用 spring security oauth2进行用户认证,如何更新Redis中的用户信息

用 spring security oauth2进行用户认证,首次登录后得到access_token和refresh_token,然后修改SecurityContextHolder.getContext().getAuthentication()中的Principal信息,但没有修改Redis中的数据,

oauth2配置:

@Override
protected void configure(HttpSecurity http) throws Exception
{
    http.requestMatchers().antMatchers(HttpMethod.OPTIONS, "/oauth/token").and().csrf().disable();
}

认证:

@Component
public class PasswdAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider
{
    @Autowired
    private LoginUserDetailsService loginUserDetailsService;


    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException
    {
  
        String UserName = authentication.getName();
        String Password = (String) authentication.getCredentials();

    }

    @Override
    protected UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException
    {
        UserDetails userDetails = null;
        String UserName = authentication.getName();
        String Password = (String) authentication.getCredentials();

        userDetails = (UserDetails) loginUserDetailsService.loadUserByUsername(UserName, Password);
        if (userDetails == null)
        {
            throw new UsernameNotFoundException("用户: " + username + " 验证失败.");
        }
        return userDetails;


    }
}

获取UserDetails:

public static SecuserEntity getUserInfo() {
    SecuserEntity secuserentity = null;
    try {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Object principal = authentication == null ? null : authentication.getPrincipal();
        if (principal instanceof SecuserEntity) {
            secuserentity = (SecuserEntity) principal;
        }
    } catch (Exception e) {
    }
    return secuserentity;
}

          

没有更多推荐了,返回首页