Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add ServerLogoutSuccessHandler 

Fixes gh-4616
This commit is contained in:
Rob Winch 2017-10-11 14:58:09 -05:00
parent 6366be9435
commit dc3f4c6221
3 changed files with 89 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
webflux/src/main/java/org/springframework/security/web/server/authentication/logout/RedirectServerLogoutSuccessHandler.java Normal file
View File

@ -0,0 +1,52 @@
/*
* Copyright 2002-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.web.server.authentication.logout;
import org.springframework.security.web.server.DefaultServerRedirectStrategy;
import org.springframework.security.web.server.ServerRedirectStrategy;
import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.util.Assert;
import reactor.core.publisher.Mono;
import java.net.URI;
/**
* @author Rob Winch
* @since 5.0
*/
public class RedirectServerLogoutSuccessHandler implements ServerLogoutSuccessHandler {
public static final String DEFAULT_LOGOUT_SUCCESS_URL = "/login?logout";
private URI logoutSuccessUrl = URI.create(DEFAULT_LOGOUT_SUCCESS_URL);
private ServerRedirectStrategy serverRedirectStrategy = new DefaultServerRedirectStrategy();
@Override
public Mono<Void> onLogoutSuccess(WebFilterExchange exchange) {
return this.serverRedirectStrategy
.sendRedirect(exchange.getExchange(), this.logoutSuccessUrl);
}
/**
* The URL to redirect to after successfully logging out.
* @param logoutSuccessUrl the url to redirect to. Default is "/login?logout".
*/
public void setLogoutSuccessUrl(URI logoutSuccessUrl) {
Assert.notNull(logoutSuccessUrl, "logoutSuccessUrl cannot be null");
this.logoutSuccessUrl = logoutSuccessUrl;
}
}

20
webflux/src/main/java/org/springframework/security/web/server/authentication/logout/SecurityContextServerLogoutHandler.java
View File

@ -35,29 +35,25 @@ import java.net.URI;
* @since 5.0
*/
public class SecurityContextServerLogoutHandler implements ServerLogoutHandler {
public static final String DEFAULT_LOGOUT_SUCCESS_URL = "/login?logout";
private ServerSecurityContextRepository serverSecurityContextRepository = new WebSessionServerSecurityContextRepository();
private URI logoutSuccessUrl = URI.create(DEFAULT_LOGOUT_SUCCESS_URL);
private ServerRedirectStrategy serverRedirectStrategy = new DefaultServerRedirectStrategy();
private ServerLogoutSuccessHandler serverLogoutSuccessHandler = new RedirectServerLogoutSuccessHandler();
@Override
public Mono<Void> logout(WebFilterExchange exchange,
Authentication authentication) {
return this.serverSecurityContextRepository.save(exchange.getExchange(), null)
.then(this.serverRedirectStrategy
.sendRedirect(exchange.getExchange(), this.logoutSuccessUrl));
.then(this.serverLogoutSuccessHandler.onLogoutSuccess(exchange));
}
/**
* The URL to redirect to after successfully logging out.
* @param logoutSuccessUrl the url to redirect to. Default is "/login?logout".
* Sets the {@link ServerLogoutSuccessHandler}. The default is {@link RedirectServerLogoutSuccessHandler}.
* @param serverLogoutSuccessHandler the handler to use
*/
public void setLogoutSuccessUrl(URI logoutSuccessUrl) {
Assert.notNull(logoutSuccessUrl, "logoutSuccessUrl cannot be null");
this.logoutSuccessUrl = logoutSuccessUrl;
public void setServerLogoutSuccessHandler(
ServerLogoutSuccessHandler serverLogoutSuccessHandler) {
Assert.notNull(serverLogoutSuccessHandler, "serverLogoutSuccessHandler cannot be null");
this.serverLogoutSuccessHandler = serverLogoutSuccessHandler;
}
/**

29
webflux/src/main/java/org/springframework/security/web/server/authentication/logout/ServerLogoutSuccessHandler.java Normal file
View File

@ -0,0 +1,29 @@
/*
* Copyright 2002-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.web.server.authentication.logout;
import org.springframework.security.web.server.WebFilterExchange;
import reactor.core.publisher.Mono;
/**
* @author Rob Winch
* @since 5.0
*/
public interface ServerLogoutSuccessHandler {
Mono<Void> onLogoutSuccess(WebFilterExchange exchange);
}