我如何获得principal.userAuthentication.details?

问题描述 投票:1回答:1

我正在使用Spring Security OAuth从Github进行授权,并准备将Principal对象返回到页面。使用Ajax获取Principal时,输出如下:

{
"authorities": [
    {
        "authority": "ROLE_USER"
    }
],
"details": {
    "remoteAddress": "127.0.0.1",
    "sessionId": "B0FAAFBFEBCEE85852963FD2EDB49142",
    "tokenValue": "bcc006f486f8788728d12167fccdee8c8e35fdb2",
    "tokenType": "bearer",
    "decodedDetails": null
},
"authenticated": true,
"userAuthentication": {
    "authorities": [
        {
            "authority": "ROLE_USER"
        }
    ],
    "details": {
        "login": "cciradih",
        "id": 22651384,
        "avatar_url": "https://avatars0.githubusercontent.com/u/22651384?v=4",
        "gravatar_id": "",
        "url": "https://api.github.com/users/cciradih",
        "html_url": "https://github.com/cciradih",
        "followers_url": "https://api.github.com/users/cciradih/followers",
        "following_url": "https://api.github.com/users/cciradih/following{/other_user}",
        "gists_url": "https://api.github.com/users/cciradih/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/cciradih/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/cciradih/subscriptions",
        "organizations_url": "https://api.github.com/users/cciradih/orgs",
        "repos_url": "https://api.github.com/users/cciradih/repos",
        "events_url": "https://api.github.com/users/cciradih/events{/privacy}",
        "received_events_url": "https://api.github.com/users/cciradih/received_events",
        "type": "User",
        "site_admin": false,
        "name": "Cciradih",
        "company": null,
        "blog": "https://www.cciradih.top",
        "location": "China",
        "email": "[email protected]",
        "hireable": true,
        "bio": "Better to run than curse the road.",
        "public_repos": 6,
        "public_gists": 0,
        "followers": 2,
        "following": 0,
        "created_at": "2016-10-06T03:13:28Z",
        "updated_at": "2017-12-30T06:04:47Z"
    },
    "authenticated": true,
    "principal": "cciradih",
    "credentials": "N/A",
    "name": "cciradih"
},
"clientOnly": false,
"principal": "cciradih",
"credentials": "",
"oauth2Request": {
    "clientId": "6402963959adfc602705",
    "scope": [],
    "requestParameters": {},
    "resourceIds": [],
    "authorities": [],
    "approved": true,
    "refresh": false,
    "redirectUri": null,
    "responseTypes": [],
    "extensions": {},
    "grantType": null,
    "refreshTokenRequest": null
},
"name": "cciradih"
}

但是,我在Java程序中获得的Principal没有类似于getUserAuthentication的方法。相反,我实际上试图获取内部细节,而不仅仅是名称。

所以我想问一下,我们如何从Java程序中获取:

"details": {
     "login": "cciradih",
     "id": 22651384,
     "avatar_url": "https://avatars0.githubusercontent.com/u/22651384?v=4",
     "gravatar_id": "",
     "url": "https://api.github.com/users/cciradih",
     "html_url": "https://github.com/cciradih",
     "followers_url": "https://api.github.com/users/cciradih/followers",
     "following_url": "https://api.github.com/users/cciradih/following{/other_user}",
     "gists_url": "https://api.github.com/users/cciradih/gists{/gist_id}",
     "starred_url": "https://api.github.com/users/cciradih/starred{/owner}{/repo}",
     "subscriptions_url": "https://api.github.com/users/cciradih/subscriptions",
     "organizations_url": "https://api.github.com/users/cciradih/orgs",
     "repos_url": "https://api.github.com/users/cciradih/repos",
     "events_url": "https://api.github.com/users/cciradih/events{/privacy}",
     "received_events_url": "https://api.github.com/users/cciradih/received_events",
     "type": "User",
     "site_admin": false,
     "name": "Cciradih",
     "company": null,
     "blog": "https://www.cciradih.top",
     "location": "China",
     "email": "[email protected]",
     "hireable": true,
     "bio": "Better to run than curse the road.",
     "public_repos": 6,
     "public_gists": 0,
     "followers": 2,
     "following": 0,
     "created_at": "2016-10-06T03:13:28Z",
     "updated_at": "2017-12-30T06:04:47Z"
}

我认为这个json是由一个类组装成一个Principal,但是我没有找到整个org.spring框架是从TRACE组装的。我的代码如下:

@RestController
@RequestMapping("/api/user")
public class UserController {
    private WebAuthenticationDetails webAuthenticationDetails;
    @GetMapping
    public Principal get(Principal principal) {
        return principal;
    }
}
java spring spring-mvc spring-boot spring-security
1个回答
1
投票

更改get()方法以包含Oauth2Authentication作为参数。

此外,您可以将oauth2Authentication.getDetails()强制转换为Oauth2AuthenticationDetails,以获取更多来自jwt令牌的信息

@RestController
@RequestMapping("/api/user")
public class UserController {
    private WebAuthenticationDetails webAuthenticationDetails;
    @GetMapping
    public Principal get(Oauth2Authentication authentication) {
         String jwtToken = ((OAuth2AuthenticationDetails) oauth2Authentication.getDetails()).getTokenValue();
        // do stuff with jwtToken
        return authentication.getPrincipal();
    }
}
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.