Merge pull request #3 from monkeyk/3.0.0

import v3.0.0 codes  merge master

Author: monkeyk

.gitignore

@@ -1,12 +1,24 @@
-*.class
+target/
+!.mvn/wrapper/maven-wrapper.jar
 
-# Mobile Tools for Java (J2ME)
-.mtj.tmp/
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
 
-# Package Files #
-*.jar
-*.war
-*.ear
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
 
-# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
-hs_err_pid*
+### NetBeans ###
+nbproject/private/
+build/
+nbbuild/
+dist/
+nbdist/
+.nb-gradle/

LICENSE

@@ -1,7 +1,7 @@
                     GNU GENERAL PUBLIC LICENSE
                        Version 2, June 1991
 
- Copyright (C) 1989, 1991 Free Software Foundation, Inc., <http://fsf.org/>
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc., [http://fsf.org/]
  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  Everyone is permitted to copy and distribute verbatim copies
  of this license document, but changing it is not allowed.
@@ -291,7 +291,7 @@ convey the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.
 
     {description}
-    Copyright (C) {year}  {fullname}
+    Copyright (C) 2013  li.shengzhao
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -336,5 +336,4 @@ This General Public License does not permit incorporating your program into
 proprietary programs.  If your program is a subroutine library, you may
 consider it more useful to permit linking proprietary applications with the
 library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.
-
+Public License instead of this License.

README.md

@@ -2,42 +2,57 @@
 
 truncate user_;
 truncate user_privilege;
--- admin, password is admin  ( All privileges)
-insert into user_(id,guid,create_time,email,password,phone,username,default_user)
-values
-(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'[email protected]','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',1);
+-- admin, password is Admin@2013  ( All privileges)
+insert into user_(id, guid, create_time, email, password, phone, username, default_user)
+values (21, '29f6004fb1b0466f9572b02bf2ac1be8', now(), '[email protected]',
+        '$2a$10$bIIt6KqIMweTZZC.IIHBLuN3dEIJL0LQFRPrtWTujn9O3Sl5Us5vW', '028-1234567', 'admin', 1);
 
-insert into user_privilege(user_id,privilege) values (21,'ADMIN');
-insert into user_privilege(user_id,privilege) values (21,'UNITY');
-insert into user_privilege(user_id,privilege) values (21,'MOBILE');
+insert into user_privilege(user_id, privilege)
+values (21, 'ADMIN');
+insert into user_privilege(user_id, privilege)
+values (21, 'UNITY');
+insert into user_privilege(user_id, privilege)
+values (21, 'MOBILE');
 
--- unity, password is unity  ( ROLE_UNITY)
-insert into user_(id,guid,create_time,email,password,phone,username,default_user)
-values
-(22,'55b713df1c6f423e842ad68668523c49',now(),'[email protected]','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',0);
+-- unity, password is Unity#2013  ( ROLE_UNITY)
+insert into user_(id, guid, create_time, email, password, phone, username, default_user)
+values (22, '55b713df1c6f423e842ad68668523c49', now(), '[email protected]',
+        '$2a$10$M/bdEKNH12ksSmMgt0p3YeSjW4C5auAjE8by9BY6oEkHTjGKNDqTO', '', 'unity', 0);
 
-insert into user_privilege(user_id,privilege) values (22,'UNITY');
+insert into user_privilege(user_id, privilege)
+values (22, 'UNITY');
 
--- mobile, password is mobile  ( ROLE_MOBILE)
-insert into user_(id,guid,create_time,email,password,phone,username,default_user)
-values
-(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'[email protected]','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',0);
+-- mobile, password is Mobile*2013  ( ROLE_MOBILE)
+insert into user_(id, guid, create_time, email, password, phone, username, default_user)
+values (23, '612025cb3f964a64a48bbdf77e53c2c1', now(), '[email protected]',
+        '$2a$10$MJKW44F.e.UH.54OY36b6eCPpp8KRszL3vAgqLyL1WWnpbGp7A8zW', '', 'mobile', 0);
 
-insert into user_privilege(user_id,privilege) values (23,'MOBILE');
+insert into user_privilege(user_id, privilege)
+values (23, 'MOBILE');
 
 
 -- initial oauth client details test data
--- 'unity-client'   support browser, js(flash) visit,  secret:  unity
+-- 'unity-client'   support browser device visit,  secret:  unity
 -- 'mobile-client'  only support mobile-device visit,  secret:  mobile
-truncate  oauth_client_details;
-insert into oauth_client_details
-(client_id, resource_ids, client_secret, scope, authorized_grant_types,
-web_server_redirect_uri,authorities, access_token_validity,
-refresh_token_validity, additional_information, create_time, archived, trusted)
-values
-('unity-client','sos-resource', '$2a$10$QQTKDdNfj9sPjak6c8oWaumvTsa10MxOBOV6BW3DvLWU6VrjDfDam', 'read','authorization_code,refresh_token,implicit',
-'http://localhost:8080/spring-oauth-server/unity/dashboard','ROLE_CLIENT',null,
-null,null, now(), 0, 0),
-('mobile-client','sos-resource', '$2a$10$uLvpxfvm3CuUyjIvYq7a9OUmd9b3tHFKrUaMyU/jC01thrTdkBDVm', 'read','password,refresh_token',
-null,'ROLE_CLIENT',null,
-null,null, now(), 0, 0);
+truncate oauth2_registered_client;
+insert into oauth2_registered_client
+(id, create_time, client_id, client_secret, client_name, client_authentication_methods,
+ authorization_grant_types, redirect_uris, post_logout_redirect_uris, scopes, client_settings, token_settings)
+values ('851eee5eaba94b0cacca53a3ef543423', now(), 'unity-client',
+        '$2a$10$QQTKDdNfj9sPjak6c8oWaumvTsa10MxOBOV6BW3DvLWU6VrjDfDam',
+        'Unity-Client',
+        'client_secret_post,client_secret_jwt,client_secret_basic',
+        'refresh_token,urn:ietf:params:oauth:grant-type:device_code,authorization_code',
+        'http://localhost:8080/unity/dashboard', null, 'openid,profile,email',
+        '{"@class":"java.util.Collections$UnmodifiableMap","settings.client.require-proof-key":true,"settings.client.require-authorization-consent":true}',
+        '{"@class":"java.util.Collections$UnmodifiableMap","settings.token.reuse-refresh-tokens":true,"settings.token.id-token-signature-algorithm":["org.springframework.security.oauth2.jose.jws.SignatureAlgorithm","ES256"],"settings.token.access-token-time-to-live":["java.time.Duration",7200.000000000],"settings.token.access-token-format":{"@class":"org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat","value":"self-contained"},"settings.token.refresh-token-time-to-live":["java.time.Duration",172800.000000000],"settings.token.authorization-code-time-to-live":["java.time.Duration",120.000000000],"settings.token.device-code-time-to-live":["java.time.Duration",300.000000000]}'),
+       ('aedd67f6dae441b99e3a0fb27889ce12', now(), 'mobile-client',
+        '$2a$10$uLvpxfvm3CuUyjIvYq7a9OUmd9b3tHFKrUaMyU/jC01thrTdkBDVm',
+        'Mobile-Client',
+        'client_secret_post,client_secret_basic',
+        'refresh_token,password',
+        null, null, 'openid,profile',
+        '{"@class":"java.util.Collections$UnmodifiableMap","settings.client.require-proof-key":true,"settings.client.require-authorization-consent":true}',
+        '{"@class":"java.util.Collections$UnmodifiableMap","settings.token.reuse-refresh-tokens":true,"settings.token.id-token-signature-algorithm":["org.springframework.security.oauth2.jose.jws.SignatureAlgorithm","ES256"],"settings.token.access-token-time-to-live":["java.time.Duration",7200.000000000],"settings.token.access-token-format":{"@class":"org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat","value":"self-contained"},"settings.token.refresh-token-time-to-live":["java.time.Duration",172800.000000000],"settings.token.authorization-code-time-to-live":["java.time.Duration",120.000000000],"settings.token.device-code-time-to-live":["java.time.Duration",300.000000000]}');
+
+

others/boot/spring-boot-reference(2.0.0).pdf

@@ -12,29 +12,40 @@
 -- ###############
 -- Domain:  User
 -- ###############
-Drop table  if exists user_;
-CREATE TABLE user_ (
-  id int(11) NOT NULL auto_increment,
-  guid varchar(255) not null unique,
-  create_time datetime ,
-  archived tinyint(1) default '0',
-  email varchar(255),
-  password varchar(255) not null,
-  phone varchar(255),
-  username varchar(255) not null unique,
-   default_user tinyint(1) default '0',
-   last_login_time datetime ,
-  PRIMARY KEY  (id)
-) ENGINE=InnoDB AUTO_INCREMENT=20 DEFAULT CHARSET=utf8;
+Drop table if exists user_;
+CREATE TABLE user_
+(
+    id              int(11)      NOT NULL auto_increment,
+    guid            varchar(255) not null unique,
+    create_time     datetime,
+    archived        tinyint(1) default '0',
+    updated_time    TIMESTAMP  DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+    username        varchar(255) not null unique,
+    password        varchar(255) not null,
+    enabled         tinyint(1) default '1',
+    phone           varchar(255),
+    email           varchar(255),
+    address         varchar(255),
+    nickname        varchar(255),
+    updated_at      int(15)    default 0,
+    default_user    tinyint(1) default '0',
+    last_login_time datetime,
+    PRIMARY KEY (id),
+    index idx_username (username)
+) ENGINE = InnoDB
+  AUTO_INCREMENT = 20
+  DEFAULT CHARSET = utf8;
 
 
 -- ###############
 -- Domain:  Privilege
 -- ###############
-Drop table  if exists user_privilege;
-CREATE TABLE user_privilege (
-  user_id int(11),
-  privilege varchar(255),
-  KEY user_id_index (user_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+Drop table if exists user_privilege;
+CREATE TABLE user_privilege
+(
+    user_id   int(11),
+    privilege varchar(255),
+    KEY user_id_index (user_id)
+) ENGINE = InnoDB
+  DEFAULT CHARSET = utf8;
 

others/boot/spring-oauth-server.zip

@@ -1,66 +1,84 @@
 --
---  Oauth sql  -- MYSQL
+--  Oauth sql  -- MYSQL  v3.0.0
 --
 
-Drop table  if exists oauth_client_details;
-create table oauth_client_details (
-  client_id VARCHAR(255) PRIMARY KEY,
-  resource_ids VARCHAR(255),
-  client_secret VARCHAR(255),
-  scope VARCHAR(255),
-  authorized_grant_types VARCHAR(255),
-  web_server_redirect_uri VARCHAR(255),
-  authorities VARCHAR(255),
-  access_token_validity INTEGER,
-  refresh_token_validity INTEGER,
-  additional_information TEXT,
-  create_time timestamp default now(),
-  archived tinyint(1) default '0',
-  trusted tinyint(1) default '0',
-  autoapprove VARCHAR (255) default 'false'
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+Drop table if exists oauth2_registered_client;
+CREATE TABLE oauth2_registered_client
+(
+    id                            varchar(100)                            NOT NULL,
+    archived                      TINYINT(1)    DEFAULT '0',
+    create_time                   DATETIME,
+    updated_time                  TIMESTAMP     DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+    client_id                     varchar(100)                            NOT NULL,
+    client_id_issued_at           timestamp     DEFAULT CURRENT_TIMESTAMP NOT NULL,
+    client_secret                 varchar(200)  DEFAULT NULL,
+    client_secret_expires_at      datetime      DEFAULT NULL,
+    client_name                   varchar(200)                            NOT NULL,
+    client_authentication_methods varchar(1000)                           NOT NULL,
+    authorization_grant_types     varchar(1000)                           NOT NULL,
+    redirect_uris                 varchar(1000) DEFAULT NULL,
+    post_logout_redirect_uris     varchar(1000) DEFAULT NULL,
+    scopes                        varchar(1000)                           NOT NULL,
+    client_settings               varchar(2000)                           NOT NULL,
+    token_settings                varchar(2000)                           NOT NULL,
+    PRIMARY KEY (id)
+) ENGINE = InnoDB
+  DEFAULT CHARSET = utf8;
 
+-- authorization
+Drop table if exists oauth2_authorization;
+CREATE TABLE oauth2_authorization
+(
+    id                            varchar(100) NOT NULL,
+    registered_client_id          varchar(100) NOT NULL,
+    principal_name                varchar(200) NOT NULL,
+    authorization_grant_type      varchar(100) NOT NULL,
+    authorized_scopes             varchar(1000) DEFAULT NULL,
+    attributes                    blob          DEFAULT NULL,
+    state                         varchar(500)  DEFAULT NULL,
+    authorization_code_value      blob          DEFAULT NULL,
+    authorization_code_issued_at  datetime      DEFAULT NULL,
+    authorization_code_expires_at datetime      DEFAULT NULL,
+    authorization_code_metadata   blob          DEFAULT NULL,
+    access_token_value            blob          DEFAULT NULL,
+    access_token_issued_at        datetime      DEFAULT NULL,
+    access_token_expires_at       datetime      DEFAULT NULL,
+    access_token_metadata         blob          DEFAULT NULL,
+    access_token_type             varchar(100)  DEFAULT NULL,
+    access_token_scopes           varchar(1000) DEFAULT NULL,
+    oidc_id_token_value           blob          DEFAULT NULL,
+    oidc_id_token_issued_at       datetime      DEFAULT NULL,
+    oidc_id_token_expires_at      datetime      DEFAULT NULL,
+    oidc_id_token_metadata        blob          DEFAULT NULL,
+    refresh_token_value           blob          DEFAULT NULL,
+    refresh_token_issued_at       datetime      DEFAULT NULL,
+    refresh_token_expires_at      datetime      DEFAULT NULL,
+    refresh_token_metadata        blob          DEFAULT NULL,
+    user_code_value               blob          DEFAULT NULL,
+    user_code_issued_at           datetime      DEFAULT NULL,
+    user_code_expires_at          datetime      DEFAULT NULL,
+    user_code_metadata            blob          DEFAULT NULL,
+    device_code_value             blob          DEFAULT NULL,
+    device_code_issued_at         datetime      DEFAULT NULL,
+    device_code_expires_at        datetime      DEFAULT NULL,
+    device_code_metadata          blob          DEFAULT NULL,
+    updated_time                  TIMESTAMP     DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+    PRIMARY KEY (id)
+) ENGINE = InnoDB
+  DEFAULT CHARSET = utf8;
 
-Drop table  if exists oauth_access_token;
-create table oauth_access_token (
-  create_time timestamp default now(),
-  token_id VARCHAR(255),
-  token BLOB,
-  authentication_id VARCHAR(255),
-  user_name VARCHAR(255),
-  client_id VARCHAR(255),
-  authentication BLOB,
-  refresh_token VARCHAR(255)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
+-- authorization consent
+Drop table if exists oauth2_authorization_consent;
+CREATE TABLE oauth2_authorization_consent
+(
+    registered_client_id varchar(100)  NOT NULL,
+    principal_name       varchar(200)  NOT NULL,
+    authorities          varchar(1000) NOT NULL,
+    updated_time         TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
+    PRIMARY KEY (registered_client_id, principal_name)
+) ENGINE = InnoDB
+  DEFAULT CHARSET = utf8;
 
-Drop table  if exists oauth_refresh_token;
-create table oauth_refresh_token (
-  create_time timestamp default now(),
-  token_id VARCHAR(255),
-  token BLOB,
-  authentication BLOB
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-
-Drop table  if exists oauth_code;
-create table oauth_code (
-  create_time timestamp default now(),
-  code VARCHAR(255),
-  authentication BLOB
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-
-
--- Add indexes
-create index token_id_index on oauth_access_token (token_id);
-create index authentication_id_index on oauth_access_token (authentication_id);
-create index user_name_index on oauth_access_token (user_name);
-create index client_id_index on oauth_access_token (client_id);
-create index refresh_token_index on oauth_access_token (refresh_token);
-
-create index token_id_index on oauth_refresh_token (token_id);
-
-create index code_index on oauth_code (code);