我正在使用Spring Security OAuth从Github进行授权,并准备将Principal对象返回到页面。使用Ajax获取Principal时,输出如下:
{
"authorities": [
{
"authority": "ROLE_USER"
}
],
"details": {
"remoteAddress": "127.0.0.1",
"sessionId": "B0FAAFBFEBCEE85852963FD2EDB49142",
"tokenValue": "bcc006f486f8788728d12167fccdee8c8e35fdb2",
"tokenType": "bearer",
"decodedDetails": null
},
"authenticated": true,
"userAuthentication": {
"authorities": [
{
"authority": "ROLE_USER"
}
],
"details": {
"login": "cciradih",
"id": 22651384,
"avatar_url": "https://avatars0.githubusercontent.com/u/22651384?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/cciradih",
"html_url": "https://github.com/cciradih",
"followers_url": "https://api.github.com/users/cciradih/followers",
"following_url": "https://api.github.com/users/cciradih/following{/other_user}",
"gists_url": "https://api.github.com/users/cciradih/gists{/gist_id}",
"starred_url": "https://api.github.com/users/cciradih/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/cciradih/subscriptions",
"organizations_url": "https://api.github.com/users/cciradih/orgs",
"repos_url": "https://api.github.com/users/cciradih/repos",
"events_url": "https://api.github.com/users/cciradih/events{/privacy}",
"received_events_url": "https://api.github.com/users/cciradih/received_events",
"type": "User",
"site_admin": false,
"name": "Cciradih",
"company": null,
"blog": "https://www.cciradih.top",
"location": "China",
"email": "[email protected]",
"hireable": true,
"bio": "Better to run than curse the road.",
"public_repos": 6,
"public_gists": 0,
"followers": 2,
"following": 0,
"created_at": "2016-10-06T03:13:28Z",
"updated_at": "2017-12-30T06:04:47Z"
},
"authenticated": true,
"principal": "cciradih",
"credentials": "N/A",
"name": "cciradih"
},
"clientOnly": false,
"principal": "cciradih",
"credentials": "",
"oauth2Request": {
"clientId": "6402963959adfc602705",
"scope": [],
"requestParameters": {},
"resourceIds": [],
"authorities": [],
"approved": true,
"refresh": false,
"redirectUri": null,
"responseTypes": [],
"extensions": {},
"grantType": null,
"refreshTokenRequest": null
},
"name": "cciradih"
}
但是,我在Java程序中获得的Principal没有类似于getUserAuthentication的方法。相反,我实际上试图获取内部细节,而不仅仅是名称。
所以我想问一下,我们如何从Java程序中获取:
"details": {
"login": "cciradih",
"id": 22651384,
"avatar_url": "https://avatars0.githubusercontent.com/u/22651384?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/cciradih",
"html_url": "https://github.com/cciradih",
"followers_url": "https://api.github.com/users/cciradih/followers",
"following_url": "https://api.github.com/users/cciradih/following{/other_user}",
"gists_url": "https://api.github.com/users/cciradih/gists{/gist_id}",
"starred_url": "https://api.github.com/users/cciradih/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/cciradih/subscriptions",
"organizations_url": "https://api.github.com/users/cciradih/orgs",
"repos_url": "https://api.github.com/users/cciradih/repos",
"events_url": "https://api.github.com/users/cciradih/events{/privacy}",
"received_events_url": "https://api.github.com/users/cciradih/received_events",
"type": "User",
"site_admin": false,
"name": "Cciradih",
"company": null,
"blog": "https://www.cciradih.top",
"location": "China",
"email": "[email protected]",
"hireable": true,
"bio": "Better to run than curse the road.",
"public_repos": 6,
"public_gists": 0,
"followers": 2,
"following": 0,
"created_at": "2016-10-06T03:13:28Z",
"updated_at": "2017-12-30T06:04:47Z"
}
我认为这个json是由一个类组装成一个Principal,但是我没有找到整个org.spring框架是从TRACE组装的。我的代码如下:
@RestController
@RequestMapping("/api/user")
public class UserController {
private WebAuthenticationDetails webAuthenticationDetails;
@GetMapping
public Principal get(Principal principal) {
return principal;
}
}
更改get()
方法以包含Oauth2Authentication
作为参数。
此外,您可以将oauth2Authentication.getDetails()
强制转换为Oauth2AuthenticationDetails
,以获取更多来自jwt令牌的信息
@RestController
@RequestMapping("/api/user")
public class UserController {
private WebAuthenticationDetails webAuthenticationDetails;
@GetMapping
public Principal get(Oauth2Authentication authentication) {
String jwtToken = ((OAuth2AuthenticationDetails) oauth2Authentication.getDetails()).getTokenValue();
// do stuff with jwtToken
return authentication.getPrincipal();
}
}