AbstractTokenGranter 是一个抽象类,它由四个默认实现方式,分别对应了四种默认授权模式
所有如果需要新增模式 继承这个类
ResourceOwnerPasswordTokenGranter
参照这个类
1. 修改 grantyType —> sms_code
2. 修改 UsernamePasswordAuthenticationToken —> SmsAuthenticationToken(自定义)
public class SmsCodeTokenGranter extends AbstractTokenGranter {
private static final String GRANT_TYPE = "sms_code";
private final AuthenticationManager authenticationManager;
public SmsCodeTokenGranter(
AuthenticationManager authenticationManager,
AuthorizationServerTokenServices tokenServices,
ClientDetailsService clientDetailsService,
OAuth2RequestFactory requestFactory) {
this(authenticationManager, tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
}
protected SmsCodeTokenGranter(
AuthenticationManager authenticationManager,
AuthorizationServerTokenServices tokenServices,
ClientDetailsService clientDetailsService,
OAuth2RequestFactory requestFactory,
String grantType) {
super(tokenServices, clientDetailsService, requestFactory, grantType);
this.authenticationManager = authenticationManager;
}
@Override
public OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
// 获取参数
String mobile = parameters.get("mobile");
String smsCode = parameters.get("sms_code");
Authentication userAuth = new SmsAuthenticationToken(mobile,smsCode);
((AbstractAuthenticationToken) userAuth).setDetails(parameters);
try {
userAuth = authenticationManager.authenticate(userAuth);
} catch (AccountStatusException | BadCredentialsException ase) {
throw new InvalidGra