当我仔细检查时,发现
InMemoryTokenStore使用
OAuth2Authentication的哈希字符串作为serveral的键Map。当我使用相同的用户名,client_id,scope ..时,我得到了
key。因此,这可能会导致一些问题。因此,我认为不赞成使用旧方法。以下是我为避免该问题所做的工作。
创建另一个
AuthenticationKeyGenerator可以计算唯一密钥的密钥,称为
UniqueAuthenticationKeyGenerator
public class UniqueAuthenticationKeyGenerator implements AuthenticationKeyGenerator { private static final String CLIENT_ID = "client_id"; private static final String SCOPE = "scope"; private static final String USERNAME = "username"; private static final String UUID_KEY = "uuid"; public String extractKey(OAuth2Authentication authentication) { Map<String, String> values = new linkedHashMap<String, String>(); OAuth2Request authorizationRequest = authentication.getOAuth2Request(); if (!authentication.isClientonly()) { values.put(USERNAME, authentication.getName()); } values.put(CLIENT_ID, authorizationRequest.getClientId()); if (authorizationRequest.getScope() != null) { values.put(SCOPE, OAuth2Utils.formatParameterList(authorizationRequest.getScope())); } Map<String, Serializable> extentions = authorizationRequest.getExtensions(); String uuid = null; if (extentions == null) { extentions = new HashMap<String, Serializable>(1); uuid = UUID.randomUUID().toString(); extentions.put(UUID_KEY, uuid); } else { uuid = (String) extentions.get(UUID_KEY); if (uuid == null) { uuid = UUID.randomUUID().toString(); extentions.put(UUID_KEY, uuid); } } values.put(UUID_KEY, uuid); MessageDigest digest; try { digest = MessageDigest.getInstance("MD5"); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException("MD5 algorithm not available. Fatal (should be in the JDK)."); } try { byte[] bytes = digest.digest(values.toString().getBytes("UTF-8")); return String.format("%032x", new BigInteger(1, bytes)); } catch (UnsupportedEncodingException e) { throw new IllegalStateException("UTF-8 encoding not available. Fatal (should be in the JDK)."); } }}最后,将它们连接起来
<bean id="tokenStore" > <constructor-arg ref="jdbcTemplate" /> <property name="authenticationKeyGenerator"> <bean /> </property></bean>
