package com.kidgrow.zuul.auth;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken;
import reactor.core.publisher.Mono;
/**
* 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020
*
* @Description:
* @Project:
* @CreateDate: Created in 2020/2/22 22:44
* @Author: liuke
*/
public class CustomAuthenticationManager implements ReactiveAuthenticationManager {
private TokenStore tokenStore;
public CustomAuthenticationManager(TokenStore tokenStore) {
this.tokenStore = tokenStore;
}
@Override
public Mono authenticate(Authentication authentication) {
return Mono.justOrEmpty(authentication)
.filter(a -> a instanceof BearerTokenAuthenticationToken)
.cast(BearerTokenAuthenticationToken.class)
.map(BearerTokenAuthenticationToken::getToken)
.flatMap((accessTokenValue -> {
OAuth2AccessToken accessToken = tokenStore.readAccessToken(accessTokenValue);
if (accessToken == null) {
return Mono.error(new InvalidTokenException("Invalid access token: " + accessTokenValue));
} else if (accessToken.isExpired()) {
tokenStore.removeAccessToken(accessToken);
return Mono.error(new InvalidTokenException("Access token expired: " + accessTokenValue));
}
OAuth2Authentication result = tokenStore.readAuthentication(accessToken);
if (result == null) {
return Mono.error(new InvalidTokenException("Invalid access token: " + accessTokenValue));
}
return Mono.just(result);
}))
.cast(Authentication.class);
}
}