Spring-security-oauth2的版本是2.0。
TokenStore是个interface,如下List-1
List-1
package org.springframework.security.oauth2.provider.token;
import java.util.Collection;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
/**
* Persistence interface for OAuth2 tokens.
*/
public interface TokenStore {
/**
* Read the authentication stored under the specified token value.
*
* @param token The token value under which the authentication is stored.
* @return The authentication, or null if none.
*/
OAuth2Authentication readAuthentication(OAuth2AccessToken token);
/**
* Read the authentication stored under the specified token value.
*
* @param token The token value under which the authentication is stored.
* @return The authentication, or null if none.
*/
OAuth2Authentication readAuthentication(String token);
......
它就是用来保存token(封装在OAuth2AccessToken中)。
TokenStore的实现类,有InMemoryTokenStore、JdbcTokenStore、JwkTokenStore、RedisTokenStore。
InMemoryTokenStore将OAuth2AccessToken保存在内存中,它有很多的ConcurrentHashMap属性。
JdbcTokenStore将OAuth2AccessToken保存在数据库中,其构造方法需要DataSource,用于构造JdbcTemplate,通过JdbcTemplate来操作数据库。
RedisTokenStore将OAuth2AccessToken保存到Reis中,构造方法需要RedisConnectionFactory,之后通过Connection操作Redis。
JwtTokenStore,如下List-2所示
List-2
public class JwtTokenStore implements TokenStore {
private JwtAccessTokenConverter jwtTokenEnhancer;
private ApprovalStore approvalStore;
/**
* Create a JwtTokenStore with this token enhancer (should be shared with the DefaultTokenServices if used).
*
* @param jwtTokenEnhancer
*/
public JwtTokenStore(JwtAccessTokenConverter jwtTokenEnhancer) {
this.jwtTokenEnhancer = jwtTokenEnhancer;
}
......
JwtTokenStore比其它的稍微复杂点。
(adsbygoogle = window.adsbygoogle || []).push({});