文章目录
1、授权成功返回自定义格式信息
/**
* ===================================
* 描 述 : 重写令牌申请接口
* 包 名 : top.qinxq.single.rest
* 创建人 : qinxq
* ===================================
*/
@RestController
@RequestMapping("/oauth")
public class OauthController {
@Autowired
private TokenEndpoint tokenEndpoint;
/**
* =====================================
* 描 述 : 自定义返回信息添加基本信息
* 参 数 : [principal, parameters]
* 返 回 值 : top.qinxq.single.entity.vo.R
* =====================================
*/
@PostMapping("/token")
public R postAccessTokenWithUserInfo(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException {
OAuth2AccessToken accessToken = tokenEndpoint.postAccessToken(principal, parameters).getBody();
Map<String, Object> data = new LinkedHashMap();
data.put("accessToken", accessToken.getValue());
if (accessToken.getRefreshToken() != null) {
data.put("refreshToken", accessToken.getRefreshToken().getValue());
}
//添加基本信息
data.put("userId","");
data.put("nickName","");
return new R(data);
}
}
ps: R : 自定义消息返回体
2、用户无权限返回自定义格式信息
1、添加授权拒绝处理器
/**
* ===================================
* 描 述 : 授权拒绝处理器,覆盖默认的OAuth2AccessDeniedHandler
* 包 名 : top.qinxq.single.common.auth
* 创建人 : qinxq
* ===================================
*/
@Component
public class AuthExceptionHandler extends OAuth2AccessDeniedHandler implements AuthenticationEntryPoint, AuthenticationFailureHandler {
@Autowired
private ObjectMapper objectMapper;
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException {
CommonUtils.authException(request, response, authException,objectMapper);
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException {
CommonUtils.authException(request, response, authException,objectMapper);
}
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
CommonUtils.authException(request, response, authException,objectMapper);
}
}
/**
* ===================================
* 描 述 : 公共工具类
* 包 名 : top.qinxq.single.common.utils
* 创建人 : qinxq
* ===================================
*/
@Slf4j
public class CommonUtils {
/**
* =====================================
* 描 述 : Auth2.0 异常封装
* 参 数 : [request, response, authException, objectMapper]
* 返 回 值 : void
* 创 建 人 : qinxq
* =====================================
*/
public static void authException (HttpServletRequest request, HttpServletResponse response, Exception authException, ObjectMapper objectMapper) throws IOException {
log.info("认证失败,禁止访问 {}", request.getRequestURI());
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
R<String> result = new R(1001,"认证失败,禁止访问",authException);
response.setStatus(HttpStatus.SC_OK);
PrintWriter printWriter = response.getWriter();
printWriter.append(objectMapper.writeValueAsString(result));
}
}
2、配置资源服务器,添加如下方法配置
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.accessDeniedHandler(authExceptionHandler)
.authenticationEntryPoint(authExceptionHandler);
}
相关链接
SpringCloud、SpringBoot2.0 整合Oauth2 (一) 基本配置
SpringCloud、SpringBoot2.0 整合Oauth2 (一) 基本配置