我想从OIDC访问和刷新令牌中手动创建一个OAuth2AuthenticationToken,并从我的AuthenticationProvider中返回它,方法与基于授权代码流的OAuth2登录期间类似。
答案 0 :(得分:0)
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
...
@Override
public void configure(AuthorizationServerEndpointsConfigurer configurer) {
var tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(<enhancer>));
configurer.tokenStore(<tokenStore>).tokenEnhancer(tokenEnhancerChain);
}
...
}
在tokenStore
中,您可以覆盖accessToken和refreshToken,在enhancer
中,将操作应用于令牌(例如,设置其他信息并将其编码为JWT)。
答案 1 :(得分:0)
事实证明这对我有用:
final List<GrantedAuthority> authorities = roles.stream()
.map(r -> "ROLE_" + r)
.map(r -> new SimpleGrantedAuthority(r)).collect(Collectors.toList());
Map<String, Object> claims = jwt.getClaims();
String userNameKey = clientRegistration.getProviderDetails().getUserInfoEndpoint().getUserNameAttributeName();
OidcIdToken oidcIdToken = new OidcIdToken(token.getTokenValue(), token.getIssuedAt(), token.getExpiresAt(), claims);
DefaultOidcUser user = new DefaultOidcUser(authorities, oidcIdToken, userNameKey);
return new OAuth2AuthenticationToken(user, authorities, clientRegistration.getRegistrationId());