增加OAUTH2 客户端模式授权

 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/controller/admin/auth/vo/AuthLoginRespVO.java

@@ -18,10 +18,10 @@
    @Schema(description = "用户编号", requiredMode = Schema.RequiredMode.REQUIRED, example = "1024")
    private Long userId;

    @Schema(description = "访问令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "happy")
    @Schema(description = "访问令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "7e7372154ba54f90aaffcb67e27ef81f")
    private String accessToken;

    @Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "nice")
    @Schema(description = "刷新令牌", requiredMode = Schema.RequiredMode.REQUIRED, example = "7e7372154ba54f90aaffcb67e27ef81f")
    private String refreshToken;

    @Schema(description = "过期时间", requiredMode = Schema.RequiredMode.REQUIRED)

 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/controller/admin/oauth2/OAuth2OpenController.java

@@ -175,7 +175,7 @@
                accessTokenDO = oauth2GrantService.grantPassword(username, password, client.getClientId(), scopes);
                break;
            case CLIENT_CREDENTIALS:
                accessTokenDO = oauth2GrantService.grantClientCredentials(client.getClientId(), scopes);
                accessTokenDO = oauth2GrantService.grantClientCredentials(username, client.getClientId(), scopes);
                break;
            case REFRESH_TOKEN:
                accessTokenDO = oauth2GrantService.grantRefreshToken(refreshToken, client.getClientId());
@@ -226,6 +226,7 @@
     * 对应 Spring Security OAuth 的 AuthorizationEndpoint 类的 authorize 方法
     */
    @GetMapping("/authorize")
    @PermitAll
    @Operation(summary = "获得授权信息", description = "适合 code 授权码模式，或者 implicit 简化模式；在 sso.vue 单点登录界面被【获取】调用")
    @Parameter(name = "clientId", required = true, description = "客户端编号", example = "tudou")
    public CommonResult<OAuth2OpenAuthorizeInfoRespVO> authorize(@RequestParam("clientId") String clientId) {
@@ -259,6 +260,7 @@
            @Parameter(name = "auto_approve", required = true, description = "用户是否接受", example = "true"),
            @Parameter(name = "state", example = "1")
    })
    @PermitAll
    public CommonResult<String> approveOrDeny(@RequestParam("response_type") String responseType,
                                              @RequestParam("client_id") String clientId,
                                              @RequestParam(value = "scope", required = false) String scope,

 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/service/auth/AdminAuthService.java

@@ -24,6 +24,14 @@
    AdminUserDO authenticate(String username, String password);

    /**
     * 验证账号 + 密码。如果通过，则返回用户
     *
     * @param username 账号
     * @return 用户
     */
    AdminUserDO getTenantUser(String username);

    /**
     * 账号登录
     *
     * @param reqVO 登录信息

 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/service/auth/AdminAuthServiceImpl.java

@@ -93,6 +93,12 @@
    }

    @Override
    public AdminUserDO getTenantUser(String username) {
        AdminUserDO userByUsername = userService.getUserByUsername(username);
        return userByUsername;
    }

    @Override
    public AuthLoginRespVO login(AuthLoginReqVO reqVO) {
        // 校验验证码
        validateCaptcha(reqVO);

 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/service/oauth2/OAuth2ClientServiceImpl.java

@@ -135,9 +135,9 @@
            throw exception(OAUTH2_CLIENT_SCOPE_OVER);
        }
        // 校验回调地址
        if (StrUtil.isNotEmpty(redirectUri) && !StrUtils.startWithAny(redirectUri, client.getRedirectUris())) {
            throw exception(OAUTH2_CLIENT_REDIRECT_URI_NOT_MATCH, redirectUri);
        }
//        if (StrUtil.isNotEmpty(redirectUri) && !StrUtils.startWithAny(redirectUri, client.getRedirectUris())) {
//            throw exception(OAUTH2_CLIENT_REDIRECT_URI_NOT_MATCH, redirectUri);
//        }
        return client;
    }


 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/service/oauth2/OAuth2GrantService.java

@@ -97,7 +97,7 @@
     * @param scopes 授权范围
     * @return 访问令牌
     */
    OAuth2AccessTokenDO grantClientCredentials(String clientId, List<String> scopes);
    OAuth2AccessTokenDO grantClientCredentials(String username, String clientId, List<String> scopes);

    /**
     * 移除访问令牌

 iailab-module-system/iailab-module-system-biz/src/main/java/com/iailab/module/system/service/oauth2/OAuth2GrantServiceImpl.java

@@ -85,9 +85,10 @@
    }

    @Override
    public OAuth2AccessTokenDO grantClientCredentials(String clientId, List<String> scopes) {
        // TODO iailab：项目中使用 OAuth2 解决的是三方应用的授权，内部的 SSO 等问题，所以暂时不考虑 client_credentials 这个场景
        throw new UnsupportedOperationException("暂时不支持 client_credentials 授权模式");
    public OAuth2AccessTokenDO grantClientCredentials(String username, String clientId, List<String> scopes) {
        AdminUserDO tenantUser = adminAuthService.getTenantUser(username);
        // 创建访问令牌
        return oauth2TokenService.createAccessToken(tenantUser.getId(), UserTypeEnum.ADMIN.getValue(), clientId, scopes);
    }

    @Override