springsecurity自定义认证

java 复制代码
// jwt 方式
package com.kongjs.note.system.convert;

import com.kongjs.note.admin.model.dto.TokenInfoDTO;
import com.kongjs.note.admin.service.TokenService;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

@Slf4j
@Component
public class JwtAuthenticationConverter implements AuthenticationConverter {

    private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource;

    @Resource
    private TokenService tokenService;
    @Resource
    private UserDetailsService userDetailsService;

    public JwtAuthenticationConverter() {
        this(new WebAuthenticationDetailsSource());
    }

    public JwtAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    @Override
    public Authentication convert(HttpServletRequest request) {
        log.info("JwtAuthenticationConverter Start -->");
        String token = request.getHeader("Token");
        if (!StringUtils.hasText(token)) {
            return null;
        }
        TokenInfoDTO tokenInfoDTO = tokenService.parseAccessToken(token);
        if (ObjectUtils.isEmpty(tokenInfoDTO) || !StringUtils.hasText(tokenInfoDTO.getUsername())) {
            return null;
        }
        String username = tokenInfoDTO.getUsername();
        UserDetails userDetails = userDetailsService.loadUserByUsername(username);
        UsernamePasswordAuthenticationToken result = UsernamePasswordAuthenticationToken.authenticated(userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities());
        result.setDetails(this.authenticationDetailsSource.buildDetails(request));
        return result;
    }

    protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
        authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
    }
}
java 复制代码
package com.kongjs.note.system.convert;

import com.kongjs.note.admin.security.authentication.dto.LoginDTO;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;

public class RestAuthenticationConverter implements AuthenticationConverter {
    private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource;
    private final HttpMessageConverter<Object> converter = new MappingJackson2HttpMessageConverter();

    public RestAuthenticationConverter() {
        this(new WebAuthenticationDetailsSource());
    }

    public RestAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    @Override
    public Authentication convert(HttpServletRequest request) {
        if (!request.getRequestURI().equals("/login")) {
            return null;
        }
        if (!request.getMethod().equals("POST")) {
            return null;
        }
        if (!MediaType.parseMediaType(request.getContentType()).equals(MediaType.APPLICATION_JSON)) {
            return null;
        }
        LoginDTO dto;
        try {
            dto = (LoginDTO) converter.read(LoginDTO.class, new ServletServerHttpRequest(request));
        } catch (Exception e) {
            return null;
        }
        String username = dto.getUsername();
        username = username != null ? username.trim() : "";
        String password = dto.getPassword();
        password = password != null ? password : "";
        UsernamePasswordAuthenticationToken authRequest = UsernamePasswordAuthenticationToken.unauthenticated(username, password);
        this.setDetails(request, authRequest);
        return authRequest;
    }

    protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
        authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
    }
}
相关推荐
武昌库里写JAVA27 分钟前
39.剖析无处不在的数据结构
java·vue.js·spring boot·课程设计·宠物管理
李白的粉6 小时前
基于springboot的在线教育系统
java·spring boot·毕业设计·课程设计·在线教育系统·源代码
小马爱打代码7 小时前
SpringBoot原生实现分布式MapReduce计算
spring boot·分布式·mapreduce
iuyou️7 小时前
Spring Boot知识点详解
java·spring boot·后端
一弓虽7 小时前
SpringBoot 学习
java·spring boot·后端·学习
ai大佬7 小时前
Java 开发玩转 MCP:从 Claude 自动化到 Spring AI Alibaba 生态整合
java·spring·自动化·api中转·apikey
来自星星的猫教授9 小时前
spring,spring boot, spring cloud三者区别
spring boot·spring·spring cloud
Bling_10 小时前
请求参数、路径参数、查询参数、Spring MVC/FeignClient请求相关注解梳理
java·spring·spring cloud·mvc
乌夷10 小时前
使用spring boot vue 上传mp4转码为dash并播放
vue.js·spring boot·dash
-曾牛10 小时前
企业级AI开发利器:Spring AI框架深度解析与实战
java·人工智能·python·spring·ai·rag·大模型应用