我在用JWT代替默认的OAuth的token生成器的时候,给JwtAccessTokenConverter添加了userDetailsService用来将原来的String格式的principal替换为UserDetail,但是使用以下代码执行的时候我发现每个请求进来之后userDetailService的loadUserByUsername方法会执行两次,打断点发现JwtAccessTokenConverter中的extractAuthentication方法就会执行两次,请问各位我是哪里写的有问题吗?
TokenConfig:
public class TokenConfig {
@Autowired
UserDetailsServiceImpl userDetailsService;
@Bean
public TokenStore tokenStore() {
//jwt管理令牌
return new JwtTokenStore(jwtAccessTokenConverter());
}
// JWT 签名秘钥
private static final String SIGNING_KEY = "wj-key";
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
jwtAccessTokenConverter.setSigningKey(SIGNING_KEY);
DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
userTokenConverter.setUserDetailsService(userDetailsService);
accessTokenConverter.setUserTokenConverter(userTokenConverter);
jwtAccessTokenConverter.setAccessTokenConverter(accessTokenConverter);
return jwtAccessTokenConverter;
}
}
AuthorizationServiceConfig(省略部分无关代码)
public class AuthorizationServiceConfig extends AuthorizationServerConfigurerAdapter {
...
@Autowired
private TokenStore tokenStore;
@Autowired
private JwtAccessTokenConverter jwtAccessTokenConverter;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService)
.tokenStore(tokenStore).accessTokenConverter(jwtAccessTokenConverter)
.reuseRefreshTokens(true);
}
........
}
还请各位指教