Spring OAuth2.0 Authorization server版本0.2.0,兼容OAuth2.0 server 的user实体类需要同时兼容jackson反序列化,和mybatis的序列化和反序列化
import com.fasterxml.jackson.annotation.JsonFormat;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import lombok.Data;
import org.springframework.format.annotation.DateTimeFormat;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module;
import org.springframework.util.StringUtils;
import java.io.Serializable;
import java.util.*;
/**
* 不加@JsonDeserialize注解会导致此类不在jackson的序列化白名单中,导致无法序列化并导致OAuth2.0 server报错,
* 更标准的写法是注册 mix-in 编写 UserEntityMixin.class 参考 {@link OAuth2AuthorizationServerJackson2Module}
*/
@Data
@JsonDeserialize
public class UserEntity implements UserDetails {
/**登录用户名**/
private String username;
/**登录密码**/
private String password;
/**姓名**/
private String name;
/**身份证**/
private String idCard;
/**手机号**/
private String phone;
/**邮箱**/
private String email;
/**是否启用,默认启用**/
@Getter(value= AccessLevel.NONE)
private Boolean enabled;
/**权限、角色,也就是ROLE**/
//资源服务器返回的DTO含有authorities时可以使用下面两个注释,这里不需要
//@JsonSerialize(using = AuthorityJsonSerializer.class)
//@JsonDeserialize(using = AuthorityJsonDeserializer.class)
private Set<GrantedAuthority> authorities;
/**自增id**/
private Long id;
/**创建时间**/
@JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
@DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")