我正在使用auth2 spring boot.i两次调用了customauthenticationkeygenerator和extractKey调用,最火时间给出了失败的访问令牌错误,并在第二次访问时生成了访问令牌,但是使用时此访问令牌无效。
日志如下:
2019-02-28 11:32:28.925 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : 0777
2019-02-28 11:32:30.101 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : user_info
2019-02-28 11:32:31.367 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : 0777
2019-02-28 11:32:32.440 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : af5c36e17c3fc99328ac3ef9ce67f61a
2019-02-28 11:32:44.023 DEBUG 16548 --- [nio-8081-exec-7] o.s.s.o.p.token.store.JdbcTokenStore : Failed to find access token for authentication org.springframework.security.oauth2.provider.OAuth2Authentication@4be1da94: Principal: 0777; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: ROLE_TEST
2019-02-28 11:32:44.037 INFO 16548 --- [nio-8081-exec-7] o.s.s.o.p.token.store.JdbcTokenStore : Failed to find access token for token 6b92258a-2c40-4ed4-b66a-ab3acdea894b
2019-02-28 11:33:51.939 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : 0777
2019-02-28 11:33:53.007 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : user_info
2019-02-28 11:33:55.212 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : 0777
2019-02-28 11:34:07.499 INFO 16548 --- [nio-8081-exec-7] m.m.m.c.CustomAuthenticationKeyGenerator : af5c36e17c3fc99328ac3ef9ce67f61a
2019-02-28 11:34:20.322 DEBUG 16548 --- [nio-8081-exec-7] o.s.s.w.a.ExceptionTranslationFilter : Chain processed normally: SecurityContextHolder now cleared, as request processing completed
我的CustomAuthenticationKeyGenerator类类似于:
public class CustomAuthenticationKeyGenerator implements AuthenticationKeyGenerator {
private static final Logger LOG = Logger.getLogger(CustomAuthenticationKeyGenerator.class);
private static final String CLIENT_ID = "client_id";
private static final String SCOPE = "scope";
private static final String USERNAME = "username";
@Override
public String extractKey(OAuth2Authentication authentication) {
Map<String, String> values = new LinkedHashMap<String, String>();
OAuth2Request authorizationRequest = authentication.getOAuth2Request();
if (!authentication.isClientOnly()) {
values.put(USERNAME, authentication.getName());
LOG.info(authentication.getName());
}
values.put(CLIENT_ID, authorizationRequest.getClientId());
if (authorizationRequest.getScope() != null) {
values.put(SCOPE, OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
LOG.info(OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
}
//String deviceId = authorizationRequest.getRequestParameters().get("diviceId");
TokenDetails tokenDetails=(TokenDetails) authentication.getUserAuthentication().getDetails();
String deviceId = tokenDetails.getDeviceId();
if(deviceId != null && !deviceId.isEmpty()) {
values.put("device_id", deviceId);
LOG.info(authentication.getName());
}
MessageDigest digest;
try {
digest = MessageDigest.getInstance("MD5");
}
catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("MD5 algorithm not available. Fatal (should be in the JDK).");
}
try {
byte[] bytes = digest.digest(values.toString().getBytes("UTF-8"));
LOG.info(String.format("%032x", new BigInteger(1, bytes)));
return String.format("%032x", new BigInteger(1, bytes));
}
catch (UnsupportedEncodingException e) {
throw new IllegalStateException("UTF-8 encoding not available. Fatal (should be in the JDK).");
}
}
}