당신은 UsernamePasswordCountryAuthenticationToken
를 작성해야합니다.
public class UsernamePasswordCountryAuthenticationToken extends UsernamePasswordAuthenticationToken {
private String country;
public UsernamePasswordCountryAuthenticationToken(Object principal, Object credentials, String country, Collection<? extends GrantedAuthority> authorities) {
super(principal, credentials, country, authorities);
}
public UsernamePasswordCountryAuthenticationToken(Object principal, Object credentials, String country) {
super(principal, credentials, country);
}
public String getCountry() {
return country;
}
}
그리고 당신은 제대로 정의 AuthenticationProvider
을 위해 AuthenticationManager
를 구성한 경우 봄 보안 OAuth를 구성 파일 이제
<bean id="customResourceOwnerPasswordTokenGranter" class="CustomResourceOwnerPasswordTokenGranter">
<constructor-arg index="0" ref="authenticationManager"/>
<constructor-arg index="1" ref="tokenServices"/>
<constructor-arg index="2" ref="clientDetailsService"/>
</bean>
<oauth:authorization-server ...>
<oauth:custom-grant token-granter-ref="customResourceOwnerPasswordTokenGranter" />
</oauth:authorization-server>
에서 마지막으로 ResourceOwnerPasswordTokenGranter
public class CustomResourceOwnerPasswordTokenGranter extends AbstractTokenGranter {
private static final String GRANT_TYPE = "password";
private final AuthenticationManager authenticationManager;
public CustomResourceOwnerPasswordTokenGranter(AuthenticationManager authenticationManager,
AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService) {
super(tokenServices, clientDetailsService, GRANT_TYPE);
this.authenticationManager = authenticationManager;
}
protected OAuth2Authentication getOAuth2Authentication(AuthorizationRequest clientToken) {
Map<String, String> parameters = clientToken.getAuthorizationParameters();
String username = parameters.get("username");
String password = parameters.get("password");
String country = parameters.get("country");
Authentication userAuth = new UsernamePasswordCountryAuthenticationToken(username, password, country);
try {
userAuth = authenticationManager.authenticate(userAuth);
} catch (AccountStatusException ase) {
//covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
throw new InvalidGrantException(ase.getMessage());
} catch (BadCredentialsException e) {
// If the username/password are wrong the spec says we should send 400/bad grant
throw new InvalidGrantException(e.getMessage());
}
if (userAuth == null || !userAuth.isAuthenticated()) {
throw new InvalidGrantException("Could not authenticate user: " + username);
}
return new OAuth2Authentication(clientToken, userAuth);
}
}
그리고를 오버라이드 (override), 당신이 될 것입니다을에서 AuthenticationProvider.authenticate method(Authentication auth)
으로 전송하면됩니다.에서 UsernamePasswordCountryAuthenticationToken
으로 변경하여 사용하십시오.