spring cloud oauth2+jwt扩展登录方式(短信验证码登录)

spring cloud oauth2+jwt搭建

  1. 改造CustomUserDetailsService
public class CustomUserDetailsService implements UserDetailsService {

    @Autowired
    private AuthApi authApi;

    @Autowired
    private UserLoginService userLoginService;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        UserDetail userDetail=authApi.getByUsername(username).getBody();
        List<? extends GrantedAuthority> authorities = new ArrayList();
        return new OAuthUser(userDetail,new User(userDetail.getUsername(),userDetail.getPassword(),authorities));
    }

    public OAuthUser loadUserByUsernameAndSmscode(String username,String smscode){
        boolean verified=userLoginService.verifyLoginSmscode(username, smscode);
        if(!verified){
            return null;
        }
        UserDetail userDetail=authApi.getByUsername(username).getBody();
        List<? extends GrantedAuthority> authorities = new ArrayList();
        return new OAuthUser(userDetail,new User(userDetail.getUsername(),userDetail.getPassword(),authorities));
    }
}
  1. 新建SmscodeTokenGranter用户短信登录
public class SmscodeTokenGranter extends AbstractTokenGranter {

    private static final String GRANT_TYPE = "sms_code";

    protected CustomUserDetailsService userDetailsService;

    private OAuth2RequestFactory requestFactory;

    public SmscodeTokenGranter(CustomUserDetailsService userDetailsService,
                               AuthorizationServerTokenServices tokenServices,
                               ClientDetailsService clientDetailsService,
                               OAuth2RequestFactory requestFactory) {
        super(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
        this.userDetailsService=userDetailsService;
        this.requestFactory=requestFactory;
    }

    @Override
    protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
        Map<String, String> parameters = tokenRequest.getRequestParameters();
        OAuthUser user = this.getUser(parameters);
        if (user == null) {
            throw new InvalidGrantException("无法获取用户信息");
        }
        OAuth2Request storedOAuth2Request = this.requestFactory.createOAuth2Request(client, tokenRequest);
        PreAuthenticatedAuthenticationToken authentication = new PreAuthenticatedAuthenticationToken(user, null, user.getAuthorities());
        authentication.setDetails(user);
        OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(storedOAuth2Request, authentication);
        return oAuth2Authentication;
    }

    private OAuthUser getUser(Map<String,String> params){
        return userDetailsService.loadUserByUsernameAndSmscode(params.get("username"),params.get("smscode"));
    }
  1. 修改OAuthServerConfig,增加getTokenGranter()
@Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.tokenGranter(new CompositeTokenGranter(this.getTokenGranters(endpoints.getClientDetailsService(),endpoints.getTokenServices(),endpoints.getAuthorizationCodeServices(),endpoints.getOAuth2RequestFactory())));
        endpoints
                .authenticationManager(authenticationManager)
                .userDetailsService(userDetailsService)
                .tokenStore(tokenStore()).accessTokenConverter(jwtAccessTokenConverter());
        endpoints.exceptionTranslator(oAuth2ExceptionTranslator());
    }

    private List<TokenGranter> getTokenGranters(ClientDetailsService clientDetails,AuthorizationServerTokenServices tokenServices,AuthorizationCodeServices authorizationCodeServices,OAuth2RequestFactory requestFactory) {
        List<TokenGranter> tokenGranters = new ArrayList<TokenGranter>();
        tokenGranters.add(new AuthorizationCodeTokenGranter(tokenServices, authorizationCodeServices, clientDetails,requestFactory));
        tokenGranters.add(new RefreshTokenGranter(tokenServices, clientDetails, requestFactory));
        tokenGranters.add(new ImplicitTokenGranter(tokenServices, clientDetails, requestFactory));
        tokenGranters.add(new ClientCredentialsTokenGranter(tokenServices, clientDetails, requestFactory));
        tokenGranters.add(new SmscodeTokenGranter((CustomUserDetailsService) userDetailsService,tokenServices,clientDetails,requestFactory));
        if (authenticationManager != null) {
            tokenGranters.add(new ResourceOwnerPasswordTokenGranter(authenticationManager, tokenServices,clientDetails, requestFactory));
        }
        return tokenGranters;
    }
  1. 配置增加authrizedGrantType,sms_code
@Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
                .withClient("user-service")
                .scopes("userApi")
                .secret("123456")
                .authorizedGrantTypes("password", "sms_code", "authorization_code", "refresh_token")
                .accessTokenValiditySeconds(518400)
                .refreshTokenValiditySeconds(604800);
                }

看看新的短信验证码登录方法
spring cloud oauth2+jwt扩展登录方式(短信验证码登录)_第1张图片

你可能感兴趣的:(spring-cloud,spring,boot,java)