package com.kidgrow.authclient.store; import com.kidgrow.authclient.converter.CustomUserAuthenticationConverter; import com.kidgrow.common.model.SysUser; import org.springframework.cloud.bootstrap.encrypt.KeyProperties; import org.springframework.context.annotation.Bean; import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter; import org.springframework.security.oauth2.provider.token.TokenEnhancer; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory; import javax.annotation.Resource; import java.security.KeyPair; import java.util.HashMap; import java.util.Map; /** * 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020
* * @Description: 认证服务器令牌采用Jwt RSA 非对称加密令牌存储
* @Project:
* @CreateDate: Created in 2020/2/13 11:24
* @Author: liuke */ public class AuthJwtTokenStore { @Bean("keyProp") public KeyProperties keyProperties() { return new KeyProperties(); } @Resource(name = "keyProp") private KeyProperties keyProperties; @Bean public TokenStore tokenStore(JwtAccessTokenConverter jwtAccessTokenConverter) { return new JwtTokenStore(jwtAccessTokenConverter); } @Bean public JwtAccessTokenConverter jwtAccessTokenConverter() { final JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); KeyPair keyPair = new KeyStoreKeyFactory (keyProperties.getKeyStore().getLocation(), keyProperties.getKeyStore().getSecret().toCharArray()) .getKeyPair(keyProperties.getKeyStore().getAlias()); converter.setKeyPair(keyPair); DefaultAccessTokenConverter tokenConverter = (DefaultAccessTokenConverter)converter.getAccessTokenConverter(); tokenConverter.setUserTokenConverter(new CustomUserAuthenticationConverter()); return converter; } /** * jwt 生成token 定制化处理 * 添加一些额外的用户信息到token里面 * * @return TokenEnhancer */ @Bean public TokenEnhancer tokenEnhancer() { return (accessToken, authentication) -> { final Map additionalInfo = new HashMap<>(1); Object principal = authentication.getPrincipal(); //增加id参数 if (principal instanceof SysUser) { SysUser user = (SysUser)principal; additionalInfo.put("id", user.getId()); } ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo); return accessToken; }; } }