mirror of https://gitee.com/maxjhandsome/pig
✨ Introducing new features. https://gitee.com/log4j/pig/issues/I1XGG7 优化 SSO 退出功能,支持自动重定向和参数重定向
This commit is contained in:
parent
92ccf3eb69
commit
611ef5c80b
|
@ -17,6 +17,7 @@
|
|||
package com.pig4cloud.pig.auth.config;
|
||||
|
||||
import com.pig4cloud.pig.common.security.handler.FormAuthenticationFailureHandler;
|
||||
import com.pig4cloud.pig.common.security.handler.SsoLogoutSuccessHandler;
|
||||
import lombok.SneakyThrows;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
@ -29,6 +30,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
|
||||
/**
|
||||
* @author lengleng
|
||||
|
@ -43,9 +45,10 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
|||
@SneakyThrows
|
||||
protected void configure(HttpSecurity http) {
|
||||
http.formLogin().loginPage("/token/login").loginProcessingUrl("/token/form")
|
||||
.failureHandler(authenticationFailureHandler()).and().authorizeRequests()
|
||||
.antMatchers("/token/**", "/actuator/**", "/mobile/**").permitAll().anyRequest().authenticated().and()
|
||||
.csrf().disable();
|
||||
.failureHandler(authenticationFailureHandler()).and().logout()
|
||||
.logoutSuccessHandler(logoutSuccessHandler()).deleteCookies("JSESSIONID").invalidateHttpSession(true)
|
||||
.and().authorizeRequests().antMatchers("/token/**", "/actuator/**", "/mobile/**").permitAll()
|
||||
.anyRequest().authenticated().and().csrf().disable();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -65,6 +68,15 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
|||
return new FormAuthenticationFailureHandler();
|
||||
}
|
||||
|
||||
/**
|
||||
* 支持SSO 退出
|
||||
* @return LogoutSuccessHandler
|
||||
*/
|
||||
@Bean
|
||||
public LogoutSuccessHandler logoutSuccessHandler() {
|
||||
return new SsoLogoutSuccessHandler();
|
||||
}
|
||||
|
||||
/**
|
||||
* https://spring.io/blog/2017/11/01/spring-security-5-0-0-rc1-released#password-storage-updated
|
||||
* Encoded password does not look like BCrypt
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
package com.pig4cloud.pig.common.security.handler;
|
||||
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* @author lengleng
|
||||
* @date 2020/10/6
|
||||
* <p>
|
||||
* sso 退出功能 ,根据客户端传入跳转
|
||||
*/
|
||||
public class SsoLogoutSuccessHandler implements LogoutSuccessHandler {
|
||||
|
||||
private static final String REDIRECT_URL = "redirect_url";
|
||||
|
||||
@Override
|
||||
public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
|
||||
throws IOException {
|
||||
|
||||
// 获取请求参数中是否包含 回调地址
|
||||
String redirectUrl = request.getParameter(REDIRECT_URL);
|
||||
if (StrUtil.isNotBlank(redirectUrl)) {
|
||||
response.sendRedirect(redirectUrl);
|
||||
}
|
||||
else {
|
||||
// 默认跳转referer 地址
|
||||
String referer = request.getHeader(HttpHeaders.REFERER);
|
||||
response.sendRedirect(referer);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue