问题
I would like to override the CheckTokenEndpoint to provide my own custom output as Map to the resource server. I have tried the following, but not working.
- Introducing new custom controller for (/oauth/check_token), but Spring rejects this custom and registers its own.
Overriding bean definition for bean 'checkTokenEndpoint' with a different definition: replacing [Generic bean: class [com.datami.auth.security.CheckTokenEndpoint]; scope=singleton; abstract=false; lazyInit=false; autowireMode=0; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=null; factoryMethodName=null; initMethodName=null; destroyMethodName=null; defined in file [/usr/local/Cellar/tomcat/8.5.5/libexec/webapps/oauth-server/WEB-INF/classes/com/datami/auth/security/CheckTokenEndpoint.class]] with [Root bean: class [null]; scope=; abstract=false; lazyInit=false; autowireMode=3; dependencyCheck=0; autowireCandidate=true; primary=false; factoryBeanName=org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration; factoryMethodName=checkTokenEndpoint; initMethodName=null; destroyMethodName=(inferred); defined in class path resource [org/springframework/security/oauth2/config/annotation/web/configuration/AuthorizationServerEndpointsConfiguration.class]]
Created my own endpoint with (
/oauth/check_custom_token) but not sure autowiring resourceServerTokenServices in the below, @autowire doesn't helped me.@autowire
private ResourceServerTokenServices resourceServerTokenServices;
Spring has autowired this with DefaultTokenServices.
I can also create new DefaultTokenServices() in my code, but then how to autowire the below inside DefaultTokenServices? again the same problem.
private TokenStore tokenStore;
private ClientDetailsService clientDetailsService;
private TokenEnhancer accessTokenEnhancer;
private AuthenticationManager authenticationManager;
Coul you please help me out.
回答1:
CheckTokenEndpoint depends on its accessTokenConverter instance to create and return the map.
You could create a custom AccessTokenConverter (maybe extending from OOTB DefaultAccessTokenConverter if needed) and use it like so:
@Configuration
@EnableAuthorizationServer
public class MyAuthConfig extends AuthorizationServerConfigurerAdapter {
...
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.accessTokenConverter(new MyAccessTokenConverter())...
....
Of course, you might want to use a factory method to create your accessTokenConverter instance, which allows you to inject a few properties into the instance etc.
Once done, inside AuthorizationServerEndpointsConfiguration.checkTokenEndpoint you can see that the accessTokenConverter you set above will be passed to the OOTB instance of CheckTokenEndpoint and used to create the map.
来源:https://stackoverflow.com/questions/47405585/spring-oauth-override-checktokenendpoint-check-tokentoken-response-map