V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
coolair
V2EX  ›  Java

Java 大佬帮忙看看为啥我生成的 access token 和 refresh token 一样?

  •  
  •   coolair · 2023-10-25 21:33:43 +08:00 · 1061 次点击
    这是一个创建于 401 天前的主题,其中的信息可能已经有所发展或是发生改变。

    代码如下:

    @Configuration
    public class SecurityConfig {
        @Bean
        public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
            http.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
                    .csrf((crsf) -> crsf.ignoringRequestMatchers("/token"))
                    .httpBasic(Customizer.withDefaults())
                    .oauth2ResourceServer((resourceServer) -> resourceServer.jwt(Customizer.withDefaults()))
                    .sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
                    .exceptionHandling((exceptions) -> exceptions
                            .authenticationEntryPoint(new BearerTokenAuthenticationEntryPoint())
                            .accessDeniedHandler(new BearerTokenAccessDeniedHandler())
                    );
            return http.build();
        }
    
        @Bean
        public UserDetailsService userDetailsService() {
            return new InMemoryUserDetailsManager(
                    User.withUsername("user")
                            .password("{noop}123")
                            .authorities("app")
                            .build()
            );
        }
    
        @Bean
        @Primary
        public JWKSource<SecurityContext> jwkSource() {
            KeyPair keyPair = generateRsaKey();
            RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
            RSAKey rsaKey = new RSAKey.Builder(publicKey)
                    .privateKey(privateKey)
                    .keyID(UUID.randomUUID().toString())
                    .build();
            JWKSet jwkSet = new JWKSet(rsaKey);
            return new ImmutableJWKSet<>(jwkSet);
        }
    
        @Bean
        @Qualifier("refreshJwkSource")
        public JWKSource<SecurityContext> refreshJwkSource() {
            KeyPair keyPair = generateRsaKey2();
            RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();
            RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
            RSAKey rsaKey = new RSAKey.Builder(publicKey)
                    .privateKey(privateKey)
                    .keyID(UUID.randomUUID().toString())
                    .build();
            JWKSet jwkSet = new JWKSet(rsaKey);
            return new ImmutableJWKSet<>(jwkSet);
        }
    
        public KeyPair generateRsaKey() {
            KeyPair keyPair;
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(2048);
                keyPair = keyPairGenerator.generateKeyPair();
            }
            catch (Exception ex) {
                throw new IllegalStateException(ex);
            }
            return keyPair;
        }
    
        private KeyPair generateRsaKey2() {
            KeyPair keyPair;
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(2048);
                keyPair = keyPairGenerator.generateKeyPair();
            }
            catch (Exception ex) {
                throw new IllegalStateException(ex);
            }
            return keyPair;
        }
    
        @Bean
        @Primary
        JwtEncoder jwtEncoder(JWKSource<SecurityContext> jwkSource) {
            return new NimbusJwtEncoder(jwkSource);
        }
    
        @Bean
        @Qualifier("refreshJwtEncoder")
        JwtEncoder refreshJwtEncoder(JWKSource<SecurityContext> refreshJwkSource) {
            return new NimbusJwtEncoder(refreshJwkSource);
        }
    
        @Bean
        @Primary
        JwtDecoder jwtDecoder(JWKSource<SecurityContext> jwkSource) {
            Set<JWSAlgorithm> jwsAlgorithmSet = new HashSet<>(JWSAlgorithm.Family.RSA);
            ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>();
            JWSKeySelector<SecurityContext> jwsKeySelector = new JWSVerificationKeySelector<>(jwsAlgorithmSet, jwkSource);
            jwtProcessor.setJWSKeySelector(jwsKeySelector);
            jwtProcessor.setJWTClaimsSetVerifier(((jwtClaimsSet, securityContext) -> {}));
            return new NimbusJwtDecoder(jwtProcessor);
        }
    
        @Bean
        @Qualifier("refreshJwtDecoder")
        JwtDecoder refreshJwtDecoder(JWKSource<SecurityContext> refreshJwkSource) {
            Set<JWSAlgorithm> jwsAlgorithmSet = new HashSet<>(JWSAlgorithm.Family.RSA);
            ConfigurableJWTProcessor<SecurityContext> jwtProcessor = new DefaultJWTProcessor<>();
            JWSKeySelector<SecurityContext> jwsKeySelector = new JWSVerificationKeySelector<>(jwsAlgorithmSet, refreshJwkSource);
            jwtProcessor.setJWSKeySelector(jwsKeySelector);
            jwtProcessor.setJWTClaimsSetVerifier(((jwtClaimsSet, securityContext) -> {}));
            return new NimbusJwtDecoder(jwtProcessor);
        }
    }
    

    为啥我用 jwtEncoder 和 refreshJwtEncoder 生成的 token 是一样的?

    1 条回复    2023-10-26 09:15:45 +08:00
    Oktfolio
        1
    Oktfolio  
       2023-10-26 09:15:45 +08:00
    你这是 BeanName 和 Qualifier 没写对吧
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   942 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 21:00 · PVG 05:00 · LAX 13:00 · JFK 16:00
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.