jwt怎么获取当前登录用户_使用Spring Security从JWT令牌中提取当前登录的用户信息…

小编典典 您需要做的第一件事是在创建JWT时将用户信息存储在JWT内,然后在使用JWT时将其提取。我有一个类似…

小编典典

您需要做的第一件事是在创建JWT时将用户信息存储在JWT内,然后在使用JWT时将其提取。我有一个类似的情况,我通过扩展双方解决它TokenEnhancer和JwtAccessTokenConverter。

我使用TokenEnhancer来将我的扩展类型的主体嵌入CustomUserDetailsJWT其他信息中。

public class CustomAccessTokenEnhancer implements TokenEnhancer {

@Override

public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {

Authentication userAuthentication = authentication.getUserAuthentication();

if (userAuthentication != null) {

Object principal = authentication.getUserAuthentication().getPrincipal();

if (principal instanceof CustomUserDetails) {

Map additionalInfo = new HashMap<>();

additionalInfo.put(“userDetails”, principal);

((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);

return accessToken;

然后Authentication在处理经过身份验证的请求时在构建对象时手动提取扩展的主体。

public class CustomJwtAccessTokenConverter extends JwtAccessTokenConverter {

@Override

public OAuth2Authentication extractAuthentication(Map map) {

OAuth2Authentication authentication = super.extractAuthentication(map);

Authentication userAuthentication = authentication.getUserAuthentication();

if (userAuthentication != null) {

LinkedHashMap userDetails = (LinkedHashMap) map.get(“userDetails”);

if (userDetails != null) {

// build your principal here

String localUserTableField = (String) userDetails.get(“localUserTableField”);

CustomUserDetails extendedPrincipal = new CustomUserDetails(localUserTableField);

Collection extends GrantedAuthority> authorities = userAuthentication.getAuthorities();

userAuthentication = new UsernamePasswordAuthenticationToken(extendedPrincipal,

userAuthentication.getCredentials(), authorities);

return new OAuth2Authentication(authentication.getOAuth2Request(), userAuthentication);

以及将AuthorizationServer其捆绑在一起的配置。

@Configuration

@EnableAuthorizationServer

public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

@Autowired

private AuthenticationManager authenticationManager;

@Autowired

private UserDetailsService userDetailsService;

@Autowired

private DataSource dataSource;

@Bean

public JwtAccessTokenConverter accessTokenConverter() {

CustomJwtAccessTokenConverter accessTokenConverter = new CustomJwtAccessTokenConverter();

accessTokenConverter.setSigningKey(“a1b2c3d4e5f6g”);

return accessTokenConverter;

@Bean

public TokenStore tokenStore() {

return new JwtTokenStore(accessTokenConverter());

@Bean

@Primary

public DefaultTokenServices tokenServices() {

DefaultTokenServices defaultTokenServices = new DefaultTokenServices();

defaultTokenServices.setTokenStore(tokenStore());

defaultTokenServices.setSupportRefreshToken(true);

return defaultTokenServices;

@Bean

public TokenEnhancer tokenEnhancer() {

return new CustomAccessTokenEnhancer();

@Bean

public PasswordEncoder passwordEncoder() {

return new BCryptPasswordEncoder();

@Override

clients.jdbc(dataSource).passwordEncoder(passwordEncoder());

@Override

public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();

tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter()));

endpoints

.tokenStore(tokenStore())

.tokenEnhancer(tokenEnhancerChain)

.authenticationManager(authenticationManager)

.userDetailsService(userDetailsService);

@Override

public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {

security.passwordEncoder(passwordEncoder());

security.checkTokenAccess(“isAuthenticated()”);

然后,我可以像这样访问我的资源控制器中的扩展主体

@RestController

public class SomeResourceController {

@RequestMapping(“/some-resource”)

public ResponseEntity> someResource(Authentication authentication) {

CustomUserDetails userDetails = (CustomUserDetails) authentication.getPrincipal();

return ResponseEntity.ok(“woo hoo!”);

希望这可以帮助!

2020-05-30

本文来自网络,不代表软粉网立场,转载请注明出处:https://www.rfff.net/p/8103.html

作者: HUI

发表评论

您的电子邮箱地址不会被公开。

返回顶部