OAuth2 logout
来源:互联网 发布:php兄弟连官网 编辑:程序博客网 时间:2024/06/01 20:51
OAuth安全环境中注销用户的访问令牌
定义一个@FrameworkEndpoint,以便它被FrameworkEndpointHandlerMapping取代而不是标准的RequestMappingHandlerMapping被拾取和解析.
@FrameworkEndpoint
public class RevokeTokenEndpoint {@Autowired@Qualifier("consumerTokenServices")ConsumerTokenServices consumerTokenServices;@RequestMapping(method = RequestMethod.DELETE, value = "/oauth/token")@ResponseBodypublic Msg<String> revokeToken(String access_token) { if (consumerTokenServices.revokeToken(access_token)){ return new Msg(MessageType.MSG_TYPE_SUCCESS,null,"注销成功"); }else{ return new Msg(MessageType.MSG_TYPE_FAILURE,null,"注销失败"); }}
}
上述方法从参数中获取access_token,网上还有一种方法是从request Header中获取access_token:
public void revokeToken(HttpServletRequest request) { String authorization = request.getHeader("Authorization"); if (authorization != null && authorization.contains("Bearer")){ String tokenId = authorization.substring("Bearer".length()+1); tokenServices.revokeToken(tokenId); }}
从服务器端删除cookie(针对前端页面的cookie操作)
@Componentpublic class CustomPostZuulFilter extends ZuulFilter{ @Override public Object run() { final RequestContext ctx = RequestContext.getCurrentContext(); String requestURI = ctx.getRequest().getRequestURI(); String requestMethod = ctx.getRequest().getMethod(); if (requestURI.contains("oauth/token") && requestMethod.equals("DELETE")) { Cookie cookie = new Cookie("refreshToken", ""); cookie.setMaxAge(0); cookie.setPath(ctx.getRequest().getContextPath() + "/oauth/token"); ctx.getResponse().addCookie(cookie); } return null; } @Override public boolean shouldFilter() { return true; } @Override public int filterOrder() { return 10; } @Override public String filterType() { return "post"; }}
从AngularJS客户端删除访问令牌,除了从令牌存储中撤销访问令牌之外,还需要从客户端删除access_token cookie。
$scope.logout = function() { logout($scope.loginData);}function logout(params) { var req = { method: 'DELETE', url: "oauth/token" } $http(req).then( function(data){ $cookies.remove("access_token"); window.location.href="login"; },function(){ console.log("error"); } );} //单击“ 注销”链接时将调用此功能: <a class="btn btn-info" href="#" ng-click="logout()">Logout</a>
阅读全文
0 0
- OAuth2 logout
- Logout
- oauth2
- OAuth2
- oauth2
- Login, logout
- logout.jsp
- login logout
- JAVASCRIPT:响应LOGOUT
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- CAS logout问题释疑
- LightOJ_1282 Leading and Trailing 快速幂
- C语言:递归
- HDU 1863 畅通工程(最小生成树-Kruskal)
- Hadoop 学习自定义数据类型
- freemarker 和JSP 的区别
- OAuth2 logout
- javascript笔记
- 触摸物体的旋转 移动 缩放功能
- this关键字static关键字
- 1024.科学计数法 (20)
- 解决WebStrom、PhpStorm等JetBrains软件最新版(2017.2)的中文打字法不兼容问题
- SDUT-山峰---栈的单步调用
- 蓝图通信三
- 模仿今日头条:频道管理