5.PreAuthenticatedAuthenticationProvider 获取userdetails
org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider public Authentication authenticate(Authentication authentication)throws AuthenticationException {...UserDetails ud = preAuthenticatedUserDetailsService.loadUserDetails((PreAuthenticatedAuthenticationToken) authentication);userDetailsChecker.check(ud);PreAuthenticatedAuthenticationToken result = new PreAuthenticatedAuthenticationToken(ud, authentication.getCredentials(), ud.getAuthorities());result.setDetails(authentication.getDetails());return result;} 默认配置情况 默认tokenServices配置 org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer private AuthorizationServerTokenServices tokenServices() {if (tokenServices != null) {return tokenServices;}this.tokenServices = createDefaultTokenServices();return tokenServices;}public AuthorizationServerTokenServices getDefaultAuthorizationServerTokenServices() {if (defaultTokenServices != null) {return defaultTokenServices;}this.defaultTokenServices = createDefaultTokenServices();return this.defaultTokenServices;}private DefaultTokenServices createDefaultTokenServices() {DefaultTokenServices tokenServices = new DefaultTokenServices();tokenServices.setTokenStore(tokenStore());tokenServices.setSupportRefreshToken(true);tokenServices.setReuseRefreshToken(reuseRefreshToken);tokenServices.setClientDetailsService(clientDetailsService());tokenServices.setTokenEnhancer(tokenEnhancer());addUserDetailsService(tokenServices, this.userDetailsService);return tokenServices;} 默认PreAuthenticatedAuthenticationProvider配置 org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer private ClientDetailsService clientDetailsService() {if (clientDetailsService == null) {this.clientDetailsService = new InMemoryClientDetailsService();}if (this.defaultTokenServices != null) {addUserDetailsService(defaultTokenServices, userDetailsService);}return this.clientDetailsService;}private void addUserDetailsService(DefaultTokenServices tokenServices, UserDetailsService userDetailsService) {if (userDetailsService != null) {PreAuthenticatedAuthenticationProvider provider = new PreAuthenticatedAuthenticationProvider();provider.setPreAuthenticatedUserDetailsService(new UserDetailsByNameServiceWrapper<PreAuthenticatedAuthenticationToken>(userDetailsService));tokenServices.setAuthenticationManager(new ProviderManager(Arrays.<AuthenticationProvider> asList(provider)));}} 默认UserDetailsService配置 org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerSecurityConfiguration @Overrideprotected void configure(HttpSecurity http) throws Exception {...// 如果没有配置UserDetailsServiceif (!endpoints.getEndpointsConfigurer().isUserDetailsServiceOverride()) {UserDetailsService userDetailsService = http.getSharedObject(UserDetailsService.class);endpoints.getEndpointsConfigurer().userDetailsService(userDetailsService);}...} 解决方案3种方案选一即可
AuthorizationServer增加配置UserDetailsService @Configuration@EnableAuthorizationServerpublic class sdddc extends sdddcurerAdapter {@Autowired UserDetailsService userDetailsService;... @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { ... endpoints.userDetailsService(userDetailsService); ... } ...} WebSecurity将UserDetailsService注入AuthorizationServerEndpointsConfigurer此方案需要sdddc 的Order高ssdl,否则无法注入 @Autowiredprivate AuthorizationServerEndpointsConfiguration endpoints;@Overrideprotected void configure(HttpSecurity http) throws Exception { if (!endpoints.getEndpointsConfigurer().isUserDetailsServiceOverride()) { UserDetailsService userDetailsService = http.getSharedObject(UserDetailsService.class); endpoints.getEndpointsConfigurer().userDetailsService(userDetailsService); } ...} AuthorizationServer增加配置自定义TokenService