我正在使用OAuth 2.0spring 生成令牌,我想expire_in手动设置,以便令牌可以根据我的标准过期。有人帮我吗?
这是我的回应:
{
access_token: "c7a6cb95-1506-40e7-87d1-ddef0a239f64"
token_type: "bearer"
expires_in: 43199
scope: "read"
}
问问题
38434 次
8 回答
37
可以使用ClientBuilder从 a 获得的 a进行设置ClientDetailsServiceConfigurer。
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("client")
.secret("secret")
.authorizedGrantTypes("authorization_code", "refresh_token", "password")
.scopes("app")
.accessTokenValiditySeconds(30);
}
// ... additional configuration
}
或直接DefaultTokenServices取决于您的需要。
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
// optionally here you could just get endpoints.getConsumerTokenService()
// and cast to DefaultTokenServices and just set values needed
DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(endpoints.getTokenStore());
tokenServices.setSupportRefreshToken(true);
tokenServices.setClientDetailsService(endpoints.getClientDetailsService());
tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer());
tokenServices.setAccessTokenValiditySeconds(60);
endpoints.tokenServices(tokenServices);
}
}
于 2015-09-03T16:17:38.647 回答
10
配置您的 oauth 配置,更改您的 Bean TokenServices 并设置accessTokenValiditySeconds属性:
<bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="accessTokenValiditySeconds" value="1" />
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="clientDetailsService" ref="clientDetails" />
</bean>
于 2013-08-02T15:47:31.993 回答
7
您也可以DefaultTokenServices在application.yaml文件中配置.
security:
oauth2:
client:
clientId: client-id
clientSecret: client-secret
authorized-grant-types: authorization_code,refresh_token,password
scope: openid
access-token-validity-seconds: 30
于 2016-12-20T08:39:31.407 回答
1
创建 AuthorizationCodeAccessTokenProvider 的自定义类并覆盖父类
public method obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request)在自定义类的重写方法中,调用其父类的程序逻辑:
DefaultOAuth2AccessToken token = super.obtainAccessToken(details, request);这将返回一个 AccessToken。现在,您只需通过提供过去的时间戳来直接操作该令牌的过期值
token.setExpiresIn(int timestamp)
于 2014-07-25T15:03:11.700 回答
0
如果您使用 grails security oauth2 provider,您只能更改 grails-app/conf/spring/resources.groovy
import org.springframework.security.oauth2.provider.token.DefaultTokenServices
// Place your Spring DSL code here
beans = {
tokenServices(DefaultTokenServices){
accessTokenValiditySeconds = 600;
tokenStore = ref('tokenStore')
supportRefreshToken = true;
clientDetailsService = ref('clientDetailsService')
}
}
于 2016-12-05T08:44:12.297 回答
0
因此,我认为没有任何政策可以这样做。但是有一种方法可以导致成功。只需使用 refresh_token API 使当前的 access_token 无效。:D 很简单。
于 2020-07-30T13:27:18.203 回答
0
也在寻找这个答案并尝试了 DeezCashews 提出的解决方案。但这对我不起作用,因为有一部分代码首先检查是否在列 access_token_validity 表 oauth_client_details 中设置了该值,然后才从 tokenServices 中 greps 值。因此,如果您的“expires_in”设置在 oauth_client_details 表中,那么您需要在此处进行更改。
检查 db 中的有效性属性的代码:
protected int getAccessTokenValiditySeconds(OAuth2Request clientAuth) {
if (clientDetailsService != null) {
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
Integer validity = client.getAccessTokenValiditySeconds();
if (validity != null) {
return validity;
}
}
return accessTokenValiditySeconds;
}
于 2020-07-30T09:56:18.940 回答
-10
public interface OAuth2AccessToken {
public static String BEARER_TYPE = "Bearer";
public static String OAUTH2_TYPE = "OAuth2";
/**
* The access token issued by the authorization server. This value is REQUIRED.
*/
public static String ACCESS_TOKEN = "access_token";
/**
* The type of the token issued as described in <a
* href="http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-7.1">Section 7.1</a>. Value is case insensitive.
* This value is REQUIRED.
*/
public static String TOKEN_TYPE = "token_type";
/**
* The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will
* expire in one hour from the time the response was generated. This value is OPTIONAL.
*/
public static String EXPIRES_IN = "expires_in";
/**
* The refresh token which can be used to obtain new access tokens using the same authorization grant as described
* in <a href="http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-6">Section 6</a>. This value is OPTIONAL.
*/
public static String REFRESH_TOKEN = "refresh_token";
/**
* The scope of the access token as described by <a
* href="http://tools.ietf.org/html/draft-ietf-oauth-v2-22#section-3.3">Section 3.3</a>
*/
public static String SCOPE = "scope";
/**
* The additionalInformation map is used by the token serializers to export any fields used by extensions of OAuth.
* @return a map from the field name in the serialized token to the value to be exported. The default serializers
* make use of Jackson's automatic JSON mapping for Java objects (for the Token Endpoint flows) or implicitly call
* .toString() on the "value" object (for the implicit flow) as part of the serialization process.
*/
Map<String, Object> getAdditionalInformation();
Set<String> getScope();
OAuth2RefreshToken getRefreshToken();
String getTokenType();
boolean isExpired();
Date getExpiration();
int getExpiresIn();
String getValue();
}
于 2013-06-26T06:17:33.300 回答