问题描述
我正在尝试在我们的restcontroller中实现切换用户实现。其余控制器由Oauth2保护。
我在该控制器中添加了一个控制器,我正在生成新令牌。但是当我使用令牌时,它给了我一个拒绝访问错误。
下面是实现:
UserDetails userDetails = coreUserDetailsService.loadUserByUsername(customerId);
if(null !=userDetails) {
List<GrantedAuthority> impersonationAuthorities = new ArrayList<>(
userDetails.getAuthorities());
org.springframework.security.core.Authentication source = SecurityContextHolder.getContext()
.getAuthentication();
// add current user authentication (to switch back from impersonation):
SwitchUserGrantedAuthority switchUserAuthority =
new SwitchUserGrantedAuthority("ROLE_PREVIoUS_ADMINISTRATOR",source);
impersonationAuthorities.add(switchUserAuthority);
UserDetails newUserDetails =
org.springframework.security.core.userdetails.User
.withUsername(customerId)
.authorities(impersonationAuthorities)
.password("justinventedhere")
.build();
Authentication userPasswordAuthentiation =
new UsernamePasswordAuthenticationToken(newUserDetails,null,impersonationAuthorities);
Map<String,String> parameters = new HashMap<>();
ClientDetails client = oauthClientDetails.loadClientByClientId("stageWebClient");
OAuth2Request oauthRequest = new OAuth2Request(parameters,client.getClientId(),client.getAuthorities(),true,client.getScope(),client.getResourceIds(),null);
OAuth2Authentication authentication = new OAuth2Authentication(oauthRequest,userPasswordAuthentiation);
OAuth2Accesstoken createAccesstoken = oauthTokenServices.createAccesstoken(authentication);
回复为
{
"additional@R_458_4045@ion": [],"expiration": "2020-09-12T13:49:57+0000","refreshToken": {},"scope": [
"basic","openid"
],"tokenType": "bearer","value": "4fdae02b-cdb4-4eb1-857d-c11b7e3e0972"
}
我正在使用此值来访问其他其余服务器,但它会引发拒绝访问错误。这也是出于模拟客户密码而无法使用的密码。由于密码错误导致身份验证失败吗? 如果可以,我该如何处理这种情况?
有输入吗?
感谢与问候, 斯里。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)