{"id":1431,"date":"2023-03-20T21:57:39","date_gmt":"2023-03-20T13:57:39","guid":{"rendered":"https:\/\/www.appblog.cn\/?p=1431"},"modified":"2023-04-28T21:01:55","modified_gmt":"2023-04-28T13:01:55","slug":"elegant-extension-customization-sms-verification-code-login-method-in-spring-security-oauth2","status":"publish","type":"post","link":"https:\/\/www.appblog.cn\/index.php\/2023\/03\/20\/elegant-extension-customization-sms-verification-code-login-method-in-spring-security-oauth2\/","title":{"rendered":"Spring Security Oauth2 \u4e2d\u4f18\u96c5\u7684\u6269\u5c55\u81ea\u5b9a\u4e49(\u77ed\u4fe1\u9a8c\u8bc1\u7801)\u767b\u5f55\u65b9\u5f0f"},"content":{"rendered":"

\u65b9\u6848\u5f15\u5165<\/h2>\n

\u8ddf\u8e2aSpring Security\u7684\u767b\u5f55\u903b\u8f91\u53d1\u73b0\uff0c\u5e10\u53f7\u5bc6\u7801\u7684\u9a8c\u8bc1\u662f\u5728tokenGranter\u4e2d\u5b8c\u6210\u7684\u3002\u5e10\u53f7\u5bc6\u7801\u65b9\u5f0f\u5bf9\u5e94\u7684\u662f org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter<\/code>
\n\u800cSpring Security\u627e\u5230\u5bf9\u5e94\u7684tokenGranter<\/code>\u662f\u901a\u8fc7\u767b\u5f55\u65f6\u7684\u4e00\u4e2a\u8868\u5355\u53c2\u6570grant_type<\/code>\u6765\u627e\u5230\u7684\uff0c\u90a3\u662f\u4e0d\u662f\u53ef\u4ee5\u901a\u8fc7\u6269\u5c55\u4e00\u4e2aTokenGranter<\/code>\u6765\u8fbe\u6210\u60f3\u8981\u7684\u6548\u679c\u5462<\/p>\n

<\/p>\n

Spring Security\u9ed8\u8ba4\u662f\u540c\u65f6\u652f\u6301\u591a\u91cdgrant_type<\/code>\u7684\uff08\u6839\u636e\u5ba2\u6237\u7aef\u7684\u914d\u5236\u51b3\u5b9a\u7279\u5b9a\u5ba2\u6237\u7aef\u652f\u6301\u7279\u5b9a\u7684grant_type<\/code>\uff09\uff0c\u800cAuthorizationServerConfigurerAdapter<\/code>\u7684\u914d\u5236\u4e2dtokenGranter<\/code>\u53c8\u53ea\u80fd\u8bbe\u7f6e\u4e00\u4e2a\uff0c\u90a3\u4e48Spring Security\u662f\u600e\u4e48\u5b9e\u73b0\u591a\u4e2a\u7684\u5462\uff1f\u7ecf\u8fc7\u6298\u817e\u53d1\u73b0\u4e86\u4e00\u4e2aorg.springframework.security.oauth2.provider.CompositeTokenGranter<\/code>\uff0c\u539f\u6765\u662f\u901a\u8fc7\u5b83\u6765\u5b9e\u73b0\u7684<\/p>\n

\u63a5\u4e0b\u6765\u7814\u7a76\u5982\u4f55\u5411CompositeTokenGranter<\/code>\u4e2d\u589e\u52a0\u81ea\u5b9a\u4e49\u7684TokenGranter<\/code>\uff0c\u7ed3\u679c\u53d1\u73b0Spring Security\u5728\u521b\u5efaCompositeTokenGranter<\/code>\u7684\u65f6\u5019\u5df2\u7ecf\u628a\u5185\u7f6e\u7684TokenGranter<\/code>\u5199\u6b7b\uff0c\u6ca1\u6cd5\u901a\u8fc7\u5b83\u7684\u673a\u5236\u6269\u5c55\u3002\u552f\u4e00\u7684\u65b9\u6cd5\u5c31\u662f\u76f4\u63a5\u4f7f\u7528CompositeTokenGranter<\/code>\u3002\u90a3\u4e48\u6211\u4eec\u8fd8\u662f\u60f3\u8981\u5185\u7f6e\u7684TokenGranter<\/code>\u4e5f\u4e00\u8d77\u5de5\u4f5c\u600e\u4e48\u529e\uff1f\u6700\u540e\u65e0\u5948\u7684\u9009\u62e9\u628a\u521b\u5efa\u5185\u7f6eTokenGranter<\/code>\u7684\u4ee3\u7801copy\u51fa\u6765\u5e76\u4fee\u6539\uff0c\u80fd\u7528…\u76f4\u63a5\u4e0a\u4ee3\u7801<\/p>\n

\u4ee5\u4e0b\u57fa\u4e8espring-security-oauth2 + redis<\/code>\u8ba4\u8bc1\u670d\u52a1\u5668\u6539\u9020<\/p>\n

\u8ba4\u8bc1\u914d\u7f6e<\/h2>\n
package cn.appblog.security.oauth2.config;\n\nimport cn.appblog.security.oauth2.enhancer.UserTokenEnhancer;\nimport cn.appblog.security.oauth2.granter.SMSCodeTokenGranter;\nimport lombok.extern.slf4j.Slf4j;\nimport org.springframework.beans.factory.annotation.Autowired;\nimport org.springframework.context.annotation.Bean;\nimport org.springframework.context.annotation.Configuration;\nimport org.springframework.context.annotation.Primary;\nimport org.springframework.core.io.ClassPathResource;\nimport org.springframework.http.HttpMethod;\nimport org.springframework.security.authentication.AuthenticationManager;\nimport org.springframework.security.core.authority.AuthorityUtils;\nimport org.springframework.security.core.userdetails.UserDetailsService;\nimport org.springframework.security.crypto.password.PasswordEncoder;\nimport org.springframework.security.oauth2.common.OAuth2AccessToken;\nimport org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;\nimport org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;\nimport org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;\nimport org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;\nimport org.springframework.security.oauth2.provider.*;\nimport org.springframework.security.oauth2.provider.client.BaseClientDetails;\nimport org.springframework.security.oauth2.provider.client.ClientCredentialsTokenGranter;\nimport org.springframework.security.oauth2.provider.client.InMemoryClientDetailsService;\nimport org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;\nimport org.springframework.security.oauth2.provider.code.AuthorizationCodeTokenGranter;\nimport org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;\nimport org.springframework.security.oauth2.provider.implicit.ImplicitTokenGranter;\nimport org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter;\nimport org.springframework.security.oauth2.provider.refresh.RefreshTokenGranter;\nimport org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;\nimport org.springframework.security.oauth2.provider.token.*;\nimport org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;\nimport org.springframework.security.oauth2.provider.token.store.JwtTokenStore;\nimport org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;\n\nimport javax.annotation.PostConstruct;\nimport java.util.*;\n\n\/**\n * @author yezhou\n * @version 1.0\n * @date 2019\/8\/15 14:11\n *\/\n@Slf4j\n@Configuration\n@EnableAuthorizationServer\npublic class OAuth2AuthorizationServerConfigure extends AuthorizationServerConfigurerAdapter {\n    @Autowired\n    private AuthenticationManager authenticationManager;\n\n    @Autowired\n    private UserDetailsService userDetailsService;  \/\/ \u8fd9\u662f\u63d0\u4f9b\u6839\u636e\u7528\u6237\u540d\u67e5\u7528\u6237\u7684\u65b9\u5f0f\u7ed9spring\u4f7f\u7528\u7684\n\n    @Autowired\n    private PasswordEncoder passwordEncoder;\n\n    @Autowired\n    private TokenStore tokenStore;\n\n    \/**\n     \u4e4b\u524d\u6709\u4e2a  public void configure(ClientDetailsServiceConfigurer clients) \u914d\u5236\u5ba2\u6237\u7aef\u7684\u65b9\u6cd5, \u4f46\u662f\u56e0\u4e3a\u76f4\u63a5\u4f7f\u7528 CompositeTokenGranter, \u6240\u4ee5\u6b64\u65b9\u6cd5\u4e0d\u751f\u6548\u4e86\n     \u5c31\u5728\u8fd9\u91cc\u914d\u5236, \u540c\u65f6\u4f7f\u7528\u8fd9\u6837\u7684\u914d\u5236\u65b9\u5f0f, \u540e\u9762\u53ef\u4ee5\u6539\u6210\u4ece\u5e93\u91cc\u83b7\u53d6, \u81ea\u5df1\u5b9e\u73b0\u4e00\u4e2a ClientDetailsService \u5c31\u884c\n     \u7531\u4e8e\u4e4b\u524d\u7684 Builder\u65b9\u5f0f\u53ea\u80fd\u5728 ClientDetailsServiceConfigurer \u4e2d\u4f7f\u7528, \u6240\u4ee5\u8fd9\u91cc\u6682\u65f6\u5148\u8fd9\u6837\u4e86, \u540e\u671f\u53ef\u6539\u4e3a\u4ece\u5e93\u91cc\u83b7\u53d6\n     *\/\n    @Bean\n    public ClientDetailsService clientDetailsService() {\n        log.info("OAuth2AuthorizationServerConfigure.clientDetailsService()");\n        BaseClientDetails result = new BaseClientDetails();\n        result.setClientId("client_sms");\n        List<String> authorizedGrantTypes = new ArrayList<>();\n        authorizedGrantTypes.add("refresh_token");\n        authorizedGrantTypes.add("sms_code");\n        result.setAuthorizedGrantTypes(authorizedGrantTypes);  \/\/ \u8fd9\u4e2a client \u652f\u6301\u7684 grant_type\n        \/\/result.setClientSecret("$2a$10$9s0p62wfKh7WT64a\/VYFpOAk19GsrHh5C7Ty9.wPRWX40cjq7Rmu."); \/\/ \u8be5\u5bc6\u7801\u662f\u7528 org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder \u641e\u51fa\u6765\u7684, \u660e\u6587\u662f 123456\n        result.setClientSecret(passwordEncoder.encode("123456"));\n        List<String> scopes = new ArrayList<>();\n        scopes.add("select");\n        result.setScope(scopes);\n        result.setAuthorities(AuthorityUtils.createAuthorityList("client"));\n\n        Map<String, ClientDetails> clientDetails = new HashMap<String, ClientDetails>();\n        clientDetails.put(result.getClientId(), result);\n\n        InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();\n        clientDetailsService.setClientDetailsStore(clientDetails);\n        return clientDetailsService;\n    }\n\n    private AuthorizationCodeServices authorizationCodeServices() {\n        return new InMemoryAuthorizationCodeServices();  \/\/\u4f7f\u7528\u9ed8\u8ba4\n    }\n\n    private OAuth2RequestFactory requestFactory() {\n        return new DefaultOAuth2RequestFactory(clientDetailsService());  \/\/\u4f7f\u7528\u9ed8\u8ba4\n    }\n\n    \/**\n     * \u8fd9\u662f\u4ecespring \u7684\u4ee3\u7801\u4e2d copy\u51fa\u6765\u7684,\u9ed8\u8ba4\u7684\u51e0\u4e2a TokenGranter, \u6211\u4eec\u81ea\u5b9a\u4e49\u7684\u5c31\u52a0\u5230\u8fd9\u91cc\u5c31\u884c\u4e86,\u76ee\u524d\u6211\u8fd8\u6ca1\u6709\u52a0\n     *\/\n    private List<TokenGranter> getDefaultTokenGranters() {\n        log.info("OAuth2AuthorizationServerConfigure.getDefaultTokenGranters");\n        ClientDetailsService clientDetails = clientDetailsService();\n        AuthorizationServerTokenServices tokenServices = tokenServices();\n        AuthorizationCodeServices authorizationCodeServices = authorizationCodeServices();\n        OAuth2RequestFactory requestFactory = requestFactory();\n\n        List<TokenGranter> tokenGranters = new ArrayList<TokenGranter>();\n        tokenGranters.add(new AuthorizationCodeTokenGranter(tokenServices,\n                authorizationCodeServices, clientDetails, requestFactory));\n        tokenGranters.add(new RefreshTokenGranter(tokenServices, clientDetails, requestFactory));\n        ImplicitTokenGranter implicit = new ImplicitTokenGranter(tokenServices, clientDetails,\n                requestFactory);\n        tokenGranters.add(implicit);\n        tokenGranters.add(\n                new ClientCredentialsTokenGranter(tokenServices, clientDetails, requestFactory));\n        if (authenticationManager != null) {\n            tokenGranters.add(new ResourceOwnerPasswordTokenGranter(authenticationManager,\n                    tokenServices, clientDetails, requestFactory));\n        }\n        tokenGranters.add(new SMSCodeTokenGranter(tokenServices, clientDetails, requestFactory));\n        return tokenGranters;\n    }\n\n    \/**\n     * \u901a\u8fc7 tokenGranter \u585e\u8fdb\u53bb\u7684\u5c31\u662f\u5b83\u4e86\n     *\/\n    private TokenGranter tokenGranter() {\n        log.info("OAuth2AuthorizationServerConfigure.tokenGranter");\n        TokenGranter tokenGranter = new TokenGranter() {\n            private CompositeTokenGranter delegate;\n\n            @Override\n            public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {\n                if (delegate == null) {\n                    delegate = new CompositeTokenGranter(getDefaultTokenGranters());\n                }\n                return delegate.grant(grantType, tokenRequest);\n            }\n        };\n        return tokenGranter;\n    }\n\n    @Override\n    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {\n        log.info("OAuth2AuthorizationServerConfigure.configure");\n        \/\/endpoints.tokenStore(tokenStore())\n        endpoints.tokenStore(tokenStore)\n\/\/              .accessTokenConverter(accessTokenConverter())\n                .tokenGranter(tokenGranter())\n\/\/              .tokenEnhancer(tokenEnhancerChain)  \/\/\u8bbe\u7f6e tokenGranter \u540e\u8be5\u914d\u5236\u5931\u6548, \u9700\u8981\u5728 tokenServices() \u4e2d\u8bbe\u7f6e\n                .authenticationManager(authenticationManager)\n                .userDetailsService(userDetailsService)  \/\/refresh_token \u9700\u8981\u914d\u5236\u5b83, \u5426\u5219\u4f1a UserDetailsService is required\n                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);\n    }\n\n    public TokenEnhancer tokenEnhancer() {\n        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();\n        \/\/tokenEnhancerChain.setTokenEnhancers(Arrays.asList(new UserTokenEnhancer(), accessTokenConverter()));   \/\/ CustomTokenEnhancer \u662f\u6211\u81ea\u5b9a\u4e49\u4e00\u4e9b\u6570\u636e\u653e\u5230token\u91cc\u7528\u7684\n        tokenEnhancerChain.setTokenEnhancers(Arrays.asList(new UserTokenEnhancer()));   \/\/ CustomTokenEnhancer \u662f\u6211\u81ea\u5b9a\u4e49\u4e00\u4e9b\u6570\u636e\u653e\u5230token\u91cc\u7528\u7684\n        return tokenEnhancerChain;\n    }\n\n    @Override\n    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {\n        \/\/\u5141\u8bb8\u8868\u5355\u8ba4\u8bc1\n        oauthServer.allowFormAuthenticationForClients();\n\/\/                  .checkTokenAccess("permitAll()");  \/\/ \u5141\u8bb8check_token, \u56e0\u4e3a\u7528\u4e86JWT, \u5ba2\u6237\u7aef\u53ef\u4ee5\u9a8c\u8bc1\u7b7e\u540d, \u751f\u4ea7\u4e2d\u53ef\u4ee5\u4e0d\u7528\n    }\n\n\/\/    public TokenStore tokenStore() {\n\/\/        return new JwtTokenStore(accessTokenConverter());\n\/\/    }\n\n\/\/    public JwtAccessTokenConverter accessTokenConverter() {\n\/\/        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();\n\/\/        KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("authorizationKey.jks"), "123456".toCharArray());\n\/\/        converter.setKeyPair(keyStoreKeyFactory.getKeyPair("klw"));\n\/\/        return converter;\n\/\/    }\n\n    @Primary\n    public DefaultTokenServices tokenServices() {\n        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();\n        \/\/defaultTokenServices.setTokenStore(tokenStore());\n        defaultTokenServices.setTokenStore(tokenStore);\n        defaultTokenServices.setSupportRefreshToken(true);\n        defaultTokenServices.setTokenEnhancer(tokenEnhancer());   \/\/ \u5982\u679c\u6ca1\u6709\u8bbe\u7f6e\u5b83, JWT\u5c31\u4f1a\u5931\u6548\n        return defaultTokenServices;\n    }\n}<\/code><\/pre>\n
\u5230\u8fd9\u91cc\uff0c\u6211\u4eec\u5c31\u53ef\u4ee5\u6109\u5feb\u7684\u81ea\u5df1\u6269\u5c55TokenGranter<\/code>\u4e86\uff0c\u53c2\u8003ResourceOwnerPasswordTokenGranter<\/code>\uff0c\u5e76\u628a\u81ea\u5b9a\u4e49\u7684TokenGranter<\/code>\u6dfb\u52a0\u5230getDefaultTokenGranters()<\/code>\u8fd4\u56de\u7684list\u4e2d<\/p>\n
\u589e\u52a0\u77ed\u4fe1\u9a8c\u8bc1\u7801\u7684TokenGranter<\/h2>\n
\u53c2\u8003org.springframework.security.oauth2.provider.password.ResourceOwnerPasswordTokenGranter<\/code>\u7684\u4ee3\u7801<\/p>\n
package cn.appblog.security.oauth2.granter;\n\nimport cn.appblog.security.oauth2.service.UserAuthDetailsService;\nimport cn.appblog.security.oauth2.utils.ApplicationContextUtil;\nimport lombok.extern.slf4j.Slf4j;\nimport org.apache.commons.lang3.StringUtils;\nimport org.springframework.security.authentication.AbstractAuthenticationToken;\nimport org.springframework.security.authentication.UsernamePasswordAuthenticationToken;\nimport org.springframework.security.core.Authentication;\nimport org.springframework.security.core.userdetails.UserDetails;\nimport org.springframework.security.oauth2.common.exceptions.InvalidGrantException;\nimport org.springframework.security.oauth2.provider.*;\nimport org.springframework.security.oauth2.provider.token.AbstractTokenGranter;\nimport org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;\n\nimport java.util.LinkedHashMap;\nimport java.util.Map;\n\n\/**\n * @author yezhou\n * @version 1.0\n * @date 2019\/8\/15 13:59\n *\/\n\n@Slf4j\npublic class SMSCodeTokenGranter extends AbstractTokenGranter {\n    private static final String GRANT_TYPE = "sms_code";\n\n    private UserAuthDetailsService authUserDetailsService;\n\n    public SMSCodeTokenGranter(AuthorizationServerTokenServices tokenServices,\n                                  ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {\n        super(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);\n    }\n\n    @Override\n    protected OAuth2Authentication getOAuth2Authentication(ClientDetails client,\n                                                           TokenRequest tokenRequest) {\n\n        Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());\n        String userMobileNo = parameters.get("username");  \/\/\u5ba2\u6237\u7aef\u63d0\u4ea4\u7684\u7528\u6237\u540d\n        String smsCode = parameters.get("sms_code");  \/\/\u5ba2\u6237\u7aef\u63d0\u4ea4\u7684\u9a8c\u8bc1\u7801\n\n        \/\/ \u4ece\u5e93\u91cc\u67e5\u7528\u6237\n\/\/        UserDetails user = \u4ece\u5e93\u91cc\u67e5\u627e\u7528\u6237\u7684\u4ee3\u7801\u7565;\n\/\/        if (user == null) {\n\/\/            throw new InvalidGrantException("\u7528\u6237\u4e0d\u5b58\u5728");\n\/\/        }\n        authUserDetailsService = (UserAuthDetailsService) ApplicationContextUtil.getBean("UserAuthDetailsService");\n        UserDetails user = authUserDetailsService.loadUserByUsername(userMobileNo);\n\n        \/\/\u9a8c\u8bc1\u7528\u6237\u72b6\u6001(\u662f\u5426\u8b66\u7528\u7b49),\u4ee3\u7801\u7565\n\n        \/\/ \u9a8c\u8bc1\u9a8c\u8bc1\u7801\n        \/\/String smsCodeCached = \u83b7\u53d6\u670d\u52a1\u4e2d\u4fdd\u5b58\u7684\u7528\u6237\u9a8c\u8bc1\u7801, \u4ee3\u7801\u7565. \u4e00\u822c\u6211\u4eec\u662f\u5728\u751f\u6210\u597d\u540e\u653e\u5230\u7f13\u5b58\u4e2d\n        String smsCodeCached = "888888";\n        if (StringUtils.isBlank(smsCodeCached)) {\n            throw new InvalidGrantException("\u7528\u6237\u6ca1\u6709\u53d1\u9001\u9a8c\u8bc1\u7801");\n        }\n        if (!smsCode.equals(smsCodeCached)) {\n            throw new InvalidGrantException("\u9a8c\u8bc1\u7801\u4e0d\u6b63\u786e");\n        } else {\n            log.info("\u9a8c\u8bc1\u901a\u8fc7: [userMobileNo: {}, smsCode: {}]", userMobileNo, smsCode);\n            \/\/\u9a8c\u8bc1\u901a\u8fc7\u540e\u4ece\u7f13\u5b58\u4e2d\u79fb\u9664\u9a8c\u8bc1\u7801, \u4ee3\u7801\u7565\n        }\n\n        Authentication userAuth = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());\n        \/\/ \u5173\u4e8euser.getAuthorities(): \u6211\u4eec\u7684\u81ea\u5b9a\u4e49\u7528\u6237\u5b9e\u4f53\u5df2\u5b9e\u73b0\n        \/\/ org.springframework.security.core.userdetails.UserDetails \u63a5\u53e3\u7684, \u6240\u4ee5\u6709 user.getAuthorities()\n        \/\/ \u5f53\u7136\u8be5\u53c2\u6570\u4f20null\u4e5f\u884c\n        ((AbstractAuthenticationToken) userAuth).setDetails(parameters);\n\n        OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);\n        return new OAuth2Authentication(storedOAuth2Request, userAuth);\n    }\n}<\/code><\/pre>\n
\u628aSMSCodeTokenGranter<\/code>\u52a0\u5165\u5230CompositeTokenGranter<\/code>\u9700\u8981\u7684List<TokenGranter><\/code>\u4e2d\uff0c\u7ee7\u7eed\u4fee\u6539OAuth2AuthorizationServerConfig<\/code>\u7c7b\uff0c\u5728getDefaultTokenGranters<\/code>\u65b9\u6cd5\u4e2d\u52a0\u5165\uff1a<\/p>\n
tokenGranters.add(new SMSCodeTokenGranter(tokenServices, clientDetails, requestFactory));<\/code><\/pre>\n
getDefaultTokenGranters<\/code>\u7684\u5b8c\u6574\u4ee3\u7801:<\/p>\n
\/**\n * \u8fd9\u662f\u4ecespring \u7684\u4ee3\u7801\u4e2d copy\u51fa\u6765\u7684,\u9ed8\u8ba4\u7684\u51e0\u4e2a TokenGranter, \u6211\u4eec\u81ea\u5b9a\u4e49\u7684\u5c31\u52a0\u5230\u8fd9\u91cc\u5c31\u884c\u4e86,\u76ee\u524d\u6211\u8fd8\u6ca1\u6709\u52a0\n *\/\nprivate List<TokenGranter> getDefaultTokenGranters() {\n    log.info("OAuth2AuthorizationServerConfigure.getDefaultTokenGranters");\n    ClientDetailsService clientDetails = clientDetailsService();\n    AuthorizationServerTokenServices tokenServices = tokenServices();\n    AuthorizationCodeServices authorizationCodeServices = authorizationCodeServices();\n    OAuth2RequestFactory requestFactory = requestFactory();\n\n    List<TokenGranter> tokenGranters = new ArrayList<TokenGranter>();\n    tokenGranters.add(new AuthorizationCodeTokenGranter(tokenServices,\n            authorizationCodeServices, clientDetails, requestFactory));\n    tokenGranters.add(new RefreshTokenGranter(tokenServices, clientDetails, requestFactory));\n    ImplicitTokenGranter implicit = new ImplicitTokenGranter(tokenServices, clientDetails,\n            requestFactory);\n    tokenGranters.add(implicit);\n    tokenGranters.add(\n            new ClientCredentialsTokenGranter(tokenServices, clientDetails, requestFactory));\n    if (authenticationManager != null) {\n        tokenGranters.add(new ResourceOwnerPasswordTokenGranter(authenticationManager,\n                tokenServices, clientDetails, requestFactory));\n    }\n    tokenGranters.add(new SMSCodeTokenGranter(tokenServices, clientDetails, requestFactory));\n    return tokenGranters;\n}<\/code><\/pre>\n
\u6821\u9a8c\u6d4b\u8bd5<\/h2>\n
\u8bbf\u95ee\uff1ahttp:\/\/localhost:9003\/oauth\/token?username=15000778868&sms_code=888888&grant_type=sms_code&client_id=client_sms&client_secret=123456<\/a><\/p>\n
{\n    "access_token":"1e419d602ab94cb58e7dbc8359690ddd",\n    "token_type":"bearer",\n    "refresh_token":"97fb819885cb4ed3a5de3755e84b11f9",\n    "expires_in":43199,\n    "scope":"select",\n    "client_id":"client_sms"\n}<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
\u65b9\u6848\u5f15\u5165 \u8ddf\u8e2aSpring Security\u7684\u767b\u5f55\u903b\u8f91\u53d1\u73b0\uff0c\u5e10\u53f7\u5bc6\u7801\u7684\u9a8c\u8bc1\u662f\u5728tokenGranter\u4e2d\u5b8c\u6210\u7684 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[354],"tags":[353],"class_list":["post-1431","post","type-post","status-publish","format-standard","hentry","category-spring-security","tag-oauth2"],"_links":{"self":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/comments?post=1431"}],"version-history":[{"count":0,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/posts\/1431\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/media?parent=1431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/categories?post=1431"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appblog.cn\/index.php\/wp-json\/wp\/v2\/tags?post=1431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}