private Mono<Void> authenticate(ServerWebExchange exchange, WebFilterChain chain, Authentication token) { WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); return this.authenticationManager.authenticate(token) .switchIfEmpty(Mono.defer(() -> Mono.error(new IllegalStateException("No provider found for " + token.getClass())))) .flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange)) .onErrorResume(AuthenticationException.class, e -> this.authenticationFailureHandler .onAuthenticationFailure(webFilterExchange, e)); }
private Mono<Void> onAuthenticationSuccess(Authentication authentication, WebFilterExchange webFilterExchange) { OAuth2AuthorizationCodeAuthenticationToken authenticationResult = (OAuth2AuthorizationCodeAuthenticationToken) authentication; OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient( authenticationResult.getClientRegistration(), authenticationResult.getName(), authenticationResult.getAccessToken(), authenticationResult.getRefreshToken()); return this.authenticationSuccessHandler .onAuthenticationSuccess(webFilterExchange, authentication) .then(ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication) .defaultIfEmpty(this.anonymousToken) .flatMap(principal -> this.authorizedClientRepository.saveAuthorizedClient(authorizedClient, principal, webFilterExchange.getExchange())) ); } }
@Override public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) { ServerWebExchange exchange = webFilterExchange.getExchange(); return webFilterExchange.getChain().filter(exchange); } }
@Override public Mono<Void> success(Authentication authentication, WebFilterExchange webFilterExchange) { ServerWebExchange exchange = webFilterExchange.getExchange(); return webFilterExchange.getChain().filter(exchange); } }
@Override protected Mono<Void> onAuthenticationSuccess(Authentication authentication, WebFilterExchange webFilterExchange) { OAuth2LoginAuthenticationToken authenticationResult = (OAuth2LoginAuthenticationToken) authentication; OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient( authenticationResult.getClientRegistration(), authenticationResult.getName(), authenticationResult.getAccessToken(), authenticationResult.getRefreshToken()); OAuth2AuthenticationToken result = new OAuth2AuthenticationToken( authenticationResult.getPrincipal(), authenticationResult.getAuthorities(), authenticationResult.getClientRegistration().getRegistrationId()); return this.authorizedClientRepository.saveAuthorizedClient(authorizedClient, authenticationResult, webFilterExchange.getExchange()) .then(super.onAuthenticationSuccess(result, webFilterExchange)); } }
/** * A successful authentication object us used to create a JWT object and * added in the authorization header of the current WebExchange * * @param webFilterExchange * @param authentication * @return */ @Override public Mono<Void> onAuthenticationSuccess(WebFilterExchange webFilterExchange, Authentication authentication) { ServerWebExchange exchange = webFilterExchange.getExchange(); //TODO refactor this nasty implementation exchange.getResponse() .getHeaders() .add(HttpHeaders.AUTHORIZATION, getHttpAuthHeaderValue(authentication)); return webFilterExchange.getChain().filter(exchange); }
@Before public void setup() { this.filter = new OAuth2LoginAuthenticationWebFilter(this.authenticationManager, this.authorizedClientRepository); this.webFilterExchange = new WebFilterExchange(MockServerWebExchange.from(MockServerHttpRequest.get("/")), new DefaultWebFilterChain(exchange -> exchange.getResponse().setComplete())); when(this.authorizedClientRepository.saveAuthorizedClient(any(), any(), any())) .thenReturn(Mono.empty()); }
/** * Clears the {@link CsrfToken} * * @param exchange the exchange * @param authentication the {@link Authentication} * @return A completion notification (success or error) */ @Override public Mono<Void> logout(WebFilterExchange exchange, Authentication authentication) { return this.csrfTokenRepository.saveToken(exchange.getExchange(), null); } }
private Mono<Void> authenticate(ServerWebExchange wrappedExchange, WebFilterChain chain, Authentication token) { WebFilterExchange webFilterExchange = new WebFilterExchange(wrappedExchange, chain); return this.authenticationManager.authenticate(token) .flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange)) .onErrorResume(AuthenticationException.class, e -> this.authenticationFailureHandler.onAuthenticationFailure(webFilterExchange, e)); }
@Override public Mono<Void> onAuthenticationFailure( WebFilterExchange webFilterExchange, AuthenticationException exception) { return this.redirectStrategy.sendRedirect(webFilterExchange.getExchange(), this.location); } }
@Override public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { return this.requiresLogout.matches(exchange) .filter( result -> result.isMatch()) .switchIfEmpty(chain.filter(exchange).then(Mono.empty())) .map(result -> exchange) .flatMap(this::flatMapAuthentication) .flatMap( authentication -> { WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); return logout(webFilterExchange, authentication); }); }
@Override public Mono<Void> success(Authentication authentication, WebFilterExchange webFilterExchange) { ServerWebExchange exchange = webFilterExchange.getExchange(); return this.redirectStrategy.sendRedirect(exchange, this.location); }
private Mono<Void> authenticate(ServerWebExchange exchange, WebFilterChain chain, Authentication token) { WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); return this.authenticationManager.authenticate(token) .switchIfEmpty(Mono.defer(() -> Mono.error(new IllegalStateException("No provider found for " + token.getClass())))) .flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange)) .onErrorResume(AuthenticationException.class, e -> this.authenticationFailureHandler .onAuthenticationFailure(webFilterExchange, e)); }
@Override public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange, AuthenticationException exception) { return this.authenticationEntryPoint.commence(webFilterExchange.getExchange(), exception); } }
private Mono<Void> authenticate(ServerWebExchange exchange, WebFilterChain chain, Authentication token) { WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); return this.authenticationManager.authenticate(token) .switchIfEmpty(Mono.defer(() -> Mono.error(new IllegalStateException("No provider found for " + token.getClass())))) .flatMap(authentication -> onAuthenticationSuccess(authentication, webFilterExchange)) .onErrorResume(AuthenticationException.class, e -> this.authenticationFailureHandler .onAuthenticationFailure(webFilterExchange, e)); }
@Override public Mono<Void> onLogoutSuccess(WebFilterExchange exchange, Authentication authentication) { return this.redirectStrategy .sendRedirect(exchange.getExchange(), this.logoutSuccessUrl); }
@Override public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) { return this.requiresLogout.matches(exchange) .filter( result -> result.isMatch()) .switchIfEmpty(chain.filter(exchange).then(Mono.empty())) .flatMap( result -> authentication(exchange)) .flatMap( authentication -> this.logoutHandler.logout(new WebFilterExchange(exchange, chain), authentication)); }
@Override public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange, AuthenticationException exception) { return this.authenticationEntryPoint .commence(webFilterExchange.getExchange(), exception); } }
@Override public Mono<Void> logout(WebFilterExchange exchange, Authentication authentication) { return this.securityContextRepository.save(exchange.getExchange(), null); }
@Override public Mono<Void> logout(WebFilterExchange exchange, Authentication authentication) { return this.repository.save(exchange.getExchange(), null) .then(this.redirectStrategy.sendRedirect(exchange.getExchange(), this.logoutSuccessUrl)); } }