TemplateAuthenticationSuccessHandler.java

  1. package cn.home1.oss.lib.security.internal.template;

  2. import static cn.home1.oss.lib.security.api.GenericUser.GENERIC_USER_COOKIE;
  3. import static cn.home1.oss.lib.security.api.GenericUser.GENERIC_USER_TOKEN;
  4. import static cn.home1.oss.lib.security.api.Security.HEADER_AUTH_TOKEN;
  5. import static cn.home1.oss.lib.security.internal.template.SmartRedirectStrategy.PARAM_REDIRECT;

  6. import cn.home1.oss.lib.security.api.GenericUser;
  7. import cn.home1.oss.lib.webmvc.api.TypeSafeCookie;
  8. import cn.home1.oss.lib.webmvc.api.TypeSafeToken;

  9. import lombok.Setter;

  10. import org.springframework.beans.factory.annotation.Autowired;
  11. import org.springframework.beans.factory.annotation.Qualifier;
  12. import org.springframework.security.core.Authentication;
  13. import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
  14. import org.springframework.security.web.savedrequest.NullRequestCache;

  15. import java.io.IOException;

  16. import javax.servlet.ServletException;
  17. import javax.servlet.http.HttpServletRequest;
  18. import javax.servlet.http.HttpServletResponse;

  19. /**
  20.  * Created by zhanghaolun on 16/8/23.
  21.  */
  22. public class TemplateAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {

  23.   @Qualifier(GENERIC_USER_COOKIE)
  24.   @Autowired(required = false)
  25.   @Setter
  26.   private TypeSafeCookie<GenericUser> cookie;

  27.   @Qualifier(GENERIC_USER_TOKEN)
  28.   @Autowired(required = false)
  29.   @Setter
  30.   private TypeSafeToken<GenericUser> token;

  31.   public TemplateAuthenticationSuccessHandler(final String defaultTargetUrl) {
  32.     super();
  33.     this.setDefaultTargetUrl(defaultTargetUrl);
  34.   }

  35.   @Override
  36.   public void onAuthenticationSuccess( //
  37.     final HttpServletRequest request, //
  38.     final HttpServletResponse response, //
  39.     final Authentication authentication //
  40.   ) throws ServletException, IOException { //

  41.     final GenericUser user = GenericUser.fromPrincipal(authentication);
  42.     user.eraseCredentials();

  43.     if (this.cookie != null) {
  44.       this.cookie.setCookie(request, response, user);
  45.     }

  46.     if (this.token != null) {
  47.       final String token = this.token.toToken(user);
  48.       response.setHeader(HEADER_AUTH_TOKEN, token);
  49.     }

  50.     super.onAuthenticationSuccess(request, response, authentication);
  51.   }

  52.   public static TemplateAuthenticationSuccessHandler templateSuccessHandler(final String defaultTargetUrl) {
  53.     final TemplateAuthenticationSuccessHandler handler = new TemplateAuthenticationSuccessHandler(defaultTargetUrl);
  54.     handler.setAlwaysUseDefaultTargetUrl(false);
  55.     handler.setRequestCache(new NullRequestCache()); // stateless application does not use request cache
  56.     handler.setTargetUrlParameter(PARAM_REDIRECT);
  57.     handler.setUseReferer(false);
  58.     return handler;
  59.   }
  60. }