堆栈内存溢出
  简体   繁体   English

生成自定义jwt令牌并验证用户,Spring Security

[英]Generate custom jwt-token and Authenticate user, Spring Security

 原文  2018-06-29 18:18:33       java/ authentication/ spring-security/ jwt

问题描述

Situation: I have a token from another API that contains user info and user is already logged. 情况:我从另一个包含用户信息的API中获得了一个令牌,并且用户已经被登录。 I want to authenticate this user info (already extracted) and generate a token with my spring security application. 我想验证此用户信息(已提取)并用我的spring安全应用程序生成令牌。

Notes: I'm using Jwt custom enchancer and sorry for newbie way of posting. 注意:我使用的是Jwt自定义附魔,对于新手发布方式,我们深表歉意。

My security conf: 我的安全配置: 

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
    tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter()));

    endpoints.tokenStore(tokenStore()).tokenEnhancer(tokenEnhancerChain).reuseRefreshTokens(false)
            .exceptionTranslator(loggingExceptionTranslator()).authenticationManager(authenticationManager);
}

@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
    accessTokenConverter.setSigningKey(properties.getAuth().getSigningKey());
    return accessTokenConverter;
}

@Bean
public TokenStore tokenStore() {
    return new JwtTokenStore(accessTokenConverter());
}

@Bean
public TokenEnhancer tokenEnhancer() {
    return new PlaceTokenEnhancer();
}

1 个解决方案

解决方案1
 0 已采纳  2018-07-06 14:39:06

Actually I solved my own problem debugging and searching! 实际上,我解决了自己的调试和搜索问题! 

//load full user info (custom method)
UserDetails userDetails = placeUserDetailsService.loadUserByUsername(responseUser.getEmail());

            Set<String> scope = new HashSet<>();
            scope.add("read"); scope.add("write");
            OAuth2Request auth2Request = new OAuth2Request(null, "smthg", userDetails.getAuthorities(), true,
                    scope, null, null, null, null);
    //Custom OAuth2Token
            PlaceAuthenticationToken placeAuthenticationToken = new PlaceAuthenticationToken(userDetails, userDetails.getAuthorities());
            placeAuthenticationToken.setAuthenticated(true);
            placeAuthenticationToken.setDetails(new WebAuthenticationDetails(request));

            OAuth2Authentication auth = new OAuth2Authentication(auth2Request, placeAuthenticationToken);
            auth.setAuthenticated(true);
            auth.setDetails(placeAuthenticationToken.getDetails());
            accessToken =  authServer.createAccessToken(auth);

            DefaultOAuth2AccessToken tkn = (DefaultOAuth2AccessToken) accessToken;
            tkn.setRefreshToken(null);
            accessToken = tkn;

Basically All you have to do is generate Authentication using Oauth2Request and use .createAccessToken()! 基本上,您要做的就是使用Oauth2Request生成身份验证并使用.createAccessToken()!

Maybe it could help someone else! 也许可以帮助别人!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用自己的数据库用户通过Spring Security和JWT进行身份验证 - How to authenticate with spring security and JWT with user of own database Spring Security无法验证用户 - Spring security not authenticate the user 如何在用于生成令牌的同一过滤器中验证 JWT 令牌 - How to authenticate the JWT token in same Filter which was used to generate the token Spring Security和OAuth2使用自定义授权类型生成令牌 - Spring Security and OAuth2 generate token with custom grant type Spring 安全性 - 使用用户名验证用户 - Spring Security - Authenticate user with username 如何使用Spring Boot,JPA,Hibernate和MySQL验证用户登录并传递JWT令牌 - How to authenticate user login and pass JWT token using spring boot, jpa,hibernate and mysql Spring Security JWT刷新令牌未到期 - Spring security JWT refresh token not expiring 使用 JWT 令牌安全性进行 Spring Boot 单元测试 - Spring Boot Unit Tests with JWT Token Security 如何使用 JavaScript(html 脚本)将 JWT-TOKEN 传递给 localStorage? - How to pass JWT-TOKEN to localStorage using JavaScript (script for html)? Spring Security Token身份验证如何进行身份验证? - Spring Security Token Authentication How to Authenticate?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM