org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter Java Examples

The following examples show how to use org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthorizationServerConfig.java    From cloud-service with MIT License 7 votes vote down vote up
/**
 * Jwt资源令牌转换器<br>
 * 参数access_token.store-jwt为true时用到
 *
 * @return accessTokenConverter
 */
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter() {
        @Override
        public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
            OAuth2AccessToken oAuth2AccessToken = super.enhance(accessToken, authentication);
            addLoginUserInfo(oAuth2AccessToken, authentication); // 2019.07.13 将当前用户信息追加到登陆后返回数据里
            return oAuth2AccessToken;
        }
    };
    DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) jwtAccessTokenConverter
            .getAccessTokenConverter();
    DefaultUserAuthenticationConverter userAuthenticationConverter = new DefaultUserAuthenticationConverter();
    userAuthenticationConverter.setUserDetailsService(userDetailsService);

    defaultAccessTokenConverter.setUserTokenConverter(userAuthenticationConverter);
    // 2019.06.29 这里务必设置一个,否则多台认证中心的话,一旦使用jwt方式,access_token将解析错误
    jwtAccessTokenConverter.setSigningKey(signingKey);

    return jwtAccessTokenConverter;
}
 
Example #2
Source File: OAuth2ResourceServerConfigJwt.java    From spring-security-oauth with MIT License 6 votes vote down vote up
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setAccessTokenConverter(customAccessTokenConverter);

    converter.setSigningKey("123");
    // final Resource resource = new ClassPathResource("public.txt");
    // String publicKey = null;
    // try {
    // publicKey = IOUtils.toString(resource.getInputStream());
    // } catch (final IOException e) {
    // throw new RuntimeException(e);
    // }
    // converter.setVerifierKey(publicKey);
    return converter;
}
 
Example #3
Source File: AuthorizationServerTokenServicesConfiguration.java    From spring-security-oauth2-boot with Apache License 2.0 6 votes vote down vote up
@Bean
@ConditionalOnMissingBean(JwtAccessTokenConverter.class)
public JwtAccessTokenConverter accessTokenConverter() {
	Assert.notNull(this.authorization.getJwt().getKeyStore(), "keyStore cannot be null");
	Assert.notNull(this.authorization.getJwt().getKeyStorePassword(), "keyStorePassword cannot be null");
	Assert.notNull(this.authorization.getJwt().getKeyAlias(), "keyAlias cannot be null");

	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();

	Resource keyStore = this.context.getResource(this.authorization.getJwt().getKeyStore());
	char[] keyStorePassword = this.authorization.getJwt().getKeyStorePassword().toCharArray();
	KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(keyStore, keyStorePassword);

	String keyAlias = this.authorization.getJwt().getKeyAlias();
	char[] keyPassword = Optional.ofNullable(this.authorization.getJwt().getKeyPassword())
			.map(String::toCharArray).orElse(keyStorePassword);
	converter.setKeyPair(keyStoreKeyFactory.getKeyPair(keyAlias, keyPassword));

	return converter;
}
 
Example #4
Source File: ResourceServerTokenServicesConfiguration.java    From spring-security-oauth2-boot with Apache License 2.0 6 votes vote down vote up
@Bean
@ConditionalOnMissingBean(JwtAccessTokenConverter.class)
public JwtAccessTokenConverter jwtTokenEnhancer() {
	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	String keyValue = this.resource.getJwt().getKeyValue();
	if (!StringUtils.hasText(keyValue)) {
		keyValue = getKeyFromServer();
	}
	if (StringUtils.hasText(keyValue) && !keyValue.startsWith("-----BEGIN")) {
		converter.setSigningKey(keyValue);
	}
	if (keyValue != null) {
		converter.setVerifierKey(keyValue);
	}
	if (!CollectionUtils.isEmpty(this.configurers)) {
		AnnotationAwareOrderComparator.sort(this.configurers);
		for (JwtAccessTokenConverterConfigurer configurer : this.configurers) {
			configurer.configure(converter);
		}
	}
	return converter;
}
 
Example #5
Source File: OAuth2AutoConfigurationTests.java    From spring-security-oauth2-boot with Apache License 2.0 5 votes vote down vote up
@Test
public void authorizationServerWhenUsingJwtConfigurationThenConfiguresJwt() {
	this.context = new AnnotationConfigServletWebServerApplicationContext();
	this.context.register(AuthorizationServerConfiguration.class, MinimalSecureWebApplication.class);
	TestPropertyValues.of("security.oauth2.authorization.jwt.keyValue:DEADBEEF").applyTo(this.context);
	ConfigurationPropertySources.attach(this.context.getEnvironment());
	this.context.refresh();
	assertThat(countBeans(RESOURCE_SERVER_CONFIG)).isEqualTo(0);
	assertThat(countBeans(AUTHORIZATION_SERVER_CONFIG)).isEqualTo(1);
	assertThat(countBeans(JwtAccessTokenConverter.class)).isEqualTo(1);
}
 
Example #6
Source File: AuthorizationServerTokenServicesConfiguration.java    From spring-security-oauth2-boot with Apache License 2.0 5 votes vote down vote up
@Bean
@ConditionalOnMissingBean(JwtAccessTokenConverter.class)
public JwtAccessTokenConverter jwtTokenEnhancer() {
	String keyValue = this.authorization.getJwt().getKeyValue();
	Assert.notNull(this.authorization.getJwt().getKeyValue(), "keyValue cannot be null");

	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	if (!keyValue.startsWith("-----BEGIN")) {
		converter.setVerifierKey(keyValue);
	}
	converter.setSigningKey(keyValue);

	return converter;
}
 
Example #7
Source File: SsoAuthConfig.java    From wangsy-january with Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    // 用字符串wangsy 作为jwt字符串的签名
    converter.setSigningKey("wangsy");

    return converter;
}
 
Example #8
Source File: OpenHelper.java    From open-cloud with MIT License 5 votes vote down vote up
/**
 * 构建资源服务器JwtToken服务类
 *
 * @param properties
 * @return
 */
public static ResourceServerTokenServices buildJwtTokenServices(OpenCommonProperties properties) throws Exception {
    // 使用自定义系统用户凭证转换器
    DefaultAccessTokenConverter accessTokenConverter = buildAccessTokenConverter();
    OpenJwtTokenService tokenServices = new OpenJwtTokenService();
    // 这里的签名key 保持和认证中心一致
    JwtAccessTokenConverter converter = buildJwtTokenEnhancer(properties);
    JwtTokenStore jwtTokenStore = new JwtTokenStore(converter);
    tokenServices.setTokenStore(jwtTokenStore);
    tokenServices.setJwtAccessTokenConverter(converter);
    tokenServices.setDefaultAccessTokenConverter(accessTokenConverter);
    log.info("buildJwtTokenServices[{}]", tokenServices);
    return tokenServices;
}
 
Example #9
Source File: AuthserverApplication.java    From micro-ecommerce with Apache License 2.0 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
	JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
	KeyPair keyPair = new KeyStoreKeyFactory(new ClassPathResource("keystore.jks"), "foobar".toCharArray())
			.getKeyPair("test");
	converter.setKeyPair(keyPair);
	return converter;
}
 
Example #10
Source File: OAuth2AuthorizationServerConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory(
            new ClassPathResource(keystore),
            keyStorePass.toCharArray()
    ).getKeyPair(keyPairAlias);

    converter.setKeyPair(keyPair);
    return converter;
}
 
Example #11
Source File: JweTokenStore.java    From OAuth-2.0-Cookbook with MIT License 5 votes vote down vote up
public JweTokenStore(String encodedSigningKey, TokenStore delegate,
                     JwtAccessTokenConverter converter, JweTokenSerializer crypto) {
    this.encodedSigningKey = encodedSigningKey;
    this.delegate = delegate;
    this.converter = converter;
    this.crypto = crypto;
}
 
Example #12
Source File: OAuthTokenConfiguration.java    From Spring-5.0-By-Example with MIT License 5 votes vote down vote up
@Bean
public JwtTokenStore tokenStore() throws Exception {
  JwtAccessTokenConverter enhancer = new JwtAccessTokenConverter();
  enhancer.setSigningKey(privateKey);
  enhancer.setVerifierKey(publicKey);
  enhancer.afterPropertiesSet();
  return new JwtTokenStore(enhancer);
}
 
Example #13
Source File: ResourceServerConfig.java    From java8-spring-cloud-microservice-demo with MIT License 5 votes vote down vote up
@Bean
// Get this resource server to verify its own JWT token, instead of passing the request to the jwt-server via security.oauth2.resource.userInfoUri
public JwtAccessTokenConverter jwtTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(signingKey);
    return converter;
}
 
Example #14
Source File: OAuth2AuthorizationServerConfigJwt.java    From spring-security-oauth with MIT License 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey("123");
    // final KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("mytest.jks"), "mypass".toCharArray());
    // converter.setKeyPair(keyStoreKeyFactory.getKeyPair("mytest"));
    return converter;
}
 
Example #15
Source File: OAuth2Config.java    From spring-auth-example with MIT License 5 votes vote down vote up
@Bean
protected JwtAccessTokenConverter jwtTokenEnhancer() {
  KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(
      new ClassPathResource("jwt.jks"), "mySecretKey".toCharArray());
  JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
  converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt"));
  return converter;
}
 
Example #16
Source File: ResourceServerConfiguration.java    From spring-cloud-contract-samples with Apache License 2.0 5 votes vote down vote up
/**
 * <p>
 * Configures jwt related access token converter to allow enhanced user details to be
 * converted.
 * </p>
 * @param jwtAccessTokenConverter the converter to configure
 */
@Autowired
public void configure(JwtAccessTokenConverter jwtAccessTokenConverter) {
	notNull(jwtAccessTokenConverter, "jwtAccessTokenConverter");
	DefaultAccessTokenConverter defaultAccessTokenConverter = (DefaultAccessTokenConverter) jwtAccessTokenConverter
			.getAccessTokenConverter();
	defaultAccessTokenConverter
			.setUserTokenConverter(new UserAuthenticationConverter());
}
 
Example #17
Source File: UaaConfiguration.java    From cubeai with Apache License 2.0 5 votes vote down vote up
/**
 * This bean generates an token enhancer, which manages the exchange between JWT acces tokens and Authentication
 * in both directions.
 *
 * @return an access token converter configured with the authorization server's public/private keys
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory(
         new ClassPathResource(uaaProperties.getKeyStore().getName()), uaaProperties.getKeyStore().getPassword().toCharArray())
         .getKeyPair(uaaProperties.getKeyStore().getAlias());
    converter.setKeyPair(keyPair);
    return converter;
}
 
Example #18
Source File: Oauth2AuthorizationTokenConfig.java    From spring-boot-demo with MIT License 5 votes vote down vote up
/**
 * jwt 令牌 配置,非对称加密
 *
 * @return 转换器
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    final JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
    accessTokenConverter.setKeyPair(keyPair());
    return accessTokenConverter;
}
 
Example #19
Source File: OAuth2Config.java    From spring-cloud-gray with Apache License 2.0 5 votes vote down vote up
/**
 * This bean generates an token enhancer, which manages the exchange between JWT acces tokens and Authentication
 * in both direction.
 *
 * @return an access token converter configured with the authorization server's public/private keys
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    KeyPair keyPair = new KeyStoreKeyFactory(
            new ClassPathResource("keystore.jks"), "password".toCharArray())
            .getKeyPair("selfsigned");
    converter.setKeyPair(keyPair);
    return converter;
}
 
Example #20
Source File: ApiBootAuthorizationServerConfiguration.java    From api-boot with Apache License 2.0 5 votes vote down vote up
/**
 * token enhancer
 *
 * @return TokenEnhancer
 */
private TokenEnhancer tokenEnhancer() {
    if (accessTokenConverter instanceof JwtAccessTokenConverter) {
        return (TokenEnhancer) accessTokenConverter;
    }
    return null;
}
 
Example #21
Source File: JwtServerConfiguration.java    From java-microservice with MIT License 5 votes vote down vote up
@Bean
protected JwtAccessTokenConverter jwtTokenEnhancer() {
    KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(
            new ClassPathResource("jwt.jks"), 
            ENC_PASSWORD.toCharArray()
    );
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt"));
    return converter;
}
 
Example #22
Source File: OAuth2Configuration.java    From spring-boot-oauth2-jwt with MIT License 5 votes vote down vote up
@Bean
protected JwtAccessTokenConverter jwtAccessTokenConverter() {
	JwtAccessTokenConverter converter = new CustomTokenEnhancer();
	converter.setKeyPair(
			new KeyStoreKeyFactory(new ClassPathResource("jwt.jks"), "password".toCharArray()).getKeyPair("jwt"));
	return converter;
}
 
Example #23
Source File: OAuthTokenConfiguration.java    From Learning-Path-Spring-5-End-to-End-Programming with MIT License 5 votes vote down vote up
@Bean
public JwtTokenStore tokenStore() throws Exception {
  JwtAccessTokenConverter enhancer = new JwtAccessTokenConverter();
  enhancer.setSigningKey(privateKey);
  enhancer.setVerifierKey(publicKey);
  enhancer.afterPropertiesSet();
  return new JwtTokenStore(enhancer);
}
 
Example #24
Source File: JWTTokenStoreConfig.java    From spring-microservices-in-action with Apache License 2.0 5 votes vote down vote up
/**
 * Generate the converter for translating the token.
 * 
 * @return  The {@code JwtAccessTokenConverter} object with the signing 
 *          key.
 */
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(serviceConfig.getJwtSigningKey());           // Set the signing key that will be used to sign your token (define in application.yml)
    return converter;
}
 
Example #25
Source File: OAuthTokenConfiguration.java    From Learning-Path-Spring-5-End-to-End-Programming with MIT License 5 votes vote down vote up
@Bean
public JwtTokenStore tokenStore() throws Exception {
  JwtAccessTokenConverter enhancer = new JwtAccessTokenConverter();
  enhancer.setSigningKey(privateKey);
  enhancer.setVerifierKey(publicKey);
  enhancer.afterPropertiesSet();
  return new JwtTokenStore(enhancer);
}
 
Example #26
Source File: OAuthTokenProducer.java    From Learning-Path-Spring-5-End-to-End-Programming with MIT License 5 votes vote down vote up
@Bean
public JwtAccessTokenConverter tokenEnhancer() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(privateKey);
    converter.setVerifierKey(publicKey);
    return converter;
}
 
Example #27
Source File: OAuth2AuthServer.java    From Learning-Path-Spring-5-End-to-End-Programming with MIT License 5 votes vote down vote up
@Autowired
public OAuth2AuthServer(AuthenticationManager authenticationManager, TokenStore tokenStore,
    JwtAccessTokenConverter jwtAccessTokenConverter) {
  this.authenticationManager = authenticationManager;
  this.tokenStore = tokenStore;
  this.jwtAccessTokenConverter = jwtAccessTokenConverter;
}
 
Example #28
Source File: OAuthTokenConfiguration.java    From Learning-Path-Spring-5-End-to-End-Programming with MIT License 5 votes vote down vote up
@Bean
public JwtTokenStore tokenStore() throws Exception {
  JwtAccessTokenConverter enhancer = new JwtAccessTokenConverter();
  enhancer.setSigningKey(privateKey);
  enhancer.setVerifierKey(publicKey);
  enhancer.afterPropertiesSet();
  return new JwtTokenStore(enhancer);
}
 
Example #29
Source File: OAuthTokenConfiguration.java    From Learning-Path-Spring-5-End-to-End-Programming with MIT License 5 votes vote down vote up
@Bean
public JwtTokenStore tokenStore() throws Exception {
  JwtAccessTokenConverter enhancer = new JwtAccessTokenConverter();
  enhancer.setSigningKey(privateKey);
  enhancer.setVerifierKey(publicKey);
  enhancer.afterPropertiesSet();
  return new JwtTokenStore(enhancer);
}
 
Example #30
Source File: ResourceServerTokenServicesConfigurationTests.java    From spring-security-oauth2-boot with Apache License 2.0 5 votes vote down vote up
@Test
public void configureWhenKeyStoreIsProvidedWithKeyPasswordThenExposesJwtAccessTokenConverter() {
	TestPropertyValues
			.of("security.oauth2.resource.jwt.key-store=classpath:"
					+ "org/springframework/boot/autoconfigure/security/oauth2/resource/keyhaspassword.jks",
					"security.oauth2.resource.jwt.key-store-password=changeme",
					"security.oauth2.resource.jwt.key-alias=jwt",
					"security.oauth2.resource.jwt.key-password=password")
			.applyTo(this.environment);
	this.context = new SpringApplicationBuilder(ResourceConfiguration.class).environment(this.environment)
			.web(WebApplicationType.NONE).run();
	assertThat(this.context.getBeansOfType(JwtAccessTokenConverter.class)).hasSize(1);
}