一.token的認(rèn)證自定義異常

1.在資源服務(wù)器配置
2.創(chuàng)建CustomOAuthEntryPoint

package com.othp.core.config;import java.util.HashMap; import java.util.Map; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.codehaus.jackson.map.ObjectMapper; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.stereotype.Component;@Component public class CustomOAuthEntryPoint implements AuthenticationEntryPoint {@Overridepublic void commence(HttpServletRequest request, HttpServletResponse response,AuthenticationException authException) throws ServletException {Map map = new HashMap();map.put("code", "40001");map.put("message", "token無(wú)效！"); // map.put("message", authException.getMessage());map.put("data", request.getServletPath());response.setContentType("application/json");//請(qǐng)求正常碼 200response.setStatus(HttpServletResponse.SC_OK); // response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);try {ObjectMapper mapper = new ObjectMapper();mapper.writeValue(response.getOutputStream(), map);} catch (Exception e) {throw new ServletException();}}}

3.在資源服務(wù)器的配置authenticationEntryPoint

package com.othp.mine.config;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;import com.othp.core.config.CustomOAuthEntryPoint;@Configuration @EnableResourceServer //@這個(gè)注解就決定了這是個(gè)資源服務(wù)器。 public class ResourceServerConfig extends ResourceServerConfigurerAdapter {@Autowiredprivate CustomOAuthEntryPoint customOAuthEntryPoint;@Overridepublic void configure(HttpSecurity http) throws Exception {//post請(qǐng)求默認(rèn)的都開啟了csrf的模式，所有post請(qǐng)求都必須帶有token之類的驗(yàn)證信息才可以進(jìn)入登陸頁(yè)面，這邊是禁用csrf模式http.csrf().disable();http.authorizeRequests() //方法有多個(gè)子節(jié)點(diǎn)，每個(gè)匹配器按其聲明的順序進(jìn)行考慮。.antMatchers(//waggerui 忽略"/webjars/**","/resources/**","/swagger-ui.html","/swagger-resources/**","/v2/api-docs",//系統(tǒng)使用"/CK030201/*","/Common/getPhoneCode","/SJ030101/*","/Common/getToken") // .antMatchers("**").permitAll(); //不需要認(rèn)證http.authorizeRequests() .anyRequest().authenticated(); //用戶進(jìn)行身份驗(yàn)證}@Overridepublic void configure(ResourceServerSecurityConfigurer resources) throws Exception {//bearer token的驗(yàn)證，異常自定義返回resources.authenticationEntryPoint(customOAuthEntryPoint);}}

3.調(diào)用相應(yīng)接口。傳錯(cuò)誤的bearer

二、token獲取時(shí)，賬號(hào)密碼錯(cuò)誤異常自定義

待更新。。。

總結(jié)

以上是生活随笔為你收集整理的Oauth2的异常处理，统一封装的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。