Java Code Examples for org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter

The following examples show how to use org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may want to check out the right sidebar which shows the related API usage.
Example 1
@Bean
@ConditionalOnMissingBean(JwtAccessTokenConverter.class)
public JwtAccessTokenConverter accessTokenConverter() {
	Assert.notNull(this.authorization.getJwt().getKeyStore(), "keyStore cannot be null");
	Assert.notNull(this.authorization.getJwt().getKeyStorePassword(), "keyStorePassword cannot be null");
	Assert.notNull(this.authorization.getJwt().getKeyAlias(), "keyAlias cannot be null");

	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();

	Resource keyStore = this.context.getResource(this.authorization.getJwt().getKeyStore());
	char[] keyStorePassword = this.authorization.getJwt().getKeyStorePassword().toCharArray();
	KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(keyStore, keyStorePassword);

	String keyAlias = this.authorization.getJwt().getKeyAlias();
	char[] keyPassword = Optional.ofNullable(this.authorization.getJwt().getKeyPassword())
			.map(String::toCharArray).orElse(keyStorePassword);
	converter.setKeyPair(keyStoreKeyFactory.getKeyPair(keyAlias, keyPassword));

	return converter;
}
 
Example 2
Source Project: cloud-service   Source File: AuthorizationServerConfig.java    License: MIT License 6 votes vote down vote up
/**
 * Jwt资源令牌转换器<br>
 * 参数access_token.store-jwt为true时用到
 *
 * @return accessTokenConverter
 */
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter() {
        @Override
        public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
            OAuth2AccessToken oAuth2AccessToken = super.enhance(accessToken, authentication);
            addLoginUserInfo(oAuth2AccessToken, authentication); // 2019.07.13 将当前用户信息追加到登陆后返回数据里
            return oAuth2AccessToken;
        }
    };
    DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) jwtAccessTokenConverter
            .getAccessTokenConverter();
    DefaultUserAuthenticationConverter userAuthenticationConverter = new DefaultUserAuthenticationConverter();
    userAuthenticationConverter.setUserDetailsService(userDetailsService);

    defaultAccessTokenConverter.setUserTokenConverter(userAuthenticationConverter);
    // 2019.06.29 这里务必设置一个,否则多台认证中心的话,一旦使用jwt方式,access_token将解析错误
    jwtAccessTokenConverter.setSigningKey(signingKey);

    return jwtAccessTokenConverter;
}
 
Example 3
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setAccessTokenConverter(customAccessTokenConverter);

    converter.setSigningKey("123");
    // final Resource resource = new ClassPathResource("public.txt");
    // String publicKey = null;
    // try {
    // publicKey = IOUtils.toString(resource.getInputStream());
    // } catch (final IOException e) {
    // throw new RuntimeException(e);
    // }
    // converter.setVerifierKey(publicKey);
    return converter;
}
 
Example 4
@Bean
@ConditionalOnMissingBean(JwtAccessTokenConverter.class)
public JwtAccessTokenConverter jwtTokenEnhancer() {
	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	String keyValue = this.resource.getJwt().getKeyValue();
	if (!StringUtils.hasText(keyValue)) {
		keyValue = getKeyFromServer();
	}
	if (StringUtils.hasText(keyValue) && !keyValue.startsWith("-----BEGIN")) {
		converter.setSigningKey(keyValue);
	}
	if (keyValue != null) {
		converter.setVerifierKey(keyValue);
	}
	if (!CollectionUtils.isEmpty(this.configurers)) {
		AnnotationAwareOrderComparator.sort(this.configurers);
		for (JwtAccessTokenConverterConfigurer configurer : this.configurers) {
			configurer.configure(converter);
		}
	}
	return converter;
}
 
Example 5
Source Project: Spring-5.0-By-Example   Source File: OAuthTokenConfiguration.java    License: MIT License 5 votes vote down vote up
@Bean
public JwtTokenStore tokenStore() throws Exception {
  JwtAccessTokenConverter enhancer = new JwtAccessTokenConverter();
  enhancer.setSigningKey(privateKey);
  enhancer.setVerifierKey(publicKey);
  enhancer.afterPropertiesSet();
  return new JwtTokenStore(enhancer);
}
 
Example 6
/**
 * 配置AccessToken加密方式
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter(CustomUserAuthenticationConverter customUserAuthenticationConverter) {
	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	KeyPair keyPair = new KeyStoreKeyFactory(
			keyProperties.getKeyStore().getLocation(),
			keyProperties.getKeyStore().getSecret().toCharArray()).getKeyPair(
			keyProperties.getKeyStore().getAlias(),
			keyProperties.getKeyStore().getPassword().toCharArray());
	converter.setKeyPair(keyPair);
	//配置自定义的CustomUserAuthenticationConverter
	DefaultAccessTokenConverter accessTokenConverter = (DefaultAccessTokenConverter) converter.getAccessTokenConverter();
	accessTokenConverter.setUserTokenConverter(customUserAuthenticationConverter);
	return converter;
}
 
Example 7
/**
 * token enhancer
 *
 * @return TokenEnhancer
 */
private TokenEnhancer tokenEnhancer() {
    if (accessTokenConverter instanceof JwtAccessTokenConverter) {
        return (TokenEnhancer) accessTokenConverter;
    }
    return null;
}
 
Example 8
/**
 * 配置jwt生成token的转换
 * 使用自定义Sign Key 进行加密
 *
 * @return Jwt Access Token转换实例
 */
@Bean
@ConditionalOnProperty(prefix = API_BOOT_OAUTH_PREFIX, name = "jwt.enable", havingValue = "true")
public AccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(apiBootOauthProperties.getJwt().getSignKey());
    return converter;
}
 
Example 9
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory(
            new ClassPathResource("keys/jwtConverterStore.jks"),
            keyStorePass.toCharArray()
    ).getKeyPair(keyPairAlias);

    converter.setKeyPair(keyPair);
    return converter;
}
 
Example 10
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
    DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) accessTokenConverter.getAccessTokenConverter();
    DefaultUserAuthenticationConverter userAuthenticationConverter = new DefaultUserAuthenticationConverter();
    userAuthenticationConverter.setUserDetailsService(userDetailService);
    defaultAccessTokenConverter.setUserTokenConverter(userAuthenticationConverter);
    accessTokenConverter.setSigningKey(properties.getJwtAccessKey());
    return accessTokenConverter;
}
 
Example 11
Source Project: SpringCloud   Source File: AuthorizationServerConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * jwt token的生成配置
 *
 * @return
 */
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(signingKey);
    return converter;
}
 
Example 12
Source Project: microservices-platform   Source File: ResJwtTokenStore.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setVerifierKey(getPubKey());
    DefaultAccessTokenConverter tokenConverter = (DefaultAccessTokenConverter)converter.getAccessTokenConverter();
    tokenConverter.setUserTokenConverter(new CustomUserAuthenticationConverter());
    return converter;
}
 
Example 13
Source Project: microservices-platform   Source File: AuthJwtTokenStore.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory
            (keyProperties.getKeyStore().getLocation(), keyProperties.getKeyStore().getSecret().toCharArray())
            .getKeyPair(keyProperties.getKeyStore().getAlias());
    converter.setKeyPair(keyPair);
    DefaultAccessTokenConverter tokenConverter = (DefaultAccessTokenConverter)converter.getAccessTokenConverter();
    tokenConverter.setUserTokenConverter(new CustomUserAuthenticationConverter());
    return converter;
}
 
Example 14
@Bean
@ConditionalOnMissingBean(JwtAccessTokenConverter.class)
public JwtAccessTokenConverter jwtTokenEnhancer() {
	String keyValue = this.authorization.getJwt().getKeyValue();
	Assert.notNull(this.authorization.getJwt().getKeyValue(), "keyValue cannot be null");

	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	if (!keyValue.startsWith("-----BEGIN")) {
		converter.setVerifierKey(keyValue);
	}
	converter.setSigningKey(keyValue);

	return converter;
}
 
Example 15
Source Project: spring-cloud-study   Source File: ResourceServerConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();

    accessTokenConverter.setSigningKey("dev");
    accessTokenConverter.setVerifierKey("dev");
    return accessTokenConverter;
}
 
Example 16
Source Project: wangsy-january   Source File: SsoAuthConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    // 用字符串wangsy 作为jwt字符串的签名
    converter.setSigningKey("wangsy");

    return converter;
}
 
Example 17
Source Project: oauth-boot   Source File: TokenStoreConfig.java    License: MIT License 5 votes vote down vote up
@Bean
@Primary
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(properties.getOauth2().getTokenSigningKey());
    return converter;
}
 
Example 18
@Test
public void configureWhenPrivateKeyIsProvidedThenExposesJwtAccessTokenConverter() throws Exception {
	Path privateKeyPath = new ClassPathResource("key.private", this.getClass()).getFile().toPath();
	String privateKey = Files.readAllLines(privateKeyPath).stream().collect(Collectors.joining("\n"));

	this.contextRunner.withPropertyValues("security.oauth2.authorization.jwt.key-value=" + privateKey)
			.run(context -> {
				assertThat(context).getBean(JwtAccessTokenConverter.class)
						.satisfies(JwtAccessTokenConverter::isPublic);
			});
}
 
Example 19
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyStoreKeyFactory keyFactory =
            new KeyStoreKeyFactory(new ClassPathResource("private.jks"), "storepass".toCharArray());
    converter.setKeyPair(keyFactory.getKeyPair("jwtserver", "keypass".toCharArray()));
    converter.setVerifierKey(publicKey);
    return converter;
}
 
Example 20
Source Project: onetwo   Source File: Oauth2TokenStoreConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	converter.setSigningKey(jfishOauth2Properties.getJwt().getSigningKey());
	/*if (keyValue != null) {
		converter.setVerifierKey(keyValue);
	}*/
	return converter;
}
 
Example 21
Source Project: open-cloud   Source File: OpenHelper.java    License: MIT License 5 votes vote down vote up
/**
 * 构建资源服务器JwtToken服务类
 *
 * @param properties
 * @return
 */
public static ResourceServerTokenServices buildJwtTokenServices(OpenCommonProperties properties) throws Exception {
    // 使用自定义系统用户凭证转换器
    DefaultAccessTokenConverter accessTokenConverter = buildAccessTokenConverter();
    OpenJwtTokenService tokenServices = new OpenJwtTokenService();
    // 这里的签名key 保持和认证中心一致
    JwtAccessTokenConverter converter = buildJwtTokenEnhancer(properties);
    JwtTokenStore jwtTokenStore = new JwtTokenStore(converter);
    tokenServices.setTokenStore(jwtTokenStore);
    tokenServices.setJwtAccessTokenConverter(converter);
    tokenServices.setDefaultAccessTokenConverter(accessTokenConverter);
    log.info("buildJwtTokenServices[{}]", tokenServices);
    return tokenServices;
}
 
Example 22
Source Project: micro-ecommerce   Source File: AuthserverApplication.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	KeyPair keyPair = new KeyStoreKeyFactory(new ClassPathResource("keystore.jks"), "foobar".toCharArray())
			.getKeyPair("test");
	converter.setKeyPair(keyPair);
	return converter;
}
 
Example 23
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory(
            new ClassPathResource(keystore),
            keyStorePass.toCharArray()
    ).getKeyPair(keyPairAlias);

    converter.setKeyPair(keyPair);
    return converter;
}
 
Example 24
Source Project: OAuth-2.0-Cookbook   Source File: JweTokenStore.java    License: MIT License 5 votes vote down vote up
public JweTokenStore(String encodedSigningKey, TokenStore delegate,
                     JwtAccessTokenConverter converter, JweTokenSerializer crypto) {
    this.encodedSigningKey = encodedSigningKey;
    this.delegate = delegate;
    this.converter = converter;
    this.crypto = crypto;
}
 
Example 25
Source Project: spring-boot-demo   Source File: Oauth2AuthorizationTokenConfig.java    License: MIT License 5 votes vote down vote up
/**
 * jwt 令牌 配置,非对称加密
 *
 * @return 转换器
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    final JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
    accessTokenConverter.setKeyPair(keyPair());
    return accessTokenConverter;
}
 
Example 26
@Bean
// Get this resource server to verify its own JWT token, instead of passing the request to the jwt-server via security.oauth2.resource.userInfoUri
public JwtAccessTokenConverter jwtTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(signingKey);
    return converter;
}
 
Example 27
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey("123");
    // final KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("mytest.jks"), "mypass".toCharArray());
    // converter.setKeyPair(keyStoreKeyFactory.getKeyPair("mytest"));
    return converter;
}
 
Example 28
Source Project: spring-auth-example   Source File: OAuth2Config.java    License: MIT License 5 votes vote down vote up
@Bean
protected JwtAccessTokenConverter jwtTokenEnhancer() {
  KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(
      new ClassPathResource("jwt.jks"), "mySecretKey".toCharArray());
  JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
  converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt"));
  return converter;
}
 
Example 29
/**
 * <p>
 * Configures jwt related access token converter to allow enhanced user details to be
 * converted.
 * </p>
 * @param jwtAccessTokenConverter the converter to configure
 */
@Autowired
public void configure(JwtAccessTokenConverter jwtAccessTokenConverter) {
	notNull(jwtAccessTokenConverter, "jwtAccessTokenConverter");
	DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) jwtAccessTokenConverter
			.getAccessTokenConverter();
	defaultAccessTokenConverter
			.setUserTokenConverter(new UserAuthenticationConverter());
}
 
Example 30
Source Project: cubeai   Source File: UaaConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * This bean generates an token enhancer, which manages the exchange between JWT acces tokens and Authentication
 * in both directions.
 *
 * @return an access token converter configured with the authorization server's public/private keys
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory(
         new ClassPathResource(uaaProperties.getKeyStore().getName()), uaaProperties.getKeyStore().getPassword().toCharArray())
         .getKeyPair(uaaProperties.getKeyStore().getAlias());
    converter.setKeyPair(keyPair);
    return converter;
}