0

我正在使用以下示例使用 Spring Cloud OAuth2 实现:

https://github.com/spring-cloud-samples/authserver

https://github.com/spring-cloud-samples/sso

第一个是 OAuth 服务器,它在对用户进行身份验证时生成 JWT 令牌。第二个是正在消耗的资源。该资源根据 OAuth 规范将用户的身份验证中继到 authserver。

一切似乎都很好,导致我提出其他问题:

  1. 在 authserver 中,在身份验证期间,如何访问 clientId 和 clientSecret?
  2. 我能否确定用于生成 JWT 令牌的值?
  3. 在 SSO 中,一旦用户通过身份验证,我如何访问令牌的内容(例如主体)?
4

1 回答 1

1

Answer to 3): change the method signature to include:

@AuthenticationPrincipal  User principal

This way the authentication credentials will be passed to the controller method called by Spring. The other way is through the security context:

SecurityContext securityContext = SecurityContextHolder.getContext(); 
Authentication authentication = securityContext.getAuthentication();

As for 2), my guess at this point is that to influence the parameters used to compute the JWT token, one needs to implement a custom AccessTokenConverter. If my understanding is correct the default one called DefaultAccessTokenConverter does not allow for this. I welcome any other opinion on this.

于 2014-12-15T03:01:25.420 回答