Polish ServerLogoutSuccessHandler

Extract to be used by LogoutWebFilter Issue: gh-4616
2025-07-16 23:33:31 +00:00 · 2017-10-12 14:29:51 -05:00 · 2017-10-12 14:29:51 -05:00 · 8c7fa85107
commit 8c7fa85107
parent 0c830f9ba8
4 changed files with 23 additions and 17 deletions
--- a/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/LogoutWebFilter.java
+++ b/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/LogoutWebFilter.java
@ -42,6 +42,8 @@ public class LogoutWebFilter implements WebFilter {

 	private ServerLogoutHandler serverLogoutHandler = new SecurityContextServerLogoutHandler();

+	private ServerLogoutSuccessHandler serverLogoutSuccessHandler = new RedirectServerLogoutSuccessHandler();
+
 	private ServerWebExchangeMatcher requiresLogout = ServerWebExchangeMatchers
 		.pathMatchers("/logout");

@ -54,7 +56,7 @@ public class LogoutWebFilter implements WebFilter {
 			.flatMap(this::flatMapAuthentication)
 			.flatMap( authentication -> {
 				WebFilterExchange webFilterExchange = new WebFilterExchange(exchange,chain);
-				return this.serverLogoutHandler.logout(webFilterExchange, authentication);
+				return logout(webFilterExchange, authentication);
 			});
 	}

@ -64,6 +66,21 @@ public class LogoutWebFilter implements WebFilter {
 			.defaultIfEmpty(this.anonymousAuthenticationToken);
 	}

+	private Mono<Void> logout(WebFilterExchange webFilterExchange, Authentication authentication) {
+		return this.serverLogoutHandler.logout(webFilterExchange, authentication)
+			.then(this.serverLogoutSuccessHandler.onLogoutSuccess(webFilterExchange, authentication));
+	}
+
+	/**
+	 * Sets the {@link ServerLogoutSuccessHandler}. The default is {@link RedirectServerLogoutSuccessHandler}.
+	 * @param serverLogoutSuccessHandler the handler to use
+	 */
+	public void setServerLogoutSuccessHandler(
+		ServerLogoutSuccessHandler serverLogoutSuccessHandler) {
+		Assert.notNull(serverLogoutSuccessHandler, "serverLogoutSuccessHandler cannot be null");
+		this.serverLogoutSuccessHandler = serverLogoutSuccessHandler;
+	}
+
 	public void setServerLogoutHandler(ServerLogoutHandler serverLogoutHandler) {
 		Assert.notNull(serverLogoutHandler, "logoutHandler must not be null");
 		this.serverLogoutHandler = serverLogoutHandler;
--- a/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/RedirectServerLogoutSuccessHandler.java
+++ b/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/RedirectServerLogoutSuccessHandler.java
@ -16,6 +16,7 @@

 package org.springframework.security.web.server.authentication.logout;

+import org.springframework.security.core.Authentication;
 import org.springframework.security.web.server.DefaultServerRedirectStrategy;
 import org.springframework.security.web.server.ServerRedirectStrategy;
 import org.springframework.security.web.server.WebFilterExchange;
@ -36,7 +37,7 @@ public class RedirectServerLogoutSuccessHandler implements ServerLogoutSuccessHa
 	private ServerRedirectStrategy serverRedirectStrategy = new DefaultServerRedirectStrategy();

 	@Override
-	public Mono<Void> onLogoutSuccess(WebFilterExchange exchange) {
+	public Mono<Void> onLogoutSuccess(WebFilterExchange exchange, Authentication authentication) {
 		return this.serverRedirectStrategy
 			.sendRedirect(exchange.getExchange(), this.logoutSuccessUrl);
 	}
--- a/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/SecurityContextServerLogoutHandler.java
+++ b/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/SecurityContextServerLogoutHandler.java
@ -37,23 +37,10 @@ import java.net.URI;
 public class SecurityContextServerLogoutHandler implements ServerLogoutHandler {
 	private ServerSecurityContextRepository serverSecurityContextRepository = new WebSessionServerSecurityContextRepository();

-	private ServerLogoutSuccessHandler serverLogoutSuccessHandler = new RedirectServerLogoutSuccessHandler();
-
 	@Override
 	public Mono<Void> logout(WebFilterExchange exchange,
 		Authentication authentication) {
-		return this.serverSecurityContextRepository.save(exchange.getExchange(), null)
-			.then(this.serverLogoutSuccessHandler.onLogoutSuccess(exchange));
-	}
-
-	/**
-	 * Sets the {@link ServerLogoutSuccessHandler}. The default is {@link RedirectServerLogoutSuccessHandler}.
-	 * @param serverLogoutSuccessHandler the handler to use
-	 */
-	public void setServerLogoutSuccessHandler(
-		ServerLogoutSuccessHandler serverLogoutSuccessHandler) {
-		Assert.notNull(serverLogoutSuccessHandler, "serverLogoutSuccessHandler cannot be null");
-		this.serverLogoutSuccessHandler = serverLogoutSuccessHandler;
+		return this.serverSecurityContextRepository.save(exchange.getExchange(), null);
 	}

 	/**
--- a/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/ServerLogoutSuccessHandler.java
+++ b/webflux/src/main/java/org/springframework/security/web/server/authentication/logout/ServerLogoutSuccessHandler.java
@ -16,6 +16,7 @@

 package org.springframework.security.web.server.authentication.logout;

+import org.springframework.security.core.Authentication;
 import org.springframework.security.web.server.WebFilterExchange;
 import reactor.core.publisher.Mono;

@ -25,5 +26,5 @@ import reactor.core.publisher.Mono;
 */
 public interface ServerLogoutSuccessHandler {

-	Mono<Void> onLogoutSuccess(WebFilterExchange exchange);
+	Mono<Void> onLogoutSuccess(WebFilterExchange exchange, Authentication authentication);
 }