Spring Boot OAuth2手动创建新的JWT令牌
在我的Spring引导应用程序中,我已经用JWT令牌配置了Spring OAuth2服务器 此外,我还添加了Spring社交配置,以便能够通过各种社交网络(如Twitter、Facebook等)对用户进行身份验证 这是我的Spring Boot OAuth2手动创建新的JWT令牌,spring,spring-security,spring-security-oauth2,spring-social,spring-oauth2,Spring,Spring Security,Spring Security Oauth2,Spring Social,Spring Oauth2,在我的Spring引导应用程序中,我已经用JWT令牌配置了Spring OAuth2服务器 此外,我还添加了Spring社交配置,以便能够通过各种社交网络(如Twitter、Facebook等)对用户进行身份验证 这是我的SpringSocialconfig: @Configuration @EnableSocial public class SocialConfig extends SocialConfigurerAdapter { @Bean public Provider
SpringSocial
config:
@Configuration
@EnableSocial
public class SocialConfig extends SocialConfigurerAdapter {
@Bean
public ProviderSignInController providerSignInController(ConnectionFactoryLocator connectionFactoryLocator, UsersConnectionRepository usersConnectionRepository) {
return new ProviderSignInController(connectionFactoryLocator, usersConnectionRepository, new SimpleSignInAdapter(authTokenServices, "client_id", userService));
}
...
}
此外,根据大众化的回答,我已经实施了SimpleSignInAdapter
,以处理与第三方社交网络的成功身份验证:
public class SimpleSignInAdapter implements SignInAdapter {
final static Logger logger = LoggerFactory.getLogger(SimpleSignInAdapter.class);
public static final String REDIRECT_PATH_BASE = "/#/login";
public static final String FIELD_TOKEN = "access_token";
public static final String FIELD_EXPIRATION_SECS = "expires_in";
private final AuthorizationServerTokenServices authTokenServices;
private final String localClientId;
private final UserService userService;
public SimpleSignInAdapter(AuthorizationServerTokenServices authTokenServices, String localClientId, UserService userService){
this.authTokenServices = authTokenServices;
this.localClientId = localClientId;
this.userService = userService;
}
@Override
public String signIn(String userId, Connection<?> connection, NativeWebRequest request) {
UserDetails userDetails = loadUserById(Long.parseLong(userId));
OAuth2AccessToken oauth2Token = authTokenServices.createAccessToken(convertAuthentication(userDetails));
String redirectUrl = new StringBuilder(REDIRECT_PATH_BASE)
.append("?").append(FIELD_TOKEN).append("=")
.append(encode(oauth2Token.getValue()))
.append("&").append(FIELD_EXPIRATION_SECS).append("=")
.append(oauth2Token.getExpiresIn())
.toString();
return redirectUrl;
}
private OAuth2Authentication convertAuthentication(UserDetails userDetails) {
OAuth2Request request = new OAuth2Request(null, localClientId, null, true, null, null, null, null, null);
return new OAuth2Authentication(request, new UsernamePasswordAuthenticationToken(userDetails, "N/A", userDetails.getAuthorities()));
}
private String encode(String in) {
String res = in;
try {
res = UriUtils.encode(in, "UTF-8");
} catch(UnsupportedEncodingException e){
logger.error("ERROR: unsupported encoding: " + "UTF-8", e);
}
return res;
}
public UserDetails loadUserById(Long id) throws UsernameNotFoundException {
User user = userService.findUserById(id);
if (user == null) {
throw new UsernameNotFoundException("User " + id + " not found.");
}
Set<Permission> permissions = userService.getUserPermissions(user);
return new DBUserDetails(user, permissions);
}
}
但是我需要创建JWT令牌
如何创建此令牌或将其转换为基于JWT的令牌?我想我可以为此使用
JwtAccessTokenConverter
类,但目前不知道如何使用。调试后,我找到了一个解决方案:
private final TokenEnhancer tokenEnhancer;
...
OAuth2Authentication authentication = convertAuthentication(userDetails);
OAuth2AccessToken accessToken = authTokenServices.createAccessToken(authentication);
accessToken = tokenEnhancer.enhance(accessToken, authentication);
在我想要自己定制的JWT代币后,这对我来说很有效
DefaultTokenServices service = new DefaultTokenServices();
service.setTokenStore(jwtAccessTokenConverter);
service.setTokenEnhancer(jwtAccessTokenConverter);
OAuth2AccessToken token = service.createAccessToken(authentication);
自动连接jwtAccessTokenConverter
@Autowired
private JwtAccessTokenConverter jwtAccessTokenConverter;
@Autowired
private JwtAccessTokenConverter jwtAccessTokenConverter;