search

spring-attic / spring-security-oauth

Support for adding OAuth1(a) and OAuth2 features (consumer and provider) for Spring web applications.
http://github.com/spring-projects/spring-security-oauth
Apache License 2.0
4.7k stars 4.04k forks source link

custom ClientDetails,SQL query was executed four times? #1153

Open chengchen168168 opened 7 years ago

chengchen168168 commented 7 years ago 
public class ClientDetailsServiceImpl implements ClientDetailsService {

    @Autowired
    private Oauth2Mapper oauth2Mapper;

    @Override
    public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {
        CostomClientDetails selectClientDetails = oauth2Mapper.selectClientDetails(clientId);
        //print query result
        System.out.println(selectClientDetails);
        return selectClientDetails;
    }

}

Each validation client_credentials,can see four prints

Reeye1024 commented 5 years ago

I can see 7 times when call /oauth/token..... I checked source code, found: TokenEndpoint.postAccessToken()

ClientDetails authenticatedClient = getClientDetailsService().loadClientByClientId(clientId);
TokenRequest tokenRequest = getOAuth2RequestFactory().createTokenRequest(parameters, authenticatedClient);

Line 1 is first time loadClientByClientId, line 2 enter public TokenRequest createTokenRequest(Map<String, String> requestParameters, ClientDetails authenticatedClient)of class DefaultOAuth2RequestFactory, this method already has clientDetails that loaded just now, and then invoke extractScopes() which inner has run loadClientByClientId() again. Why?