我正在开展一个项目,我有一个人在不同的租户中有多个角色。所以我想自定义权限以获得该角色的角色和所有权。
"authorities": [
{
"authority": "ROLE_store",
"ownership": "sec 18"
}
]
private List<GrantedAuthority> getGrantedAuthoritiesForStore(){
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(new SimpleGrantedAuthority("ROLE_"+"store"));
System.out.print("authorities :"+authorities);
return authorities;
}
答案 0 :(得分:0)
这个解决方案解决了我的问题,它和我想要的结果差不多。
public class CustomTokenEnhancer implements TokenEnhancer {
@Autowired
EmployeeService employeeService;
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
User user = (User) authentication.getPrincipal();
String username = user.getUsername();
List<Map<String, Object>> credential = employeeService.fetchEmployeesRoleCredentials(username);
final Map<String, Object> additionalInfo = new HashMap<>();
additionalInfo.put("credentials", credential);
// additionalInfo.put("authorities", user.getAuthorities());
((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
return accessToken;
}
}