Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Grails REST security - Add user id to token

Tags:

grails

spring-security-rest

I want to add user id field to token returned from /api/login

Currently it's:

{
    "username": "user",
    "roles": [
        "ROLE_USER"
    ],
    "token_type": "Bearer",
    "access_token": "eyJhbGciOiJIUzI1NiJ9.2uk2YoHsyd7bqUdtUYN19ef..",
    "expires_in": 3600,
    "refresh_token": "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINH.."
}

I need:

{
    "id": "1",
    "username": "user",
    "roles": [
        "ROLE_USER"
    ],
    "token_type": "Bearer",
    "access_token": "eyJhbGciOiJIUzI1NiJ9.2uk2YoHsyd7bqUdtUYN19ef..",
    "expires_in": 3600,
    "refresh_token": "eyJhbGciOiJIUzI1NiJ9.eyJwcmluY2lwYWwiOiJINH.."
}

the target - queries with user id, like POST /api/something Is there any other approaches? Thanks in advance

like image 673
ziftech Avatar asked Oct 13 '25 00:10

ziftech

1 Answers

You have not mentioned the Grails version, so I am posting the answer which I have implemented for Grails 2.4.4

1st thing you need to implement the AccessTokenJsonRenderer interface in your custom class created under src/groovy like below.

import grails.plugin.springsecurity.SpringSecurityUtils
import grails.plugin.springsecurity.rest.token.AccessToken
import grails.plugin.springsecurity.rest.token.rendering.AccessTokenJsonRenderer
import groovy.json.JsonBuilder
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.security.core.GrantedAuthority

/**
 * Created by Prakash Thete on 17/04/2018
 */
class CustomAppRestAuthTokenJsonRenderer implements AccessTokenJsonRenderer  {

    @Override
    String generateJson(AccessToken accessToken){

        // Add extra custom parameters if you want in this map to be rendered in login response
        Map response = [
                id           : accessToken.principal.id,
                username     : accessToken.principal.username,
                access_token : accessToken.accessToken,
                token_type   : "Bearer",
                refresh_token: accessToken.refreshToken,
                roles        : accessToken.authorities.collect { GrantedAuthority role -> role.authority }
        ]

        return new JsonBuilder( response ).toPrettyString()
    }
}

2nd thing you need to create the bean of our custom class in resources.groovy, like below

// For overriding the token json renderer
accessTokenJsonRenderer(CustomAppRestAuthTokenJsonRenderer)

Now after hitting the api/login you will receive the id of the user along with the other details.

Hope this helps !

like image 55
Prakash Thete Avatar answered Oct 15 '25 20:10

Prakash Thete
Sign in to Comment

Related questions

Service not injecting properly into quartz job class With quartz scheduler plugin (v1.0.1) for grails 2.3.6

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!