如何手动创建OAuth2AuthenticationToken

时间:2019-12-19 00:33:17

标签: spring spring-security

我想从OIDC访问和刷新令牌中手动创建一个OAuth2AuthenticationToken,并从我的AuthenticationProvider中返回它,方法与基于授权代码流的OAuth2登录期间类似。

2 个答案:

答案 0 :(得分:0)

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    ...
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer configurer) {
        var tokenEnhancerChain = new TokenEnhancerChain();
        tokenEnhancerChain.setTokenEnhancers(Arrays.asList(<enhancer>));
        configurer.tokenStore(<tokenStore>).tokenEnhancer(tokenEnhancerChain);
    }
    ...
}

tokenStore中,您可以覆盖accessToken和refreshToken,在enhancer中,将操作应用于令牌(例如,设置其他信息并将其编码为JWT)。

答案 1 :(得分:0)

事实证明这对我有用:

final List<GrantedAuthority> authorities = roles.stream()
        .map(r -> "ROLE_" + r)
        .map(r -> new SimpleGrantedAuthority(r)).collect(Collectors.toList());
Map<String, Object> claims = jwt.getClaims();
String userNameKey = clientRegistration.getProviderDetails().getUserInfoEndpoint().getUserNameAttributeName();
OidcIdToken oidcIdToken = new OidcIdToken(token.getTokenValue(), token.getIssuedAt(), token.getExpiresAt(), claims);
DefaultOidcUser user = new DefaultOidcUser(authorities, oidcIdToken, userNameKey);
return new OAuth2AuthenticationToken(user, authorities, clientRegistration.getRegistrationId());
相关问题
最新问题