Question

I need to implement the oauth spring persistence for RandomValueProviderTokenServices class. The class that needs to be stored according to the abstract protected methods of the RandomValueProviderTokenServices is OAuthProviderTokenImpl. however, this class contains a reference to Authentication interface which has various implementations.

I assume that implementations of these methods were done by any who used the spring-oauth library for their projects.

Is there a common practice to achieve that? ( without using the Java built it serialization mechanism).

Answer 1

I am working on this now and I am just storing a reference to the user in the database using their id. Then I generate the Authentication object based on that user object using this:

public Authentication getAuthentication(User user) {

 Object credentials = user.getUsername(); // the username of your user
    GrantedAuthority[] authorities = {new GrantedAuthorityImpl(user.getRole().getName())}; // an array of their role names

    UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user, credentials, authorities);
    auth.setDetails(user);

    return auth;
}

友情链接