是否可以使用spring誓言密码流实施2因素身份验证?我想在端点/ oauth / token上使用http过滤器。我的oauth访问令牌授权是通过REST完成的,因此整个身份验证过程将是宁静的。
这将是我的自定义过滤器,但我不确定在哪里连线:
public class TwoFactorAuthenticationFilter extends UsernamePasswordAuthenticationFilter
{
private String extraParameter = "extra";
private String delimiter = ":";
/**
* Given an {@link HttpServletRequest}, this method extracts the username and the extra input
* values and returns a combined username string of those values separated by the delimiter
* string.
*
* @param request The {@link HttpServletRequest} containing the HTTP request variables from
* which the username client domain values can be extracted
*/
@Override
protected String obtainUsername(HttpServletRequest request)
{
String username = request.getParameter(getUsernameParameter());
String extraInput = request.getParameter(getExtraParameter());
String combinedUsername = username + getDelimiter() + extraInput;
System.out.println("Combined username = " + combinedUsername);
return combinedUsername;
}
/**
* @return The parameter name which will be used to obtain the extra input from the login request
*/
public String getExtraParameter()
{
return this.extraParameter;
}
/**
* @param extraParameter The parameter name which will be used to obtain the extra input from the login request
*/
public void setExtraParameter(String extraParameter)
{
this.extraParameter = extraParameter;
}
/**
* @return The delimiter string used to separate the username and extra input values in the
* string returned by <code>obtainUsername()</code>
*/
public String getDelimiter()
{
return this.delimiter;
}
/**
* @param delimiter The delimiter string used to separate the username and extra input values in the
* string returned by <code>obtainUsername()</code>
*/
public void setDelimiter(String delimiter)
{
this.delimiter = delimiter;
}
}