package fr.ippon.tatami.security; import fr.ippon.tatami.repository.AppleDeviceRepository; import fr.ippon.tatami.repository.AppleDeviceUserRepository; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; import org.springframework.security.web.savedrequest.HttpSessionRequestCache; import org.springframework.security.web.savedrequest.RequestCache; import org.springframework.security.web.savedrequest.SavedRequest; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import javax.inject.Inject; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * Tatami specific Spring Security success handler, that understands Ajax requests. */ @Component public class TatamiAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler { private final Logger log = LoggerFactory.getLogger(TatamiAuthenticationSuccessHandler.class); private RequestCache requestCache = new HttpSessionRequestCache(); @Inject private AppleDeviceRepository appleDeviceRepository; @Inject private AppleDeviceUserRepository appleDeviceUserRepository; @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { SavedRequest savedRequest = requestCache.getRequest(request, response); manageAppleDevice(authentication.getName(), request.getParameter("device_token")); if (savedRequest == null) { super.onAuthenticationSuccess(request, response, authentication); return; } if (savedRequest.getHeaderNames().contains("X-Requested-With") && "XMLHttpRequest".equals(savedRequest.getHeaderValues("X-Requested-With").get(0))) { requestCache.removeRequest(request, response); clearAuthenticationAttributes(request); response.sendRedirect(getDefaultTargetUrl()); return; } String targetUrlParameter = getTargetUrlParameter(); if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) { requestCache.removeRequest(request, response); super.onAuthenticationSuccess(request, response, authentication); return; } clearAuthenticationAttributes(request); // Use the DefaultSavedRequest URL String targetUrl = savedRequest.getRedirectUrl(); getRedirectStrategy().sendRedirect(request, response, targetUrl); } public void setRequestCache(RequestCache requestCache) { this.requestCache = requestCache; } private void manageAppleDevice(String login, String deviceToken) { if (deviceToken == null) { return; } log.debug("Device token: {}", deviceToken); String deviceId = deviceToken.substring(1, deviceToken.length() - 1); log.debug("Device Id: {}", deviceId); String existingDeviceLogin = appleDeviceUserRepository.findLoginForDeviceId(deviceId); if (existingDeviceLogin != null) { appleDeviceRepository.removeAppleDevice(existingDeviceLogin, deviceId); appleDeviceUserRepository.removeAppleDeviceForUser(deviceId); } appleDeviceUserRepository.createAppleDeviceForUser(deviceId, login); appleDeviceRepository.createAppleDevice(login, deviceId); } }