From f2b93d3bc4557a6dfaf39c4c86509da3f5a540ae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BC=A0=E5=B0=8F=E5=86=9B?= <519601176@qq.com> Date: Wed, 26 Jan 2022 16:07:28 +0800 Subject: [PATCH] =?UTF-8?q?spring-security-oauth2=20=E4=BD=BF=E7=94=A8=20T?= =?UTF-8?q?okenEnhancer=20=E8=87=AA=E5=AE=9A=E4=B9=89=E7=94=9F=E6=88=90?= =?UTF-8?q?=E4=BB=A4=E7=89=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../test2/AuthorizationServerConfig.java | 3 ++ .../oauth2/test2/CustomTokenEnhancer.java | 40 +++++++++++++++++++ .../oauth2/test2/UserDetailsServiceImpl.java | 5 --- 3 files changed, 43 insertions(+), 5 deletions(-) create mode 100644 src/main/java/com/example/oauth2/test2/CustomTokenEnhancer.java diff --git a/src/main/java/com/example/oauth2/test2/AuthorizationServerConfig.java b/src/main/java/com/example/oauth2/test2/AuthorizationServerConfig.java index 27d8596..ef216cf 100644 --- a/src/main/java/com/example/oauth2/test2/AuthorizationServerConfig.java +++ b/src/main/java/com/example/oauth2/test2/AuthorizationServerConfig.java @@ -40,6 +40,8 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap private ClientDetailsService clientDetailsService; @Resource private TokenStore tokenStore; + @Resource + private CustomTokenEnhancer customTokenEnhancer; /** @@ -63,6 +65,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap service.setSupportRefreshToken(true); service.setClientDetailsService(clientDetailsService); service.setTokenStore(tokenStore); + service.setTokenEnhancer(customTokenEnhancer); service.setAccessTokenValiditySeconds(7200); // 令牌默认有效期2小时 //service.setRefreshTokenValiditySeconds(259200); // 刷新令牌默认有效期3天 return service; diff --git a/src/main/java/com/example/oauth2/test2/CustomTokenEnhancer.java b/src/main/java/com/example/oauth2/test2/CustomTokenEnhancer.java new file mode 100644 index 0000000..af2312e --- /dev/null +++ b/src/main/java/com/example/oauth2/test2/CustomTokenEnhancer.java @@ -0,0 +1,40 @@ +package com.example.oauth2.test2; + +import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; +import org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken; +import org.springframework.security.oauth2.common.OAuth2AccessToken; +import org.springframework.security.oauth2.common.OAuth2RefreshToken; +import org.springframework.security.oauth2.provider.OAuth2Authentication; +import org.springframework.security.oauth2.provider.token.TokenEnhancer; +import org.springframework.stereotype.Component; + +import java.util.HashMap; +import java.util.Map; +import java.util.UUID; + +@Component +public class CustomTokenEnhancer implements TokenEnhancer { + @Override + public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,OAuth2Authentication authentication) { + if (accessToken instanceof DefaultOAuth2AccessToken) { + DefaultOAuth2AccessToken token = ((DefaultOAuth2AccessToken) accessToken); + token.setValue(getNewToken()); + OAuth2RefreshToken refreshToken = token.getRefreshToken(); + if (refreshToken instanceof DefaultOAuth2RefreshToken) { + token.setRefreshToken(new DefaultOAuth2RefreshToken(getNewToken())); + } + Map additionalInformation = new HashMap(); + //自定义返回的拓展字段 + additionalInformation.put("client_id", authentication.getOAuth2Request().getClientId()); + additionalInformation.put("custom_key", "custom_key"); + additionalInformation.put("username", authentication.getOAuth2Request().getRequestParameters().get("username")); + + token.setAdditionalInformation(additionalInformation); + return token; + } + return accessToken; + } + private String getNewToken() { + return "自定义token" + UUID.randomUUID().toString().replace("-", ""); + } +} diff --git a/src/main/java/com/example/oauth2/test2/UserDetailsServiceImpl.java b/src/main/java/com/example/oauth2/test2/UserDetailsServiceImpl.java index ef2cd05..2fbde05 100644 --- a/src/main/java/com/example/oauth2/test2/UserDetailsServiceImpl.java +++ b/src/main/java/com/example/oauth2/test2/UserDetailsServiceImpl.java @@ -10,8 +10,6 @@ import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.oauth2.common.OAuth2AccessToken; -import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; import org.springframework.stereotype.Service; import javax.annotation.Resource; @@ -33,9 +31,6 @@ public class UserDetailsServiceImpl implements UserDetailsService { */ @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - - OAuth2AccessToken oAuth2AccessToken = new RedisTokenStore(redisConnectionFactory).readAccessToken("7a99cc45-42ce-4447-acbe-f30756dde928"); - System.out.println(oAuth2AccessToken); //登录账号 logger.info("当前登录用户:username:{} 登录时间:{}", username, new Date()); // 根据账号去数据库查询... -- GitLab