Spring Security OAuth2实现多用户类型认证与多用户类型token刷新（新）

触不可及，而又念念不忘

已于 2023-06-02 00:15:17 修改

阅读量671

点赞数

文章标签：微服务 spring cloud spring boot

于 2023-05-13 21:49:28 首次发布

本文链接：https://blog.csdn.net/weixin_42552016/article/details/130662237

版权

此方法基于覆盖源码路径实现，以最少的配置完成Spring Security OAuth2实现多用户类型认证与多用户类型token刷新

Spring Security OAuth2实现多用户类型认证（新）

1. 在src/main/java目录下新建org/springframework/security文件夹

在这里插入图片描述

2. 继续新建core/userdetails文件夹

在这里插入图片描述

3. 新增UserDetailsService接口方法类。

package org.springframework.security.core.userdetails;

public interface UserDetailsService {
   

    /**
     * 原始方法，建议保留，当然也可以删除，看个人意愿
     * @param var1 用户名
     * @return
     * @throws UsernameNotFoundException
     */
    UserDetails loadUserByUsername(String var1) throws UsernameNotFoundException;

    /**
     * 新增接口
     * 如果有更多的用户类型认证，仅需要新增参数，其余以此类推，如下所示
     * @param var1 第一个参数
     * @param var2 第二个参数
     * @param var3 第三个参数
     * @param var4 第四个参数
     * @return
     * @throws UsernameNotFoundException
     */
    UserDetails loadUserByUsername(String var1, String var2) throws UsernameNotFoundException;
}

4. UserDetailsServicesImpl实现类

package com.est.oauth.service;

@Slf4j
@Service
public class UserDetailsServicesImpl implements UserDetailsService {
   

    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
   
        return null;
    }

    @Override
    public UserDetails loadUserByUsername(String s, String var2) throws UsernameNotFoundException {
   
        return null;
    }
}

5. 复制org.springframework.security.authentication.dao.DaoAuthenticationProvider的代码，自定义 CustomAuthenticationProvider，然后进行修改retrieveUser()方法，其他不需要动

package com.tx.tcm.oauth.security.handler;

import com.tx.tcm.oauth.security.service.UserDetailsServices;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsPasswordService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.Assert;

import javax.annotation.Resource;
import java.util.Map;

/**
 * <p> 自定义AuthenticationProvider类实现多用户登录 </p>
 **/
public class CustomAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
   
    private static final String USER_NOT_FOUND_PASSWORD = "userNotFoundPassword";
    private PasswordEncoder passwordEncoder;
    private volatile String userNotFoundEncodedPassword;
    @Resource
    private UserDetailsServices userDetailsServices;
    private UserDetailsPasswordService userDetailsPasswordService;
    public CustomAuthenticationProvider() {
   
        this.setPasswordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
    }

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
   
        if (authentication.getCredentials() == null) {
   
            this.logger.debug("Authentication failed: no credentials provided");
            throw new ApiException("身份验证失败");
        } else {
   
            String presentedPassword = authentication.getCredentials().toString();
            if (StringUtils.isBlank(presentedPassword)) {
   
                throw new ApiException("密码不能为空");
            }
            if (!this.passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
   
                this.logger.debug("Authentication failed: password does not match stored value");
                throw new ApiException("密码错误");
            }
        }
    }

    protected void doAfterPropertiesSet() {
   
        Assert.notNull(this.userDetailsServices, "A UserDetailsService must be set");
    }

    protected final UserDetails retrieveUser(String username, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
   
        this.prepareTimingAttackProtection();
        // 自定义添加
        Map<String,String> map = (Map<String, String>) authentication.getDetails();
        try {
   
            // 自定义添加 type必须和传参是的类型一致;否则会报错
            String userType = map.get("type");
            UserDetails loadedUser = getUserDetailsServices().loadUserByUsername(username, userType);
            if (loadedUser == null) {
   
                throw new InternalAuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
            } else {
   
                return loadedUser;
            }
        } catch (UsernameNotFoundException var4) {
   
            this.mitigateAgainstTimingAttack(authentication);
            throw var4;
        } catch (InternalAuthenticationServiceException var5) {
   
            throw var5;
        } catch (Exception var6) {
   
            throw new InternalAuthenticationServiceException(var6.getMessage(

最低0.47元/天解锁文章

触不可及，而又念念不忘

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
Spring Security OAuth2实现多用户类型认证与多用户类型token刷新（新）

此方法基于覆盖源码路径实现，以最少的配置完成Spring Security OAuth2实现多用户类型认证与多用户类型token刷新
复制链接

扫一扫