Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-26 13:53:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish SecurityContextServerLogoutHandler

Browse Source
This commit is contained in:
Rob Winch 2017-10-11 14:18:43 -05:00
parent fd40efd6b2
commit af0a6efaab
1 changed files with 34 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
webflux/src/main/java/org/springframework/security/web/server/authentication/logout/SecurityContextServerLogoutHandler.java
View File

@ -22,25 +22,55 @@ import org.springframework.security.web.server.ServerRedirectStrategy;
import org.springframework.security.web.server.context.ServerSecurityContextRepository; import org.springframework.security.web.server.context.ServerSecurityContextRepository;
import org.springframework.security.web.server.WebFilterExchange; import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository; import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
import org.springframework.util.Assert;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import java.net.URI; import java.net.URI;
/** /**
* A {@link ServerLogoutHandler} which removes the SecurityContext using the provided
* {@link ServerSecurityContextRepository}
*
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
public class SecurityContextServerLogoutHandler implements ServerLogoutHandler { public class SecurityContextServerLogoutHandler implements ServerLogoutHandler {
private ServerSecurityContextRepository repository = new WebSessionServerSecurityContextRepository(); public static final String DEFAULT_LOGOUT_SUCCESS_URL = "/login?logout";
private URI logoutSuccessUrl = URI.create("/login?logout"); private ServerSecurityContextRepository serverSecurityContextRepository = new WebSessionServerSecurityContextRepository();
private URI logoutSuccessUrl = URI.create(DEFAULT_LOGOUT_SUCCESS_URL);
private ServerRedirectStrategy serverRedirectStrategy = new DefaultServerRedirectStrategy(); private ServerRedirectStrategy serverRedirectStrategy = new DefaultServerRedirectStrategy();
@Override @Override
public Mono<Void> logout(WebFilterExchange exchange, public Mono<Void> logout(WebFilterExchange exchange,
Authentication authentication) { Authentication authentication) {
return this.repository.save(exchange.getExchange(), null) return this.serverSecurityContextRepository.save(exchange.getExchange(), null)
.then(this.serverRedirectStrategy.sendRedirect(exchange.getExchange(), this.logoutSuccessUrl)); .then(this.serverRedirectStrategy
.sendRedirect(exchange.getExchange(), this.logoutSuccessUrl));
}
/**
* The URL to redirect to after successfully logging out.
* @param logoutSuccessUrl the url to redirect to. Default is "/login?logout".
*/
public void setLogoutSuccessUrl(URI logoutSuccessUrl) {
Assert.notNull(logoutSuccessUrl, "logoutSuccessUrl cannot be null");
this.logoutSuccessUrl = logoutSuccessUrl;
}
/**
* Sets the {@link ServerSecurityContextRepository} that should be used for logging
* out. Default is {@link WebSessionServerSecurityContextRepository}
*
* @param serverSecurityContextRepository the {@link ServerSecurityContextRepository}
* to use.
*/
public void setServerSecurityContextRepository(
ServerSecurityContextRepository serverSecurityContextRepository) {
Assert.notNull(serverSecurityContextRepository,
"serverSecurityContextRepository cannot be null");
this.serverSecurityContextRepository = serverSecurityContextRepository;
} }
} }