org.springframework.security.web.authentication.logout.CookieClearingLogoutHandlerCustom Maven / Gradle / Ivy
The newest version!
package org.springframework.security.web.authentication.logout;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;
/**
* {@code "X-Requested-With", "XMLHttpRequest"}
*
* @see org.springframework.web.accept.ContentNegotiationStrategy#resolveMediaTypes(org.springframework.web.context.request.NativeWebRequest)
* @see org.springframework.web.context.request.ServletWebRequest#ServletWebRequest(HttpServletRequest)
* @see org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher#RequestHeaderRequestMatcher(String,
* String)
* @see java.net.HttpCookieHttpCookie
* @see org.springframework.security.web.authentication.logout.CookieClearingLogoutHandler
* @see org.springframework.web.util.WebUtils#getCookie(HttpServletRequest, String)
*/
public class CookieClearingLogoutHandlerCustom implements LogoutHandler {
private List cookies = new ArrayList();
@Override
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
for (Iterator iterator = this.cookies.iterator(); iterator.hasNext();) {
Cookie next = iterator.next();
if (StringUtils.hasText(next.getName())) {
javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie(next.getName(), null);
cookie.setMaxAge(0);
cookie.setPath(next.getPath(request));
cookie.setSecure(next.isSecure(request));
String domain = next.getDomain(request);
if (StringUtils.hasText(domain)) {
cookie.setDomain(domain);
}
if (next.isHttpOnly(request)) {
cookie.setHttpOnly(true);
}
response.addCookie(cookie);
}
}
}
public List getCookies() {
return cookies;
}
public void setCookies(List cookies) {
this.cookies = cookies;
}
/**
*
* Pattern.compile("^.+?(\\.\\w+\\.[a-z]+)$", Pattern.CASE_INSENSITIVE)
*
*
* @see org.springframework.boot.autoconfigure.web.ServerProperties.Session.Cookie
*/
public static class Cookie {
private String name;
private String domain;
private String path;
private String comment;
private Boolean httpOnly;
private Boolean secure;
private Integer maxAge;
private Pattern domainPattern;
public String getName() {
return this.name;
}
public void setName(String name) {
this.name = name;
}
public String getDomain() {
return this.domain;
}
public void setDomain(String domain) {
this.domain = domain;
}
public String getPath() {
return this.path;
}
public void setPath(String path) {
this.path = path;
}
public String getComment() {
return this.comment;
}
public void setComment(String comment) {
this.comment = comment;
}
public Boolean getHttpOnly() {
return this.httpOnly;
}
public void setHttpOnly(Boolean httpOnly) {
this.httpOnly = httpOnly;
}
public Boolean getSecure() {
return this.secure;
}
public void setSecure(Boolean secure) {
this.secure = secure;
}
public Integer getMaxAge() {
return this.maxAge;
}
public void setMaxAge(Integer maxAge) {
this.maxAge = maxAge;
}
public void setDomainPattern(String domainPattern) {
this.domainPattern = Pattern.compile(domainPattern, Pattern.CASE_INSENSITIVE);
}
public Pattern getDomainPattern() {
return domainPattern;
}
public String getDomain(HttpServletRequest request) {
if (this.domain != null) {
return this.domain;
}
if (this.domainPattern != null) {
Matcher matcher = this.domainPattern.matcher(request.getServerName());
if (matcher.matches()) {
return matcher.group(1);
}
}
return null;
}
public String getPath(HttpServletRequest request) {
if (this.path == null) {
return request.getContextPath() + "/";
}
return this.path;
}
/**
*
* ReflectionUtils.findMethod(request.getClass(), "startAsync") != null
*
*/
public boolean isHttpOnly(HttpServletRequest request) {
if (this.httpOnly == null) {
return ClassUtils.hasMethod(request.getClass(), "startAsync");
}
return this.httpOnly;
}
public boolean isSecure(HttpServletRequest request) {
if (this.secure == null) {
return request.isSecure();
}
return this.secure;
}
}
}