如何在资源服务器上将访问令牌存储到String?

时间:2019-07-04 13:20:11

标签: java spring oauth-2.0 access-token

我需要在我的资源服务器上访问access_token。我怎样才能做到这一点?我正在使用私钥在授权服务器上对JWT进行签名(工作正常),但我需要访问String版本的access_token才能使用公钥进行验证。以下代码不适用于验证。

public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private static final String RESOURCE_ID = "resource_id";

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) {
        resources.resourceId(RESOURCE_ID).stateless(false);
        resources.tokenStore(tokenStoree());
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.
                anonymous().disable()
                .authorizeRequests()
                .antMatchers("/aadmin/**").authenticated()
                .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());

    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverterr() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        Resource resource = new ClassPathResource("public.txt");
        String publicKey = null;
        try {
            publicKey = IOUtils.toString(resource.getInputStream());
        } catch (final IOException e) {
            throw new RuntimeException(e);
        }
        converter.setVerifierKey(publicKey);

        return converter;
    }

    @Bean
    public DefaultTokenServices tokenServices(final TokenStore tokenStore) {
        DefaultTokenServices tokenServices = new DefaultTokenServices();
        tokenServices.setTokenStore(tokenStoree());
        return tokenServices;
    }


    @Bean
    public TokenStore tokenStoree() {
        return new JwtTokenStore(accessTokenConverterr());
    }

0 个答案:

没有答案
相关问题
最新问题