• Home
• com.github.luues.boot
• spring-boot-starter-security
• 1.0.4.0.RELEASE
• source code
• SimpleUrlAuthenticationFailureHandler.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.luues.security.core.authentication.SimpleUrlAuthenticationFailureHandler Maven / Gradle / Ivy

package com.luues.security.core.authentication;

import com.luues.security.configuration.core.config.web.configurers.AbstractAuthenticationTargetUrlRequestHandler;
import com.luues.security.core.authentication.expand.ExpandConstants;
import com.luues.security.core.invoke.SecurityInvoke;
import com.luues.security.jwt.JwtUtils;
import com.luues.security.core.entity.Payload;
import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.*;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 登录失败处理handler
 */
public class SimpleUrlAuthenticationFailureHandler extends AbstractAuthenticationTargetUrlRequestHandler.FailureHandler {

    @Autowired
    private SecurityInvoke securityInvoke;

    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        //登录失败返回
        securityInvoke.onAuthenticationFailure(request, response, exception);
        if(!response.isCommitted()){
            page(request, response, exception);
        }
    }

    public void onAuthenticationFail(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception, String token) throws IOException, ServletException {
        try{
            Payload payload = JwtUtils.getPayload(token);
            securityInvoke.onAuthenticationFail(request, response, exception, new UsernamePasswordAuthenticationToken(payload, null, payload.getAuthorities()));
        }catch (Exception e){
            securityInvoke.onAuthenticationFail(request, response, exception, null);
        }
        if(!response.isCommitted() && !exception.getMessage().equals("connection failed") && !exception.getMessage().equals("找不到可提供服务的server")){
            /*List registryList = SecurityConfig.getSecurityConfig().getRegistryList();
            for(Registry registry : registryList){
                if(registry.isEnable()){
                    response.sendRedirect("http://" + registry.getHost() + ":" + registry.getPort() + "/" + this.getDefaultFailureUrl());
                    return;
                }
            }*/
            page(request, response, exception);
        }
    }

    public void onBlack(HttpServletRequest request, HttpServletResponse response, String ip){
        securityInvoke.onBlack(request, response, ip);
    }

    @SneakyThrows
    protected void page(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception){
        if(exception.getMessage().equals("空的令牌")){
            response.sendRedirect(this.getLoginPage());
        }else{
            request.getSession().setAttribute(ExpandConstants.DEFAULT_LOGIN_FAILURE_SESSION_KEY, exception.getMessage());
            if(exception instanceof UsernameNotFoundException ||
                    exception instanceof DisabledException ||
                    exception instanceof LockedException ||
                    exception instanceof AccountExpiredException ||
                    exception instanceof CredentialsExpiredException){
                response.sendRedirect(this.getDefaultFailureUrl());
                return;
            }
            response.sendRedirect(this.getDefaultLogoutUrl());
        }
    }

}