我一开始用oauth2 for spring security的JdbcTokenStore存储令牌,它用jdbcTemplate操作数据库,代码显示操作成功,但是数据库里就是没有存储的令牌,调试搞了一天,就是找不到原因,无奈,只好自己用mybatis实现了一个tokenStore。 数据库表结构: - drop table if exists oauth_client_details;
- drop table if exists oauth_access_token;
- drop table if exists oauth_refresh_token;
- drop table if exists oauth_code;
-
- create table oauth_client_details (
- client_id VARCHAR(50) PRIMARY KEY,
- resource_ids VARCHAR(256),
- client_secret VARCHAR(256),
- scope VARCHAR(256),
- authorized_grant_types VARCHAR(256),
- web_server_redirect_uri VARCHAR(256),
- authorities VARCHAR(256)
- );
-
- create table oauth_access_token (
- token_id VARCHAR(256),
- token blob,
- authentication_id VARCHAR(256),
- authentication blob,
- refresh_token VARCHAR(256)
- );
-
- create table oauth_refresh_token (
- token_id VARCHAR(256),
- token blob,
- authentication blob
- );
-
- create table oauth_code (
- code VARCHAR(256),
- authentication blob
- );
-
- insert into oauth_client_details(client_id,resource_ids,client_secret,scope,authorized_grant_types,authorities)
- values('client','sparklr','secret','read,write','authorization_code','ROLE_CLIENT');
几个实体类如下:- package com.hxp.oauth.server.entity;
-
- import java.io.Serializable;
-
- public class MybatisOauth2AccessToken implements Serializable {
- private static final long serialVersionUID = -4232065232755289541L;
-
- private String tokenId;
- private byte[] token;
- private String authenticationId;
- private byte[] authentication;
- private String refreshToken;
-
- public String getTokenId() {
- return tokenId;
- }
-
- public void setTokenId(String tokenId) {
- this.tokenId = tokenId;
- }
-
- public byte[] getToken() {
- return token;
- }
-
- public void setToken(byte[] token) {
- this.token = token;
- }
-
- public String getAuthenticationId() {
- return authenticationId;
- }
-
- public void setAuthenticationId(String authenticationId) {
- this.authenticationId = authenticationId;
- }
-
- public byte[] getAuthentication() {
- return authentication;
- }
-
- public void setAuthentication(byte[] authentication) {
- this.authentication = authentication;
- }
-
- public String getRefreshToken() {
- return refreshToken;
- }
-
- public void setRefreshToken(String refreshToken) {
- this.refreshToken = refreshToken;
- }
-
-
-
- }
- package com.hxp.oauth.server.entity;
-
- import java.io.Serializable;
-
- public class MybatisOauth2RefreshToken implements Serializable {
- private static final long serialVersionUID = 238497479380096784L;
-
- private String tokenId;
- private byte[] token;
- private byte[] authentication;
-
- public String getTokenId() {
- return tokenId;
- }
-
- public void setTokenId(String tokenId) {
- this.tokenId = tokenId;
- }
-
- public byte[] getToken() {
- return token;
- }
-
- public void setToken(byte[] token) {
- this.token = token;
- }
-
- public byte[] getAuthentication() {
- return authentication;
- }
-
- public void setAuthentication(byte[] authentication) {
- this.authentication = authentication;
- }
-
- }
- package com.hxp.oauth.server.entity;
-
- import java.io.Serializable;
-
- public class MybatisOauth2Code implements Serializable {
- private static final long serialVersionUID = -1799776184263988216L;
-
- private String code;
- private byte[] authentication;
-
- public String getCode() {
- return code;
- }
-
- public void setCode(String code) {
- this.code = code;
- }
-
- public byte[] getAuthentication() {
- return authentication;
- }
-
- public void setAuthentication(byte[] authentication) {
- this.authentication = authentication;
- }
-
- }
tokenStore类: dao接口类:- package com.hxp.oauth.server.dao;
-
- import com.hxp.oauth.server.entity.MybatisOauth2AccessToken;
- import com.hxp.oauth.server.entity.MybatisOauth2RefreshToken;
-
- public interface MybatisTokenDao {
- void storeAccessToken(MybatisOauth2AccessToken token);
-
- MybatisOauth2AccessToken readAccessToken(String tokenValue);
-
- void removeAccessToken(String tokenValue);
-
- void storeRefreshToken(MybatisOauth2RefreshToken token);
-
- MybatisOauth2RefreshToken readRefreshToken(String tokenValue);
-
- void removeRefreshToken(String tokenValue);
-
- void removeAccessTokenUsingRefreshToken(String refreshToken);
-
- MybatisOauth2AccessToken getAccessToken(String authentication);
- }
mapper 配置文件:- <?xml version="1.0" encoding="UTF-8" ?>
- <!DOCTYPE mapper PUBLIC "-////DTD Mapper 3.0//EN"
- "http:///dtd/mybatis-3-mapper.dtd">
-
- <mapper namespace="com.hxp.oauth.server.dao.MybatisTokenDao">
- <resultMap id="accessToken" type="com.hxp.oauth.server.entity.MybatisOauth2AccessToken">
- <result property="tokenId" column="token_id" />
- <result property="token" column="token" />
- <result property="authenticationId" column="authentication_id" />
- <result property="authentication" column="authentication" />
- <result property="refreshToken" column="refresh_token" />
- </resultMap>
- <resultMap id="refreshToken" type="com.hxp.oauth.server.entity.MybatisOauth2RefreshToken">
- <result property="tokenId" column="token_id" />
- <result property="token" column="token" />
- <result property="authentication" column="authentication" />
- </resultMap>
- <resultMap id="code" type="com.hxp.oauth.server.entity.MybatisOauth2Code">
- <result property="code" column="code" />
- <result property="authentication" column="authentication" />
- </resultMap>
-
-
- <insert id="storeAccessToken" parameterType="com.hxp.oauth.server.entity.MybatisOauth2AccessToken">
- insert into oauth_access_token (token_id, token, authentication_id, authentication, refresh_token) values (#{tokenId}, #{token ,javaType=byte[], jdbcType=BLOB,typeHandler=org.apache.ibatis.type.BlobTypeHandler}, #{authenticationId}, #{authentication ,javaType=byte[], jdbcType=BLOB,typeHandler=org.apache.ibatis.type.BlobTypeHandler}, #{refreshToken})
- </insert>
-
- <select id="readAccessToken" parameterType="string" resultMap="accessToken">
- select token_id, token,authentication from oauth_access_token where token_id = #{tokenValue}
- </select>
-
- <delete id="removeAccessToken" parameterType="string" >
- delete from oauth_access_token where token_id = #{tokenValue}
- </delete>
-
- <insert id="storeRefreshToken" parameterType="com.hxp.oauth.server.entity.MybatisOauth2RefreshToken" >
- insert into oauth_refresh_token (token_id, token, authentication) values (#{tokenId}, #{token ,javaType=byte[], jdbcType=BLOB,typeHandler=org.apache.ibatis.type.BlobTypeHandler}, #{authentication ,javaType=byte[], jdbcType=BLOB,typeHandler=org.apache.ibatis.type.BlobTypeHandler})
- </insert>
-
- <select id="readRefreshToken" parameterType="string" resultMap="refreshToken" >
- select token_id, token,authentication from oauth_refresh_token where token_id = #{tokenValue}
- </select>
-
- <delete id="removeRefreshToken" parameterType="string" >
- delete from oauth_refresh_token where token_id = #{tokenValue}
- </delete>
-
- <delete id="removeAccessTokenUsingRefreshToken" parameterType="string" >
- delete from oauth_access_token where refresh_token = #{tokenValue}
- </delete>
-
- <select id="getAccessToken" parameterType="string" resultMap="accessToken">
- select token_id, token from oauth_access_token where authentication_id = #{authentication}
- </select>
- </mapper>
|