Spring Security OAuth2-URLEncoded输入键值自动添加到令牌响应json中
[英]Spring Security OAuth2 - URLEncoded input Key-Values getting auto-appended in token response json
问题描述
I am using Spring-Security OAuth2 - Password Grant to obtain JWT Access and Refresh tokens. 
我正在使用Spring-Security OAuth2-密码授予来获取JWT访问和刷新令牌。
I am passing a few additional URLEncoded Key/Values in the request to /oauth/token - so that i can add them as additional claims in the generated JWT Access and Refresh Tokens. 我在请求中将一些其他URLEncoded键/值传递给/ oauth / token-这样我就可以将它们作为附加声明添加到生成的JWT访问和刷新令牌中。
TokenEnhancer is adding them as additional claims in the generated JWT Access and Refresh Tokens; TokenEnhancer正在将它们作为附加声明添加到生成的JWT访问和刷新令牌中; but problem is these get also added in the Response JSON as well - which i don't want to. 但问题是这些也同样添加到了响应JSON中-我不想这么做。 How to prevent it getting appended in response? 如何防止它被附加在响应中?
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
configurer
.inMemory()
.withClient(CLIEN_ID)
.secret(passwordEncoder().encode(CLIENT_SECRET))
.authorizedGrantTypes(GRANT_TYPE_PASSWORD, REFRESH_TOKEN)
.scopes(SCOPE_READ, SCOPE_WRITE, TRUST)
.accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS)
.refreshTokenValiditySeconds(REFRESH_TOKEN_VALIDITY_SECONDS);
}
@Bean
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
return defaultTokenServices;
}
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter()));
endpoints.tokenStore(tokenStore()).tokenEnhancer(tokenEnhancerChain).authenticationManager(authenticationManager);
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setAccessTokenConverter( new JwtConverter() );
converter.setSigningKey("abcdefghijklmnopqrstuvwxyz1234567890");
return converter;
}
@Bean
public TokenEnhancer tokenEnhancer() {
return new CustomTokenEnhancer();
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public UserAttributesMap userAttributesMapper() {
return new UserAttributesMap();
}
public static class JwtConverter extends DefaultAccessTokenConverter implements JwtAccessTokenConverterConfigurer {
@Override
public void configure(JwtAccessTokenConverter converter) {
converter.setAccessTokenConverter(this);
}
@Override
public OAuth2Authentication extractAuthentication(Map<String, ?> map) {
OAuth2Authentication auth = super.extractAuthentication(map);
auth.setDetails(map);
return auth;
}
}
}
public class CustomTokenEnhancer implements TokenEnhancer {
@Autowired
private UserAttributesMap userAttributesMap;
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
Map<String, Object> additionalInfo = new HashMap<>();
additionalInfo.put("DateOfBirth", oAuth2Authentication.getOAuth2Request().getRequestParameters().get("dob"));
additionalInfo.put("PAN_Number", oAuth2Authentication.getOAuth2Request().getRequestParameters().get("pan"));
additionalInfo.put("Address_Line_1", oAuth2Authentication.getOAuth2Request().getRequestParameters().get("addr1"));
additionalInfo.put("Address_Line_2", oAuth2Authentication.getOAuth2Request().getRequestParameters().get("addr2"));
((DefaultOAuth2AccessToken) oAuth2AccessToken).setAdditionalInformation(additionalInfo);
return oAuth2AccessToken;
}
}
1 个解决方案
解决方案1
0 2019-02-01 17:43:40
@dur建议的解决方案有效...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
Spring Security OAuth2 不使用属性中的令牌过期值 - Spring Security OAuth2 not using token expire values from properties
Spring Security OAuth2更改JSON错误响应格式 - Spring Security OAuth2 Change JSON Error Response Format
Spring安全性OAuth2接受JSON - Spring security OAuth2 accept JSON
Spring 安全 oauth2 - 在 oauth/token 调用后添加过滤器 - Spring security oauth2 - add filter after oauth/token call
Spring security oauth2 - 无法访问 /oauth/token 路由 - Spring security oauth2 - Can't access /oauth/token route
Spring Boot 2.0.3 Oauth2安全性:即使在标头中使用访问令牌也会出现401错误 - Spring Boot 2.0.3 Oauth2 Security: Getting 401 error even when using access token in header
spring security oauth2(2.0.8)获取InMemory令牌库使用的无效访问令牌 - spring security oauth2 (2.0.8) getting Invalid access token used InMemory tokenstore
春季安全oauth2 JWT刷新令牌返回“身份验证失败:invalid_token无法将访问令牌转换为JSON” - spring security oauth2 JWT refresh token returns “Authentication failed: invalid_token Cannot convert access token to JSON”
Spring Security和OAuth2使用自定义授权类型生成令牌 - Spring Security and OAuth2 generate token with custom grant type
Java Spring Security:401 令牌 OAuth2 端点未经授权 - Java Spring Security: 401 Unauthorized for token OAuth2 end point
相关标签