-		OpenIdResourceDetails details = new OpenIdResourceDetails();
-		details.setOpenId(openId);
-		details.setProvider(provider);
-		details.setAccessTokenUri(this.properties.getAccessTokenUri());
-		details.setClientId(this.properties.getClientId());
-		details.setClientSecret(this.properties.getClientSecret());
-		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
-		auth2RestTemplate.setAccessTokenProvider(new OpenIdAccessTokenProvider());
-		return auth2RestTemplate.getAccessToken();
-	}
-
-	/**
-	 * 短信登录
-	 *
-	 * @param phoneNumber 手机号码
-	 * @param credential  验证码
-	 * @return
-	 */
-	public OAuth2AccessToken loginBySms(String phoneNumber, String credential) {
-		SmsResourceDetails details = new SmsResourceDetails();
-		details.setPhoneNumber(phoneNumber);
-		details.setCredential(credential);
-		details.setAccessTokenUri(this.properties.getAccessTokenUri());
-		details.setClientId(this.properties.getClientId());
-		details.setClientSecret(this.properties.getClientSecret());
-		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
-		auth2RestTemplate.setAccessTokenProvider(new SmsAccessTokenProvider());
-		return auth2RestTemplate.getAccessToken();
-	}
-
-	/**
-	 * 授权码登录
-	 *
-	 * @param authorizationCode 授权码
-	 * @param provider          第三方
-	 * @return
-	 */
-	public OAuth2AccessToken loginByAuthorizationCode(String authorizationCode, String provider) {
-		AcResourceDetails details = new AcResourceDetails();
-		details.setProvider(provider);
-		details.setAuthorizationCode(authorizationCode);
-		details.setAccessTokenUri(this.properties.getAccessTokenUri());
-		details.setClientId(this.properties.getClientId());
-		details.setClientSecret(this.properties.getClientSecret());
-		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
-		auth2RestTemplate.setAccessTokenProvider(new AcAccessTokenProvider());
-		return auth2RestTemplate.getAccessToken();
-	}
-}
+package com.honvay.cola.auth.common.client.app;
+
+import com.honvay.cola.auth.client.common.oauth2.ac.AcAccessTokenProvider;
+import com.honvay.cola.auth.client.common.oauth2.ac.AcResourceDetails;
+import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdAccessTokenProvider;
+import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdResourceDetails;
+import com.honvay.cola.auth.client.common.oauth2.sms.SmsAccessTokenProvider;
+import com.honvay.cola.auth.client.common.oauth2.sms.SmsResourceDetails;
+import com.honvay.cola.framework.core.protocol.Result;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
+import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+
+/**
+ * @author LIQIU
+ * created on 2018-11-27
+ **/
+public class SsoAuthClient {
+
+	private SsoClientProperties properties;
+
+
+	public SsoAuthClient(SsoClientProperties properties) {
+		this.properties = properties;
+	}
+
+	/**
+	 * 登录
+	 *
+	 * @param username
+	 * @param password
+	 * @return
+	 */
+	public OAuth2AccessToken login(String username, String password) {
+		ResourceOwnerPasswordResourceDetails details = new ResourceOwnerPasswordResourceDetails();
+		details.setUsername(username);
+		details.setPassword(password);
+		details.setAccessTokenUri(this.properties.getAccessTokenUri());
+		details.setClientId(this.properties.getClientId());
+		details.setClientSecret(this.properties.getClientSecret());
+		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
+		auth2RestTemplate.setAccessTokenProvider(new ResourceOwnerPasswordAccessTokenProvider());
+		return auth2RestTemplate.getAccessToken();
+	}
+
+	/**
+	 * 退出
+	 *
+	 * @return
+	 */
+	public Result<String> logout() {
+		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(properties);
+		auth2RestTemplate.getForObject(properties.getRevokeTokenUri(), String.class);
+		return Result.success();
+	}
+
+	/**
+	 * openId登录
+	 *
+	 * @param openId   openid
+	 * @param provider 供应商
+	 * @return
+	 */
+	public OAuth2AccessToken loginByOpenId(String openId, String provider) {
+		OpenIdResourceDetails details = new OpenIdResourceDetails();
+		details.setOpenId(openId);
+		details.setProvider(provider);
+		details.setAccessTokenUri(this.properties.getAccessTokenUri());
+		details.setClientId(this.properties.getClientId());
+		details.setClientSecret(this.properties.getClientSecret());
+		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
+		auth2RestTemplate.setAccessTokenProvider(new OpenIdAccessTokenProvider());
+		return auth2RestTemplate.getAccessToken();
+	}
+
+	/**
+	 * 短信登录
+	 *
+	 * @param phoneNumber 手机号码
+	 * @param credential  验证码
+	 * @return
+	 */
+	public OAuth2AccessToken loginBySms(String phoneNumber, String credential, String token) {
+		SmsResourceDetails details = new SmsResourceDetails();
+		details.setPhoneNumber(phoneNumber);
+		details.setCredential(credential);
+		details.setToken(token);
+		details.setAccessTokenUri(this.properties.getAccessTokenUri());
+		details.setClientId(this.properties.getClientId());
+		details.setClientSecret(this.properties.getClientSecret());
+		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
+		auth2RestTemplate.setAccessTokenProvider(new SmsAccessTokenProvider());
+		return auth2RestTemplate.getAccessToken();
+	}
+
+	/**
+	 * 授权码登录
+	 *
+	 * @param authorizationCode 授权码
+	 * @param provider          第三方
+	 * @return
+	 */
+	public OAuth2AccessToken loginByAuthorizationCode(String authorizationCode, String provider) {
+		AcResourceDetails details = new AcResourceDetails();
+		details.setProvider(provider);
+		details.setAuthorizationCode(authorizationCode);
+		details.setAccessTokenUri(this.properties.getAccessTokenUri());
+		details.setClientId(this.properties.getClientId());
+		details.setClientSecret(this.properties.getClientSecret());
+		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
+		auth2RestTemplate.setAccessTokenProvider(new AcAccessTokenProvider());
+		return auth2RestTemplate.getAccessToken();
+	}
+}
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsAccessTokenProvider.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsAccessTokenProvider.java
index cbd5b05..94eeb80 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsAccessTokenProvider.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsAccessTokenProvider.java
@@ -1,76 +1,77 @@
-package com.honvay.cola.auth.client.common.oauth2.sms;
-
-import org.springframework.http.HttpHeaders;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
-import org.springframework.security.oauth2.client.resource.UserApprovalRequiredException;
-import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
-import org.springframework.security.oauth2.client.token.AccessTokenProvider;
-import org.springframework.security.oauth2.client.token.AccessTokenRequest;
-import org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2RefreshToken;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-
-import java.util.Iterator;
-import java.util.List;
-
-/**
- * @author LIQIU
- * created on 2018-11-26
- **/
-public class SmsAccessTokenProvider  extends OAuth2AccessTokenSupport implements AccessTokenProvider {
-
-
-	@Override
-	public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException {
-		SmsResourceDetails resource = (SmsResourceDetails) details;
-		return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), new HttpHeaders());
-	}
-
-	@Override
-	public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
-		return resource.getClass().equals(SmsResourceDetails.class);
-	}
-
-	@Override
-	public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken, AccessTokenRequest request) throws UserRedirectRequiredException {
-		return null;
-	}
-
-	@Override
-	public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource) {
-		return supportsResource(resource);
-	}
-
-	private MultiValueMap<String, String> getParametersForTokenRequest(SmsResourceDetails resource, AccessTokenRequest request) {
-
-		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
-		form.set("grant_type", "sms");
-		form.set("phoneNumber", resource.getPhoneNumber());
-		form.set("credential", resource.getCredential());
-		form.putAll(request);
-
-		if (resource.isScoped()) {
-
-			StringBuilder builder = new StringBuilder();
-			List<String> scope = resource.getScope();
-
-			if (scope != null) {
-				Iterator<String> scopeIt = scope.iterator();
-				while (scopeIt.hasNext()) {
-					builder.append(scopeIt.next());
-					if (scopeIt.hasNext()) {
-						builder.append(' ');
-					}
-				}
-			}
-
-			form.set("scope", builder.toString());
-		}
-
-		return form;
-
-	}
-}
+package com.honvay.cola.auth.client.common.oauth2.sms;
+
+import org.springframework.http.HttpHeaders;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
+import org.springframework.security.oauth2.client.resource.UserApprovalRequiredException;
+import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
+import org.springframework.security.oauth2.client.token.AccessTokenProvider;
+import org.springframework.security.oauth2.client.token.AccessTokenRequest;
+import org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.OAuth2RefreshToken;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * @author LIQIU
+ * created on 2018-11-26
+ **/
+public class SmsAccessTokenProvider  extends OAuth2AccessTokenSupport implements AccessTokenProvider {
+
+
+	@Override
+	public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException {
+		SmsResourceDetails resource = (SmsResourceDetails) details;
+		return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), new HttpHeaders());
+	}
+
+	@Override
+	public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
+		return resource.getClass().equals(SmsResourceDetails.class);
+	}
+
+	@Override
+	public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken, AccessTokenRequest request) throws UserRedirectRequiredException {
+		return null;
+	}
+
+	@Override
+	public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource) {
+		return supportsResource(resource);
+	}
+
+	private MultiValueMap<String, String> getParametersForTokenRequest(SmsResourceDetails resource, AccessTokenRequest request) {
+
+		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
+		form.set("grant_type", "sms");
+		form.set("phoneNumber", resource.getPhoneNumber());
+		form.set("credential", resource.getCredential());
+		form.set("token", resource.getToken());
+		form.putAll(request);
+
+		if (resource.isScoped()) {
+
+			StringBuilder builder = new StringBuilder();
+			List<String> scope = resource.getScope();
+
+			if (scope != null) {
+				Iterator<String> scopeIt = scope.iterator();
+				while (scopeIt.hasNext()) {
+					builder.append(scopeIt.next());
+					if (scopeIt.hasNext()) {
+						builder.append(' ');
+					}
+				}
+			}
+
+			form.set("scope", builder.toString());
+		}
+
+		return form;
+
+	}
+}
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsResourceDetails.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsResourceDetails.java
index edd2f57..153bfd8 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsResourceDetails.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/sms/SmsResourceDetails.java
@@ -1,30 +1,42 @@
-package com.honvay.cola.auth.client.common.oauth2.sms;
-
-import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
-
-/**
- * @author LIQIU
- * created on 2018-11-27
- **/
-public class SmsResourceDetails extends BaseOAuth2ProtectedResourceDetails {
-
-	private String phoneNumber;
-
-	private String credential;
-
-	public String getPhoneNumber() {
-		return phoneNumber;
-	}
-
-	public void setPhoneNumber(String phoneNumber) {
-		this.phoneNumber = phoneNumber;
-	}
-
-	public String getCredential() {
-		return credential;
-	}
-
-	public void setCredential(String credential) {
-		this.credential = credential;
-	}
-}
+package com.honvay.cola.auth.client.common.oauth2.sms;
+
+import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
+
+/**
+ * @author LIQIU
+ * created on 2018-11-27
+ **/
+public class SmsResourceDetails extends BaseOAuth2ProtectedResourceDetails {
+
+	private String phoneNumber;
+
+	private String credential;
+	
+	private String token;
+
+	public String getPhoneNumber() {
+		return phoneNumber;
+	}
+
+	public void setPhoneNumber(String phoneNumber) {
+		this.phoneNumber = phoneNumber;
+	}
+
+	public String getCredential() {
+		return credential;
+	}
+
+	public void setCredential(String credential) {
+		this.credential = credential;
+	}
+
+	public String getToken() {
+		return token;
+	}
+
+	public void setToken(String token) {
+		this.token = token;
+	}
+	
+	
+}
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
index ff8564f..661c7ea 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
@@ -13,15 +13,23 @@ import org.springframework.security.oauth2.config.annotation.configurers.ClientD
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.CompositeTokenGranter;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.TokenGranter;
 import org.springframework.security.oauth2.provider.approval.ApprovalStore;
 import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
+import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
 import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
 import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
+import org.springframework.security.oauth2.provider.code.AuthorizationCodeTokenGranter;
 import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
 import org.springframework.security.oauth2.provider.endpoint.RedirectResolver;
+import org.springframework.security.oauth2.provider.implicit.ImplicitTokenGranter;
+import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;
+import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
@@ -29,7 +37,10 @@ import org.springframework.security.oauth2.provider.token.store.redis.RedisToken
 import com.honvay.cola.auth.oauth2.provider.client.CustomJdbcClientDetailsService;
 import com.honvay.cola.auth.oauth2.provider.endpoint.DefaultColaRedirectResolver;
 
+import javax.annotation.PostConstruct;
 import javax.sql.DataSource;
+
+import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -49,8 +60,13 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
 	@Autowired
 	private RedisConnectionFactory redisConnectionFactory;
 
-	@Autowired(required = false)
-	private List<TokenGranter> tokenGranters;
+	AuthorizationServerEndpointsConfigurer endpoints;
+	// @Autowired(required = false)
+//	private List<TokenGranter> tokenGranters;
+	
+//	public AuthorizationServerConfiguration (@Autowired(required = false) List<TokenGranter> tokenGranters){
+//		this.tokenGranters = tokenGranters;
+//	}
 
 	@Bean
 	public RedisTemplate<String, OAuth2Authentication> oauthRedisTemplate() {
@@ -109,7 +125,8 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
 				.authenticationManager(authenticationManager);
 		
 		endpoints.redirectResolver(redirectResolver());
-		this.configGranters(endpoints);
+		// this.configGranters(endpoints);
+		this.endpoints = endpoints;
 	}
 
 	/**
@@ -126,10 +143,25 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
 	 *
 	 * @param endpoints
 	 */
-	private void configGranters(AuthorizationServerEndpointsConfigurer endpoints) {
-		if (tokenGranters != null) {
-			CompositeTokenGranter compositeTokenGranter = (CompositeTokenGranter) endpoints.getTokenGranter();
-			tokenGranters.forEach(compositeTokenGranter::addTokenGranter);
+	@Configuration
+	class TokenGranterConfiguration {
+		
+		private List<TokenGranter> tokenGranters;
+		
+		TokenGranterConfiguration(@Autowired(required = false) List<TokenGranter> tokenGranters){
+			this.tokenGranters = tokenGranters;
 		}
+
+		@PostConstruct
+		private void configGranters() {
+			if (tokenGranters != null) {
+				List<TokenGranter> tgs = new ArrayList<TokenGranter>();
+				tgs.add(endpoints.getTokenGranter());
+				CompositeTokenGranter compositeTokenGranter = new CompositeTokenGranter(tgs);
+				tokenGranters.forEach(compositeTokenGranter::addTokenGranter);
+				endpoints.tokenGranter(compositeTokenGranter);
+			}
+		}
+
 	}
 }
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/pom.xml b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/pom.xml
index 8bfd175..b320f35 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/pom.xml
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/pom.xml
@@ -21,11 +21,5 @@
             <artifactId>spring-security-oauth2-autoconfigure</artifactId>
             <scope>provided</scope>
         </dependency>
-        <dependency>
-            <groupId>org.springframework.security.oauth</groupId>
-            <artifactId>spring-security-oauth2</artifactId>
-            <version>2.3.4.BUILD-SNAPSHOT</version>
-            <scope>compile</scope>
-        </dependency>
     </dependencies>
 </project>
\ No newline at end of file
diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/AuthController.java b/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/AuthController.java
index aecc417..4d866d8 100644
--- a/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/AuthController.java
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/AuthController.java
@@ -1,48 +1,48 @@
-package com.honvay.cola.sso.smaple.app;
-
-import com.honvay.cola.auth.common.client.app.SsoAuthClient;
-import com.honvay.cola.framework.core.protocol.Result;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-import java.security.Principal;
-
-/**
- * @author LIQIU
- * created on 2018-11-25
- **/
-@RestController
-public class AuthController {
-
-	@Autowired
-	private SsoAuthClient ssoAuthClient;
-
-
-	@GetMapping("/user")
-	public Principal principal(Principal principal) {
-		return principal;
-	}
-
-	@PostMapping("/login")
-	public OAuth2AccessToken login(String username, String password) {
-		return ssoAuthClient.login(username, password);
-	}
-
-	@GetMapping("/logout")
-	public Result<String> logout() {
-		return ssoAuthClient.logout();
-	}
-
-	@PostMapping("/loginByOpenId")
-	public OAuth2AccessToken loginByQQ(String openId, String provider) {
-		return ssoAuthClient.loginByOpenId(openId, provider);
-	}
-
-	@PostMapping("/loginBySms")
-	public OAuth2AccessToken loginBySms(String phoneNumber, String verificationCode) {
-		return ssoAuthClient.loginBySms(phoneNumber, verificationCode);
-	}
-}
+package com.honvay.cola.sso.smaple.app;
+
+import com.honvay.cola.auth.common.client.app.SsoAuthClient;
+import com.honvay.cola.framework.core.protocol.Result;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.security.Principal;
+
+/**
+ * @author LIQIU
+ * created on 2018-11-25
+ **/
+@RestController
+public class AuthController {
+
+	@Autowired
+	private SsoAuthClient ssoAuthClient;
+
+
+	@GetMapping("/user")
+	public Principal principal(Principal principal) {
+		return principal;
+	}
+
+	@PostMapping("/login")
+	public OAuth2AccessToken login(String username, String password) {
+		return ssoAuthClient.login(username, password);
+	}
+
+	@GetMapping("/logout")
+	public Result<String> logout() {
+		return ssoAuthClient.logout();
+	}
+
+	@PostMapping("/loginByOpenId")
+	public OAuth2AccessToken loginByQQ(String openId, String provider) {
+		return ssoAuthClient.loginByOpenId(openId, provider);
+	}
+
+	@PostMapping("/loginBySms")
+	public OAuth2AccessToken loginBySms(String phoneNumber, String verificationCode, String token) {
+		return ssoAuthClient.loginBySms(phoneNumber, verificationCode, token);
+	}
+}
diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/ResourceServerConfiguration.java b/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/ResourceServerConfiguration.java
index 061d8a9..f03c233 100644
--- a/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/ResourceServerConfiguration.java
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/ResourceServerConfiguration.java
@@ -1,21 +1,31 @@
-package com.honvay.cola.sso.smaple.app;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
-
-@Configuration
-@EnableResourceServer
-public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
-
-	@Override
-	public void configure(HttpSecurity http) throws Exception {
-		http.authorizeRequests()
-				.antMatchers("/login","/loginBySms","loginByOpenId").permitAll()
-				.anyRequest().authenticated();
-	}
-
+package com.honvay.cola.sso.smaple.app;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+
+@Configuration
+@EnableResourceServer
+public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
+
+	
+	@Value("${security.oauth2.resource.id:'oauth2-resource'}")
+	private String resource_id;
+
+	@Override
+	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+		resources.resourceId(resource_id).stateless(false);
+		super.configure(resources);
+	}
+	
+	@Override
+	public void configure(HttpSecurity http) throws Exception {
+		http.authorizeRequests()
+				.antMatchers("/login","/loginBySms","loginByOpenId").permitAll()
+				.anyRequest().authenticated();
+	}
+
 }
\ No newline at end of file
-- 
Gitee


From 208c9b8e6d909f56175a65dfa1441421a49c2ceb Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Tue, 21 May 2019 18:26:14 +0800
Subject: [PATCH 2/8] =?UTF-8?q?1=E3=80=81=E8=B0=83=E6=95=B4=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E8=A1=A8=E4=BF=A1=E6=81=AF=20=E5=A2=9E=E5=8A=A0accoun?=
 =?UTF-8?q?t=5Fexpired=5Ftime=20credentials=5Fexpired=5Ftime=20locked?=
 =?UTF-8?q?=E4=B8=89=E4=B8=AA=E5=AD=97=E6=AE=B5=202=E3=80=81=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0=E7=94=A8=E6=88=B7=E6=9D=83=E9=99=90=E4=BF=A1=E6=81=AF?=
 =?UTF-8?q?=E5=8A=A0=E8=BD=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../component/UserDetailsServiceImpl.java     | 35 +++++---
 .../auth/core/model/AuthenticatedUser.java    | 89 +++++++++++++++++--
 .../SmsUserDetailsServiceImpl.java            | 35 +++++---
 .../SocialUserDetailsServiceImpl.java         | 18 ++++
 .../com/honvay/cola/uc/api/UserService.java   | 11 +--
 .../cola/uc/api/enums/UserLockStatus.java     | 50 +++++++++++
 .../honvay/cola/uc/api/enums/UserStatus.java  |  4 -
 .../cola/uc/api/model/UpdatePasswordDto.java  |  4 +-
 .../com/honvay/cola/uc/api/model/UserDto.java | 26 +++++-
 .../honvay/cola/uc/provider/domain/User.java  | 17 +++-
 .../uc/provider/impl/UserServiceImpl.java     | 16 ++--
 .../provider/repository/UserRepository.java   |  3 +-
 sql/cola.sql                                  |  3 +
 13 files changed, 261 insertions(+), 50 deletions(-)
 create mode 100644 cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserLockStatus.java

diff --git a/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/component/UserDetailsServiceImpl.java b/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/component/UserDetailsServiceImpl.java
index 8223789..ce995c3 100644
--- a/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/component/UserDetailsServiceImpl.java
+++ b/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/component/UserDetailsServiceImpl.java
@@ -2,8 +2,12 @@ package com.honvay.cola.auth.base.component;
 
 import com.honvay.cola.auth.core.model.AuthenticatedUser;
 import com.honvay.cola.uc.api.UserService;
+import com.honvay.cola.uc.api.enums.UserLockStatus;
 import com.honvay.cola.uc.api.enums.UserStatus;
 import com.honvay.cola.uc.api.model.UserDto;
+
+import java.time.LocalDateTime;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -32,15 +36,26 @@ public class UserDetailsServiceImpl implements UserDetailsService {
 	}
 
 	private AuthenticatedUser buildAuthenticatedUser(UserDto user) {
-		return AuthenticatedUser.builder()
-				.id(user.getId())
-				.username(user.getUsername())
-				.password(user.getPassword())
-				.phoneNumber(user.getPhoneNumber())
-				.email(user.getEmail())
-				.avatar(user.getAvatar())
-				.locked(UserStatus.LOCKED.getValue().equals(user.getStatus()))
-				.enable(UserStatus.ACTIVE.getValue().equals(user.getStatus()))
-				.build();
+		AuthenticatedUser authenticatedUser = new AuthenticatedUser();
+		authenticatedUser.setId(user.getId());
+		authenticatedUser.setUsername(user.getUsername());
+		authenticatedUser.setPassword(user.getPassword());
+		authenticatedUser.setPhoneNumber(user.getPhoneNumber());
+		authenticatedUser.setEmail(user.getEmail());
+		authenticatedUser.setAvatar(user.getAvatar());
+		authenticatedUser.setLocked(UserLockStatus.LOCKED.getValue().equals(user.getLocked()));
+		authenticatedUser.setEnable(UserStatus.ACTIVE.getValue().equals(user.getStatus()));
+		authenticatedUser.setAuthorities(user.getAuthorities());
+		
+		// 账号过期
+		if (null != user.getAccountExpiredTime() && LocalDateTime.now().isAfter(user.getAccountExpiredTime())) {
+			authenticatedUser.setAccountNonExpired(false);
+		}
+		
+		// 凭证过期、密码过期
+		if (null != user.getCredentialsExpiredTime() && LocalDateTime.now().isAfter(user.getCredentialsExpiredTime())) {
+			authenticatedUser.setCredentialsNonExpired(false);
+		}
+		return authenticatedUser;
 	}
 }
diff --git a/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java b/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java
index e450675..ce5d157 100644
--- a/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java
+++ b/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java
@@ -1,26 +1,26 @@
 package com.honvay.cola.auth.core.model;
 
 import lombok.AllArgsConstructor;
-import lombok.Builder;
-import lombok.Data;
 import lombok.NoArgsConstructor;
 import org.springframework.security.core.CredentialsContainer;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
+import java.io.Serializable;
 import java.util.Collection;
 
 /**
  * @author LIQIU
  * created on 2018-11-16
  **/
-@Data
-@Builder
 @AllArgsConstructor
 @NoArgsConstructor
 public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 
-	private Integer id;
+	private static final long serialVersionUID = -4307906491659815895L;
+	
+
+	private Serializable id;
 
 	/**
 	 * 用户名
@@ -50,6 +50,12 @@ public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 	private boolean locked;
 
 	private boolean enable;
+	
+	private boolean accountNonExpired = true;
+	private boolean credentialsNonExpired = true;
+	
+	private Collection<? extends GrantedAuthority> authorities;
+	
 
 	@Override
 	public void eraseCredentials() {
@@ -58,7 +64,7 @@ public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 
 	@Override
 	public Collection<? extends GrantedAuthority> getAuthorities() {
-		return null;
+		return authorities;
 	}
 
 	@Override
@@ -73,7 +79,7 @@ public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 
 	@Override
 	public boolean isAccountNonExpired() {
-		return true;
+		return accountNonExpired;
 	}
 
 	@Override
@@ -83,7 +89,7 @@ public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 
 	@Override
 	public boolean isCredentialsNonExpired() {
-		return true;
+		return credentialsNonExpired;
 	}
 
 	@Override
@@ -91,5 +97,72 @@ public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 		return enable;
 	}
 
+	public Serializable getId() {
+		return id;
+	}
+
+	public void setId(Serializable id) {
+		this.id = id;
+	}
+
+	public String getEmail() {
+		return email;
+	}
+
+	public void setEmail(String email) {
+		this.email = email;
+	}
+
+	public String getPhoneNumber() {
+		return phoneNumber;
+	}
+
+	public void setPhoneNumber(String phoneNumber) {
+		this.phoneNumber = phoneNumber;
+	}
+
+	public String getAvatar() {
+		return avatar;
+	}
+
+	public void setAvatar(String avatar) {
+		this.avatar = avatar;
+	}
+
+	public boolean isLocked() {
+		return locked;
+	}
+
+	public void setLocked(boolean locked) {
+		this.locked = locked;
+	}
+
+	public boolean isEnable() {
+		return enable;
+	}
+
+	public void setEnable(boolean enable) {
+		this.enable = enable;
+	}
 
+	public void setUsername(String username) {
+		this.username = username;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	public void setAccountNonExpired(boolean accountNonExpired) {
+		this.accountNonExpired = accountNonExpired;
+	}
+
+	public void setCredentialsNonExpired(boolean credentialsNonExpired) {
+		this.credentialsNonExpired = credentialsNonExpired;
+	}
+
+	public void setAuthorities(Collection<? extends GrantedAuthority> authorities) {
+		this.authorities = authorities;
+	}
+	
 }
diff --git a/cola-auth/cola-auth-sms/src/main/java/com/honvay/cola/auth/web/sms/userdetails/SmsUserDetailsServiceImpl.java b/cola-auth/cola-auth-sms/src/main/java/com/honvay/cola/auth/web/sms/userdetails/SmsUserDetailsServiceImpl.java
index 72a723a..10f3130 100644
--- a/cola-auth/cola-auth-sms/src/main/java/com/honvay/cola/auth/web/sms/userdetails/SmsUserDetailsServiceImpl.java
+++ b/cola-auth/cola-auth-sms/src/main/java/com/honvay/cola/auth/web/sms/userdetails/SmsUserDetailsServiceImpl.java
@@ -3,8 +3,12 @@ package com.honvay.cola.auth.web.sms.userdetails;
 import com.honvay.cola.auth.core.model.AuthenticatedUser;
 import com.honvay.cola.auth.web.sms.SmsUserDetailsService;
 import com.honvay.cola.uc.api.UserService;
+import com.honvay.cola.uc.api.enums.UserLockStatus;
 import com.honvay.cola.uc.api.enums.UserStatus;
 import com.honvay.cola.uc.api.model.UserDto;
+
+import java.time.LocalDateTime;
+
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
@@ -27,17 +31,28 @@ public class SmsUserDetailsServiceImpl implements SmsUserDetailsService {
 		if (userDto == null) {
 			throw new UsernameNotFoundException("User " + phoneNumber + " can not be found");
 		}
+		
+		
+		AuthenticatedUser authenticatedUser = new AuthenticatedUser();
+		authenticatedUser.setId(userDto.getId());
+		authenticatedUser.setUsername(userDto.getUsername());
+		authenticatedUser.setPassword(userDto.getPassword());
+		authenticatedUser.setPhoneNumber(userDto.getPhoneNumber());
+		authenticatedUser.setEmail(userDto.getEmail());
+		authenticatedUser.setAvatar(userDto.getAvatar());
+		authenticatedUser.setEnable(UserStatus.ACTIVE.getValue().equals(userDto.getStatus()));
+		authenticatedUser.setLocked(UserLockStatus.LOCKED.getValue().equals(userDto.getLocked()));
+		authenticatedUser.setAuthorities(userDto.getAuthorities());
+		
+		// 账号过期
+		if (null != userDto.getAccountExpiredTime() && LocalDateTime.now().isAfter(userDto.getAccountExpiredTime())) {
+			authenticatedUser.setAccountNonExpired(false);
+		}
+		
+		// 凭证不过期
+		authenticatedUser.setCredentialsNonExpired(true);
 
-		return AuthenticatedUser.builder()
-				.id(userDto.getId())
-				.username(userDto.getUsername())
-				.password(userDto.getPassword())
-				.phoneNumber(userDto.getPhoneNumber())
-				.email(userDto.getEmail())
-				.avatar(userDto.getAvatar())
-				.locked(UserStatus.LOCKED.getValue().equals(userDto.getStatus()))
-				.enable(UserStatus.ACTIVE.getValue().equals(userDto.getStatus()))
-				.build();
+		return authenticatedUser;
 
 	}
 
diff --git a/cola-auth/cola-auth-social/cola-auth-social-base/src/main/java/com/honvay/cola/auth/social/core/userdetails/SocialUserDetailsServiceImpl.java b/cola-auth/cola-auth-social/cola-auth-social-base/src/main/java/com/honvay/cola/auth/social/core/userdetails/SocialUserDetailsServiceImpl.java
index 610f1b8..8832d13 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-base/src/main/java/com/honvay/cola/auth/social/core/userdetails/SocialUserDetailsServiceImpl.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-base/src/main/java/com/honvay/cola/auth/social/core/userdetails/SocialUserDetailsServiceImpl.java
@@ -2,7 +2,12 @@ package com.honvay.cola.auth.social.core.userdetails;
 
 import com.honvay.cola.auth.social.core.SocialAuthenticatedUser;
 import com.honvay.cola.uc.api.UserService;
+import com.honvay.cola.uc.api.enums.UserLockStatus;
+import com.honvay.cola.uc.api.enums.UserStatus;
 import com.honvay.cola.uc.api.model.UserDto;
+
+import java.time.LocalDateTime;
+
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.social.security.SocialUserDetails;
 import org.springframework.social.security.SocialUserDetailsService;
@@ -38,6 +43,19 @@ public class SocialUserDetailsServiceImpl implements SocialUserDetailsService {
 		socialSsoUser.setEmail(user.getEmail());
 		socialSsoUser.setPhoneNumber(user.getPhoneNumber());
 		socialSsoUser.setAvatar(user.getAvatar());
+		
+		
+		socialSsoUser.setLocked(UserLockStatus.LOCKED.getValue().equals(user.getLocked()));
+		socialSsoUser.setEnable(UserStatus.ACTIVE.getValue().equals(user.getStatus()));
+		socialSsoUser.setAuthorities(user.getAuthorities());
+		
+		// 账号过期
+		if (null != user.getAccountExpiredTime() && LocalDateTime.now().isAfter(user.getAccountExpiredTime())) {
+			socialSsoUser.setAccountNonExpired(false);
+		}
+		
+		// 凭证过期  设置凭证不过期
+		socialSsoUser.setCredentialsNonExpired(true);
 		return socialSsoUser;
 	}
 
diff --git a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/UserService.java b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/UserService.java
index 0e16d0f..c3c85cd 100644
--- a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/UserService.java
+++ b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/UserService.java
@@ -1,10 +1,11 @@
 package com.honvay.cola.uc.api;
 
+import java.io.Serializable;
+
 import com.honvay.cola.uc.api.model.UpdatePasswordDto;
 import com.honvay.cola.uc.api.model.UserAddDto;
 import com.honvay.cola.uc.api.model.UserDto;
 
-import java.util.Optional;
 
 /**
  * @author LIQIU
@@ -23,14 +24,14 @@ public interface UserService {
 	 *
 	 * @param id 用户ID
 	 */
-	void lock(Integer id);
+	void lock(Serializable id);
 
 	/**
 	 * 解锁用户
 	 *
 	 * @param id 用户ID
 	 */
-	void unlock(Integer id);
+	void unlock(Serializable id);
 
 	/**
 	 * 添加用户
@@ -62,7 +63,7 @@ public interface UserService {
 	 * @param id 用户ID
 	 * @return 用户信息
 	 */
-	UserDto getById(Integer id);
+	UserDto getById(Serializable id);
 
 	/**
 	 * 处理登录成功
@@ -87,5 +88,5 @@ public interface UserService {
 	 * @param id          用户ID
 	 * @param phoneNumber 手机号
 	 */
-	void updatePhoneNumber(Integer id, String phoneNumber);
+	void updatePhoneNumber(Serializable id, String phoneNumber);
 }
diff --git a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserLockStatus.java b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserLockStatus.java
new file mode 100644
index 0000000..003e8cb
--- /dev/null
+++ b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserLockStatus.java
@@ -0,0 +1,50 @@
+package com.honvay.cola.uc.api.enums;
+
+/**
+ * 用户账号锁定状态枚举
+ *
+ * @author LIQIU
+ * created on 2018-11-16
+ **/
+public enum UserLockStatus {
+
+	/**
+	 * 正常状态
+	 */
+	UNLOCKED("正常", 0),
+	/**
+	 * 锁定状态
+	 */
+	LOCKED("锁定", 1);
+
+	UserLockStatus(String name, Integer value) {
+		this.name = name;
+		this.value = value;
+	}
+
+	/**
+	 * 状态名称
+	 */
+	private String name;
+
+	/**
+	 * 状态值
+	 */
+	private Integer value;
+
+	public String getName() {
+		return name;
+	}
+
+	public void setName(String name) {
+		this.name = name;
+	}
+
+	public Integer getValue() {
+		return value;
+	}
+
+	public void setValue(Integer value) {
+		this.value = value;
+	}
+}
diff --git a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserStatus.java b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserStatus.java
index a254059..345fccd 100644
--- a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserStatus.java
+++ b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/enums/UserStatus.java
@@ -12,10 +12,6 @@ public enum UserStatus {
 	 * 正常状态
 	 */
 	ACTIVE("正常", 1),
-	/**
-	 * 锁定状态
-	 */
-	LOCKED("锁定", 2),
 	/**
 	 * 失效状态
 	 */
diff --git a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UpdatePasswordDto.java b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UpdatePasswordDto.java
index 485d295..6383db4 100644
--- a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UpdatePasswordDto.java
+++ b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UpdatePasswordDto.java
@@ -4,6 +4,8 @@ import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
+import java.io.Serializable;
+
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.Size;
 
@@ -16,7 +18,7 @@ import javax.validation.constraints.Size;
 public class UpdatePasswordDto {
 
 	@ApiModelProperty(name = "用户ID", required = true)
-	private Integer id;
+	private Serializable id;
 
 	@NotEmpty(message = "原密码不能为空")
 	@ApiModelProperty(name = "原密码", required = true)
diff --git a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UserDto.java b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UserDto.java
index b94ce2e..f6253ef 100644
--- a/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UserDto.java
+++ b/cola-user/cola-user-api/src/main/java/com/honvay/cola/uc/api/model/UserDto.java
@@ -6,7 +6,10 @@ import lombok.Data;
 import lombok.NoArgsConstructor;
 
 import javax.validation.constraints.NotNull;
-import javax.validation.constraints.Pattern;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+import java.util.Collection;
 import java.util.Date;
 
 /**
@@ -22,7 +25,7 @@ public class UserDto {
 	/**
 	 * ID
 	 */
-	private Integer id;
+	private Serializable id;
 
 	/**
 	 * 用户名
@@ -78,8 +81,25 @@ public class UserDto {
 	private Integer loginFailTimes;
 
 	/**
-	 * 状态： 1、正常 2、锁定 3、失效
+	 * 状态： 1、正常    3、失效
 	 */
 	private Integer status;
+	
+	
+	/**
+	 * 锁定状态
+	 * 0、未锁定
+	 * 1、锁定
+	 */
+	private Integer locked;
+	
+	private LocalDateTime accountExpiredTime;
+	
+	private LocalDateTime credentialsExpiredTime;
+	
+	/**
+	 * 	private Collection<? extends GrantedAuthority> authorities;
+	 */
+	private Collection authorities;
 
 }
diff --git a/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/domain/User.java b/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/domain/User.java
index 9f252ba..27eba06 100644
--- a/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/domain/User.java
+++ b/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/domain/User.java
@@ -8,6 +8,8 @@ import lombok.NoArgsConstructor;
 import javax.persistence.*;
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotNull;
+
+import java.time.LocalDateTime;
 import java.util.Date;
 
 /**
@@ -31,7 +33,7 @@ public class User {
 	 */
 	@Id
 	@GeneratedValue(strategy = GenerationType.IDENTITY)
-	private Integer id;
+	private String id;
 
 	/**
 	 * 用户名
@@ -104,4 +106,17 @@ public class User {
 	 */
 	@Column(length = 2)
 	private Integer status;
+	
+	/**
+	 * 锁定状态
+	 * 0、未锁定
+	 * 1、锁定
+	 */
+	@Column(length = 2)
+	private Integer locked;
+	
+	
+	private LocalDateTime accountExpiredTime;
+	
+	private LocalDateTime credentialsExpiredTime;
 }
diff --git a/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/impl/UserServiceImpl.java b/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/impl/UserServiceImpl.java
index 12a1065..316d619 100644
--- a/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/impl/UserServiceImpl.java
+++ b/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/impl/UserServiceImpl.java
@@ -6,6 +6,7 @@ import com.honvay.cola.sc.api.PasswordStrategy;
 import com.honvay.cola.sc.api.exception.PasswordInvalidException;
 import com.honvay.cola.uc.api.UserService;
 import com.honvay.cola.uc.api.enums.UserErrorMessage;
+import com.honvay.cola.uc.api.enums.UserLockStatus;
 import com.honvay.cola.uc.api.enums.UserStatus;
 import com.honvay.cola.uc.api.model.UpdatePasswordDto;
 import com.honvay.cola.uc.api.model.UserAddDto;
@@ -22,6 +23,7 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
+import java.io.Serializable;
 import java.util.Date;
 
 /**
@@ -62,15 +64,15 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
 	}
 
 	@Override
-	public void lock(Integer id) {
+	public void lock(Serializable id) {
 		User user = userRepository.findById(id).orElseThrow(() -> new ServiceException(UserErrorMessage.USER_NOT_EXISTS));
-		ServiceAssert.isTrue(user.getStatus().equals(UserStatus.LOCKED.getValue()), UserErrorMessage.USER_STATUS_ILLEGAL);
-		user.setStatus(UserStatus.LOCKED.getValue());
+		ServiceAssert.isTrue(user.getStatus().equals(UserLockStatus.LOCKED.getValue()), UserErrorMessage.USER_STATUS_ILLEGAL);
+		user.setLocked(UserLockStatus.LOCKED.getValue());
 		this.userRepository.save(user);
 	}
 
 	@Override
-	public void unlock(Integer id) {
+	public void unlock(Serializable id) {
 		User user = userRepository.findById(id).orElseThrow(() -> new ServiceException(UserErrorMessage.USER_NOT_EXISTS));
 		user.setStatus(UserStatus.ACTIVE.getValue());
 		this.userRepository.save(user);
@@ -140,7 +142,7 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
 			loginFailTimes++;
 			//超过限定次数则锁定用户
 			if (loginFailTimes >= loginFailTimesToLock) {
-				user.setStatus(UserStatus.LOCKED.getValue());
+				user.setLocked(UserLockStatus.LOCKED.getValue());
 				user.setLoginFailTimes(0);
 			} else {
 				user.setLoginFailTimes(loginFailTimes);
@@ -150,7 +152,7 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
 	}
 
 	@Override
-	public UserDto getById(Integer id) {
+	public UserDto getById(Serializable id) {
 		return this.userRepository.findById(id).map(user -> {
 			UserDto userDto = new UserDto();
 			BeanUtils.copyProperties(user, userDto);
@@ -179,7 +181,7 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
 	}
 
 	@Override
-	public void updatePhoneNumber(Integer id, String phoneNumber) {
+	public void updatePhoneNumber(Serializable id, String phoneNumber) {
 		User user = this.userRepository.findById(id).orElseThrow(() -> new ServiceException(UserErrorMessage.USER_NOT_EXISTS));
 		user.setPhoneNumber(phoneNumber);
 		this.userRepository.save(user);
diff --git a/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/repository/UserRepository.java b/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/repository/UserRepository.java
index 7a0b469..a53dddb 100644
--- a/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/repository/UserRepository.java
+++ b/cola-user/cola-user-provider/src/main/java/com/honvay/cola/uc/provider/repository/UserRepository.java
@@ -3,13 +3,14 @@ package com.honvay.cola.uc.provider.repository;
 import com.honvay.cola.uc.provider.domain.User;
 import org.springframework.data.jpa.repository.JpaRepository;
 
+import java.io.Serializable;
 import java.util.Optional;
 
 /**
  * @author LIQIU
  * created on 2018-11-16
  **/
-public interface UserRepository extends JpaRepository<User, Integer> {
+public interface UserRepository extends JpaRepository<User, Serializable> {
 
 	/**
 	 * 通过用户名查找用户
diff --git a/sql/cola.sql b/sql/cola.sql
index 4f9bec5..2e4a271 100644
--- a/sql/cola.sql
+++ b/sql/cola.sql
@@ -34,8 +34,11 @@ CREATE TABLE `cola_user` (
   `password` varchar(100) NOT NULL,
   `phone_number` varchar(100) DEFAULT NULL,
   `status` varchar(2) DEFAULT NULL,
+  `locked` varchar(2) DEFAULT NULL,
   `username` varchar(100) NOT NULL,
   `gender` varchar(2) DEFAULT NULL,
+  `account_expired_time` DATETIME NULL,
+  `credentials_expired_time` DATETIME NULL,
   PRIMARY KEY (`id`),
   UNIQUE KEY `uni_ias_user_username` (`username`),
   UNIQUE KEY `uni_ias_user_email` (`email`),
-- 
Gitee


From 80e49e9a5799dcc4a1d0a0d7ed08ea3a19bec5aa Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Thu, 23 May 2019 14:50:56 +0800
Subject: [PATCH 3/8] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E8=B7=AF=E5=BE=84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/main/resources/templates/error.html               | 2 +-
 .../src/main/resources/templates/form.html                | 6 +++---
 .../src/main/resources/templates/index.html               | 8 ++++----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/error.html b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/error.html
index 7c7593a..81ffca4 100644
--- a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/error.html
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/error.html
@@ -3,7 +3,7 @@
 <head>
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
     <title>系统错误</title>
-    <link rel="stylesheet" href="/webjars/bootstrap/3.3.2/css/bootstrap.min.css"/>
+    <link rel="stylesheet" th:href="@{'/webjars/bootstrap/3.3.2/css/bootstrap.min.css'}"/>
 </head>
 <body>
 <div class="container">
diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/form.html b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/form.html
index 8f4638b..8ba7594 100644
--- a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/form.html
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/form.html
@@ -3,9 +3,9 @@
 <head lang="en">
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
     <title>Client edit/add</title>
-    <link rel="stylesheet" href="/webjars/bootstrap/3.3.2/css/bootstrap.min.css"/>
-    <script src="/webjars/jquery/1.11.1/jquery.min.js"></script>
-    <script src="/webjars/bootstrap/3.3.2/js/bootstrap.min.js"></script>
+    <link rel="stylesheet" th:href="@{'/webjars/bootstrap/3.3.2/css/bootstrap.min.css'}"/>
+    <script th:src="@{'/webjars/jquery/1.11.1/jquery.min.js'}"></script>
+    <script th:src="@{'/webjars/bootstrap/3.3.2/js/bootstrap.min.js'}"></script>
     <script>
         $(function() {
             $('.glyphicon-question-sign').tooltip();
diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/index.html b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/index.html
index 832f1be..5fe4b38 100644
--- a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/index.html
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/resources/templates/index.html
@@ -5,7 +5,7 @@
 <head lang="en">
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
     <title>用户中心</title>
-    <link rel="stylesheet" href="webjars/bootstrap/3.3.2/css/bootstrap.min.css"/>
+    <link rel="stylesheet" th:href="@{'webjars/bootstrap/3.3.2/css/bootstrap.min.css'}"/>
 </head>
 <body>
 <div class="container">
@@ -33,14 +33,14 @@
                     <td th:text="${conn.connected}"></td>
                     <td th:text="${conn.displayName}"></td>
                     <td th:if="${!conn.connected}">
-                        <form th:action="'/connect/'+ ${conn.provider}" method="POST">
+                        <form th:action="@{'/connect/'+ ${conn.provider}}" method="POST">
                             <button type="submit" class="btn btn-default btn-xs">
                                 Connect
                             </button>
                         </form>
                     </td>
                     <td th:if="${conn.connected}">
-                        <form th:action="'/connect/'+ ${conn.provider}" method="POST">
+                        <form th:action="@{'/connect/'+ ${conn.provider}}" method="POST">
                             <input type="hidden" name="_method" value="DELETE">
                             <button type="submit" class="btn btn-default btn-xs">
                                 Disconnect
@@ -65,7 +65,7 @@
                     <td th:text="${app.scope}"></td>
                     <td th:text="${app.expiresAt}"></td>
                     <td>
-                        <form action="/approval/revoke" method="POST">
+                        <form th:action="@{/approval/revoke}" method="POST">
                             <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
                             <input type="hidden" name="userId" th:value="${app.userId}"/>
                             <input type="hidden" name="clientId" th:value="${app.clientId}"/>
-- 
Gitee


From 70f32f42fe0c9ca025d00fbe9ed8c1812665a2bd Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Thu, 30 May 2019 11:42:35 +0800
Subject: [PATCH 4/8] Merge branch 'master' of https://gitee.com/marj/cola

# Conflicts:
#	jenkins/Jenkinsfile
---
 .../auth/core/model/AuthenticatedUser.java    |  4 ++
 .../AuthorizationServerConfiguration.java     | 36 +++++++++---------
 jenkins/Jenkinsfile                           | 38 +++++++++++++++++++
 3 files changed, 60 insertions(+), 18 deletions(-)
 create mode 100644 jenkins/Jenkinsfile

diff --git a/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java b/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java
index ce5d157..5be7752 100644
--- a/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java
+++ b/cola-auth/cola-auth-core/src/main/java/com/honvay/cola/auth/core/model/AuthenticatedUser.java
@@ -54,6 +54,10 @@ public class AuthenticatedUser implements UserDetails, CredentialsContainer {
 	private boolean accountNonExpired = true;
 	private boolean credentialsNonExpired = true;
 	
+	/**
+	 *  这里目前有一个问题，在反序列化的时候GrantedAuthority由于是一个接口，所以在一些json反序列化的时候可能会失败！
+	 *  解决方法为在oauth client中自定义AuthenticatedUser对象删除authorities熟悉
+	 */
 	private Collection<? extends GrantedAuthority> authorities;
 	
 
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
index 661c7ea..029c3fe 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
@@ -1,5 +1,11 @@
 package com.honvay.cola.auth.oauth2.configuration;
 
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.annotation.PostConstruct;
+import javax.sql.DataSource;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.context.annotation.Bean;
@@ -13,23 +19,16 @@ import org.springframework.security.oauth2.config.annotation.configurers.ClientD
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
-import org.springframework.security.oauth2.provider.ClientDetailsService;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.CompositeTokenGranter;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
 import org.springframework.security.oauth2.provider.TokenGranter;
 import org.springframework.security.oauth2.provider.approval.ApprovalStore;
 import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
-import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;
 import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
 import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
-import org.springframework.security.oauth2.provider.code.AuthorizationCodeTokenGranter;
 import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
 import org.springframework.security.oauth2.provider.endpoint.RedirectResolver;
-import org.springframework.security.oauth2.provider.implicit.ImplicitTokenGranter;
-import org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;
-import org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;
-import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
@@ -37,12 +36,6 @@ import org.springframework.security.oauth2.provider.token.store.redis.RedisToken
 import com.honvay.cola.auth.oauth2.provider.client.CustomJdbcClientDetailsService;
 import com.honvay.cola.auth.oauth2.provider.endpoint.DefaultColaRedirectResolver;
 
-import javax.annotation.PostConstruct;
-import javax.sql.DataSource;
-
-import java.util.ArrayList;
-import java.util.List;
-
 /**
  * @author LIQIU
  */
@@ -104,10 +97,17 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
 	}
 	
 
-//    @Override
-//    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
-//        oauthServer.realm("spring-oauth-server").allowFormAuthenticationForClients();
-//    }
+    /**  
+     * allowFormAuthenticationForClients 允许client使用form的方式进行authentication的授权
+     * allowFormAuthenticationForClients 如果不设置在其他客户端使用表单提交的时候会返回401状态
+     * 
+     *  
+     * @see org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter#configure(org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer)
+     */
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
+        oauthServer.realm("spring-oauth-server").allowFormAuthenticationForClients();
+    }
     
 	@Bean
 	public JwtAccessTokenConverter accessTokenConverter() {
diff --git a/jenkins/Jenkinsfile b/jenkins/Jenkinsfile
new file mode 100644
index 0000000..7799863
--- /dev/null
+++ b/jenkins/Jenkinsfile
@@ -0,0 +1,38 @@
+def label = "maven-${UUID.randomUUID().toString()}"
+def mvnOpts = '-DskipTests '
+
+podTemplate(label: label, containers: [
+  containerTemplate(name: 'maven', image: 'maven:3-alpine', ttyEnabled: true, command: 'cat')
+  ], volumes: [
+  persistentVolumeClaim(mountPath: '/root/.m2', claimName: 'maven-home', readOnly: false)
+  ]) {
+
+  node(label) {
+    stage('Checkout') {
+      checkout scm
+    }
+	stage('check java') {
+        sh "java -version"
+    }
+	
+    stage('Release prepare') {
+      container('maven') {
+          sh "mvn -v"
+      }
+    }
+	
+	stage('clean') {
+	 container('maven') {
+        sh "mvn clean"
+      }		
+    }
+
+    stage('Release perform') {
+      container('maven') {
+          sh """
+          mvn ${mvnOpts} deploy 
+          """
+      }
+    }
+  }
+}
\ No newline at end of file
-- 
Gitee


From 457f4a754d2f4e67c28b4053117c2ed5c02af419 Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Fri, 31 May 2019 14:09:21 +0800
Subject: [PATCH 5/8] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E9=80=9A=E7=9F=A5?=
 =?UTF-8?q?=E4=B8=8D=E8=83=BD=E5=8F=91=E9=80=81=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/honvay/cola/nc/provider/NotificationDispatcher.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/cola-notify/cola-notify-provider/src/main/java/com/honvay/cola/nc/provider/NotificationDispatcher.java b/cola-notify/cola-notify-provider/src/main/java/com/honvay/cola/nc/provider/NotificationDispatcher.java
index 145da4e..923f2d2 100644
--- a/cola-notify/cola-notify-provider/src/main/java/com/honvay/cola/nc/provider/NotificationDispatcher.java
+++ b/cola-notify/cola-notify-provider/src/main/java/com/honvay/cola/nc/provider/NotificationDispatcher.java
@@ -20,6 +20,7 @@ import java.util.concurrent.*;
 @Slf4j
 public class NotificationDispatcher {
 
+	@SuppressWarnings("rawtypes")
 	private Map<Class<?>, NotificationExchanger> exchangers;
 
 	private ExecutorService executorService;
@@ -40,6 +41,7 @@ public class NotificationDispatcher {
 	 *
 	 * @param notification 通知参数
 	 */
+	@SuppressWarnings({ "rawtypes", "unchecked" })
 	public void dispatch(Notification notification) {
 		if (notification != null && exchangers != null) {
 			NotificationExchanger<?> exchanger = this.exchangers.get(notification.getClass());
@@ -52,10 +54,10 @@ public class NotificationDispatcher {
 	}
 
 	@Autowired(required = false)
-	private void initExchangers(List<NotificationExchanger> exchangers) {
+	private void initExchangers(@SuppressWarnings("rawtypes") List<NotificationExchanger> exchangers) {
 		this.exchangers = new HashMap<>(exchangers.size());
 		exchangers.forEach(exchanger -> {
-			ResolvableType resolvableType = ResolvableType.forClass(exchanger.getClass());
+			ResolvableType resolvableType = ResolvableType.forInstance(exchanger).as(NotificationExchanger.class);
 			Class<?> notificationClass = resolvableType.getGeneric(0).resolve();
 			this.exchangers.put(notificationClass, exchanger);
 		});
-- 
Gitee


From 12a232c954ddeca00ef3cf3ef4c3760149aa62a8 Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Sun, 9 Jun 2019 12:06:16 +0800
Subject: [PATCH 6/8] =?UTF-8?q?1=E3=80=81client=E4=B8=8D=E8=83=BD=E6=94=B6?=
 =?UTF-8?q?=E5=9B=9E=E6=9D=83=E9=99=90=E9=97=AE=E9=A2=98=E4=BF=AE=E5=A4=8D?=
 =?UTF-8?q?=202=E3=80=81oauth=20requestcontext=E5=88=9B=E5=BB=BA=E5=A4=B1?=
 =?UTF-8?q?=E8=B4=A5=E4=BF=AE=E5=A4=8D=203=E3=80=81token=E4=B8=8D=E4=BD=BF?=
 =?UTF-8?q?=E7=94=A8jwt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../honvay/cola/auth/base/utils/Utils.java    | 28 ---------------
 .../auth/common/client/app/SsoAuthClient.java |  8 +++--
 .../app/SsoClientAutoConfiguration.java       |  5 +--
 .../auth/client/common/SsoUserExtractor.java  |  2 --
 .../oauth2/ac/AcAccessTokenProvider.java      |  5 ---
 ...JwtAuthenticationSuccessEventListener.java |  4 ---
 .../AuthorizationServerConfiguration.java     | 19 +++++-----
 .../oauth2/controller/OAuth2Controller.java   |  6 +++-
 .../endpoint/DefaultColaRedirectResolver.java |  1 -
 .../social/alipay/api/impl/AlipayImpl.java    |  2 --
 .../AlipayOAuth2AuthenticationService.java    |  5 ---
 .../alipay/connect/AlipayOAuth2Template.java  |  2 --
 .../cola-auth-social-qq/pom.xml               |  1 -
 .../auth/social/SocialConnectionSignUp.java   |  2 --
 .../auth/social/SocialSignUpController.java   |  1 -
 .../social/SocialWebAutoConfiguration.java    |  1 -
 .../WebSessionConfiguration.java              |  1 -
 .../cola/sso/smaple/app/WebConfiguration.java | 15 ++++++++
 .../cola/sample/sso/WebConfiguration.java     | 15 ++++++++
 .../cola/sample/social/IndexController.java   | 14 ++++----
 .../sc/api/model/CredentialValidation.java    |  2 --
 .../credential/CredentialServiceImpl.java     |  2 --
 .../password/DefaultPasswordStrategy.java     |  3 --
 .../honvay/cola/uc/admin/UserController.java  |  1 -
 pom.xml                                       | 36 +++++++++++++++++++
 25 files changed, 96 insertions(+), 85 deletions(-)
 create mode 100644 cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/WebConfiguration.java
 create mode 100644 cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/java/com/honvay/cola/sample/sso/WebConfiguration.java

diff --git a/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/utils/Utils.java b/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/utils/Utils.java
index 6f06e8c..2be7023 100644
--- a/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/utils/Utils.java
+++ b/cola-auth/cola-auth-base/src/main/java/com/honvay/cola/auth/base/utils/Utils.java
@@ -2,36 +2,11 @@ package com.honvay.cola.auth.base.utils;
 
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import sun.misc.BASE64Decoder;
-
-import java.io.IOException;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
 
 /**
  */
 public class Utils {
 
-    private static PrivateKey getPrivateKey() {
-        PrivateKey privateKey = null;
-        String priKey = "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCmmLp/WQpWmRSqYdfLM6GbsMR67sUfX9vk+s37h2upcF1VfLX96WVCt5X4oQteXCd4MFp1WXGWQzJllyR1/rMQPLuFSldimzBjiYlLUzM9CmXBqKjnz31HOCymFhKZt6lHAlpbDCNR94xbF6N/Mttwrpd+iFXhGvuQLiwR4KYNO3/JuPDK+P/WPrp7dWQIurkwbtiOqwbcbhvca8yuscDio7n14+e2KZt/UkjFNNkH0Eyk6DJ57Tlxsbzrkgxeyiy3tOsOEwo9sa6XzcBmOiOMXclOvSW8Hk5d/73qC25FRHcEBGuaOEiOosV1vFlvgPDGN9s+kPtpUuhw8uqWIvY5AgMBAAECggEAAdKX7768ozfnhvmtD7cP5JEphSLJm09EK5wm1sKjheYJz16e6xk7l2BEzsSMSEr/z4vP4YrJ+Ffh3ESsDHJt6RaRAqNOk3CZNe2SR/WwENHlTRoYRvj5KOdPbb2+FFpzCqjW7joSxNnNek2m50RaLEBsveCl9+GAsRIgP03S40An11ae7CQyrp6LoTlk72MDLcdB5q0mKpydm7x0zUXuMxKnEERiQxmMtLM6NFbVBgF2JIRSkWwY1e3tOWFLo53mgHSJofT+QBQQ7679qeMlLQAFBehPYLetqIpXwwzvspCh72bM/dYi9SEZCCjeRVXVjlyiS38OK1mK7+5vHNcxUQKBgQDpSEB9wPmrB1WJ1tC7raEYuphFzKVqO8cnHha7hulv0oWUlbBaXfwCL4B4igPjOXnYL2iJiWWgSEqVAQ5XbY0CXCXfEJBRFfQAGP4huoxXJ1+tYdm6KvOtcf9CsyhxY3DBpeJHqCGRcClFpa2hBsQAdWNGePnVIvL31twKKDv+RQKBgQC20f9Rj9h6AYeg1kN8KSH+b/g/8o/X+2tAT6A2Bwezmw91YdOs8thVvdAP8I5gQ0ZVws+bdopcz9616OaZ1qAGK1gH4t2x/SPKbyCLbwy/2JrXwZEyyY8uO59B8nEuVQi6tg9vDeRyHWI74fIA0PUIhlGrOBOFGo+uYS/anlnhZQKBgQC1JxJNlSlMEqnuHA6Db1WGKoBM05owYLNKQSdOAHoOB+ELfSIxSoKD//c3o5VZQizIICiBhVyRlxGzm9pTMhMqHfyat/YZwX51BPNzpbWNiFnX/gBhfTE1Iy0h0pY5VwsclYCePIW0tvCV0Q5/2Q0jfgTVmOQJCta6dvLwQEY2MQKBgFgO+GsB3WSO/hQjgGf6rAwRRMMQg+aljHhyohnD8xq40o5Yq4u/gSJzhhdXaEzHusYuSq94PpcL7Rsz7nclIPk3wXQy+1PzOV0Vf9iJiduSaqsH6ndLDLNZNpGeRJPrk4PTk8WLLIEm1B1B7L4l6BDOGeJd5VEUhSaaW2FzKpndAoGAdByWt94Zmlv7ZAcmFlLsm8Par3WFaeWszQK1xBpyj3I5h2y8qLd9nfAI89xfWNcYbetNmkjnQO5ymGQuheTppplJuh3Qxc1Kb1bGIoUDSjumivbc7wOikMKi6AdgPhQd5H21gWz1qhoagcuPygR8P1VswNwPyiy2Ua6YBPBGE9Q=";
-        PKCS8EncodedKeySpec priPKCS8;
-        try {
-            priPKCS8 = new PKCS8EncodedKeySpec(new BASE64Decoder().decodeBuffer(priKey));
-            KeyFactory keyf = KeyFactory.getInstance("RSA");
-            privateKey = keyf.generatePrivate(priPKCS8);
-        } catch (IOException e) {
-            e.printStackTrace();
-        } catch (NoSuchAlgorithmException e) {
-            e.printStackTrace();
-        } catch (InvalidKeySpecException e) {
-            e.printStackTrace();
-        }
-        return privateKey;
-    }
 
     public static String passwordEncoder(String password){
 
@@ -41,7 +16,4 @@ public class Utils {
         return encodedPassword;
     }
 
-	public static void main(String[] args) {
-		System.out.println(Utils.passwordEncoder("123"));
-	}
 }
diff --git a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
index c832545..0805aac 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
@@ -7,6 +7,8 @@ import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdResourceDetails;
 import com.honvay.cola.auth.client.common.oauth2.sms.SmsAccessTokenProvider;
 import com.honvay.cola.auth.client.common.oauth2.sms.SmsResourceDetails;
 import com.honvay.cola.framework.core.protocol.Result;
+
+import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
 import org.springframework.security.oauth2.client.OAuth2RestTemplate;
 import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
 import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
@@ -19,10 +21,12 @@ import org.springframework.security.oauth2.common.OAuth2AccessToken;
 public class SsoAuthClient {
 
 	private SsoClientProperties properties;
+	private UserInfoRestTemplateFactory factory;
 
 
-	public SsoAuthClient(SsoClientProperties properties) {
+	public SsoAuthClient(SsoClientProperties properties, UserInfoRestTemplateFactory factory) {
 		this.properties = properties;
+		this.factory = factory;
 	}
 
 	/**
@@ -50,7 +54,7 @@ public class SsoAuthClient {
 	 * @return
 	 */
 	public Result<String> logout() {
-		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(properties);
+		OAuth2RestTemplate auth2RestTemplate = this.factory.getUserInfoRestTemplate();
 		auth2RestTemplate.getForObject(properties.getRevokeTokenUri(), String.class);
 		return Result.success();
 	}
diff --git a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoClientAutoConfiguration.java b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoClientAutoConfiguration.java
index cada743..6b098ad 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoClientAutoConfiguration.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoClientAutoConfiguration.java
@@ -1,5 +1,6 @@
 package com.honvay.cola.auth.common.client.app;
 
+import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -13,8 +14,8 @@ import org.springframework.context.annotation.Configuration;
 public class SsoClientAutoConfiguration {
 
 	@Bean
-	public SsoAuthClient ssoAuthClient(SsoClientProperties properties) {
-		return new SsoAuthClient(properties);
+	public SsoAuthClient ssoAuthClient(SsoClientProperties properties, UserInfoRestTemplateFactory factory) {
+		return new SsoAuthClient(properties, factory);
 	}
 
 }
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java
index dc4826e..7d9e601 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java
@@ -2,7 +2,6 @@ package com.honvay.cola.auth.client.common;
 
 import com.honvay.cola.auth.core.model.AuthenticatedUser;
 import org.apache.commons.beanutils.BeanUtils;
-import org.springframework.boot.autoconfigure.security.oauth2.resource.FixedPrincipalExtractor;
 import org.springframework.boot.autoconfigure.security.oauth2.resource.PrincipalExtractor;
 import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
 import org.springframework.stereotype.Component;
@@ -16,7 +15,6 @@ import java.util.Map;
 @Component
 public class SsoUserExtractor implements PrincipalExtractor {
 
-	private FixedPrincipalExtractor fixedPrincipalExtractor = new FixedPrincipalExtractor();
 
 	@Override
 	public Object extractPrincipal(Map<String, Object> map) {
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/ac/AcAccessTokenProvider.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/ac/AcAccessTokenProvider.java
index b2f34d2..e276216 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/ac/AcAccessTokenProvider.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/ac/AcAccessTokenProvider.java
@@ -1,6 +1,5 @@
 package com.honvay.cola.auth.client.common.oauth2.ac;
 
-import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdResourceDetails;
 import org.springframework.http.HttpHeaders;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
@@ -14,10 +13,6 @@ import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 
-import java.util.Iterator;
-import java.util.List;
-import java.util.stream.Collectors;
-
 /**
  * @author LIQIU
  * created on 2019/1/15
diff --git a/cola-auth/cola-auth-jwt/cola-auth-jwt-base/src/main/java/com/honvay/cola/auth/jwt/listener/JwtAuthenticationSuccessEventListener.java b/cola-auth/cola-auth-jwt/cola-auth-jwt-base/src/main/java/com/honvay/cola/auth/jwt/listener/JwtAuthenticationSuccessEventListener.java
index ca97c0c..fcebc7d 100644
--- a/cola-auth/cola-auth-jwt/cola-auth-jwt-base/src/main/java/com/honvay/cola/auth/jwt/listener/JwtAuthenticationSuccessEventListener.java
+++ b/cola-auth/cola-auth-jwt/cola-auth-jwt-base/src/main/java/com/honvay/cola/auth/jwt/listener/JwtAuthenticationSuccessEventListener.java
@@ -3,12 +3,8 @@ package com.honvay.cola.auth.jwt.listener;
 import com.honvay.cola.auth.jwt.JwtTokenStore;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationEvent;
 import org.springframework.context.ApplicationListener;
 import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
-import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.WebAuthenticationDetails;
 import org.springframework.stereotype.Component;
 
 /**
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
index 029c3fe..18a3c3b 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
@@ -30,7 +30,7 @@ import org.springframework.security.oauth2.provider.code.AuthorizationCodeServic
 import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
 import org.springframework.security.oauth2.provider.endpoint.RedirectResolver;
 import org.springframework.security.oauth2.provider.token.TokenStore;
-import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+// import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
 
 import com.honvay.cola.auth.oauth2.provider.client.CustomJdbcClientDetailsService;
@@ -108,20 +108,21 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
     public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
         oauthServer.realm("spring-oauth-server").allowFormAuthenticationForClients();
     }
-    
-	@Bean
-	public JwtAccessTokenConverter accessTokenConverter() {
-		JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
-		converter.setSigningKey("cola-auth");
-		return converter;
-	}
+	
+    // TOKEN暂时不使用jwt的token使用普通token即可
+//	@Bean
+//	public JwtAccessTokenConverter accessTokenConverter() {
+//		JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+//		converter.setSigningKey("cola-auth");
+//		return converter;
+//	}
 
 	@Override
 	public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
 		endpoints.approvalStore(approvalStore())
 				.authorizationCodeServices(authorizationCodeServices())
 				.tokenStore(tokenStore())
-				.accessTokenConverter(accessTokenConverter())
+//				.accessTokenConverter(accessTokenConverter())
 				.authenticationManager(authenticationManager);
 		
 		endpoints.redirectResolver(redirectResolver());
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/controller/OAuth2Controller.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/controller/OAuth2Controller.java
index b005470..afdc26c 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/controller/OAuth2Controller.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/controller/OAuth2Controller.java
@@ -6,6 +6,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
 import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -40,7 +41,10 @@ public class OAuth2Controller {
 
 	@RequestMapping("/oauth/revoke")
 	public Result<String> revokeToken(@AuthenticationPrincipal OAuth2Authentication auth2Authentication) {
-		tokenServices.revokeToken(auth2Authentication.getUserAuthentication().getName());
+		Object details = auth2Authentication.getDetails();
+		if(details instanceof OAuth2AuthenticationDetails) {
+			tokenServices.revokeToken(((OAuth2AuthenticationDetails) details).getTokenValue());
+		}
 		return Result.success();
 	}
 
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/provider/endpoint/DefaultColaRedirectResolver.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/provider/endpoint/DefaultColaRedirectResolver.java
index a700c5c..080ceb2 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/provider/endpoint/DefaultColaRedirectResolver.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/provider/endpoint/DefaultColaRedirectResolver.java
@@ -10,7 +10,6 @@ import org.springframework.security.oauth2.common.exceptions.RedirectMismatchExc
 import org.springframework.security.oauth2.provider.ClientDetails;
 import org.springframework.security.oauth2.provider.endpoint.DefaultRedirectResolver;
 import org.springframework.security.oauth2.provider.endpoint.RedirectResolver;
-import org.springframework.util.Assert;
 import org.springframework.util.StringUtils;
 
 public class DefaultColaRedirectResolver extends DefaultRedirectResolver implements RedirectResolver {
diff --git a/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/api/impl/AlipayImpl.java b/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/api/impl/AlipayImpl.java
index 9ab35b5..4cb38a9 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/api/impl/AlipayImpl.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/api/impl/AlipayImpl.java
@@ -8,13 +8,11 @@ import com.alipay.api.response.AlipayUserInfoShareResponse;
 import com.honvay.cola.auth.social.alipay.AlipayProperties;
 import com.honvay.cola.auth.social.alipay.api.Alipay;
 import com.honvay.cola.auth.social.alipay.api.AlipayUserInfo;
-import lombok.extern.slf4j.Slf4j;
 import org.springframework.social.ApiBinding;
 
 /**
  * @author LIQIU
  */
-@Slf4j
 public class AlipayImpl implements ApiBinding, Alipay {
 
 	/**
diff --git a/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2AuthenticationService.java b/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2AuthenticationService.java
index 2a8f6bd..d8994af 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2AuthenticationService.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2AuthenticationService.java
@@ -1,15 +1,10 @@
 package com.honvay.cola.auth.social.alipay.connect;
 
 import com.honvay.cola.auth.social.alipay.api.Alipay;
-import org.springframework.social.connect.Connection;
 import org.springframework.social.connect.support.OAuth2ConnectionFactory;
-import org.springframework.social.oauth2.AccessGrant;
-import org.springframework.social.oauth2.OAuth2Parameters;
 import org.springframework.social.security.SocialAuthenticationRedirectException;
 import org.springframework.social.security.SocialAuthenticationToken;
 import org.springframework.social.security.provider.OAuth2AuthenticationService;
-import org.springframework.util.StringUtils;
-import org.springframework.web.client.RestClientException;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
diff --git a/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2Template.java b/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2Template.java
index 1f461e0..619e4d2 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2Template.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-alipay/src/main/java/com/honvay/cola/auth/social/alipay/connect/AlipayOAuth2Template.java
@@ -6,7 +6,6 @@ import com.alipay.api.DefaultAlipayClient;
 import com.alipay.api.request.AlipaySystemOauthTokenRequest;
 import com.alipay.api.response.AlipaySystemOauthTokenResponse;
 import com.honvay.cola.auth.social.alipay.AlipayProperties;
-import lombok.extern.slf4j.Slf4j;
 import org.springframework.social.oauth2.AccessGrant;
 import org.springframework.social.oauth2.GrantType;
 import org.springframework.social.oauth2.OAuth2Parameters;
@@ -16,7 +15,6 @@ import org.springframework.util.MultiValueMap;
 /**
  * @author LIQIU
  */
-@Slf4j
 public class AlipayOAuth2Template extends OAuth2Template {
 
 	private AlipayProperties properties;
diff --git a/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml b/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml
index 1a6cc71..6925a95 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml
+++ b/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml
@@ -24,7 +24,6 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.4</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
diff --git a/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialConnectionSignUp.java b/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialConnectionSignUp.java
index c130591..0ae0729 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialConnectionSignUp.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialConnectionSignUp.java
@@ -1,9 +1,7 @@
 package com.honvay.cola.auth.social;
 
 import com.honvay.cola.uc.api.UserService;
-import com.honvay.cola.uc.api.enums.UserStatus;
 import com.honvay.cola.uc.api.model.UserAddDto;
-import com.honvay.cola.uc.api.model.UserDto;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.social.connect.Connection;
 import org.springframework.social.connect.ConnectionSignUp;
diff --git a/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialSignUpController.java b/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialSignUpController.java
index 01feef8..3a4c0ee 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialSignUpController.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialSignUpController.java
@@ -2,7 +2,6 @@ package com.honvay.cola.auth.social;
 
 import com.honvay.cola.framework.core.protocol.Result;
 import com.honvay.cola.uc.api.UserService;
-import com.honvay.cola.uc.api.enums.UserStatus;
 import com.honvay.cola.uc.api.model.UserAddDto;
 import com.honvay.cola.uc.api.model.UserDto;
 import org.apache.commons.lang3.StringUtils;
diff --git a/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialWebAutoConfiguration.java b/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialWebAutoConfiguration.java
index c70f778..3d2a312 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialWebAutoConfiguration.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-web/src/main/java/com/honvay/cola/auth/social/SocialWebAutoConfiguration.java
@@ -4,7 +4,6 @@ import com.honvay.cola.auth.social.core.SocialProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.social.config.annotation.EnableSocial;
 import org.springframework.social.config.annotation.SocialConfigurerAdapter;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.web.ProviderSignInUtils;
diff --git a/cola-auth/cola-auth-web/src/main/java/com/honvay/cola/auth/web/configuration/WebSessionConfiguration.java b/cola-auth/cola-auth-web/src/main/java/com/honvay/cola/auth/web/configuration/WebSessionConfiguration.java
index 4701d6b..74d750c 100644
--- a/cola-auth/cola-auth-web/src/main/java/com/honvay/cola/auth/web/configuration/WebSessionConfiguration.java
+++ b/cola-auth/cola-auth-web/src/main/java/com/honvay/cola/auth/web/configuration/WebSessionConfiguration.java
@@ -2,7 +2,6 @@ package com.honvay.cola.auth.web.configuration;
 
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/WebConfiguration.java b/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/WebConfiguration.java
new file mode 100644
index 0000000..105220b
--- /dev/null
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-app/src/main/java/com/honvay/cola/sso/smaple/app/WebConfiguration.java
@@ -0,0 +1,15 @@
+package com.honvay.cola.sso.smaple.app;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.context.request.RequestContextListener;
+
+@Configuration
+public class WebConfiguration {
+
+	@Bean
+	public RequestContextListener requestContextListener() {
+		return new RequestContextListener();
+	}
+
+}
\ No newline at end of file
diff --git a/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/java/com/honvay/cola/sample/sso/WebConfiguration.java b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/java/com/honvay/cola/sample/sso/WebConfiguration.java
new file mode 100644
index 0000000..12dc892
--- /dev/null
+++ b/cola-samples/cola-sample-sso/cola-sample-sso-server/src/main/java/com/honvay/cola/sample/sso/WebConfiguration.java
@@ -0,0 +1,15 @@
+package com.honvay.cola.sample.sso;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.context.request.RequestContextListener;
+
+@Configuration
+public class WebConfiguration {
+
+	@Bean
+	public RequestContextListener requestContextListener() {
+		return new RequestContextListener();
+	}
+
+}
\ No newline at end of file
diff --git a/cola-samples/cola-samples-social/src/main/java/com/honvay/cola/sample/social/IndexController.java b/cola-samples/cola-samples-social/src/main/java/com/honvay/cola/sample/social/IndexController.java
index 464a2fc..d61abed 100644
--- a/cola-samples/cola-samples-social/src/main/java/com/honvay/cola/sample/social/IndexController.java
+++ b/cola-samples/cola-samples-social/src/main/java/com/honvay/cola/sample/social/IndexController.java
@@ -1,21 +1,19 @@
 package com.honvay.cola.sample.social;
 
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.social.connect.Connection;
 import org.springframework.social.connect.ConnectionRepository;
 import org.springframework.stereotype.Controller;
 import org.springframework.util.MultiValueMap;
-import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.servlet.ModelAndView;
 
-import java.security.Principal;
-import java.util.*;
-import java.util.stream.Collectors;
-
-import static java.util.Arrays.asList;
-
 /**
  * @author LIQIU
  * created on 2018-11-22
diff --git a/cola-security/cola-security-api/src/main/java/com/honvay/cola/sc/api/model/CredentialValidation.java b/cola-security/cola-security-api/src/main/java/com/honvay/cola/sc/api/model/CredentialValidation.java
index 696120a..dd74cc4 100644
--- a/cola-security/cola-security-api/src/main/java/com/honvay/cola/sc/api/model/CredentialValidation.java
+++ b/cola-security/cola-security-api/src/main/java/com/honvay/cola/sc/api/model/CredentialValidation.java
@@ -5,8 +5,6 @@ import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
-import javax.validation.constraints.Max;
-import javax.validation.constraints.Min;
 import javax.validation.constraints.NotEmpty;
 import java.io.Serializable;
 
diff --git a/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/credential/CredentialServiceImpl.java b/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/credential/CredentialServiceImpl.java
index fe38380..374a98c 100644
--- a/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/credential/CredentialServiceImpl.java
+++ b/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/credential/CredentialServiceImpl.java
@@ -8,7 +8,6 @@ import com.honvay.cola.sc.api.model.CredentialConfig;
 import com.honvay.cola.sc.api.model.CredentialNotify;
 import com.honvay.cola.sc.api.model.CredentialType;
 import com.honvay.cola.sc.api.model.CredentialValidation;
-import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,7 +25,6 @@ import java.util.concurrent.TimeUnit;
  * @author LIQIU
  * @date 2018-7-10
  **/
-@Slf4j
 @Component
 public class CredentialServiceImpl implements CredentialService, InitializingBean {
 	/**
diff --git a/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/password/DefaultPasswordStrategy.java b/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/password/DefaultPasswordStrategy.java
index 93c9c6c..883e266 100644
--- a/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/password/DefaultPasswordStrategy.java
+++ b/cola-security/cola-security-provider/src/main/java/com/honvay/cola/sc/provider/password/DefaultPasswordStrategy.java
@@ -2,11 +2,8 @@ package com.honvay.cola.sc.provider.password;
 
 import com.honvay.cola.sc.api.PasswordStrategy;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.MessageSource;
 import org.springframework.context.support.MessageSourceAccessor;
 import org.springframework.context.support.ResourceBundleMessageSource;
-import org.springframework.stereotype.Component;
 
 /**
  * @author LIQIU
diff --git a/cola-user/cola-user-admin/src/main/java/com/honvay/cola/uc/admin/UserController.java b/cola-user/cola-user-admin/src/main/java/com/honvay/cola/uc/admin/UserController.java
index a8c5aed..fc14893 100644
--- a/cola-user/cola-user-admin/src/main/java/com/honvay/cola/uc/admin/UserController.java
+++ b/cola-user/cola-user-admin/src/main/java/com/honvay/cola/uc/admin/UserController.java
@@ -7,7 +7,6 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
diff --git a/pom.xml b/pom.xml
index dee17bc..8305e86 100644
--- a/pom.xml
+++ b/pom.xml
@@ -250,4 +250,40 @@
             </dependency>
         </dependencies>
     </dependencyManagement>
+	<build>
+		<plugins>
+			<plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>${java.version}</source>
+                    <target>${java.version}</target>
+                </configuration>
+            </plugin>
+            <plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-javadoc-plugin</artifactId>
+				<configuration>
+					<skip>true</skip>
+				</configuration> 
+			</plugin>
+			<plugin>  
+			    <groupId>org.apache.maven.plugins</groupId>  
+			    <artifactId>maven-surefire-plugin</artifactId>  
+			    <configuration>  
+			        <skipTests>true</skipTests>  
+			    </configuration>  
+			</plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-release-plugin</artifactId>
+                <version>2.5.3</version>
+                <configuration>
+                    <tagNameFormat>v@{project.version}</tagNameFormat>
+                    <autoVersionSubmodules>true</autoVersionSubmodules>
+                    <arguments>-DskipTests</arguments>
+                </configuration>
+            </plugin>
+		</plugins>
+	</build>
 </project>
-- 
Gitee


From 3b5addd2fa5ebcc7ad21a0b593ad33255a1d001c Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Wed, 19 Jun 2019 14:16:33 +0800
Subject: [PATCH 7/8] =?UTF-8?q?=E5=A2=9E=E5=8A=A0token=E5=88=B7=E6=96=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/common/client/app/SsoAuthClient.java | 31 ++++++--
 .../auth/client/common/SsoUserExtractor.java  |  8 ++-
 .../refresh/RefreshAccessTokenProvider.java   | 71 +++++++++++++++++++
 .../RefreshAccessTokenResourceDetails.java    | 19 +++++
 .../AuthorizationServerConfiguration.java     |  6 ++
 5 files changed, 127 insertions(+), 8 deletions(-)
 create mode 100644 cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenProvider.java
 create mode 100644 cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenResourceDetails.java

diff --git a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
index 0805aac..cc88a8f 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-app/src/main/java/com/honvay/cola/auth/common/client/app/SsoAuthClient.java
@@ -1,19 +1,21 @@
 package com.honvay.cola.auth.common.client.app;
 
+import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
+import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+
 import com.honvay.cola.auth.client.common.oauth2.ac.AcAccessTokenProvider;
 import com.honvay.cola.auth.client.common.oauth2.ac.AcResourceDetails;
 import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdAccessTokenProvider;
 import com.honvay.cola.auth.client.common.oauth2.openid.OpenIdResourceDetails;
+import com.honvay.cola.auth.client.common.oauth2.refresh.RefreshAccessTokenProvider;
+import com.honvay.cola.auth.client.common.oauth2.refresh.RefreshAccessTokenResourceDetails;
 import com.honvay.cola.auth.client.common.oauth2.sms.SmsAccessTokenProvider;
 import com.honvay.cola.auth.client.common.oauth2.sms.SmsResourceDetails;
 import com.honvay.cola.framework.core.protocol.Result;
 
-import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
-import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
-import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-
 /**
  * @author LIQIU
  * created on 2018-11-27
@@ -48,6 +50,23 @@ public class SsoAuthClient {
 		return auth2RestTemplate.getAccessToken();
 	}
 
+	/**
+	 * 手动使用refreshAccess重新获取方位token
+	 * 
+	 * @param refreshAccess
+	 * @return
+	 */
+	public OAuth2AccessToken refreshAccessToken(String refreshAccess) {
+		RefreshAccessTokenResourceDetails details = new RefreshAccessTokenResourceDetails();
+		details.setAccessTokenUri(this.properties.getAccessTokenUri());
+		details.setRefreshToken(refreshAccess);
+		details.setClientId(this.properties.getClientId());
+		details.setClientSecret(this.properties.getClientSecret());
+		OAuth2RestTemplate auth2RestTemplate = new OAuth2RestTemplate(details);
+		auth2RestTemplate.setAccessTokenProvider(new RefreshAccessTokenProvider());
+		return auth2RestTemplate.getAccessToken();
+	}
+
 	/**
 	 * 退出
 	 *
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java
index 7d9e601..cf0dc20 100644
--- a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/SsoUserExtractor.java
@@ -22,11 +22,15 @@ public class SsoUserExtractor implements PrincipalExtractor {
 		if (authentication == null) {
 			throw new InvalidTokenException("userAuthentication is empty");
 		}
-		Object principal = ((Map<String, Object>) authentication).get("principal");
-		AuthenticatedUser user = new AuthenticatedUser();
+		Map<String, Object> principal = (Map<String, Object>) ((Map<String, Object>) authentication).get("principal");
 		if (principal == null) {
 			throw new InvalidTokenException("principal is empty");
 		}
+
+		AuthenticatedUser user = new AuthenticatedUser();
+		user.setId(String.valueOf(principal.get("id")));
+		principal.remove("id");
+		principal.remove("authorities");
 		try {
 			BeanUtils.populate(user, (Map<String, Object>) principal);
 		} catch (Exception e) {
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenProvider.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenProvider.java
new file mode 100644
index 0000000..12f3897
--- /dev/null
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenProvider.java
@@ -0,0 +1,71 @@
+package com.honvay.cola.auth.client.common.oauth2.refresh;
+
+import java.util.Iterator;
+import java.util.List;
+
+import org.springframework.http.HttpHeaders;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
+import org.springframework.security.oauth2.client.resource.UserApprovalRequiredException;
+import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
+import org.springframework.security.oauth2.client.token.AccessTokenProvider;
+import org.springframework.security.oauth2.client.token.AccessTokenRequest;
+import org.springframework.security.oauth2.client.token.OAuth2AccessTokenSupport;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.OAuth2RefreshToken;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+
+/**
+ **/
+public class RefreshAccessTokenProvider extends OAuth2AccessTokenSupport implements AccessTokenProvider {
+
+	@Override
+	public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request)
+			throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException {
+		RefreshAccessTokenResourceDetails resource = (RefreshAccessTokenResourceDetails) details;
+		return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), new HttpHeaders());
+	}
+
+	@Override
+	public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
+		return resource.getClass().equals(RefreshAccessTokenResourceDetails.class);
+	}
+
+	@Override
+	public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource,
+			OAuth2RefreshToken refreshToken, AccessTokenRequest request) throws UserRedirectRequiredException {
+		return null;
+	}
+
+	@Override
+	public boolean supportsRefresh(OAuth2ProtectedResourceDetails resource) {
+		return supportsResource(resource);
+	}
+
+	private MultiValueMap<String, String> getParametersForTokenRequest(RefreshAccessTokenResourceDetails resource,
+			AccessTokenRequest request) {
+		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
+		form.set("grant_type", "refresh_token");
+		form.set("refresh_token", resource.getRefreshToken());
+		form.putAll(request);
+
+		if (resource.isScoped()) {
+			StringBuilder builder = new StringBuilder();
+			List<String> scope = resource.getScope();
+			if (scope != null) {
+				Iterator<String> scopeIt = scope.iterator();
+				while (scopeIt.hasNext()) {
+					builder.append(scopeIt.next());
+					if (scopeIt.hasNext()) {
+						builder.append(' ');
+					}
+				}
+			}
+			form.set("scope", builder.toString());
+		}
+
+		return form;
+
+	}
+}
diff --git a/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenResourceDetails.java b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenResourceDetails.java
new file mode 100644
index 0000000..c030a13
--- /dev/null
+++ b/cola-auth/cola-auth-client/cola-auth-client-common/src/main/java/com/honvay/cola/auth/client/common/oauth2/refresh/RefreshAccessTokenResourceDetails.java
@@ -0,0 +1,19 @@
+package com.honvay.cola.auth.client.common.oauth2.refresh;
+
+import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
+
+/**
+ **/
+public class RefreshAccessTokenResourceDetails extends BaseOAuth2ProtectedResourceDetails {
+
+	private String refreshToken;
+
+	public String getRefreshToken() {
+		return refreshToken;
+	}
+
+	public void setRefreshToken(String refreshToken) {
+		this.refreshToken = refreshToken;
+	}
+
+}
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
index 18a3c3b..a697704 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-base/src/main/java/com/honvay/cola/auth/oauth2/configuration/AuthorizationServerConfiguration.java
@@ -15,6 +15,7 @@ import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -52,6 +53,9 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
 
 	@Autowired
 	private RedisConnectionFactory redisConnectionFactory;
+	
+	@Autowired
+	private UserDetailsService userDetailsService;
 
 	AuthorizationServerEndpointsConfigurer endpoints;
 	// @Autowired(required = false)
@@ -123,6 +127,8 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
 				.authorizationCodeServices(authorizationCodeServices())
 				.tokenStore(tokenStore())
 //				.accessTokenConverter(accessTokenConverter())
+				// spring boot Oauth2 refresh_token UserDetailsService is required
+				.userDetailsService(userDetailsService)
 				.authenticationManager(authenticationManager);
 		
 		endpoints.redirectResolver(redirectResolver());
-- 
Gitee


From fb157f58e039dc974690d30398857b4b90516d66 Mon Sep 17 00:00:00 2001
From: marongjiang <ma19881117@163.com>
Date: Tue, 29 Dec 2020 16:46:07 +0800
Subject: [PATCH 8/8] =?UTF-8?q?=E6=9C=80=E6=96=B0=E4=BB=A3=E7=A0=81?=
 =?UTF-8?q?=E8=B0=83=E6=95=B4?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ac/config/AcOAuth2Configuration.java      |  4 +-
 .../config/OpenIdOAuth2Configuration.java     |  4 +-
 .../sms/config/SmsOAuth2Configuration.java    |  4 +-
 .../cola-auth-social-alipay/pom.xml           |  3 +-
 .../cola-auth-social-base/pom.xml             |  2 +-
 .../cola-auth-social-qq/pom.xml               | 47 ++++++++++++++++++-
 .../qq/config/QQConnectConfiguration.java     | 15 +++---
 .../cola-auth-social-wechat/pom.xml           |  6 ++-
 .../config/WechatConnectionConfiguration.java | 15 +++---
 .../cola-auth-social-wechatmp/pom.xml         |  6 ++-
 .../WechatMpConnectionConfiguration.java      | 15 +++---
 cola-auth/cola-auth-social/pom.xml            |  2 +-
 pom.xml                                       |  6 ++-
 13 files changed, 89 insertions(+), 40 deletions(-)

diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-ac/src/main/java/com/honvay/cola/auto/oauth2/ac/config/AcOAuth2Configuration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-ac/src/main/java/com/honvay/cola/auto/oauth2/ac/config/AcOAuth2Configuration.java
index 53153dc..87530b1 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-ac/src/main/java/com/honvay/cola/auto/oauth2/ac/config/AcOAuth2Configuration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-ac/src/main/java/com/honvay/cola/auto/oauth2/ac/config/AcOAuth2Configuration.java
@@ -1,7 +1,7 @@
 package com.honvay.cola.auto.oauth2.ac.config;
 
 import com.honvay.cola.auto.oauth2.ac.granter.AcTokenGranter;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -17,7 +17,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
 public class AcOAuth2Configuration {
 
 	@Bean
-	@ConditionalOnBean({AuthenticationManager.class, AuthorizationServerTokenServices.class, ClientDetailsService.class})
+	@ConditionalOnClass({AuthenticationManager.class, AuthorizationServerTokenServices.class, ClientDetailsService.class})
 	public AcTokenGranter acTokenGranter(AuthenticationManager authenticationManager,
 										 AuthorizationServerTokenServices tokenServices,
 										 ClientDetailsService clientDetailsService) {
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-openid/src/main/java/com/honvay/cola/auth/oauth2/openid/config/OpenIdOAuth2Configuration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-openid/src/main/java/com/honvay/cola/auth/oauth2/openid/config/OpenIdOAuth2Configuration.java
index 782df62..116c3be 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-openid/src/main/java/com/honvay/cola/auth/oauth2/openid/config/OpenIdOAuth2Configuration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-openid/src/main/java/com/honvay/cola/auth/oauth2/openid/config/OpenIdOAuth2Configuration.java
@@ -1,7 +1,7 @@
 package com.honvay.cola.auth.oauth2.openid.config;
 
 import com.honvay.cola.auth.oauth2.openid.granter.OpenIdTokenGranter;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -17,7 +17,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
 public class OpenIdOAuth2Configuration {
 
 	@Bean
-	@ConditionalOnBean({AuthenticationManager.class, AuthorizationServerTokenServices.class, ClientDetailsService.class})
+	@ConditionalOnClass({AuthenticationManager.class, AuthorizationServerTokenServices.class, ClientDetailsService.class})
 	public OpenIdTokenGranter openIdTokenGranter(AuthenticationManager authenticationManager,
 												 AuthorizationServerTokenServices tokenServices,
 												 ClientDetailsService clientDetailsService) {
diff --git a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/src/main/java/com/honvay/cola/auth/oauth2/sms/config/SmsOAuth2Configuration.java b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/src/main/java/com/honvay/cola/auth/oauth2/sms/config/SmsOAuth2Configuration.java
index 069ad75..f92c6eb 100644
--- a/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/src/main/java/com/honvay/cola/auth/oauth2/sms/config/SmsOAuth2Configuration.java
+++ b/cola-auth/cola-auth-oauth2/cola-auth-oauth2-sms/src/main/java/com/honvay/cola/auth/oauth2/sms/config/SmsOAuth2Configuration.java
@@ -1,7 +1,7 @@
 package com.honvay.cola.auth.oauth2.sms.config;
 
 import com.honvay.cola.auth.oauth2.sms.granter.SmsTokenGranter;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -18,7 +18,7 @@ public class SmsOAuth2Configuration {
 
 
 	@Bean
-	@ConditionalOnBean({AuthenticationManager.class, AuthorizationServerTokenServices.class, ClientDetailsService.class})
+	@ConditionalOnClass({AuthenticationManager.class, AuthorizationServerTokenServices.class, ClientDetailsService.class})
 	public SmsTokenGranter smsTokenGranter(AuthenticationManager authenticationManager,
 										   AuthorizationServerTokenServices tokenServices,
 										   ClientDetailsService clientDetailsService) {
diff --git a/cola-auth/cola-auth-social/cola-auth-social-alipay/pom.xml b/cola-auth/cola-auth-social/cola-auth-social-alipay/pom.xml
index 6eb16a2..45d9b5c 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-alipay/pom.xml
+++ b/cola-auth/cola-auth-social/cola-auth-social-alipay/pom.xml
@@ -24,7 +24,7 @@
         </dependency>
         <dependency>
             <groupId>org.springframework.social</groupId>
-            <artifactId>spring-social-autoconfigure</artifactId>
+            <artifactId>spring-social-config</artifactId>
             <version>${spring.social.version}</version>
         </dependency>
         <dependency>
@@ -34,7 +34,6 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.4</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
diff --git a/cola-auth/cola-auth-social/cola-auth-social-base/pom.xml b/cola-auth/cola-auth-social/cola-auth-social-base/pom.xml
index d575c93..3582bf7 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-base/pom.xml
+++ b/cola-auth/cola-auth-social/cola-auth-social-base/pom.xml
@@ -14,7 +14,7 @@
     <dependencies>
         <dependency>
             <groupId>org.springframework.social</groupId>
-            <artifactId>spring-social-autoconfigure</artifactId>
+            <artifactId>spring-social-config</artifactId>
             <version>${spring.social.version}</version>
         </dependency>
         <dependency>
diff --git a/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml b/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml
index 6925a95..0e13cb7 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml
+++ b/cola-auth/cola-auth-social/cola-auth-social-qq/pom.xml
@@ -14,7 +14,52 @@
     <dependencies>
         <dependency>
             <groupId>org.springframework.social</groupId>
-            <artifactId>spring-social-autoconfigure</artifactId>
+            <artifactId>spring-social-config</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.social</groupId>
+            <artifactId>spring-social-core</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.social</groupId>
+            <artifactId>spring-social-web</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-autoconfigure</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.social</groupId>
+            <artifactId>spring-social-core</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.social</groupId>
+            <artifactId>spring-social-web</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-autoconfigure</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.social</groupId>
+            <artifactId>spring-social-core</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.social</groupId>
+            <artifactId>spring-social-web</artifactId>
+            <version>${spring.social.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-autoconfigure</artifactId>
             <version>${spring.social.version}</version>
         </dependency>
         <dependency>
diff --git a/cola-auth/cola-auth-social/cola-auth-social-qq/src/main/java/com/honvay/cola/auth/social/qq/config/QQConnectConfiguration.java b/cola-auth/cola-auth-social/cola-auth-social-qq/src/main/java/com/honvay/cola/auth/social/qq/config/QQConnectConfiguration.java
index bcea8ec..2b9be13 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-qq/src/main/java/com/honvay/cola/auth/social/qq/config/QQConnectConfiguration.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-qq/src/main/java/com/honvay/cola/auth/social/qq/config/QQConnectConfiguration.java
@@ -5,7 +5,9 @@ import com.honvay.cola.auth.social.qq.connect.QQConnectionFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.social.autoconfigure.SocialAutoConfigurerAdapter;
+import org.springframework.core.env.Environment;
+import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
+import org.springframework.social.config.annotation.SocialConfigurerAdapter;
 import org.springframework.social.connect.ConnectionFactory;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.UsersConnectionRepository;
@@ -15,18 +17,15 @@ import org.springframework.social.connect.UsersConnectionRepository;
  */
 @Configuration
 @EnableConfigurationProperties(QQProperties.class)
-public class QQConnectConfiguration extends SocialAutoConfigurerAdapter {
+public class QQConnectConfiguration extends SocialConfigurerAdapter {
 
 	@Autowired
 	private QQProperties qqProperties;
 
-	@Override
-	protected ConnectionFactory<?> createConnectionFactory() {
-		return new QQConnectionFactory(qqProperties.getProviderId(), qqProperties.getAppId(), qqProperties.getAppSecret());
-	}
 
 	@Override
-	public UsersConnectionRepository getUsersConnectionRepository(ConnectionFactoryLocator connectionFactoryLocator) {
-		return null;
+	public void addConnectionFactories(ConnectionFactoryConfigurer connectionFactoryConfigurer, Environment environment) {
+		QQConnectionFactory qqConnectionFactory = new QQConnectionFactory(qqProperties.getProviderId(), qqProperties.getAppId(), qqProperties.getAppSecret());
+		connectionFactoryConfigurer.addConnectionFactory(qqConnectionFactory);
 	}
 }
\ No newline at end of file
diff --git a/cola-auth/cola-auth-social/cola-auth-social-wechat/pom.xml b/cola-auth/cola-auth-social/cola-auth-social-wechat/pom.xml
index 0e5ebe5..192af68 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-wechat/pom.xml
+++ b/cola-auth/cola-auth-social/cola-auth-social-wechat/pom.xml
@@ -14,7 +14,7 @@
     <dependencies>
         <dependency>
             <groupId>org.springframework.social</groupId>
-            <artifactId>spring-social-autoconfigure</artifactId>
+            <artifactId>spring-social-config</artifactId>
             <version>${spring.social.version}</version>
         </dependency>
         <dependency>
@@ -37,5 +37,9 @@
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot</artifactId>
+        </dependency>
     </dependencies>
 </project>
\ No newline at end of file
diff --git a/cola-auth/cola-auth-social/cola-auth-social-wechat/src/main/java/com/honvay/cola/auth/social/wechat/config/WechatConnectionConfiguration.java b/cola-auth/cola-auth-social/cola-auth-social-wechat/src/main/java/com/honvay/cola/auth/social/wechat/config/WechatConnectionConfiguration.java
index 51aca38..4863dfe 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-wechat/src/main/java/com/honvay/cola/auth/social/wechat/config/WechatConnectionConfiguration.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-wechat/src/main/java/com/honvay/cola/auth/social/wechat/config/WechatConnectionConfiguration.java
@@ -5,7 +5,9 @@ import com.honvay.cola.auth.social.wechat.connect.WechatConnectionFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.social.autoconfigure.SocialAutoConfigurerAdapter;
+import org.springframework.core.env.Environment;
+import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
+import org.springframework.social.config.annotation.SocialConfigurerAdapter;
 import org.springframework.social.connect.ConnectionFactory;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.UsersConnectionRepository;
@@ -18,20 +20,17 @@ import org.springframework.social.connect.UsersConnectionRepository;
  */
 @Configuration
 @EnableConfigurationProperties(WechatProperties.class)
-public class WechatConnectionConfiguration extends SocialAutoConfigurerAdapter {
+public class WechatConnectionConfiguration extends SocialConfigurerAdapter {
 
 	@Autowired
 	private WechatProperties wechatProperties;
 
+
 	@Override
-	protected ConnectionFactory<?> createConnectionFactory() {
+	public void addConnectionFactories(ConnectionFactoryConfigurer connectionFactoryConfigurer, Environment environment) {
 		WechatConnectionFactory connectionFactory = new WechatConnectionFactory(wechatProperties.getProviderId(), wechatProperties.getAppId(), wechatProperties.getAppSecret());
 		connectionFactory.setScope(wechatProperties.getScope());
-		return connectionFactory;
+		connectionFactoryConfigurer.addConnectionFactory(connectionFactory);
 	}
 
-	@Override
-	public UsersConnectionRepository getUsersConnectionRepository(ConnectionFactoryLocator connectionFactoryLocator) {
-		return null;
-	}
 }
diff --git a/cola-auth/cola-auth-social/cola-auth-social-wechatmp/pom.xml b/cola-auth/cola-auth-social/cola-auth-social-wechatmp/pom.xml
index 3f7cdb7..dd2660c 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-wechatmp/pom.xml
+++ b/cola-auth/cola-auth-social/cola-auth-social-wechatmp/pom.xml
@@ -14,7 +14,7 @@
     <dependencies>
         <dependency>
             <groupId>org.springframework.social</groupId>
-            <artifactId>spring-social-autoconfigure</artifactId>
+            <artifactId>spring-social-config</artifactId>
             <version>${spring.social.version}</version>
         </dependency>
         <dependency>
@@ -37,5 +37,9 @@
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot</artifactId>
+        </dependency>
     </dependencies>
 </project>
\ No newline at end of file
diff --git a/cola-auth/cola-auth-social/cola-auth-social-wechatmp/src/main/java/com/honvay/cola/auth/social/wechatmp/config/WechatMpConnectionConfiguration.java b/cola-auth/cola-auth-social/cola-auth-social-wechatmp/src/main/java/com/honvay/cola/auth/social/wechatmp/config/WechatMpConnectionConfiguration.java
index 0430bb5..02a5c61 100644
--- a/cola-auth/cola-auth-social/cola-auth-social-wechatmp/src/main/java/com/honvay/cola/auth/social/wechatmp/config/WechatMpConnectionConfiguration.java
+++ b/cola-auth/cola-auth-social/cola-auth-social-wechatmp/src/main/java/com/honvay/cola/auth/social/wechatmp/config/WechatMpConnectionConfiguration.java
@@ -5,7 +5,9 @@ import com.honvay.cola.auth.social.wechatmp.connect.WechatMpConnectionFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.social.autoconfigure.SocialAutoConfigurerAdapter;
+import org.springframework.core.env.Environment;
+import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
+import org.springframework.social.config.annotation.SocialConfigurerAdapter;
 import org.springframework.social.connect.ConnectionFactory;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.UsersConnectionRepository;
@@ -18,22 +20,17 @@ import org.springframework.social.connect.UsersConnectionRepository;
  */
 @Configuration
 @EnableConfigurationProperties(WechatMpProperties.class)
-public class WechatMpConnectionConfiguration extends SocialAutoConfigurerAdapter {
+public class WechatMpConnectionConfiguration extends SocialConfigurerAdapter {
 
 	@Autowired
 	private WechatMpProperties wechatMpProperties;
 
 
 	@Override
-	protected ConnectionFactory<?> createConnectionFactory() {
+	public void addConnectionFactories(ConnectionFactoryConfigurer connectionFactoryConfigurer, Environment environment) {
 		WechatMpConnectionFactory factory = new WechatMpConnectionFactory(wechatMpProperties.getProviderId(), wechatMpProperties.getAppId(),
 				wechatMpProperties.getAppSecret());
 		factory.setScope(wechatMpProperties.getScope());
-		return factory;
-	}
-
-	@Override
-	public UsersConnectionRepository getUsersConnectionRepository(ConnectionFactoryLocator connectionFactoryLocator) {
-		return null;
+		connectionFactoryConfigurer.addConnectionFactory(factory);
 	}
 }
diff --git a/cola-auth/cola-auth-social/pom.xml b/cola-auth/cola-auth-social/pom.xml
index f994c2e..3872cc2 100644
--- a/cola-auth/cola-auth-social/pom.xml
+++ b/cola-auth/cola-auth-social/pom.xml
@@ -23,7 +23,7 @@
         <dependencies>
             <dependency>
                 <groupId>org.springframework.social</groupId>
-                <artifactId>spring-social-autoconfigure</artifactId>
+                <artifactId>spring-social-config</artifactId>
             </dependency>
             <dependency>
                 <groupId>org.springframework.social</groupId>
diff --git a/pom.xml b/pom.xml
index 8305e86..3e671cb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -25,7 +25,7 @@
     </parent>
 
     <properties>
-        <spring.social.version>2.0.0.BUILD-SNAPSHOT</spring.social.version>
+        <spring.social.version>2.0.0.M4</spring.social.version>
         <spring.security.oauth2.version>2.1.0.RELEASE</spring.security.oauth2.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
@@ -38,6 +38,7 @@
 			<name>aliyun maven</name>
 			<url>http://maven.aliyun.com/nexus/content/groups/public/</url>
 		</repository>
+		<!--
 		<repository>
 		    <id>spring-repo</id>
 		    <name>Spring Repository</name>
@@ -55,6 +56,7 @@
 		    <name>Spring Snapshot Repository</name>
 		    <url>https://repo.spring.io/snapshot</url>
 		</repository>
+		-->
 	</repositories>
 	<pluginRepositories>
 		<pluginRepository>
@@ -93,7 +95,7 @@
             </dependency>
             <dependency>
                 <groupId>org.springframework.social</groupId>
-                <artifactId>spring-social-autoconfigure</artifactId>
+                <artifactId>spring-social-config</artifactId>
                 <version>${spring.social.version}</version>
             </dependency>
 
-- 
Gitee