DefaultOAuth2AccessToken accessToken = (DefaultOAuth2AccessToken) this.createAccessToken(authentication, refreshToken); // If you reuse the refresh token, set the refresh token to the new AccessToken // 如果重复使用刷新令牌,将刷新令牌与新生成的请求令牌进行绑定 if (this.reuseRefreshToken) { accessToken.setRefreshToken(refreshToken); } this.tokenStore.storeAccessToken(accessToken, authentication); if (!this.reuseRefreshToken) { this.tokenStore.storeRefreshToken(accessToken.getRefreshToken(), authentication); } // No new token will be returned after refresh // 刷新令牌后不再返回refresh_token accessToken.setRefreshToken(null); return accessToken; } } else { thrownew InvalidGrantException("Wrong client for this refresh token: " + refreshTokenValue); } } } }
/** * Encode the raw password. Generally, a good encoding algorithm applies a SHA-1 or * greater hash combined with an 8-byte or greater randomly generated salt. */ String encode(CharSequence rawPassword);
/** * Verify the encoded password obtained from storage matches the submitted raw * password after it too is encoded. Returns true if the passwords match, false if * they do not. The stored password itself is never decoded. * * @param rawPassword the raw password to encode and match * @param encodedPassword the encoded password from storage to compare with * @return true if the raw password, after encoding, matches the encoded password from * storage */ booleanmatches(CharSequence rawPassword, String encodedPassword);
/** * Returns true if the encoded password should be encoded again for better security, * else false. The default implementation always returns false. * @param encodedPassword the encoded password to check * @return true if the encoded password should be encoded again for better security, * else false. */ defaultbooleanupgradeEncoding(String encodedPassword){ returnfalse; } }
Spring Security 5.x版本默认的PasswordEncoder方式改成了DelegatingPasswordEncoder委托类,不过如果是通过PasswordEncoderFactories#createDelegatingPasswordEncoder方法创建的DelegatingPasswordEncoder实例时,默认其实使用的还是BCryptPasswordEncoder,源码如下所示:
1 2 3 4 5 6 7 8
publicstatic PasswordEncoder createDelegatingPasswordEncoder(){ String encodingId = "bcrypt"; Map<String, PasswordEncoder> encoders = new HashMap<>(); encoders.put(encodingId, new BCryptPasswordEncoder()); // 省略...
/** * Callback used to run the bean. * @param args incoming main method arguments * @throws Exception on error */ voidrun(String... args)throws Exception;
/** * Callback used to run the bean. * @param args incoming application arguments * @throws Exception on error */ voidrun(ApplicationArguments args)throws Exception;
/** * {@link PropertySource} that returns a random value for any property that starts with * {@literal "random."}. Where the "unqualified property name" is the portion of the * requested property name beyond the "random." prefix, this {@link PropertySource} * ... */ publicclassRandomValuePropertySourceextendsPropertySource<Random> {