資源伺服器的請求都會被攔截 到認證伺服器校驗合法性 (如下圖)
如上步驟在實際使用,會造成認證中心的負載壓力過大,成為造成整個系統瓶頸的關鍵點。
check-token 過程中涉及的原始碼
@bean
public tokenenhancer tokenenhancer()
final mapadditionalinfo = new hashmap<>(8);
pigxuser pigxuser = (pigxuser) authentication.getuserauthentication().getprincipal();
additionalinfo.put("user_id", pigxuser.getid());
additionalinfo.put("username", pigxuser.getusername());
additionalinfo.put("dept_id", pigxuser.getdeptid());
additionalinfo.put("tenant_id", pigxuser.gettenantid());
additionalinfo.put("license", securityconstants.pigx_license);
((defaultoauth2accesstoken) accesstoken).setadditionalinformation(additionalinfo);
return accesstoken;};}
@slf4j
public class pigxcustomtokenservices implements resourceservertokenservices
@override
public oauth2accesstoken readaccesstoken(string accesstoken)
}
/**
* @author lengleng
* @date 2019-03-17
* * jwt 轉化使用者資訊
*/public class pigxuserauthenticationconverter implements userauthenticationconverter
return null;
} private collection extends grantedauthority> getauthorities(mapmap)
if (authorities instanceof collection)
throw new illegalargumentexception("authorities must be either a string or a collection");
}}
@slf4j
public class pigxresourceserverconfigureradapter extends resourceserverconfigureradapter
}
OAuth2簡易實戰(三) JWT
授權伺服器 修改 configuration enableauthorizationserver public class oauth2authorizationserver extends authorizationserverconfigureradapter bean public jwtto...
擴充套件資源伺服器解決oauth2 效能瓶頸
本文是針對傳統使用uuid token 的情況進行擴充套件,提高系統的吞吐率,解決效能瓶頸的問題 override public oauth2authentication loadauthentication string accesstoken throws authenticationexcep...
OAuth2與JWT的區別和聯絡
jwt json web token 是一種具體的token實現框架 oauth2 open authorization 是一種授權協議,是規範,不是實現 spring security oauth2 spring 對 oauth2 的開源實現,優點是能與spring cloud技術棧無縫整合 sp...