springSecurity+oauth2：使用refresh_token获取AccessToken

最新推荐文章于 2024-04-18 13:14:19 发布

lanse大海

最新推荐文章于 2024-04-18 13:14:19 发布

阅读量314

点赞数

分类专栏： springboot

本文链接：https://blog.youkuaiyun.com/WentingLeng/article/details/86526619

版权

springboot 专栏收录该内容

5 篇文章

订阅专栏

刚开始研究的时候我在好奇，为什么不直接/oauth/token来获取token，而要使用refresh_token来获取呢？

因为/oauth/token需要code参数（授权码模式），但是code是一次性的参数，无法获取，所以就需要refresh_token来获取AccessToken了。

使用refresh_token需要配置userDetailsService

/**自定义UserDetailsService **/

@Component
public class AuthUserDetailsService implements UserDetailsService {

   @Autowired
    private UserInfoMapper userInfoMapper;

   @Override
   public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
       UserInfo userInfo = userInfoMapper.findByUserName(username);
       List<GrantedAuthority> grantedAuths = new ArrayList<>();
        grantedAuths.add(new SimpleGrantedAuthority("ROLE_USER"));
        return new User(username, userInfo.getUserPwd(), grantedAuths);
   }

}

/**
* 认证服务器配置
*/
@Configuration
@EnableAuthorizationServer
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{
    @Autowired
    private AuthenticationManager authenticationManager;
    @Autowired
    private UserDetailsService userDetailsService;
    ……

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.authenticationManager(authenticationManager).userDetailsService(userDetailsService);
    }
    ……
}

另外，再包装一下token失效后的返回错误信息

@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
    ……
    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        super.configure(resources);
        resources.authenticationEntryPoint(new AuthEntryPoint());
    }
}

/**重写这个commence方法**/
public class AuthEntryPoint extends OAuth2AuthenticationEntryPoint {

   private static final Logger LOG = LoggerFactory.getLogger(AuthEntryPoint.class);

    private WebResponseExceptionTranslator exceptionTranslator = new DefaultWebResponseExceptionTranslator();

    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
       try {
           ResponseEntity<?> result = exceptionTranslator.translate(authException);
           if (result.getStatusCode() == HttpStatus.UNAUTHORIZED) {
               response.setCharacterEncoding("UTF-8");
                response.setContentType("application/json; charset=utf-8");
                PrintWriter writer = response.getWriter();
                writer.append(HttpStatus.UNAUTHORIZED.toString());
           } else {
               super.commence(request,response,authException);
            }
       } catch (Exception e) {
            LOG.error("failed to commence: {}", e.getMessage(), e);
       }
    }
}