JwtAuthenticationProvider.java 文件源码

@Override
public Authentication authenticate(final Authentication authentication) {
    final JwtAuthenticationToken authRequest = (JwtAuthenticationToken) authentication;
    final Jws<Claims> claimsJws = parserAndVerify(authRequest);

    if (claimsJws.getBody().getExpiration() == null) {
        throw new BadCredentialsException("Only temporary JWT supported");
    }

    final String username = claimsJws.getBody().getSubject();
    final UserDetails userDetails;

    try {
        userDetails = userDetailsService.loadUserByUsername(username);
    } catch (final UsernameNotFoundException notFound) {
        throw new BadCredentialsException("Bad credentials");
    }

    if (!userDetails.isAccountNonLocked()) {
        throw new LockedException("User account is locked");
    }

    if (!userDetails.isEnabled()) {
        throw new DisabledException("User is disabled");
    }

    if (!userDetails.isAccountNonExpired()) {
        throw new AccountExpiredException("User account has expired");
    }

    if (!userDetails.isCredentialsNonExpired()) {
        throw new CredentialsExpiredException("User credentials have expired");
    }

    LOG.info("Successful JWT authentication for username={}", userDetails.getUsername());

    return JwtAuthenticationToken.createAuthenticated(userDetails, authRequest.getDetails());
}