我正在尝试使用https://github.com/spring-projects/spring-security-oauth配置我的spring应用程序以使用JWT。我已经为ConsumerTokenServices提供了由JwtTokenStore支持的bean,但点击/oauth/token并没有给我一个JWT。
$ curl localhost:8643/contextpath/oauth/token?grant_type=client_credentials -u user:password`
{"access_token":"a78a6225-78d5-4cb8-9393-6c0b567a6f24","token_type":"bearer","expires_in":5684,"scope":"read write"}%
我知道正在使用TokenStore,因为点击check_token会产生错误,而之前没有错误。
$ curl https://localhost:8643/context/oauth/check_token?token=a78a6225-78d5-4cb8-9393-6c0b567a6f24
{"error":"invalid_token","error_description":"Cannot convert access token to JSON"}%
如何让TokenEndpoint吐出JWT?
答案 0 :(得分:1)
也许你应该使用spring提供的JwtAccessTokenConverter然后正确配置。 这是一个例子:
public class YourTokenEnhancer extends JwtAccessTokenConverter {
//you can autowire sth for you logic
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken,
OAuth2Authentication authentication) {
DefaultOAuth2AccessToken customAccessToken = new DefaultOAuth2AccessToken(accessToken);
OAuth2AccessToken enhancedToken = super.enhance(customAccessToken, authentication);
return enhancedToken;
}
配置为:
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
//other config...
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new YourTokenEnhancer();
converter.setSigningKey("secret");
return converter;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager)
.tokenStore(redisTokenStore())
.tokenServices(authorizationServerTokenServices())
.accessTokenConverter(accessTokenConverter())//configure it here
;
}
}