spring-cloud-starter-oauth2里整合了jwt包 编写JwtTokenStoreConfig 类
@Configuration public class JwtTokenStoreConfig { @Bean public TokenStore jwtTokenStore(){ return new JwtTokenStore(jwtAccessTokenConverter()); } //转换token字符串 @Bean public JwtAccessTokenConverter jwtAccessTokenConverter(){ JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter(); //配置jwt使用的密钥 accessTokenConverter.setSigningKey("test_key"); return accessTokenConverter; } }配置授权服务器
//授权服务器配置 @Configuration @EnableAuthorizationServer public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { @Autowired @Qualifier("jwtTokenStore") private TokenStore tokenStore; @Autowired private JwtAccessTokenConverter jwtAccessTokenConverter; //使用密码模式所需配置 @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(authenticationManager) .userDetailsService(userService) //配置存储令牌策略 .tokenStore(tokenStore) .accessTokenConverter(jwtAccessTokenConverter); // .tokenStore(tokenStore); 。 。 。 }jwt内容增强j 编写JwtTokenEnhancer 类
//jwt内容增强 public class JwtTokenEnhancer implements TokenEnhancer { @Override public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) { Map<String,Object> map = new HashMap<>(); map.put("enhance","enhance info"); ((DefaultOAuth2AccessToken)oAuth2AccessToken).setAdditionalInformation(map); return oAuth2AccessToken; } }JwtTokenStoreConfig中添加
@Bean public JwtTokenEnhancer jwtTokenEnhancer(){ return new JwtTokenEnhancer(); } }AuthorizationServerConfig授权服务器配置
@Autowired private JwtTokenEnhancer tokenEnhancer; public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { TokenEnhancerChain enhancerChain = new TokenEnhancerChain(); List<TokenEnhancer> delegates = new ArrayList<>(); delegates.add(tokenEnhancer); delegates.add(jwtAccessTokenConverter); enhancerChain.setTokenEnhancers(delegates); endpoints.authenticationManager(authenticationManager) .userDetailsService(userService) //配置存储令牌策略 .tokenStore(tokenStore) .accessTokenConverter(jwtAccessTokenConverter); .tokenEnhancer(enhancerChain); // .tokenStore(tokenStore); }解析jwt 写controller类
@RestController @RequestMapping("/user") public class UserController { @RequestMapping("/getCurrentUser") public Object getCurrentUser(Authentication authentication, HttpServletRequest request){ String header = request.getHeader("Authorization"); String bearer = header.substring(header.indexOf("bearer") + 7); return Jwts.parser().setSigningKey("test_key".getBytes(StandardCharsets.UTF_8)) .parseClaimsJws(bearer) .getBody(); } }获得jwt 的token值 访问controller解析jwt 注意bearer后面要有一个空格 刷新令牌
//密码模式,刷新令牌 .authorizedGrantTypes("password","refresh_token");