Spring Authorization Server 自定义 OAuth2 密码模式返回数据结构优化

An_s

已于 2024-07-19 17:04:42 修改

阅读量287

点赞数 5

分类专栏：技术 (java) 文章标签： mysql 数据库

于 2024-07-19 17:03:30 首次发布

本文链接：https://blog.csdn.net/echo_ae/article/details/140554623

版权

技术 (java) 专栏收录该内容

5 篇文章 0 订阅

订阅专栏

前言

对接了自定义密码模式，但是返回的数据结构不符合要求

我们需要改成下面格式

开始

我假设你已经对接好了自定义密码功能，不会的话看下面文章

Spring Authorization Server 1.1 扩展实现 OAuth2 密码模式与 Spring Cloud 的整合实战（上）-阿里云开发者社区 https://blog.51cto.com/u_15268610/6858078 Spring Authorization Server 1.1 扩展实现 OAuth2 密码模式与 Spring Cloud 的整合实战（上）-阿里云开发者社区

重写✅ AuthenticationSuccessHandler 和❌ AuthenticationFailureHandler 的逻辑，就能够自定义认证成功和认证失败时的响应数据格式

config/AuthorizationServerConfig

.accessTokenResponseHandler(new MyAuthenticationSuccessHandler()) // 自定义成功响应
.errorResponseHandler(new MyAuthenticationFailureHandler()) // 自定义失败响应

handler/MyAuthenticationSuccessHandler

package org.oauth.server.handler;




import com.baomidou.mybatisplus.core.toolkit.CollectionUtils;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;

import org.oauth.server.utils.ResponseResult;
import org.springframework.core.convert.converter.Converter;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.http.server.ServletServerHttpResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.endpoint.DefaultOAuth2AccessTokenResponseMapConverter;
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;


import java.io.IOException;
import java.time.temporal.ChronoUnit;
import java.util.HashMap;
import java.util.Map;


/**
 * @author Rommel
 * @version 1.0
 * @date 2023/8/2-8:17
 * @description TODO
 */
@Component
public class MyAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    /**
     * 自定义认证成功响应数据结构
     * @param request the request which caused the successful authentication
     * @param response the response
     * @param authentication the <tt>Authentication</tt> object which was created during
     * the authentication process.
     * @throws IOException
     * @throws ServletException
     */
    private final HttpMessageConverter<Object> accessTokenHttpResponseConverter = new MappingJackson2HttpMessageConverter();
    private Converter<OAuth2AccessTokenResponse, Map<String, Object>> accessTokenResponseParametersConverter = new DefaultOAuth2AccessTokenResponseMapConverter();

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        System.out.println("succ!!!!!");
        OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = (OAuth2AccessTokenAuthenticationToken) authentication;

        OAuth2AccessToken accessToken = accessTokenAuthentication.getAccessToken();
        OAuth2RefreshToken refreshToken = accessTokenAuthentication.getRefreshToken();
        Map<String, Object> additionalParameters = accessTokenAuthentication.getAdditionalParameters();

        OAuth2AccessTokenResponse.Builder builder = OAuth2AccessTokenResponse.withToken(accessToken.getTokenValue()).tokenType(accessToken.getTokenType());

        if (accessToken.getIssuedAt() != null && accessToken.getExpiresAt() != null) {
            builder.expiresIn(ChronoUnit.SECONDS.between(accessToken.getIssuedAt(), accessToken.getExpiresAt()));
        }
        if (refreshToken != null) {
            builder.refreshToken(refreshToken.getTokenValue());
        }
        if (!CollectionUtils.isEmpty(additionalParameters)) {
            builder.additionalParameters(additionalParameters);
        }

        OAuth2AccessTokenResponse accessTokenResponse = builder.build();

        Map<String, Object> tokenResponseParameters = this.accessTokenResponseParametersConverter.convert(accessTokenResponse);

        ServletServerHttpResponse httpResponse = new ServletServerHttpResponse(response);

        System.out.println(tokenResponseParameters);

        assert tokenResponseParameters != null;

        Map<String, String> map = new HashMap<String, String>();
        map.put("code", "200");
        map.put("data", String.valueOf(tokenResponseParameters));
        map.put("msg", "加密成功");
        this.accessTokenHttpResponseConverter.write(map, null, httpResponse);
//        ResponseResult.exceptionResponse(response, "aaa");
    }


}