Example 26 with SavedRequest
use of org.springframework.security.web.savedrequest.SavedRequest in project spring-security by spring-projects.
the class OAuth2AuthorizationCodeGrantFilter method processAuthorizationResponse.
private void processAuthorizationResponse(HttpServletRequest request, HttpServletResponse response) throws IOException {
OAuth2AuthorizationRequest authorizationRequest = this.authorizationRequestRepository.removeAuthorizationRequest(request, response);
String registrationId = authorizationRequest.getAttribute(OAuth2ParameterNames.REGISTRATION_ID);
ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
MultiValueMap<String, String> params = OAuth2AuthorizationResponseUtils.toMultiMap(request.getParameterMap());
String redirectUri = UrlUtils.buildFullRequestUrl(request);
OAuth2AuthorizationResponse authorizationResponse = OAuth2AuthorizationResponseUtils.convert(params, redirectUri);
OAuth2AuthorizationCodeAuthenticationToken authenticationRequest = new OAuth2AuthorizationCodeAuthenticationToken(clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse));
authenticationRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
OAuth2AuthorizationCodeAuthenticationToken authenticationResult;
try {
authenticationResult = (OAuth2AuthorizationCodeAuthenticationToken) this.authenticationManager.authenticate(authenticationRequest);
} catch (OAuth2AuthorizationException ex) {
OAuth2Error error = ex.getError();
UriComponentsBuilder uriBuilder = UriComponentsBuilder.fromUriString(authorizationRequest.getRedirectUri()).queryParam(OAuth2ParameterNames.ERROR, error.getErrorCode());
if (!StringUtils.isEmpty(error.getDescription())) {
uriBuilder.queryParam(OAuth2ParameterNames.ERROR_DESCRIPTION, error.getDescription());
}
if (!StringUtils.isEmpty(error.getUri())) {
uriBuilder.queryParam(OAuth2ParameterNames.ERROR_URI, error.getUri());
}
this.redirectStrategy.sendRedirect(request, response, uriBuilder.build().encode().toString());
return;
}
Authentication currentAuthentication = SecurityContextHolder.getContext().getAuthentication();
String principalName = (currentAuthentication != null) ? currentAuthentication.getName() : "anonymousUser";
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(authenticationResult.getClientRegistration(), principalName, authenticationResult.getAccessToken(), authenticationResult.getRefreshToken());
this.authorizedClientRepository.saveAuthorizedClient(authorizedClient, currentAuthentication, request, response);
String redirectUrl = authorizationRequest.getRedirectUri();
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
if (savedRequest != null) {
redirectUrl = savedRequest.getRedirectUrl();
this.requestCache.removeRequest(request, response);
}
this.redirectStrategy.sendRedirect(request, response, redirectUrl);
}
Also used :
OAuth2AuthorizationException(org.springframework.security.oauth2.core.OAuth2AuthorizationException)
OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken)
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)
ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration)
Authentication(org.springframework.security.core.Authentication)
OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)
UriComponentsBuilder(org.springframework.web.util.UriComponentsBuilder)
OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient)
OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)
SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)
Example 27 with SavedRequest
use of org.springframework.security.web.savedrequest.SavedRequest in project spring-security by spring-projects.
the class ExceptionTranslationFilterTests method getSavedRequestUrl.
private static String getSavedRequestUrl(HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session == null) {
return null;
}
HttpSessionRequestCache rc = new HttpSessionRequestCache();
SavedRequest sr = rc.getRequest(request, new MockHttpServletResponse());
return sr.getRedirectUrl();
}
Also used :
HttpSession(jakarta.servlet.http.HttpSession)
HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)
Example 28 with SavedRequest
use of org.springframework.security.web.savedrequest.SavedRequest in project summerb by skarpushin.
the class RestAuthenticationSuccessHandler method addCustomAttrsIfAny.
protected void addCustomAttrsIfAny(HttpSession session, HttpServletRequest request, HttpServletResponse response, LoginResult ret) {
SavedRequest savedRequest = requestCache.getRequest(request, response);
if (savedRequest != null) {
ret.setAttributes(new HashMap<>());
ret.getAttributes().put(LoginResult.ATTR_REDIRECT_TO, savedRequest.getRedirectUrl());
requestCache.removeRequest(request, response);
}
}
Also used :
SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)
Aggregations
SavedRequest (org.springframework.security.web.savedrequest.SavedRequest)28
HttpSessionRequestCache (org.springframework.security.web.savedrequest.HttpSessionRequestCache)8
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5
HttpSession (javax.servlet.http.HttpSession)4
Test (org.junit.jupiter.api.Test)4
Authentication (org.springframework.security.core.Authentication)4
Test (org.junit.Test)3
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3
DefaultSavedRequest (org.springframework.security.web.savedrequest.DefaultSavedRequest)3
RedirectView (org.springframework.web.servlet.view.RedirectView)3
MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)2
MockHttpServletRequest (com.thoughtworks.go.http.mocks.MockHttpServletRequest)2
MockHttpServletResponse (com.thoughtworks.go.http.mocks.MockHttpServletResponse)2
RequestInfoForm (org.orcid.pojo.ajaxForm.RequestInfoForm)2
AuthenticationException (org.springframework.security.core.AuthenticationException)2
RequestCache (org.springframework.security.web.savedrequest.RequestCache)2
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)2
ModuleAuthentication (com.evolveum.midpoint.authentication.api.config.ModuleAuthentication)1
ModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.ModuleAuthenticationImpl)1
