Skip to content

Polish OneTimeTokenLoginConfigurer #16468

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Feb 4, 2025
Merged

Polish OneTimeTokenLoginConfigurer #16468

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 21 additions & 30 deletions ...framework/security/config/annotation/web/configurers/ott/OneTimeTokenLoginConfigurer.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@

import java.util.Collections;
import java.util.Map;
import java.util.Objects;

import jakarta.servlet.http.HttpServletRequest;

Expand Down Expand Up @@ -91,7 +90,7 @@ public OneTimeTokenLoginConfigurer(ApplicationContext context) {

@Override
public void init(H http) {
AuthenticationProvider authenticationProvider = getAuthenticationProvider(http);
AuthenticationProvider authenticationProvider = getAuthenticationProvider();
http.authenticationProvider(postProcess(authenticationProvider));
configureDefaultLoginPage(http);
}
Expand Down Expand Up @@ -138,17 +137,19 @@ private SecurityContextRepository getSecurityContextRepository(H http) {
}

private void configureOttGenerateFilter(H http) {
GenerateOneTimeTokenFilter generateFilter = new GenerateOneTimeTokenFilter(getOneTimeTokenService(http),
getOneTimeTokenGenerationSuccessHandler(http));
GenerateOneTimeTokenFilter generateFilter = new GenerateOneTimeTokenFilter(getOneTimeTokenService(),
getOneTimeTokenGenerationSuccessHandler());
generateFilter.setRequestMatcher(antMatcher(HttpMethod.POST, this.tokenGeneratingUrl));
generateFilter.setRequestResolver(getGenerateRequestResolver(http));
generateFilter.setRequestResolver(getGenerateRequestResolver());
http.addFilter(postProcess(generateFilter));
http.addFilter(DefaultResourcesFilter.css());
}

private OneTimeTokenGenerationSuccessHandler getOneTimeTokenGenerationSuccessHandler(H http) {
private OneTimeTokenGenerationSuccessHandler getOneTimeTokenGenerationSuccessHandler() {
if (this.oneTimeTokenGenerationSuccessHandler == null) {
this.oneTimeTokenGenerationSuccessHandler = getBeanOrNull(http, OneTimeTokenGenerationSuccessHandler.class);
this.oneTimeTokenGenerationSuccessHandler = this.context
.getBeanProvider(OneTimeTokenGenerationSuccessHandler.class)
.getIfUnique();
}
if (this.oneTimeTokenGenerationSuccessHandler == null) {
throw new IllegalStateException("""
Expand All @@ -170,12 +171,12 @@ private void configureSubmitPage(H http) {
http.addFilter(postProcess(submitPage));
}

private AuthenticationProvider getAuthenticationProvider(H http) {
private AuthenticationProvider getAuthenticationProvider() {
if (this.authenticationProvider != null) {
return this.authenticationProvider;
}
UserDetailsService userDetailsService = getContext().getBean(UserDetailsService.class);
this.authenticationProvider = new OneTimeTokenAuthenticationProvider(getOneTimeTokenService(http),
UserDetailsService userDetailsService = this.context.getBean(UserDetailsService.class);
this.authenticationProvider = new OneTimeTokenAuthenticationProvider(getOneTimeTokenService(),
userDetailsService);
return this.authenticationProvider;
}
Expand Down Expand Up @@ -321,44 +322,34 @@ public OneTimeTokenLoginConfigurer<H> generateRequestResolver(GenerateOneTimeTok
return this;
}

private GenerateOneTimeTokenRequestResolver getGenerateRequestResolver(H http) {
private GenerateOneTimeTokenRequestResolver getGenerateRequestResolver() {
if (this.requestResolver != null) {
return this.requestResolver;
}
GenerateOneTimeTokenRequestResolver bean = getBeanOrNull(http, GenerateOneTimeTokenRequestResolver.class);
this.requestResolver = Objects.requireNonNullElseGet(bean, DefaultGenerateOneTimeTokenRequestResolver::new);
this.requestResolver = this.context.getBeanProvider(GenerateOneTimeTokenRequestResolver.class)
.getIfUnique(DefaultGenerateOneTimeTokenRequestResolver::new);
return this.requestResolver;
}

private OneTimeTokenService getOneTimeTokenService(H http) {
private OneTimeTokenService getOneTimeTokenService() {
if (this.oneTimeTokenService != null) {
return this.oneTimeTokenService;
}
OneTimeTokenService bean = getBeanOrNull(http, OneTimeTokenService.class);
if (bean != null) {
this.oneTimeTokenService = bean;
}
else {
this.oneTimeTokenService = new InMemoryOneTimeTokenService();
}
this.oneTimeTokenService = this.context.getBeanProvider(OneTimeTokenService.class)
.getIfUnique(InMemoryOneTimeTokenService::new);
return this.oneTimeTokenService;
}

private <C> C getBeanOrNull(H http, Class<C> clazz) {
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
if (context == null) {
return null;
}

return context.getBeanProvider(clazz).getIfUnique();
}

private Map<String, String> hiddenInputs(HttpServletRequest request) {
CsrfToken token = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
return (token != null) ? Collections.singletonMap(token.getParameterName(), token.getToken())
: Collections.emptyMap();
}

/**
* @deprecated Use this.context instead
*/
@Deprecated
public ApplicationContext getContext() {
return this.context;
}
Expand Down