View Javadoc
1   package org.imageconverter.config.security;
2   
3   import static java.util.Objects.isNull;
4   import static java.util.Objects.nonNull;
5   import static org.springframework.util.StringUtils.hasText;
6   
7   import javax.servlet.http.HttpServletRequest;
8   import javax.servlet.http.HttpServletResponse;
9   
10  import org.springframework.security.core.Authentication;
11  import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
12  import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
13  import org.springframework.stereotype.Component;
14  
15  /**
16   * Handler to clear saved cache, just for security.
17   * 
18   * @author Fernando Romulo da Silva
19   */
20  @Component
21  public class RestAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
22  
23      /**
24       * {@inheritDoc}
25       */
26      @Override
27      public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) {
28  	
29  	final var requestCache = new HttpSessionRequestCache();
30  
31  	final var savedRequest = requestCache.getRequest(request, response);
32  
33  	if (isNull(savedRequest)) {
34  	    clearAuthenticationAttributes(request);
35  	    return;
36  	}
37  
38  	final var targetUrlParam = getTargetUrlParameter();
39  
40  	if (isAlwaysUseDefaultTargetUrl() || nonNull(targetUrlParam) && hasText(request.getParameter(targetUrlParam))) {
41  
42  	    requestCache.removeRequest(request, response);
43  	    clearAuthenticationAttributes(request);
44  
45  	} else {
46  	    clearAuthenticationAttributes(request);
47  	}
48      }
49  
50  //    public void setRequestCache(final RequestCache requestCache) {
51  //	this.requestCache = requestCache;
52  //    }
53  }