use of org.springframework.security.oauth2.core.OAuth2AccessToken in project paascloud-master by paascloud.
the class TokenJwtEnhancer method enhance.
/**
* Enhance o auth 2 access token.
*
* @param accessToken the access token
* @param oAuth2Authentication the o auth 2 authentication
*
* @return the o auth 2 access token
*/
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication oAuth2Authentication) {
Map<String, Object> info = new HashMap<>(8);
info.put("timestamp", System.currentTimeMillis());
Authentication authentication = oAuth2Authentication.getUserAuthentication();
if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
Object principal = authentication.getPrincipal();
info.put("loginName", ((UserDetails) principal).getUsername());
}
((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(info);
return accessToken;
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project fw-cloud-framework by liuweijw.
the class AjaxLoginSuccessHandler method onAuthenticationSuccess.
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
String header = request.getHeader(SecurityConstant.AUTHORIZATION);
if (StringHelper.isBlank(header) || !header.startsWith(SecurityConstant.BASIC))
throw new UnapprovedClientAuthenticationException("请求头中client信息为空");
try {
String[] tokens = extractAndDecodeHeader(header);
assert tokens.length == 2;
String clientId = tokens[0];
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
TokenRequest tokenRequest = new TokenRequest(MapUtil.newHashMap(), clientId, clientDetails.getScope(), CommonConstant.SPRING_SECURITY_FORM_MOBILE_KEY);
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
OAuth2AccessToken oAuth2AccessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
log.info("获取token 成功:{}", oAuth2AccessToken.getValue());
response.setCharacterEncoding(CommonConstant.UTF8);
response.setContentType(CommonConstant.CONTENT_TYPE);
PrintWriter printWriter = response.getWriter();
printWriter.append(objectMapper.writeValueAsString(oAuth2AccessToken));
} catch (IOException e) {
throw new BadCredentialsException("Failed to decode basic authentication token");
}
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project fw-cloud-framework by liuweijw.
the class FwRedisTokenStore method findTokensByClientIdAndUserName.
@Override
public Collection<OAuth2AccessToken> findTokensByClientIdAndUserName(String clientId, String userName) {
List<Object> result = redisTemplate.opsForList().range(UNAME_TO_ACCESS + getApprovalKey(clientId, userName), 0, -1);
if (result == null || result.size() == 0) {
return Collections.emptySet();
}
List<OAuth2AccessToken> accessTokens = new ArrayList<>(result.size());
for (Iterator<Object> it = result.iterator(); it.hasNext(); ) {
OAuth2AccessToken accessToken = (OAuth2AccessToken) it.next();
accessTokens.add(accessToken);
}
return Collections.unmodifiableCollection(accessTokens);
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project fw-cloud-framework by liuweijw.
the class FwRedisTokenStore method getAccessToken.
@Override
public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) {
String key = authenticationKeyGenerator.extractKey(authentication);
OAuth2AccessToken accessToken = (OAuth2AccessToken) redisTemplate.opsForValue().get(AUTH_TO_ACCESS + key);
if (accessToken != null && !key.equals(authenticationKeyGenerator.extractKey(readAuthentication(accessToken.getValue())))) {
storeAccessToken(accessToken, authentication);
}
return accessToken;
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project fw-cloud-framework by liuweijw.
the class FwRedisTokenStore method removeAccessToken.
public void removeAccessToken(String tokenValue) {
// OAuth2AccessToken removed = (OAuth2AccessToken) redisTemplate.opsForValue().get(ACCESS + tokenValue);
// caller to do that
OAuth2Authentication authentication = (OAuth2Authentication) this.redisTemplate.opsForValue().get(AUTH + tokenValue);
this.redisTemplate.delete(AUTH + tokenValue);
redisTemplate.delete(ACCESS + tokenValue);
this.redisTemplate.delete(ACCESS_TO_REFRESH + tokenValue);
if (authentication != null) {
this.redisTemplate.delete(AUTH_TO_ACCESS + authenticationKeyGenerator.extractKey(authentication));
String clientId = authentication.getOAuth2Request().getClientId();
redisTemplate.opsForList().leftPop(UNAME_TO_ACCESS + getApprovalKey(clientId, authentication.getName()));
redisTemplate.opsForList().leftPop(CLIENT_ID_TO_ACCESS + clientId);
this.redisTemplate.delete(AUTH_TO_ACCESS + authenticationKeyGenerator.extractKey(authentication));
}
}
Aggregations