1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.springframework.security.oauth.provider.filter;
17
18 import org.springframework.security.web.DefaultRedirectStrategy;
19 import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
20 import org.springframework.security.core.Authentication;
21
22 import javax.servlet.http.HttpServletRequest;
23 import javax.servlet.http.HttpServletResponse;
24 import javax.servlet.ServletException;
25 import java.io.IOException;
26
27 import static org.springframework.security.oauth.provider.filter.UserAuthorizationProcessingFilter.CALLBACK_ATTRIBUTE;
28 import static org.springframework.security.oauth.provider.filter.UserAuthorizationProcessingFilter.VERIFIER_ATTRIBUTE;
29
30 import org.apache.commons.logging.Log;
31 import org.apache.commons.logging.LogFactory;
32
33
34
35
36
37
38
39
40
41
42 public class UserAuthorizationSuccessfulAuthenticationHandler extends SimpleUrlAuthenticationSuccessHandler {
43
44 private static Log LOG = LogFactory.getLog(UserAuthorizationSuccessfulAuthenticationHandler.class);
45
46 private String tokenIdParameterName = "requestToken";
47 private String callbackParameterName = "callbackURL";
48 private boolean require10a = true;
49
50 public UserAuthorizationSuccessfulAuthenticationHandler() {
51 super();
52 setRedirectStrategy(new org.springframework.security.web.DefaultRedirectStrategy());
53 }
54
55 public UserAuthorizationSuccessfulAuthenticationHandler(String s) {
56 super(s);
57 setRedirectStrategy(new DefaultRedirectStrategy());
58 }
59
60 @Override
61 public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
62 if (LOG.isDebugEnabled()) {
63 LOG.debug("Processing successful authentication successful");
64 }
65
66 String callbackURL = (String) request.getAttribute(CALLBACK_ATTRIBUTE);
67 if (callbackURL == null) {
68 if (!isRequire10a()) {
69 callbackURL = request.getParameter(getCallbackParameterName());
70 if (callbackURL == null) {
71
72 callbackURL = "oob";
73 }
74 }
75 else {
76 throw new IllegalStateException("Callback URL was not loaded into the request. attemptAuthentication() never called?");
77 }
78 }
79
80 if ("oob".equals(callbackURL)) {
81 callbackURL = super.determineTargetUrl(request, response);
82 }
83
84 String requestToken = request.getParameter(getTokenParameterName());
85 char appendChar = '?';
86 if (callbackURL.indexOf('?') > 0) {
87 appendChar = '&';
88 }
89
90 String verifier = (String) request.getAttribute(VERIFIER_ATTRIBUTE);
91 String targetUrl = new StringBuilder(callbackURL).append(appendChar).append("oauth_token=").append(requestToken).append("&oauth_verifier=").append(verifier).toString();
92 getRedirectStrategy().sendRedirect(request, response, targetUrl);
93 }
94
95
96
97
98
99
100 public String getTokenParameterName() {
101 return tokenIdParameterName;
102 }
103
104
105
106
107
108
109 public void setTokenIdParameterName(String tokenIdParameterName) {
110 this.tokenIdParameterName = tokenIdParameterName;
111 }
112
113
114
115
116
117
118 public boolean isRequire10a() {
119 return require10a;
120 }
121
122
123
124
125
126
127 public void setRequire10a(boolean require10a) {
128 this.require10a = require10a;
129 }
130
131
132
133
134
135
136 public String getCallbackParameterName() {
137 return callbackParameterName;
138 }
139
140
141
142
143
144
145 public void setCallbackParameterName(String callbackParameterName) {
146 this.callbackParameterName = callbackParameterName;
147 }
148
149 }