Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 20:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add authRequest field to AuthenticationException

Browse Source 
Store the authentication request details in the `authRequest` field of
`AuthenticationException` when an authentication exception occurs.

Closes gh-16444

Signed-off-by: amm0124 <amm0124@naver.com>
This commit is contained in:
amm0124 2025-01-30 17:05:52 +09:00 committed by Josh Cummings
parent 7f22a3459f
commit 3b6aca0d9c
1 changed files with 30 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
core/src/main/java/org/springframework/security/core/AuthenticationException.java
View File

@ -18,6 +18,8 @@ package org.springframework.security.core;
import java.io.Serial;
import org.springframework.util.Assert;
/**
* Abstract superclass for all exceptions related to an {@link Authentication} object
* being invalid for whatever reason.
@ -29,6 +31,16 @@ public abstract class AuthenticationException extends RuntimeException {
@Serial
private static final long serialVersionUID = 2018827803361503060L;
/**
* The {@link Authentication} object representing the failed authentication attempt.
* <p>
* This field captures the authentication request that was attempted but ultimately
* failed, providing critical information for diagnosing the failure and facilitating
* debugging. If set, the value must not be null.
* </p>
*/
private Authentication authRequest;
/**
* Constructs an {@code AuthenticationException} with the specified message and root
* cause.
@ -37,6 +49,7 @@ public abstract class AuthenticationException extends RuntimeException {
*/
public AuthenticationException(String msg, Throwable cause) {
super(msg, cause);
this.authRequest = null;
}
/**
@ -46,6 +59,23 @@ public abstract class AuthenticationException extends RuntimeException {
*/
public AuthenticationException(String msg) {
super(msg);
this.authRequest = null;
}
/**
* Sets the {@link Authentication} object representing the failed authentication
* attempt.
* <p>
* This method allows the injection of the authentication request that resulted in a
* failure. The provided {@code authRequest} should not be null if set.
* </p>
* @param authRequest the authentication request associated with the failed
* authentication attempt.
*/
public void setAuthRequest(Authentication authRequest) {
Assert.notNull(authRequest, "AuthRequest cannot be null");
this.authRequest = authRequest;
}
}