fixed refresh token request
This commit is contained in:
parent
cda0ddb926
commit
26178f66fb
4 changed files with 9 additions and 5 deletions
|
@ -9,7 +9,7 @@
|
|||
package ch.ethz.seb.sebserver.webservice.weblayer;
|
||||
|
||||
import org.springframework.context.annotation.Lazy;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.authentication.AbstractAuthenticationToken;
|
||||
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
|
@ -45,8 +45,8 @@ public class WebServiceUserDetails
|
|||
throws UsernameNotFoundException {
|
||||
|
||||
final Object principal = token.getPrincipal();
|
||||
if (principal instanceof UsernamePasswordAuthenticationToken) {
|
||||
return loadUserByUsername(((UsernamePasswordAuthenticationToken) principal).getName());
|
||||
if (principal instanceof AbstractAuthenticationToken) {
|
||||
return loadUserByUsername(((AbstractAuthenticationToken) principal).getName());
|
||||
}
|
||||
|
||||
throw new UsernameNotFoundException("No User for principal: " + principal + " found");
|
||||
|
|
|
@ -99,7 +99,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
|
|||
defaultTokenServices.setTokenStore(this.tokenStore);
|
||||
defaultTokenServices.setAuthenticationManager(this.authenticationManager);
|
||||
defaultTokenServices.setSupportRefreshToken(true);
|
||||
defaultTokenServices.setReuseRefreshToken(true);
|
||||
defaultTokenServices.setReuseRefreshToken(false);
|
||||
defaultTokenServices.setTokenEnhancer(jwtAccessTokenConverter);
|
||||
defaultTokenServices.setAccessTokenValiditySeconds(this.adminAccessTokenValSec);
|
||||
defaultTokenServices.setRefreshTokenValiditySeconds(this.adminRefreshTokenValSec);
|
||||
|
|
|
@ -135,6 +135,10 @@ public class CachableJdbcTokenStore implements TokenStore {
|
|||
}
|
||||
|
||||
@Override
|
||||
@Caching(evict = {
|
||||
@CacheEvict(cacheNames = AUTHENTICATION_TOKEN_CACHE, allEntries = true),
|
||||
@CacheEvict(cacheNames = ACCESS_TOKEN_CACHE_NAME, allEntries = true)
|
||||
})
|
||||
public void removeAccessTokenUsingRefreshToken(final OAuth2RefreshToken refreshToken) {
|
||||
this.jdbcTokenStore.removeAccessTokenUsingRefreshToken(refreshToken);
|
||||
}
|
||||
|
|
|
@ -135,7 +135,7 @@ public abstract class WebserviceResourceConfiguration extends ResourceServerConf
|
|||
tokenService.setTokenStore(this.tokenStore);
|
||||
tokenService.setClientDetailsService(this.webServiceClientDetails);
|
||||
tokenService.setSupportRefreshToken(this.supportRefreshToken);
|
||||
tokenService.setSupportRefreshToken(this.supportRefreshToken);
|
||||
tokenService.setReuseRefreshToken(false);
|
||||
tokenService.setAuthenticationManager(this.authenticationManager);
|
||||
tokenService.setAccessTokenValiditySeconds(this.accessTokenValiditySeconds);
|
||||
tokenService.setRefreshTokenValiditySeconds(this.refreshTokenValiditySeconds);
|
||||
|
|
Loading…
Reference in a new issue