I have an oauth2 jwt token server configured to set additional info about the user authorities.
@Configuration
@Component
public class CustomTokenEnhancer exten
In the following I'm referring to this Baeldung tutorial that I already implemented successfully: http://www.baeldung.com/spring-security-oauth-jwt
First at all: The CustomTokenEnhancer is used on the AuthorizationServer side to enhance a created token with additional custom information. You should use the so called DefaultAccessTokenConverter on the ResourceServer side to extract these extra claims.
You can @Autowire
the CustomAccessTokenConverter into your ResourceServerConfiguration class and then set it to your JwtTokenStore()
configuration.
ResourceServerConfiguration:
@Autowired
private CustomAccessTokenConverter yourCustomAccessTokenConverter;
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setAccessTokenConverter(yourCustomAccessTokenConverter);
converter.setSigningKey(yourSigningKey);
return converter;
}
The CustomAccessTokenConverter can be configured, so that the custom claims get extracted here.
CustomAccessTokenConverter:
@Component
public class CustomAccessTokenConverter extends DefaultAccessTokenConverter {
@Override
public OAuth2Authentication extractAuthentication(Map<String, ?> claims) {
OAuth2Authentication authentication = super.extractAuthentication(claims);
authentication.setDetails(claims);
return authentication;
}
}
(see: https://github.com/Baeldung/spring-security-oauth/blob/master/oauth-resource-server-1/src/main/java/org/baeldung/config/CustomAccessTokenConverter.java )