@Overridepublic void configure(AuthorizationServerEndpointsConfigurer endpoints) {endpoints.tokenStore(tokenStore).authenticationManager(authenticationManager).userDetailsService(userDetailsService).tokenGranter(tokenGranter).exceptionTranslator(new oAuth2ResponseExceptionTranslator());
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.common.DefaultThrowableAnalyzer;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.stereotype.Component;
import java.util.concurrent.ConcurrentHashMap;
@Component
public class OAuth2ResponseExceptionTranslator implements WebResponseExceptionTranslator {private final ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();public static final String ERROR = "error";public static final String DESCRIPTION = "error_description";public static final String URI = "error_uri";public static final String INVALID_REQUEST = "invalid_request";public static final String INVALID_CLIENT = "invalid_client";public static final String INVALID_GRANT = "invalid_grant";public static final String UNAUTHORIZED_CLIENT = "unauthorized_client";public static final String UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type";public static final String INVALID_SCOPE = "invalid_scope";public static final String INSUFFICIENT_SCOPE = "insufficient_scope";public static final String INVALID_TOKEN = "invalid_token";public static final String REDIRECT_URI_MISMATCH = "redirect_uri_mismatch";public static final String UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type";public static final String ACCESS_DENIED = "access_denied";public static final String METHOD_NOT_ALLOWED = "method_not_allowed";public static final String SERVER_ERROR = "server_error";public static final String UNAUTHORIZED = "unauthorized";private static final ConcurrentHashMap<String, String> OAUTH2_ERROR_MAP = new ConcurrentHashMap<>();static {OAUTH2_ERROR_MAP.put(INVALID_CLIENT, "无效的客户端");OAUTH2_ERROR_MAP.put(INVALID_GRANT, "登录密码错误");OAUTH2_ERROR_MAP.put(INVALID_SCOPE, "权限不足");OAUTH2_ERROR_MAP.put(UNSUPPORTED_GRANT_TYPE, "不支持的授权模式类型");OAUTH2_ERROR_MAP.put(ACCESS_DENIED, "验证码不正确");OAUTH2_ERROR_MAP.put(METHOD_NOT_ALLOWED, "方法不允许访问");OAUTH2_ERROR_MAP.put(SERVER_ERROR, "服务器内部异常");OAUTH2_ERROR_MAP.put(UNAUTHORIZED, "未授权");}@Overridepublic ResponseEntity<OAuth2Exception> translate(Exception e) {Throwable[] causeChain = throwableAnalyzer.determineCauseChain(e);OAuth2Exception ase = (OAuth2Exception) throwableAnalyzer.getFirstThrowableOfType(OAuth2Exception.class, causeChain);if (ase != null) {return handleOAuth2Exception(ase);}System.out.println(e+"==========================");return new ResponseEntity<>(new OAuth2Exception(e.getMessage(),e),HttpStatus.BAD_REQUEST);}private ResponseEntity<OAuth2Exception> handleOAuth2Exception(OAuth2Exception e) {int status = e.getHttpErrorCode();HttpHeaders headers = new HttpHeaders();headers.set("Cache-Control", "no-store");headers.set("Pragma", "no-cache");if (status == HttpStatus.UNAUTHORIZED.value() || (e instanceof InsufficientScopeException)) {headers.set("WWW-Authenticate", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, e.getSummary()));}String oAuth2ErrorMessage = OAUTH2_ERROR_MAP.getOrDefault(e.getOAuth2ErrorCode(),"未知异常:" + e.getOAuth2ErrorCode());OAuth2Exception responseBody = new OAuth2Exception(oAuth2ErrorMessage,e);return new ResponseEntity<>(responseBody, headers, HttpStatus.valueOf(status));}}
