Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to get incomplete user information after spring cloud oauth3 integrates JWT". Interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn how to get incomplete user information after spring cloud oauth3 integrates JWT.

After oauth3 integrates JWT, it is found that when obtaining the current authenticated user information (Principal), only the user name is obtained, and there is no other information.

I took a look at the oauth3 source code and found a solution by analyzing oauth3 loading TokenStore.

Oauth3 will extract authenticated users under DefaultUserAuthenticationConverter and assign values to Principal.

Because userDetailsService is not injected, the value of the Principal obtained is only "admin". The question is when to inject userDetailsService

UserDetailsService is a property of the current class, which is easy to do.

Then look at the class DefaultAccessTokenConverter, which defines DefaultUserAuthenticationConverter and calls the method of DefaultUserAuthenticationConverter.extractAuthentication

When we see here, we find that we can just find the injection of this class DefaultAccessTokenConverter.

Next is this class JwtAccessTokenConverter, where DefaultAccessTokenConverter is defined and the method of DefaultAccessTokenConverter.extractAuthentication is called. Does it feel the same as the previous routine?

You should be familiar with JwtTokenStore, that is, it defines JwtAccessTokenConverter and calls JwtAccessTokenConverter.extractAuthentication, but there is no concrete implementation, so you can inject it through constructor.

See here to find out how userDetailsService should be injected into it. In addition, you can also take a look at another method of this class

In fact, it is the last method called by this method, which is called in the class DefaultTokenServices

Open this class DefaultTokenServices and you will find that this class defines some basic functions of token

Finally, take a look at the effect.

At this point, I believe you have a deeper understanding of "how to get incomplete user information after spring cloud oauth3 integrates JWT". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.