mirror of https://github.com/usbharu/Hideout.git
Merge pull request #238 from usbharu/feature/oauth2-client-credential-flow
fix: Client Credential Flowへの対応漏れを修正
This commit is contained in:
commit
bb7bf7abc8
|
@ -43,6 +43,7 @@ import org.springframework.security.config.http.SessionCreationPolicy
|
||||||
import org.springframework.security.core.Authentication
|
import org.springframework.security.core.Authentication
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder
|
import org.springframework.security.crypto.password.PasswordEncoder
|
||||||
|
import org.springframework.security.oauth2.core.AuthorizationGrantType
|
||||||
import org.springframework.security.oauth2.jwt.JwtDecoder
|
import org.springframework.security.oauth2.jwt.JwtDecoder
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType
|
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType
|
||||||
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration
|
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration
|
||||||
|
@ -267,7 +268,8 @@ class SecurityConfig {
|
||||||
@Bean
|
@Bean
|
||||||
fun jwtTokenCustomizer(): OAuth2TokenCustomizer<JwtEncodingContext> {
|
fun jwtTokenCustomizer(): OAuth2TokenCustomizer<JwtEncodingContext> {
|
||||||
return OAuth2TokenCustomizer { context: JwtEncodingContext ->
|
return OAuth2TokenCustomizer { context: JwtEncodingContext ->
|
||||||
if (OAuth2TokenType.ACCESS_TOKEN == context.tokenType) {
|
|
||||||
|
if (OAuth2TokenType.ACCESS_TOKEN == context.tokenType && context.authorization?.authorizationGrantType == AuthorizationGrantType.AUTHORIZATION_CODE) {
|
||||||
val userDetailsImpl = context.getPrincipal<Authentication>().principal as UserDetailsImpl
|
val userDetailsImpl = context.getPrincipal<Authentication>().principal as UserDetailsImpl
|
||||||
context.claims.claim("uid", userDetailsImpl.id.toString())
|
context.claims.claim("uid", userDetailsImpl.id.toString())
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue