猿问

micronaut 的 @AuthenticationPrincipal 替代方案是什么?

我试图得到UserDetails像下面这样的对象。但是,我有一些困难,不可能得到对象,UserDetails所以只有JSONObject. authentication.getAttributes()在 micronaut 中有没有其他方法可以获取UserDetails对象?


自定义UserDetails对象:


public class MyUserPrincipal implements UserDetails {

    private Account account;


    public MyUserPrincipal(Account account) {

        this.account = account;

    }


    public Account getAccount() {

        return getAccount();

    }


}

休息API:


//micronaut

@Post(value = "/echo")

@Status(HttpStatus.OK)

public Long echo(@Nullable Authentication authentication) {

    Long accountId = (Long)((JSONObject)authentication.getAttributes().get("account")).get("id");

    return accountId;

}

例如,在 Spring Security@AuthenticationPrincipal中,参数中的注释很容易。


休息API:


@GET

public ResponseEntity<?> echo(@AuthenticationPrincipal MyUserPrincipal user) {

    return new ResponseEntity<>(user.getAccount().getAccountId(), HttpStatus.OK);

}


哈士奇WWW
浏览 165回答 2
2回答

牧羊人nacy

如果您仍在寻找解决方案,这就是有效的方法。您必须提供一个实现JwtAuthenticationFactory并替换 default DefaultJwtAuthenticationFactory。像这样的东西(下面的代码在 Kotlin 中):@Singleton@Replaces(bean = DefaultJwtAuthenticationFactory::class)class CustomJwtAuthenticationFactory() : JwtAuthenticationFactory {&nbsp; &nbsp; override fun createAuthentication(token: JWT?): Optional<Authentication> {&nbsp; &nbsp; &nbsp; &nbsp; try {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; val builder = JWTClaimsSet.Builder()&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; builder.claim("username", token?.jwtClaimsSet?.getStringClaim("username"))&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; return Optional.of(AuthenticationJWTClaimsSetAdapter(jwtClaims))&nbsp; &nbsp; &nbsp; &nbsp; } catch (e: Exception) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; throw RuntimeException("ParseException creating authentication", e)&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; }}使用构建器添加的所有声明都将添加到Authentication对象中,并且可以在任何控制器中访问,例如:@Get("/hello-world")fun hello(authentication: Authentication): String =&nbsp; &nbsp; authentication["username"] as String如果您使用的是 Kotlin,还可以在 Authentication 方法上添加扩展方法以获取您添加到 Authentication 类的属性,例如: fun Authentication.username(): String = this.attributes["username"]注意:username只是一个例子。它可用作name身份验证实例上的实例变量。
0

守着一只汪

UserDetails 认证后不存在。唯一可用的对象是身份验证。如果您想标准化上面的代码,您可以创建一个处理该特定属性注入的 bean。您可以使用注释来指定注入,方法是创建注释以及AnnotatedRequestArgumentBinder. 类似于以下内容:public class Temp implements AnnotatedRequestArgumentBinder<YourAnnotation, Long> {&nbsp; &nbsp; @Override&nbsp; &nbsp; public Class<YourAnnotation> getAnnotationType() {&nbsp; &nbsp; &nbsp; &nbsp; return YourAnnotation.class;&nbsp; &nbsp; }&nbsp; &nbsp; @Override&nbsp; &nbsp; public BindingResult<Long> bind(ArgumentConversionContext<Long> context, HttpRequest<?> source) {&nbsp; &nbsp; &nbsp; &nbsp; if (source.getAttributes().contains(OncePerRequestHttpServerFilter.getKey(SecurityFilter.class))) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; final Optional<Authentication> authentication = source.getUserPrincipal(Authentication.class);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if (authentication.isPresent()) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; return () -> (Long)((JSONObject)authentication.getAttributes().get("account")).get("id");&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; return ArgumentBinder.BindingResult.EMPTY;&nbsp; &nbsp; }}
0
随时随地看视频慕课网APP

相关分类

Java
我要回答