我使用Angular4 / Spring处理JHipster生成的应用程序。
当我登录该应用程序时,可以调用该API 1800秒。但是,当我运行请求时,令牌的到期日期应重设,并且在此时间之后不应该断开连接。
在我的表格中oauth_client_details
,我有字段access_token_validity
,refresh_token_validity
每个字段都有1800个。
还有其他要设置的内容,以便正确更新令牌吗?
这是一个使用刷新令牌刷新会话持续时间的技巧。
在auth-oauth2.service.ts中,替换authSuccess()函数并添加refresh()一个。
authSuccess(resp) {
const response = resp.json();
const expiredAt = new Date();
expiredAt.setSeconds(expiredAt.getSeconds() + response.expires_in);
response.expires_at = expiredAt.getTime();
this.$localStorage.store('authenticationToken', response);
if (this.refreshSubcription !== null) {
// cancel previous refresh
this.refreshSubcription.unsubscribe();
}
// refresh token 5 seconds before expiration
this.refreshSubcription = Observable
.timer((response.expires_in - 5) * 1000 )
.take(1)
.subscribe(() => this.refresh());
return response;
}
refresh() {
const data = 'refresh_token=' + this.getToken().refresh_token + '&grant_type=refresh_token&scope=read%20write&' +
'client_secret=<SECRET-TOKEN>&client_id=<CLIENT-ID>';
const headers = new Headers({
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
'Authorization': 'Bearer ' + this.getToken().access_token
});
this.http
.post('oauth/token', data, {headers})
.map(this.authSuccess.bind(this))
.subscribe();
}
请记住相应地修改logout()和login()方法。
login(credentials): Observable<any> {
const data = 'username=' + encodeURIComponent(credentials.username) + '&password=' +
encodeURIComponent(credentials.password) + '&grant_type=password&scope=read%20write&' +
'<SECRET-TOKEN>&client_id=<CLIENT-ID>';
const headers = new Headers({
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': 'application/json',
'Authorization': 'Basic ' + this.base64.encode('<CLIENT-ID>' + ':' + '<SECRET-TOKEN>')
});
return this.http
.post('oauth/token', data, {headers})
.map(this.authSuccess.bind(this));
}
logout(): Observable<any> {
if (this.refreshSubcription !== null) {
// cancel previous refresh
this.refreshSubcription.unsubscribe();
}
return new Observable((observer) => {
this.http.post('api/logout', {});
this.$localStorage.clear('authenticationToken');
observer.complete();
});
}