我的Spring Boot授权服务能够为具有正确凭据的用户创建JWT令牌。还可以通过社交登录(在这种情况下为Facebook)获取令牌。 Facebook身份验证已经可以使用,并且在获取用户的Facebook数据后,我发现自己已重定向到以下端点。
我可以完全从头开始创建JWT令牌,但这不是我想要的。我想使用我的身份验证服务器中已配置的(带有密钥对等)TokenServices。
我发现的唯一方法是通过TokenEndpoint。问题是我需要用户密码,这是我现在不应该拥有的密码。
如何从已配置的内容生成令牌?
此端点是我在Facebook重定向后最终到达的地方:
@GetMapping("/loginSuccess")
fun getLoginInfo(authentication: OAuth2AuthenticationToken): ResponseEntity<OAuth2AccessToken> {
val client = authorizedClientService.loadAuthorizedClient<OAuth2AuthorizedClient>(authentication.authorizedClientRegistrationId, authentication.name)
val userInfoEndpointUri = client.clientRegistration.providerDetails.userInfoEndpoint.uri
if (!StringUtils.isEmpty(userInfoEndpointUri)) {
val restTemplate = RestTemplate()
val headers = HttpHeaders()
headers.add(HttpHeaders.AUTHORIZATION, "Bearer " + client.accessToken.tokenValue)
val entity = HttpEntity("", headers)
val response = restTemplate.exchange(userInfoEndpointUri, HttpMethod.GET, entity, Map::class.java)
// At this point I have the email address of the user and I am able to
// map it to my own User Entity
// This is where I would like to create a token and return it
// However, the following generation process requires the user's password
return authService.generateToken((response.body as Map<*, *>)["email"] as String)
}
throw AuthenticationException("Error")
}
我想在getAccessToken(OAuth2Authentication authentication)中使用JwtTokenStore,但其实现返回null:
@Override
public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) {
// We don't want to accidentally issue a token, and we have no way to
// reconstruct the refresh token
return null;
}