堆栈内存溢出
  简体   繁体   English

如何更改jwt访问令牌的其他信息

[英]How to change an additional information of jwt access token

 原文  2019-08-26 07:29:17       spring/ spring-security/ spring-security-oauth2/ jwt-auth

问题描述

I'm working with Spring Security and use JWT as access token , When a client sends the access token to server I must change an additional information (metadata) of this token and return a new one. 我正在使用Spring Security并将JWT用作访问令牌,当客户端将访问令牌发送到服务器时,我必须更改此令牌的其他信息(元数据)并返回一个新的信息。

How can I achieve that ? 我该如何实现?

i try with this code but not working 我尝试使用此代码,但无法正常工作 

        String authorization = Context.getHeader("Authorization");

        if (authorization != null) {
            String tokenValue = authorization.replace("Bearer", "").trim();
            OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue);
            accessToken.getAdditionalInformation().put("activeProfileId", defaultProfileId);
            return accessToken.getValue();
        }

        return null;

1 个解决方案

解决方案1
 0  2019-08-26 08:13:30

You should get your metadata ("claims") from the token, then add them to a new JWT builder that will return a new token. 您应该从令牌中获取元数据(“声明”),然后将它们添加到新的JWT构建器中,该构建器将返回新的令牌。 The new JWT must be entered in HttpResponse to forward it to the client. 必须在HttpResponse中输入新的JWT才能将其转发到客户端。 Instead, the client will have to implement an interceptor to retrieve it in a comfortable and transparent way. 取而代之的是,客户端将必须实现一个拦截器以舒适且透明的方式检索它。

You've to get all Additional Information as HashMap and place them in OAuth2Authentication. 您必须以HashMap的形式获取所有其他信息,并将其放入OAuth2Authentication中。 stackoverflow.com/a/19057480/11951081 stackoverflow.com/a/19057480/11951081

In ajax should be: 在ajax中应该是:

https://api.jquery.com/category/ajax/global-ajax-event-handlers/ https://api.jquery.com/category/ajax/global-ajax-event-handlers/ 

$.ajaxSetup({
    beforeSend: function (xhr) {
        xhr.setRequestHeader('Authorization', <Jwt>)
    },
    success:function(event,jqXHR,ajaxOptions,data ){
        console.log(ajaxOptions.getResponseHeader('Authorization'))
    }
})

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring OAuth 2 + JWT包含访问令牌中的附加信息 - Spring OAuth 2 + JWT Inlcuding additional info JUST in access token 如何从 OAuth2 客户端应用程序中的授权服务器获取作为访问令牌响应一部分的附加信息 - How to get additional information which is part of access token response from authorization server in OAuth2 client app Spring OAuth / JWT从访问令牌获取额外信息 - Spring OAuth/JWT get extra information from access token 如何在资源服务器的安全上下文中获取JWT令牌中的其他字段 - How to get Additional fields in the JWT token in security context of Resource Server Spring Keycloak - 如何从 JWT 访问令牌设置主体 - Spring Keycloak - How to set principal from JWT access token 如何将一些附加字段添加到此 Spring 引导服务生成的 JWT 令牌中? - How can I add some additional fields into a JWT token generated by this Spring Boot service? 如何验证 Jwt 令牌? - How to validate Jwt token? 如何删除令牌 JWT - how to delete a token JWT 如何禁用 JWT 令牌 - How to Disable a JWT Token Spring Security OAuth 2:如何在 oauth/token 请求后获取访问令牌和附加数据 - Spring Security OAuth 2: How to get access token and additional data after oauth/token request
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM