Matt Raible
There’s a similar question on our developer forums. You should be able to use something like the following when you have Spring Boot setup as a resource server.
@GetMapping("/")
public String index(@AuthenticationPrincipal Jwt jwt) {
return String.format(“Hello, %s!”, jwt.getSubject());
}
In JHipster, we use the following logic in a UserService.java class:
public UserDTO getUserFromAuthentication(AbstractAuthenticationToken authToken) {
Map<string, object=""> attributes;
if (authToken instanceof OAuth2AuthenticationToken) {
attributes = ((OAuth2AuthenticationToken) authToken).getPrincipal().getAttributes();
} else if (authToken instanceof JwtAuthenticationToken) {
attributes = ((JwtAuthenticationToken) authToken).getTokenAttributes();
} else {
throw new IllegalArgumentException(“AuthenticationToken is not OAuth2 or JWT!”);
}
User user = getUser(attributes);
user.setAuthorities(authToken.getAuthorities().stream()
.map(GrantedAuthority::getAuthority)
.map(authority -> {
Authority auth = new Authority();
auth.setName(authority);
return auth;
})
.collect(Collectors.toSet()));
return new UserDTO(syncUserWithIdP(attributes, user));
}
We do this because Spring Security’s AbstractAuthenticationToken is the parent of both types of tokens (OAuth2AuthenticationToken for oauth2Login() and JwtAuthenticationToken for oauth2ResourceServer()).
Hope this helps!