如何在 Spring Security OAuth2 中获取经过身份验证的用户的详细信息答案

【问题标题】：How to get an Authenticated User's Details in Spring Security OAuth2如何在 Spring Security OAuth2 中获取经过身份验证的用户的详细信息
【发布时间】：2017-08-29 14:50:57
【问题描述】：

我无法在 Spring Security OAuth2 中提取当前登录的用户。我的目标是在触发 ClientSuggestion 实体上的创建事件时提取用户并将其保存到数据库中。

Employee.java

@Entity
@Table(name = "er_employee")
public class Employee implements Serializable {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    @Column(name = "id")
    private Long id;

    @Column(name = "username", unique = true)
    @NotNull
    @Size(max = 10)
    private String username;

    @Column(name = "password_hash")
    @NotNull
    @Size(min = 8, max = 512)
    private String password;


    @Column(name = "email_verification_token")
    @Size(max = 512)
    private String emailVerificationToken;

    @Column(name = "password_reset_token")
    @Size(max = 512)
    private String passwordResetToken;

    @Column(name = "active")
    @NotNull
    private boolean active;

    @Column(name = "is_deleted")
    @NotNull
    private boolean deleted;

    @Column(name = "date_of_creation")
    @Temporal(TemporalType.TIMESTAMP)
    @NotNull
    private Date dateOfCreation;

    @OneToMany(mappedBy = "employee")
    private List<ClientSuggestion> clientSuggestions;


    //Constructors
    //Getters ans setters
}

ClientSuggestion.java

@Entity
@Table(name = "er_suggestion")
public class ClientSuggestion implements Serializable {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    @Column(name = "id")
    private Long id;

    @Column(name = "content", unique = true)
    @NotNull
    @Size(max = 200)
    private String suggestion;

    @ManyToOne
    @JoinColumn(name = "employee_id")
    private Employee employee;

    //Constructors
    //Getters ans setters
}

EmployeeRepository.java

public interface EmployeeRepository extends CrudRepository<Employee, Long> {

ClientSuggestionRepository .java

public interface ClientSuggestionRepository extends CrudRepository<ClientSuggestion, Long> {
}

事件处理程序

@Component
@RepositoryEventHandler(ClientSuggestion.class)
public class ClientSuggestionEventHandler {
    Employee employee= (Employee ) SecurityContextHolder.getContext().getAuthentication().getPrincipal();

    @HandleBeforeCreate
    public void handleClientSuggestionBeforeCreate(ClientSuggestion cs) {
       cs.setDeleted(false);
       cs.setActive(true);
       cs.setPasswordResetToken(Encryptor.generateHash(cs.getPassword, 512));
       cs.setEmployee(employee);
    }
}

bean ClientSuggestionEventHandler 注册在配置类中。当我尝试运行该项目时，会引发 NullPointerException 异常。我想知道如何获取当前登录的员工。我是 Spring Security OAuth2 的新手。谢谢。

【问题讨论】：

您是否在代码中初始化了private List<ClientSuggestion> clientSuggestions;？
也许你可以尝试把SecurityContextHolder.getContext().getAuthentication().getPrincipal() 放在handleClientSuggestionBeforeCreate 里面
@varren 谢谢。有效。谢谢美人。

标签： spring spring-boot spring-security spring-data-rest spring-security-oauth2

【解决方案1】：

在Employee.java 中实现org.springframework.security.core.userdetails.UserDetails 类

Employee.java

@Entity
@Table(name = "er_employee")
public class Employee implements Serializable, UserDetails {

然后使用Employee employee= (Employee) SecurityContextHolder.getContext().getAuthentication().getPrincipal();

【讨论】：

已经实现了 UserDetails 和 UserDetails 服务。安全和 Oauth2 工作。只是想在触发 oncreate 事件（类型为 ClientSuggestion）时提取当前登录的员工。代码工作正常。刚刚添加--> Employee employee = employeeRepository.findByUsername(SecurityContextHolder.getContext().getAuthentication().getName());到@HandleBeforeCreate public void handleClientSuggestionBeforeCreate{...}