public Authentication extractAuthentication(Map<String, ?> map) {
      // userClaimName是靜態(tài)常量：username
  if (map.containsKey(userClaimName)) {
    Object principal = map.get(userClaimName);
    Collection<? extends GrantedAuthority> authorities = getAuthorities(map);
          // 原因就是這里。如果userDetailsService為空，返回的就是用戶名。
    if (userDetailsService != null) {
      UserDetails user = userDetailsService.loadUserByUsername((String) map.get(userClaimName));
      authorities = user.getAuthorities();
      principal = user;
    }
    return new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
  }
  return null;
}

public class DefaultAccessTokenConverter implements AccessTokenConverter {
    // 一開始就被初始化好了，所以不能設(shè)置userDetailsService
  private UserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
   
 
  // 但是提供了setter接口，所以我們要做的就是覆蓋上面的實例。
  public void setUserTokenConverter(UserAuthenticationConverter userTokenConverter) {
    this.userTokenConverter = userTokenConverter;
  }
 
}

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
 
  @Override
  public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints.tokenStore(tokenStore)
        .authenticationManager(manager)
        .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
        .userDetailsService(userService)
        // .accessTokenConverter(tokenConverter);
 
 
    DefaultAccessTokenConverter converter = new DefaultAccessTokenConverter();
    DefaultUserAuthenticationConverter userAuthenticationConverter
        = new DefaultUserAuthenticationConverter();
    userAuthenticationConverter.setUserDetailsService(userService);
    converter.setUserTokenConverter(userAuthenticationConverter);
    endpoints.accessTokenConverter(converter);
  }
 
}

public class OauthAccessTokenConverter extends DefaultAccessTokenConverter {
  public OauthAccessTokenConverter(SecurityUserService userService) {
    DefaultUserAuthenticationConverter converter = new DefaultUserAuthenticationConverter();
    converter.setUserDetailsService(userService);
    super.setUserTokenConverter(converter);
  }
}

public class OauthJwtAccessTokenConverter extends JwtAccessTokenConverter {
 
  public OauthJwtAccessTokenConverter(SecurityUserService userService) {
    super.setAccessTokenConverter(new OauthAccessTokenConverter(userService));
  }
}

@Configuration
public class TokenConfig {
  @Bean
  public TokenStore jwtTokenStore(JwtAccessTokenConverter converter) {
    return new JwtTokenStore(converter);
  }
 
  @Bean
  public JwtAccessTokenConverter jwtAccessTokenConverter(SecurityUserService userService) {
    JwtAccessTokenConverter accessTokenConverter = new OauthJwtAccessTokenConverter(userService);
    accessTokenConverter.setSigningKey("sign_key");
    return accessTokenConverter;
  }
}

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
 
  @Autowired
  private AuthenticationManager manager;
  @Autowired
  private SecurityUserService userService;
  @Autowired
  private TokenStore tokenStore;
  @Autowired
  private JwtAccessTokenConverter tokenConverter;
 
  @Override
  public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints.tokenStore(tokenStore)
        .authenticationManager(manager)
        .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
        .userDetailsService(userService)
        .accessTokenConverter(tokenConverter);
  }
}