oauth2怎么自定义token失效的响应异常信息

invalid_token有很多处都会抛出。建议你去了解一下Spring 国际化方法

我也是根据那个博客改造的返回信息，开始也折腾了很久，就是不成功，后来开窍了，搞好了，

我们架构是微服务架构，权限是一个服务，其他资源服务的权限验证放在网关上，开始我是作死地改造权限服务的返回，搞死了没反应，后来一想客户端的权限都是网关做的，所以开始在网关上搞事情，一下就OK了，没有博客上写的那么复杂，就简单加了2个类，一个配置，简述如下（记得在资源服务中加，不是权限服务）：

第一个类：无效token 异常重写

public class AuthExceptionEntryPoint implements AuthenticationEntryPoint
{

    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response,
        AuthenticationException authException) throws ServletException {
        Map<String, Object> map = new HashMap<String, Object>();
        Throwable cause = authException.getCause();
        if(cause instanceof InvalidTokenException) {
            map.put("code", RespCode.INVALID_TOKEN);//401
            map.put("msg", "无效的token");
        }else{
            map.put("code", RespCode.UN_LOGIN);//401
            map.put("msg", "访问此资源需要完全的身份验证");
        }
        map.put("data", authException.getMessage());
        map.put("success", false);
        map.put("path", request.getServletPath());
        map.put("timestamp", String.valueOf(new Date().getTime()));
        response.setContentType("application/json");
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        try {
            ObjectMapper mapper = new ObjectMapper();
            mapper.writeValue(response.getOutputStream(), map);
        } catch (Exception e) {
            throw new ServletException();
        }
    }
}

第二个类：权限不足异常类重写

@Component("customAccessDeniedHandler")
public class CustomAccessDeniedHandler implements AccessDeniedHandler {

    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response,
        AccessDeniedException accessDeniedException)
        throws IOException, ServletException {
        response.setContentType("application/json;charset=UTF-8");
        Map<String,Object> map = new HashMap<String,Object>();
        map.put("code", RespCode.UNAUTHORIZED);//401
        map.put("msg", "权限不足");
        map.put("data", accessDeniedException.getMessage());
        map.put("success", false);
        map.put("path", request.getServletPath());
        map.put("timestamp", String.valueOf(new Date().getTime()));
        ObjectMapper mapper = new ObjectMapper();
        response.setContentType("application/json");
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        response.getWriter().write(mapper.writeValueAsString(map));
    }
}

3）关键配置，在资源配置类中，重写方法：

public class ResourceServerConfig extends ResourceServerConfigurerAdapter
{
    @Autowired
    TokenStore tokenStore;
    
    @Override
    public void configure(HttpSecurity http) throws Exception {
        （省略）
    }
    
    @Override
    public void configure(ResourceServerSecurityConfigurer resource) throws Exception {

        //这里把自定义异常加进去
        resource.tokenStore(tokenStore).authenticationEntryPoint(new AuthExceptionEntryPoint())
            .accessDeniedHandler(new CustomAccessDeniedHandler());
    }

}

你好，这个问题解決了嗎？

按你的方法解决了，太好了，赞