我需要帮助,以解决我的代码中的不便之处,我正在实现具有弹簧安全性的oauth jwt服务,该令牌通常会发送其他信息,而我不希望这样做。
我能做什么?
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJidXNpbmVzc19uYW1lIjoiTkVYTyBMVUJSSUNBTlRFUyBTLkEuIiwidXNlcl9uYW1lIjoiMjA1Mzc3Mzg3NzUtQURNSU4iLCJzY29wZSI6WyJhcGktcmVwb3J0IiwicmVhZCIsIndyaXRlIl0sInVzZXJfbmlja25hbWUiOiJTT1BPUlRFIEZBQ1RVUyIsImJ1c2luZXNzX2NvZGUiOiIyMDUzNzczODc3NSIsImV4cCI6MTU0ODQ5MjQ1MCwiYXV0aG9yaXRpZXMiOlsiUk9MRV9BRE1JTiJdLCJqdGkiOiJiMDFmZWI4Ny03NGFhLTQxOTctODdiYS02YzQ1ZjU3ZWFjZTAiLCJjbGllbnRfaWQiOiJhcGktZmFjdHVzLXJlcG9ydCJ9.wyQy2VB2AYfsvOjiidj3aPgsLEk-rt7xTx_v9Nz0D1s",
"token_type": "bearer",
"expires_in": 3599, (I don't want to show)
"scope": "api-report read write", (I don't want to show)
"business_name": "NEXO LUBRICANTES S.A.", (I don't want to show)
"user_nickname": "SOPORTE FACTUS", (I don't want to show)
"business_code": "20537738775", (I don't want to show)
"jti": "b01feb87-74aa-4197-87ba-6c45f57eace0" (I don't want to show)
}
AuthorizationServerConfig.java
@Bean
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(false);
return defaultTokenServices;
}
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
final TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter()));
endpoints.tokenStore(tokenStore()).tokenEnhancer(tokenEnhancerChain).authenticationManager(authenticationManager);
}
@Bean
public TokenStore tokenStore() { return new JwtTokenStore(accessTokenConverter()); }
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
// final KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("mytest.jks"), "mypass".toCharArray());
// converter.setKeyPair(keyStoreKeyFactory.getKeyPair("mytest"));
return converter;
}
@Bean
public TokenEnhancer tokenEnhancer() { return new CustomTokenEnhancer(); }
@Bean
public BCryptPasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); }
CustomTokenEnhancer.java
public class CustomTokenEnhancer implements TokenEnhancer {
@Autowired
private UserMapper userMapper;
public List<User> getinfo(String user_name) {
List<User> userInfo = userMapper.joinUserBusiness(user_name);
return userInfo;
}
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
List<User> user_info = this.getinfo(authentication.getName());
final Map<String, Object> additionalInfo = new HashMap<>();
additionalInfo.put("user_nickname", user_info.get(0).getUser_name());
additionalInfo.put("business_name", user_info.get(0).getBusiness_name());
additionalInfo.put("business_code", user_info.get(0).getBusiness_code());
((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
return accessToken;
}
}