如何在 jhipster 中通过 OAuth2 成功登录后执行操作

我想问一下通过 OAuth2 成功登录后如何执行操作以及如何根据某些先决条件否决登录。我尝试在 Google 上搜索并找到了一些链接，但我不确定如何在这个框架上执行此操作。我可能可以添加一些过滤器等，但想知道执行此操作的正确位置。

注意：AuditEvent 对我不起作用，因为每次 API 调用都会调用成功的审核。

Ref: http://blog.jdriven.com/2015/01/stateless-spring-security-part-3-jwt-social-authentication/ http://blog.jdriven.com/2015/01/stateless-spring-security-part-3-jwt-social-authentication/

我需要做的是：

1. 成功登录后，在表中记录一些详细信息并向队列发送通知。除了成功登录之外，我还想在成功注销时执行一些操作，我知道我可以在这里执行一些操作：AjaxLogoutSuccessHandler。但是我无法找到类似的地方来成功登录。

2. 在通过 OAuth2 登录之前，如果不满足特定条件，我可以抛出异常并不允许该用户。例如，如果用户来自特定的 IP 范围。我可以在哪里添加这个？

请引导我走向正确的方向。

Thanks

创建 TokenEndpointAuthenticationFilter 实现

CustomTokenEndpointAuthenticationFilter.java

public class CustomTokenEndpointAuthenticationFilter extends TokenEndpointAuthenticationFilter {

    public CustomTokenEndpointAuthenticationFilter(AuthenticationManager authenticationManager, OAuth2RequestFactory oAuth2RequestFactory) {

        super(authenticationManager, oAuth2RequestFactory);
    }

    @Override
    protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException {

                /* on successful authentication do stuff here */

    }

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
                /* before authentication check for condition if true then process to authenticate */
        if (!condition) {
            throw new AuthenticationServiceException("condition not satisfied");
        }
        super.doFilter(req, res, chain);
    }
}

Inside 授权服务器配置做出这些改变

@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    @Inject
    private DataSource dataSource;

    @Inject
    private JHipsterProperties jHipsterProperties;

    @Bean
    public TokenStore tokenStore() {
        return new JdbcTokenStore(dataSource);
    }

    /* create OAuth2RequestFactory instance */
    private OAuth2RequestFactory oAuth2RequestFactory;

    @Inject
    @Qualifier("authenticationManagerBean")
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
        throws Exception {
        /* assign value in OAuth2RequestFactory instance */
        oAuth2RequestFactory = endpoints.getOAuth2RequestFactory();
        endpoints
            .tokenStore(tokenStore())
            .authenticationManager(authenticationManager);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
        /* register TokenEndpointAuthenticationFilter with oauthServer */
        oauthServer
            .allowFormAuthenticationForClients()
            .addTokenEndpointAuthenticationFilter(new CustomTokenEndpointAuthenticationFilter(authenticationManager, oAuth2RequestFactory));

    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients
            .inMemory()
            .withClient(jHipsterProperties.getSecurity().getAuthentication().getOauth().getClientid())
            .scopes("read", "write")
            .authorities(AuthoritiesConstants.ADMIN, AuthoritiesConstants.USER)
            .authorizedGrantTypes("password", "refresh_token", "authorization_code", "implicit")
            .secret(jHipsterProperties.getSecurity().getAuthentication().getOauth().getSecret())
            .accessTokenValiditySeconds(jHipsterProperties.getSecurity().getAuthentication().getOauth().getTokenValidityInSeconds());
    }
}