Spring SecurityOauth 2カスタム登録と終了
4566 ワード
ログイン:
public class MyLoginAuthSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
/**
*
*/
private final static Logger logger = LoggerFactory.getLogger(MyLoginAuthSuccessHandler.class);
@Autowired
private ClientDetailsService jdbcClientDetailsService;
@Autowired
private DefaultTokenServices defaultTokenServices;
@Autowired
private ObjectMapper objectMapper;
@Autowired
private TokenStore authTokenStore;
@Autowired
private RedisTemplate redisTemplate;
@Autowired
private RedisTemplate tokenEntityRedisTemplate;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
JSONObject result = createToken(request,response,authentication);
if(result==null){
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(objectMapper.writeValueAsString(CommonResponse.successResponse(" !")));
return;
}
// openId
String code = request.getParameter("code");
if(StringUtils.isNotBlank(code)) {
result.put("openId", redisTemplate.opsForValue().get(code));
}
result.put("userInfo",((BaseUserDetail)authentication.getPrincipal()).getBaseUser());
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(objectMapper.writeValueAsString(result));
logger.info(" ");
}
/**
* token
* @param request
* @param response
* @param authentication
*/
private JSONObject createToken(HttpServletRequest request, HttpServletResponse response, Authentication authentication){
String clientId = request.getParameter("client_id");
String clientSecret = request.getParameter("client_secret");
ClientDetails clientDetails = jdbcClientDetailsService.loadClientByClientId(clientId);
//
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
if (null == clientDetails) {
throw new UnapprovedClientAuthenticationException("clientId " + clientId);
}
// secret
else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) {
throw new UnapprovedClientAuthenticationException("clientSecret " + clientId);
}
TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(),
"password");
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
defaultTokenServices.setTokenStore(authTokenStore);
logger.info("==="+authentication.getPrincipal());
defaultTokenServices.setAccessTokenValiditySeconds(Constant.AUTH_EXP_TIME);
defaultTokenServices.setRefreshTokenValiditySeconds(Constant.REFRESH_AUTH_EXP_TIME);
OAuth2AccessToken token = defaultTokenServices.createAccessToken(oAuth2Authentication);
SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
JSONObject result = new JSONObject();
result.put("access_token", token.getValue());
result.put("token_Expiration", sdf.format(token.getExpiration()));
logger.debug("token:"+token.getValue());
// token
if(!TokenUtil.pushToken(((BaseUserDetail)authentication.getPrincipal()).getBaseUser().getTelephone(),tokenEntityRedisTemplate,token.getValue(),token.getExpiration())){
return null;
}
return result;
}
} /**
*
*/
public class MyLogoutSuccessHandler implements LogoutSuccessHandler {
private Logger logger = LoggerFactory.getLogger(getClass());
@Autowired
private ObjectMapper objectMapper;
@Override
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(objectMapper.writeValueAsString(CommonResponse.successResponse(" ")));
}
}