Java Spring Oauth2,尝试在用户注册api调用期间获取access_令牌,而不通过oauth/token端点获取它
好的,我有一个移动到SpringJavaAPI的Rest堆栈。我已经实现了spring指南中描述的Oauth2安全性。我使用标准oauth/令牌端点让用户使用凭据登录。由于我们正在尝试合并移动设备对API的调用,因此我们希望在注册/step2端点的响应中放置一个access_令牌对象(此时,用户凭据和密码已保存到DB)。我不确定需要添加什么代码才能以这种方式获得访问令牌Java Spring Oauth2,尝试在用户注册api调用期间获取access_令牌,而不通过oauth/token端点获取它,java,spring,oauth,spring-security-oauth2,Java,Spring,Oauth,Spring Security Oauth2,好的,我有一个移动到SpringJavaAPI的Rest堆栈。我已经实现了spring指南中描述的Oauth2安全性。我使用标准oauth/令牌端点让用户使用凭据登录。由于我们正在尝试合并移动设备对API的调用,因此我们希望在注册/step2端点的响应中放置一个access_令牌对象(此时,用户凭据和密码已保存到DB)。我不确定需要添加什么代码才能以这种方式获得访问令牌 <bean id="clientCredentialsTokenEndpointFilter" class="org.s
<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</list>
</constructor-arg>
</bean>
<!-- Default authentication manager -->
<!--<security:authentication-manager alias="authenticationManager">-->
<!--<security:authentication-provider user-service-ref='userService' />-->
<!--<security:authentication-provider ref="daoAuthenticationProvider" />-->
<!--</security:authentication-manager>-->
<!--New authentication manager -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticationProvider"/>
<security:authentication-provider user-service-ref='userService' />
</security:authentication-manager>
<beans:bean id="authenticationProvider" class="com.special.authenticationProvider" >
<property name="userDetailsService" ref="userService" />
<property name="passwordEncoder" ref="passwordEncoder" />
<property name="saltSource" ref="saltSource" />
</beans:bean>
<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="clientDetailsService" />
</bean>
<!-- Authentication manager for OAUTH token request endpoint -->
<security:authentication-manager id="clientAuthenticationManager">
<security:authentication-provider user-service-ref="clientDetailsUserService" />
</security:authentication-manager>
<!-- oauth token storage -->
<bean id="oauthDataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="${database.driverClassName}" />
<property name="url" value="${database.url}" />
<property name="username" value="${database.username}" />
<property name="password" value="${database.password}" />
</bean>
<bean id="tokenStore"
class="com.special.JdbcTokenStoreUserID">
</bean>
<bean id="tokenStoreCore"
class="org.springframework.security.oauth2.provider.token.JdbcTokenStore">
<constructor-arg ref="oauthDataSource" />
</bean>
<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="clientDetailsService" ref="clientDetailsService" />
<property name="tokenEnhancer" ref="customTokenEnhancer" />
</bean>
<bean id="userApprovalHandler" class="org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler">
<property name="tokenServices" ref="tokenServices" />
</bean>
<bean id="customTokenEnhancer" class="com.special.CustomTokenEnhancer"></bean>
我知道我必须向TokenGranter发出一些带有一些参数的DefaultTokenRequest。以下是我的一些配置:
<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<property name="authenticationManager" ref="clientAuthenticationManager" />
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<constructor-arg>
<list>
<bean class="org.springframework.security.oauth2.provider.vote.ScopeVoter" />
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
</list>
</constructor-arg>
</bean>
<!-- Default authentication manager -->
<!--<security:authentication-manager alias="authenticationManager">-->
<!--<security:authentication-provider user-service-ref='userService' />-->
<!--<security:authentication-provider ref="daoAuthenticationProvider" />-->
<!--</security:authentication-manager>-->
<!--New authentication manager -->
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="authenticationProvider"/>
<security:authentication-provider user-service-ref='userService' />
</security:authentication-manager>
<beans:bean id="authenticationProvider" class="com.special.authenticationProvider" >
<property name="userDetailsService" ref="userService" />
<property name="passwordEncoder" ref="passwordEncoder" />
<property name="saltSource" ref="saltSource" />
</beans:bean>
<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="clientDetailsService" />
</bean>
<!-- Authentication manager for OAUTH token request endpoint -->
<security:authentication-manager id="clientAuthenticationManager">
<security:authentication-provider user-service-ref="clientDetailsUserService" />
</security:authentication-manager>
<!-- oauth token storage -->
<bean id="oauthDataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="${database.driverClassName}" />
<property name="url" value="${database.url}" />
<property name="username" value="${database.username}" />
<property name="password" value="${database.password}" />
</bean>
<bean id="tokenStore"
class="com.special.JdbcTokenStoreUserID">
</bean>
<bean id="tokenStoreCore"
class="org.springframework.security.oauth2.provider.token.JdbcTokenStore">
<constructor-arg ref="oauthDataSource" />
</bean>
<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="clientDetailsService" ref="clientDetailsService" />
<property name="tokenEnhancer" ref="customTokenEnhancer" />
</bean>
<bean id="userApprovalHandler" class="org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler">
<property name="tokenServices" ref="tokenServices" />
</bean>
<bean id="customTokenEnhancer" class="com.special.CustomTokenEnhancer"></bean>