Java OAuth2Client每次都返回相同的令牌
我有授权服务器。除了标准的功能外,我还有一个控制器,它允许创建用户。用户创建成功后,该方法必须返回此用户的令牌。问题是该方法仅在第一次调用时返回有效令牌。在下一次调用中,以下用户将获得第一个用户的令牌。我试图为restTemplate设置作用域(请求),但得到了错误:“作用域‘请求’对于当前线程不是活动的” 和我的控制器:Java OAuth2Client每次都返回相同的令牌,java,spring,oauth-2.0,token,spring-security-oauth2,Java,Spring,Oauth 2.0,Token,Spring Security Oauth2,我有授权服务器。除了标准的功能外,我还有一个控制器,它允许创建用户。用户创建成功后,该方法必须返回此用户的令牌。问题是该方法仅在第一次调用时返回有效令牌。在下一次调用中,以下用户将获得第一个用户的令牌。我试图为restTemplate设置作用域(请求),但得到了错误:“作用域‘请求’对于当前线程不是活动的” 和我的控制器: @RestController public class UserRestController { @Autowired private OAuth2Rest
@RestController
public class UserRestController {
@Autowired
private OAuth2RestOperations restTemplate;
@PostMapping("/user")
public OAuth2AccessToken createUserCredential(@RequestBody UserCredential user) {
user.validate();
userCredentialService.checkAndSaveUser(user, getClientIp(request));
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("username", user.getLogin());
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("password", user.getPassword);
return restTemplate.getAccessToken();
}
}
@RestController
public class UserRestController {
@Autowired
private OAuthClientConfig oAuthClientConfig;
@PostMapping("/user")
public OAuth2AccessToken createUserCredential(@RequestBody UserCredential user) {
user.validate();
userCredentialService.checkAndSaveUser(user, getClientIp(request));
OAuth2RestOperations restTemplate = oAuthClientConfig.restTemplate();
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("username", user.getLogin());
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("password", user.getPassword);
return restTemplate.getAccessToken();
}
}
在AuthorizationServer内部可能存在更正确的获取令牌的方法吗?我认为有一些特殊的方法。。但是没有找到它。并按以下方法解决了问题
@EnableOAuth2Client
@Configuration
public class OAuthClientConfig {
@Autowired
AuthorizationServerConfig authorizationServerConfig;
public OAuth2RestOperations restTemplate() {
AccessTokenRequest atr = new DefaultAccessTokenRequest();
return new OAuth2RestTemplate(authorizationServerConfig.getOwnerPasswordResource(), new DefaultOAuth2ClientContext(atr));
}
}
和我的控制器:
@RestController
public class UserRestController {
@Autowired
private OAuth2RestOperations restTemplate;
@PostMapping("/user")
public OAuth2AccessToken createUserCredential(@RequestBody UserCredential user) {
user.validate();
userCredentialService.checkAndSaveUser(user, getClientIp(request));
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("username", user.getLogin());
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("password", user.getPassword);
return restTemplate.getAccessToken();
}
}
@RestController
public class UserRestController {
@Autowired
private OAuthClientConfig oAuthClientConfig;
@PostMapping("/user")
public OAuth2AccessToken createUserCredential(@RequestBody UserCredential user) {
user.validate();
userCredentialService.checkAndSaveUser(user, getClientIp(request));
OAuth2RestOperations restTemplate = oAuthClientConfig.restTemplate();
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("username", user.getLogin());
restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("password", user.getPassword);
return restTemplate.getAccessToken();
}
}
也许这会对某人有所帮助我面临着同样的问题,我找到了另一种方法使它发挥作用
@Bean
@Primary
@Scope(value = WebApplicationContext.SCOPE_REQUEST, proxyMode = ScopedProxyMode.TARGET_CLASS)
public OAuth2RestTemplate oauth2RestTemplate(OAuth2ClientContext context,
OAuth2ProtectedResourceDetails details) {
AccessTokenRequest atr = new DefaultAccessTokenRequest();
OAuth2RestTemplate template = new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(atr));
AccessTokenProvider accessTokenProvider = new AccessTokenProviderChain(Arrays.<AccessTokenProvider>asList(
new AuthorizationCodeAccessTokenProvider(), new ImplicitAccessTokenProvider(),
new ResourceOwnerPasswordAccessTokenProvider(), new ClientCredentialsAccessTokenProvider()));
template.setAccessTokenProvider(accessTokenProvider);
return template;
}
private final OAuth2RestTemplate oauth2RestTemplate;
@GetMapping(path = "/token")
public String token(Credentials credentials) {
oauth2RestTemplate.getOAuth2ClientContext()
.getAccessTokenRequest().add("username", credentials.getEmail());
oauth2RestTemplate.getOAuth2ClientContext()
.getAccessTokenRequest().add("password", credentials.getPass());
final OAuth2AccessToken accessToken = oauth2RestTemplate.getAccessToken();
final String accessTokenAsString = accessToken.getValue();
return accessTokenAsString ;
}