Spring Security 如何在springoauth中使用redis令牌存储获取jwt令牌的解码细节

az31mfrm  于 2023-08-05  发布在  Spring
关注(0)|答案(3)|浏览(139)

我已经使用令牌存储JwtTokenStore(JwtAccessTokenStore)成功获得了解码详细信息,但现在需要使用redis,以便我可以撤销令牌。
下面是我代码:

@Bean
public TokenStore tokenStore() {
    return new RedisTokenStore(redisConnectionFactory);
    // return new JwtTokenStore(defaultAccessTokenConverter());
}

@Bean
public JwtAccessTokenConverter defaultAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setAccessTokenConverter(new CustomJWTAccessTokenConverter());
    try {
        converter.afterPropertiesSet();
    } catch (Exception e) {
        e.printStackTrace();
    }
    converter.setKeyPair(this.keyPair());
   
    return converter;
}

字符串
我的customjwtaccesstokenconverter:

public class CustomJWTAccessTokenConverter extends DefaultAccessTokenConverter  {

@Override
public OAuth2Authentication extractAuthentication(Map<String, ?> claims) {
    OAuth2Authentication authentication
            = super.extractAuthentication(claims);
    authentication.setDetails(claims);
    return authentication;
   }
}


令牌增强器:

@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
    Map<String, Object> setAdditionalInformation = (Map<String, Object>) authentication.getUserAuthentication().getDetails();
    ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(setAdditionalInformation);
    return accessToken;
}


我不知道,当使用redistokenstore。它没有去CustomJWTAccessTokenConverter,因为当我试图获得额外的信息(decodeDetails)返回null。

OAuth2Authentication authentication = (OAuth2Authentication) SecurityContextHolder.getContext().getAuthentication();
            OAuth2AuthenticationDetails authenticationDetails = (OAuth2AuthenticationDetails) authentication.getDetails();
            Map<String, Object> decodeDetails = (Map<String, Object>) authenticationDetails.getDecodedDetails();

fnx2tebb

fnx2tebb1#

您还需要配置令牌增强器-

@Bean
public TokenStore tokenStore() {
    return new RedisTokenStore(redisConnectionFactory);
    // return new JwtTokenStore(defaultAccessTokenConverter());
}

@Bean
public JwtAccessTokenConverter defaultAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setAccessTokenConverter(new CustomJWTAccessTokenConverter());
    try {
        converter.afterPropertiesSet();
    } catch (Exception e) {
        e.printStackTrace();
    }
    converter.setKeyPair(this.keyPair());
   
    return converter;
}

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints
        // some code here
        .tokenEnhancer(tokenEnhancer());
}

@Bean
@Primary
public AuthorizationServerTokenServices tokenServices() {
    DefaultTokenServices tokenServices = new DefaultTokenServices();
   
    tokenServices.setTokenEnhancer(tokenEnhancer());
    return tokenServices;
}

// Beans beans beans

@Bean
public TokenEnhancer tokenEnhancer() {
    return new YourCustomTokenEnhancer();
}

字符串

h4cxqtbf

h4cxqtbf2#

它解决了,但不确定这是正确的方式或不是。

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    TokenEnhancerChain chain = new TokenEnhancerChain();
    chain.setTokenEnhancers(Arrays.asList(customTokenEnhancer(), defaultAccessTokenConverter()));

    endpoints.exceptionTranslator(new OAuth2ExceptionTranslator())
            .tokenStore(tokenStore())
            .tokenEnhancer(chain)
            .authenticationManager(authenticationManager);
}

@Bean
public TokenStore tokenStore() {
    return new RedisTokenStore(redisConnectionFactory);
}

@Bean
@Primary
public AuthorizationServerTokenServices tokenServices() {
    TokenEnhancerChain chain = new TokenEnhancerChain();
    chain.setTokenEnhancers(Arrays.asList(customTokenEnhancer(), defaultAccessTokenConverter()));

    DefaultTokenServices tokenServices = new DefaultTokenServices();
    tokenServices.setTokenEnhancer(chain);
    tokenServices.setTokenStore(new JwtTokenStore(defaultAccessTokenConverter()));
    tokenServices.setSupportRefreshToken(false);
    return tokenServices;
}

字符串
如果有人有更好的想法,请评论。

dnph8jn4

dnph8jn43#

最简单的方法在这里。

const decoded = jwt.decode(token, config);
console.log(decoded);

字符串
您还可以返回值。

相关问题