首页 > 其他分享> > spring security+oauth2重写/oauth/token接口

spring security+oauth2重写/oauth/token接口

2021-02-09 15:33:13 作者：互联网

在获取token时使用/oauth/token接口但是想在返回token的同时也返回其他属性：如用户姓名，权限等那么我们可以重写/oauth/token 接口

OauthController

以下配置不会更改接口地址和入参只更改返回值

@RestController
@RequestMapping("/oauth")
public class OauthController {


    @Autowired
    @Lazy
    private TokenStore tokenStore;

    @Autowired
    private TokenEndpoint tokenEndpoint;


    /**
     * 重写login接口
     * 
     * @param principal
     * @param parameters
     * @return
     * @throws HttpRequestMethodNotSupportedException
     */
    @PostMapping("/token")
    public Result<Map<String, Object>> postAccessToken(Principal principal,
        @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
        OAuth2AccessToken accessToken;
        accessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
        Result<Map<String, Object>> result = new Result<>();
        Map<String, Object> resultMap = Maps.newLinkedHashMap();
        // token信息
        resultMap.put("access_token", accessToken.getValue());
        resultMap.put("token_type", accessToken.getTokenType());
        resultMap.put("expires_in", accessToken.getExpiresIn());
        resultMap.put("scope", StringUtils.join(accessToken.getScope(), ","));
        resultMap.putAll(accessToken.getAdditionalInformation());
        // 权限信息
        Collection<? extends GrantedAuthority> authorities =
            tokenStore.readAuthentication(accessToken).getUserAuthentication().getAuthorities();
        List<String> list = new ArrayList<>();
        for (GrantedAuthority authority : authorities) {
            list.add(authority.getAuthority());
        }
        resultMap.put("authorities", list);
        result.setData(resultMap);
        return result;
    }

}

标签：oauth2,accessToken,spring,resultMap,oauth,token,接口,put
来源： https://blog.csdn.net/qq_20143059/article/details/113770957