TokenStore是个interface,如下List-1 List-1 package org.springframework.security.oauth2.provider.token; import...provider.OAuth2Authentication; /** * Persistence interface for OAuth2 tokens. */ public interface TokenStore...TokenStore的实现类,有InMemoryTokenStore、JdbcTokenStore、JwkTokenStore、RedisTokenStore。 ...JwtTokenStore,如下List-2所示 List-2 public class JwtTokenStore implements TokenStore { private JwtAccessTokenConverter
使用spring-security作权限控制时,登陆成功会创建对应授权信息,然后通过对应的TokenStore实现把对应的授权信息保存起来,当显示用户访问对应保护接口时就会根据客户端传入的token获取认证信息...,我们先看下TokenStore接口定义: public interface TokenStore { /** * Read the authentication stored under the...collection of access tokens */ Collection findTokensByClientId(String clientId); } 场景的TokenStore
tokenStore.removeRefreshToken(refreshToken); } tokenStore.removeAccessToken(existingAccessToken...tokenStore.removeRefreshToken(refreshToken); throw new InvalidTokenException("Invalid refresh...= null) { tokenStore.removeRefreshToken(accessToken.getRefreshToken()); } tokenStore.removeAccessToken...(TokenStore tokenStore) { this.tokenStore = tokenStore; } /** * An authentication manager...tokenStore.removeRefreshToken(refreshToken); } //every time get new token tokenStore.removeAccessToken
= null) { refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken...(refreshToken); } tokenStore.removeAccessToken(existingAccessToken); } else { tokenStore.storeAccessToken...= null) { tokenStore.storeRefreshToken(refreshToken, authentication); } return accessToken;...即可实现如上效果 @Bean public TokenStore tokenStore() { RedisTokenStore tokenStore = new RedisTokenStore...); tokenStore.setAuthenticationKeyGenerator(new PigxAuthenticationKeyGenerator()); return tokenStore
()); this.approvalStore = tokenApprovalStore; } return this.approvalStore; } // 默认的令牌仓库 private TokenStore...tokenStore() { if (tokenStore == null) { if (accessTokenConverter() instanceof JwtAccessTokenConverter...) { this.tokenStore = new JwtTokenStore((JwtAccessTokenConverter) accessTokenConverter()); } else...{ this.tokenStore = new InMemoryTokenStore(); } } return this.tokenStore; } 自定义配置 实现org.springframework.security.oauth2...Exception { endpoints.authenticationManager(authenticationManager); // 配置令牌仓库 endpoints.tokenStore
(tokenStore);//配置令牌存储策略 } //省略代码... } 运行项目后使用密码模式来获取令牌,访问如下地址:http://localhost:9401/oauth...tokenStore; @Autowired private JwtAccessTokenConverter jwtAccessTokenConverter; @Autowired...(tokenStore) //配置令牌存储策略 .accessTokenConverter(jwtAccessTokenConverter); }...tokenStore; @Autowired private JwtAccessTokenConverter jwtAccessTokenConverter; @Autowired...(tokenStore) //配置令牌存储策略 .accessTokenConverter(jwtAccessTokenConverter)
判断是否存在Token OAuth2AccessToken existingAccessToken = tokenStore.getAccessToken(authentication); OAuth2RefreshToken...= null) { refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken...(refreshToken); } tokenStore.removeAccessToken(existingAccessToken); } else { tokenStore.storeAccessToken...= null) { tokenStore.storeRefreshToken(refreshToken, authentication); } return accessToken;...tokenStore() { RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory); tokenStore.setPrefix
existingAccessToken.isExpired()) { this.tokenStore.storeAccessToken(existingAccessToken...(refreshToken); } this.tokenStore.removeAccessToken(existingAccessToken);...this.reuseRefreshToken) { this.tokenStore.removeRefreshToken(refreshToken...this.reuseRefreshToken) { this.tokenStore.removeRefreshToken(refreshToken...(tokenStore()) // 配置替换使用TokenServices .tokenServices(tokenServices()); } 测试 获取令牌示例: 第一次获取令牌:
tokenStore.removeAccessTokenUsingRefreshToken(refreshToken); if (isExpired(refreshToken)) { tokenStore.removeRefreshToken...reuseRefreshToken) { tokenStore.removeRefreshToken(refreshToken); refreshToken = createRefreshToken...authentication); } OAuth2AccessToken accessToken = createAccessToken(authentication, refreshToken); tokenStore.storeAccessToken...reuseRefreshToken) { tokenStore.storeRefreshToken(accessToken.getRefreshToken(), authentication);...() { DefaultTokenServices tokenServices = new DefaultTokenServices(); tokenServices.setTokenStore(tokenStore
在该方法中,会尝试根据用户信息和客户端信息从 TokenStore 中获取已保存的访问令牌。...existToken.IsExpired(){ tokenService.tokenStore.StoreAccessToken(existToken, oauth2Details...在令牌生成成功之后,我们通过 TokenStore 将它们保存到系统中。...如果访问令牌没有失效,再通过 TokenStore 获取生成访问令牌时绑定的用户信息和客户端信息。...token 的存储以及 RESTful 接口 TokenStore 负责存储生成的令牌和维护令牌、用户、客户端之间的绑定关系。
> checkToken(@RequestParam("token") String value) { // 根据 token 查询保存在 tokenStore 的令牌全部信息 OAuth2AccessToken...= null) { refreshToken = existingAccessToken.getRefreshToken(); tokenStore.removeRefreshToken...(refreshToken); } tokenStore.removeAccessToken(existingAccessToken); } else { // 直接返回存在的...= null) { tokenStore.storeRefreshToken(refreshToken, authentication); } return accessToken;...reuseRefreshToken) { tokenStore.storeRefreshToken(accessToken.getRefreshToken(), authentication);
DefaultTokenServices tokenServices = new DefaultTokenServices(); tokenServices.setTokenStore(tokenStore...tokenServices.setRefreshTokenValiditySeconds(60 * 60 * 24 * 30); return tokenServices; } @Bean public TokenStore...tokenStore() { return new JdbcTokenStore(dataSource); } @Override public void configure...allowFormAuthenticationForClients(); }}其中,tokenServices() 方法用于配置 AuthorizationServerTokenServices,tokenStore...() 方法用于配置 TokenStore。
existingAccessToken.isExpired()) { //如果不是第一次登陆未过期,将token重新存入tokenStore this.tokenStore.storeAccessToken...(refreshToken); } this.tokenStore.removeAccessToken(existingAccessToken); }...= null) { //将refreshToken存入tokenStore this.tokenStore.storeRefreshToken(refreshToken,...(tokenStore()); endpoints.authorizationCodeServices(redisAuthorizationCodeServices); } 以上就是把...authenticationManager,tokenStore(),redisAuthorizationCodeServices给配置到endpoints中.
userDetailsService; @Autowired private ClientDetailsService clientDetailsService; @Autowired private TokenStore...tokenStore; @Autowired private JwtAccessTokenConverter accessTokenConverter; @Value("${jwt.clientId...(tokenStore) .userDetailsService(userDetailsService); } @Override public void...JwtAccessTokenConverter(); converter.setSigningKey("123456"); return converter; } @Bean public TokenStore...tokenStore() { return new JwtTokenStore(accessTokenConverter()); }}配置资源服务器在资源服务器中,我们需要配置访问规则和访问令牌的校验规则等
OAuth2Authentication authentication) throws AuthenticationException { OAuth2AccessToken existingAccessToken = tokenStore.getAccessToken...= null) { tokenStore.removeAccessToken(existingAccessToken); } else if (refreshToken instanceof...authentication); } } OAuth2AccessToken accessToken = createAccessToken(authentication, refreshToken); tokenStore.storeAccessToken...= null) { tokenStore.storeRefreshToken(refreshToken, authentication); } return accessToken; }...先来看上文源码 OAuth2AccessToken existingAccessToken=tokenStore.getAccessToken(authentication); 是如何根据用户信息判断
name: oauth2-server redis: host: localhost port: 6379 database: 1 server: port: 80 TokenStore...@Configuration public class RedisTokenStoreConfig { @Bean public TokenStore redisTokenStore(...AuthenticationManager authenticationManager; PasswordEncoder passwordEncoder; ClientRepository clientRepo; TokenStore...ClientRepository clientRepo, TokenStore...endpoints.authenticationManager(authenticationManager); // 注册redis令牌仓库 endpoints.tokenStore
(tokenStore).userApprovalHandler(userApprovalHandler) .authenticationManager(authenticationManager);...tokenStore() { return new InMemoryTokenStore(); } @Bean @Autowired public TokenStoreUserApprovalHandler...userApprovalHandler(TokenStore tokenStore){ TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler...tokenStore) throws Exception { TokenApprovalStore store = new TokenApprovalStore(); store.setTokenStore...(tokenStore); return store; } } Method Security Configuration package com.security.oauth.security;
authenticationManager) .authorizationCodeServices(authorizationCodeServices()) .tokenStore...(tokenStore()); } OAuth2.0的所有的配置 @Configuration @EnableAuthorizationServer public class OauthServerConfig...return new JdbcClientDetailsService(dataSource); } //token保存策略 @Bean public TokenStore...tokenStore(){ return new JdbcTokenStore(dataSource); } //授权信息保存策略 @Bean public...(tokenStore()); } 以上配置完成之后,那么我们的认证服务就完成了。
领取专属 10元无门槛券
手把手带您无忧上云
云服务器
即时通信 IM
ICP备案
云直播
实时音视频
