我的应用程序使用Spring Security Oauth2和JWTToken。
我正在尝试在返回错误401时修改响应的主体,这在未经身份验证的用户尝试访问数据时会发生:
{
"error": "invalid_token",
"error_description": "Cannot convert access token to JSON"
}
为此,我实现了自己的WebResponseExceptionTranslator,并将其设置在我的身份验证入口点中:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.authenticationEntryPoint(authenticationEntryPoint());
}
@Bean
public AuthenticationEntryPoint authenticationEntryPoint () {
OAuth2AuthenticationEntryPoint authenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
authenticationEntryPoint.setExceptionTranslator(new CustomWebResponseExceptionTranslator());
return authenticationEntryPoint;
}
}
但是,它继续使用默认的WebResponseExceptionTranslator。所以,我的问题是,我怎么能强迫他使用我的?
答案 0 :(得分:0)
如果您使用WebResponseExceptionTranslator,则应将其放在AuthorizationServerEndpointsConfigurer中,如下所示:
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
enhancerChain.setTokenEnhancers(Arrays.asList(accessTokenConverter));
endpoints.tokenStore(tokenStore)
.accessTokenConverter(accessTokenConverter)
.tokenEnhancer(enhancerChain)
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService)
.exceptionTranslator(webResponseExceptionTranslator());