每次登录token重置 过期时间设置为720000000

src/main/java/com/lqkj/framework/security/AuthorizationServerConfig.java

@@ -65,7 +65,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
                 .secret(passwordEncoder.encode("lqkj007"))
                 .authorizedGrantTypes("password", "refresh_token")
                 .scopes("all","read","write")
-                .accessTokenValiditySeconds(7200)
+                .accessTokenValiditySeconds(720000000)
                 .refreshTokenValiditySeconds(60 * 60 * 24 * 7);
     }
 }

src/main/java/com/lqkj/framework/security/handler/CustomAuthenticationSuccessHandler.java

@@ -19,12 +19,15 @@ import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
 import org.springframework.security.oauth2.provider.*;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
+import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
 
+import javax.annotation.Resource;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -54,6 +57,8 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
     private SysConfigService configService;
     @Autowired
     private RedisCache redisCache;
+    @Resource
+    private RedisTokenStore redisTokenStore;
 
     @Override
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
@@ -84,6 +89,12 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
         TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "custom");
         OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
         OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
+        OAuth2AccessToken oldToken =  authorizationServerTokenServices.getAccessToken(oAuth2Authentication);
+        if (oldToken != null){
+            OAuth2RefreshToken auth2RefreshToken = oldToken.getRefreshToken();
+            redisTokenStore.removeAccessToken(oldToken);
+            redisTokenStore.removeRefreshToken(auth2RefreshToken);
+        }
         OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
 
         AsyncManager.me().execute(AsyncFactory.recordLogininfor(request, Constants.LOGIN_SUCCESS, "登录成功"));