Spring boot 带passwordEncoder的AuthenticationProvider
当我尝试使用密码编码器检查时。它没有工作,我看到“坏密码”。 我应该如何接收身份验证。getCredentials()以检查密码 如果我保存用户而不进行编码,并尝试登录,它就会工作Spring boot 带passwordEncoder的AuthenticationProvider,spring-boot,encoding,spring-security,oauth-2.0,Spring Boot,Encoding,Spring Security,Oauth 2.0,当我尝试使用密码编码器检查时。它没有工作,我看到“坏密码”。 我应该如何接收身份验证。getCredentials()以检查密码 如果我保存用户而不进行编码,并尝试登录,它就会工作 @Component public class AuthClient implements AuthenticationProvider { @Autowired private ClientRepository clientRepository; @Autowired Passw
@Component
public class AuthClient implements AuthenticationProvider {
@Autowired
private ClientRepository clientRepository;
@Autowired
PasswordEncoder passwordEncoder;
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
String username = authentication.getName();
String checkPassword = passwordEncoder.encode(authentication.getCredentials().toString());
Client client = this.clientRepository.findByUsername(username);
if (client == null) {
throw new UsernameNotFoundException("Invalid username/password");
}
String password = client.getPassword();
if (!password.equals(checkPassword)) {
throw new BadCredentialsException("Bad password");
}
Collection<? extends GrantedAuthority> authorities = translate();
return new UsernamePasswordAuthenticationToken(username,password,authorities);
}
private Collection<? extends GrantedAuthority> translate() {
List<GrantedAuthority> authorities = new ArrayList<>();
authorities.add(new SimpleGrantedAuthority("ROLE_CLIENT"));
return authorities;
}
@Override
public boolean supports(Class<?> authentication) {
return (UsernamePasswordAuthenticationToken.class
.isAssignableFrom(authentication));
}
}
@组件
公共类AuthClient实现AuthenticationProvider{
@自动连线
私人委托人委托人委托人;
@自动连线
密码编码器;
@凌驾
公共身份验证(身份验证)引发AuthenticationException{
字符串username=authentication.getName();
String checkPassword=passwordEncoder.encode(authentication.getCredentials().toString());
Client Client=this.clientRepository.findByUsername(用户名);
if(客户端==null){
抛出新用户名NotFoundException(“无效用户名/密码”);
}
字符串密码=client.getPassword();
如果(!password.equals(checkPassword)){
抛出新的BadCredentialsException(“坏密码”);
}
Collection如果要测试两个密码,则需要使用passwordEncoder,如下所示:
String presentedPassword = authentication.getCredentials().toString();
if (!passwordEncoder.matches(presentedPassword, client.getPassword())) {
throw new BadCredentialsException("Bad password");
}