spring security+oauth2重写/oauth/token接口

在获取token时使用/oauth/token接口 但是想在返回token的同时也返回其他属性:如用户姓名 ,权限等 那么我们可以重写/oauth/token 接口

OauthController 

以下配置不会更改接口地址和入参 只更改返回值

@RestController
@RequestMapping("/oauth")
public class OauthController {


    @Autowired
    @Lazy
    private TokenStore tokenStore;

    @Autowired
    private TokenEndpoint tokenEndpoint;


    /**
     * 重写login接口
     * 
     * @param principal
     * @param parameters
     * @return
     * @throws HttpRequestMethodNotSupportedException
     */
    @PostMapping("/token")
    public Result> postAccessToken(Principal principal,
        @RequestParam Map parameters) throws HttpRequestMethodNotSupportedException {
        OAuth2AccessToken accessToken;
        accessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
        Result> result = new Result<>();
        Map resultMap = Maps.newLinkedHashMap();
        // token信息
        resultMap.put("access_token", accessToken.getValue());
        resultMap.put("token_type", accessToken.getTokenType());
        resultMap.put("expires_in", accessToken.getExpiresIn());
        resultMap.put("scope", StringUtils.join(accessToken.getScope(), ","));
        resultMap.putAll(accessToken.getAdditionalInformation());
        // 权限信息
        Collection authorities =
            tokenStore.readAuthentication(accessToken).getUserAuthentication().getAuthorities();
        List list = new ArrayList<>();
        for (GrantedAuthority authority : authorities) {
            list.add(authority.getAuthority());
        }
        resultMap.put("authorities", list);
        result.setData(resultMap);
        return result;
    }

}

 

你可能感兴趣的:(oauth2+spring,security)