ThinkChat2.0新版上线,更智能更精彩,支持会话、画图、阅读、搜索等,送10W Token,即刻开启你的AI之旅 广告
## 框架自带登录接口 SpringSecurityOauth2框架中提供了登录认证的端点`TokenEndpoint`,支持Get、Post请求: ``` @FrameworkEndpoint public class TokenEndpoint extends AbstractEndpoint { private OAuth2RequestValidator oAuth2RequestValidator = new DefaultOAuth2RequestValidator(); private Set<HttpMethod> allowedRequestMethods = new HashSet<HttpMethod>(Arrays.asList(HttpMethod.POST)); @RequestMapping(value = "/oauth/token", method=RequestMethod.GET) public ResponseEntity<OAuth2AccessToken> getAccessToken(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException { if (!allowedRequestMethods.contains(HttpMethod.GET)) { throw new HttpRequestMethodNotSupportedException("GET"); } return postAccessToken(principal, parameters); } @RequestMapping(value = "/oauth/token", method=RequestMethod.POST) public ResponseEntity<OAuth2AccessToken> postAccessToken(Principal principal, @RequestParam Map<String, String> parameters) throws HttpRequestMethodNotSupportedException { if (!(principal instanceof Authentication)) { throw new InsufficientAuthenticationException( "There is no client authentication. Try adding an appropriate authentication filter."); } } } ``` ## 自定义登录端点 ``` @ApiOperation(value = "用户名密码获取token") @PostMapping("/oauth/user/token") @LogAnnotation(module = "auth-server", recordRequestParam = true) public void getUserTokenInfo( @ApiParam(required = true, name = "username", value = "账号") @RequestParam(value = "username") String username, @ApiParam(required = true, name = "password", value = "密码") @RequestParam(value = "password") String password) { ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder .getRequestAttributes(); HttpServletRequest request = servletRequestAttributes.getRequest(); HttpServletResponse response = servletRequestAttributes.getResponse(); try { String clientId = request.getHeader("client_id"); String clientSecret = request.getHeader("client_secret"); OAuth2AccessToken oAuth2AccessToken = sysTokenService.getUserTokenInfo(clientId, clientSecret, username, DesUtils.decryption(password, SecurityConstant.LOGIN_PASSWORD_ENCRYPT_KEY)); ResponseUtil.renderJson(response, oAuth2AccessToken); } catch (Exception e) { Map<String, String> rsp = new HashMap<>(); rsp.put("code", HttpStatus.UNAUTHORIZED.value() + ""); rsp.put("msg", e.getMessage()); ResponseUtil.renderJsonError(response, rsp, HttpStatus.UNAUTHORIZED.value()); } } ```