在Oauth2 Spring中更改响应 [英] Change Response in Oauth2 Spring

问题描述

我已经在这个论坛中发布了这个问题. 我也将其张贴在这里，以便有更多的回应机会

Hi i have posted this question in this forum. I post it here too, to have more chance for a response

http://forum.spring. io/forum/spring-projects/security/oauth/745627-response-of-oauth2

我需要在Oauth身份验证2的json响应中添加信息.现在我的配置返回如下响应:

I need to add information in the json response of an Oauth authentication2. Now my configuration return a response like:

{"access_token":"523dd467-e5c0-407b-95e4-ea60a403d772",
"token_type":"bearer",
"refresh_token ":"e3378c95-1ebf-419b-bf45-e734d8e94aba",
"expires_in":43199}

但是我希望拥有的是这样的:

But what i wish is to have is evriting like:

{"access_token":"523dd467-e5c0-407b-95e4-ea60a403d772",
"token_type":"bearer",
"refresh_token ":"e3378c95-1ebf-419b-bf45-e734d8e94aba",
"expires_in":43199, "other":"value"}

这有可能简单吗?

其他问题是: 是正确的，如果我想更改expireTime我应该实现TokenStore接口? 是否有任何相关文档?

Other question is: It's correct that if I wish to change the expireTime i should implement the TokenStore interface? Is there any documentation about it?

最后一个问题是: 有没有一种简单的方法可以使用json格式的凭据(用户名和密码)进行Oauth2身份验证?

The last question is: Is there a easy way to make Oauth2 authentication with Credentials (Username and Password) in json format?

推荐答案

坦克的黑马.

我只发现了如何添加其他信息来响应. Json格式不是他当时的格式(目前还不是很高的优先级).我的解决方法如下:

I only found how to add other information to response. Json format not at his time (is not a high priority at the moment). My solution is as following:

实施TokenEnhancer并将属性添加到tokenService配置:

Implement the TokenEnhancer and add a property to tokenService configuration:

示例:

<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices"> <property name="tokenStore" ref="tokenStore" /> <property name="supportRefreshToken" value="true" /> <property name="clientDetailsService" ref="clientDetailsService" /> <property name="tokenEnhancer" ref="tokenEnhancer"/> </bean>

<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices"> <property name="tokenStore" ref="tokenStore" /> <property name="supportRefreshToken" value="true" /> <property name="clientDetailsService" ref="clientDetailsService" /> <property name="tokenEnhancer" ref="tokenEnhancer"/> </bean>

和实现:

    public class MyTokenEnhancer implements TokenEnhancer {

        private List<TokenEnhancer> delegates = Collections.emptyList();

    public void setTokenEnhancers(List<TokenEnhancer> delegates) {
        this.delegates = delegates;
    }

    @Override
    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
        DefaultOAuth2AccessToken tempResult = (DefaultOAuth2AccessToken) accessToken;

        final Map<String, Object> additionalInformation = new HashMap<String, Object>();
        final String infoValue = "This is my value"; 

        additionalInformation.put("myInfo", infoValue);
        tempResult.setAdditionalInformation(additionalInformation);

        OAuth2AccessToken result = tempResult;
        for (TokenEnhancer enhancer : delegates) {
            result = enhancer.enhance(result, authentication);
        }
        return result;
    }
}

如果您找到了更好的解决方案....我愿意接受建议

If you find a beter/elegant solution.... I'm open to suggestions

这篇关于在Oauth2 Spring中更改响应的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！