Skip to content

Commit

Permalink
Add a query parameter to authorization failure URI
Browse files Browse the repository at this point in the history
  • Loading branch information
@ch4mpy
ch4mpy committed Jun 7, 2024
1 parent 217c6a2 commit 2a5c0a3
Show file tree
Hide file tree
Showing 4 changed files with 18 additions and 5 deletions.
4 changes: 4 additions & 0 deletions release-notes.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

## `7.x` Branch

### `7.8.1`
- Fix default authorization failure handler auto-configuration
- Add a `error` query parameter to authorization failure URI

### `7.8.0`
- Spring Boot `3.3.0` as transitive dependency

Expand Down
1 change: 1 addition & 0 deletions ..._soft/springaddons/security/oidc/starter/properties/SpringAddonsOidcClientProperties.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ public class SpringAddonsOidcClientProperties {
public static final String POST_AUTHENTICATION_FAILURE_URI_HEADER = "X-POST-LOGIN-FAILURE-URI";
public static final String POST_AUTHENTICATION_FAILURE_URI_PARAM = "post_login_failure_uri";
public static final String POST_AUTHENTICATION_FAILURE_URI_SESSION_ATTRIBUTE = POST_AUTHENTICATION_FAILURE_URI_PARAM;
public static final String POST_AUTHENTICATION_FAILURE_CAUSE_ATTRIBUTE = "error";

public static final String POST_LOGOUT_SUCCESS_URI_HEADER = "X-POST-LOGOUT-SUCCESS-URI";
public static final String POST_LOGOUT_SUCCESS_URI_PARAM = "post_logout_success_uri";
Expand Down
8 changes: 6 additions & 2 deletions ...ty/oidc/starter/reactive/client/SpringAddonsOauth2ServerAuthenticationFailureHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler;
import org.springframework.web.util.HtmlUtils;
import org.springframework.web.util.UriComponentsBuilder;

import com.c4_soft.springaddons.security.oidc.starter.properties.SpringAddonsOidcClientProperties;
import com.c4_soft.springaddons.security.oidc.starter.properties.SpringAddonsOidcProperties;
Expand All @@ -31,8 +33,10 @@ public SpringAddonsOauth2ServerAuthenticationFailureHandler(SpringAddonsOidcProp
@Override
public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange, AuthenticationException exception) {
return webFilterExchange.getExchange().getSession().flatMap(session -> {
final var uri =
session.getAttributeOrDefault(SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_URI_SESSION_ATTRIBUTE, defaultRedirectUri);
final var uri = UriComponentsBuilder.fromUri(
session.getAttributeOrDefault(SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_URI_SESSION_ATTRIBUTE, defaultRedirectUri))
.queryParam(SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_CAUSE_ATTRIBUTE, HtmlUtils.htmlEscape(exception.getMessage()))
.build().toUri();
return redirectStrategy.sendRedirect(webFilterExchange.getExchange(), uri);
});
}
Expand Down
10 changes: 7 additions & 3 deletions ...rity/oidc/starter/synchronised/client/SpringAddonsOauth2AuthenticationFailureHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@

import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.web.util.HtmlUtils;
import org.springframework.web.util.UriComponentsBuilder;

import com.c4_soft.springaddons.security.oidc.starter.properties.SpringAddonsOidcClientProperties;
import com.c4_soft.springaddons.security.oidc.starter.properties.SpringAddonsOidcProperties;
Expand Down Expand Up @@ -35,9 +37,11 @@ public SpringAddonsOauth2AuthenticationFailureHandler(SpringAddonsOidcProperties
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
throws IOException,
ServletException {
final var uri =
final var uri = UriComponentsBuilder.fromUriString(
Optional.ofNullable(request.getSession().getAttribute(SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_URI_SESSION_ATTRIBUTE))
.map(Object::toString).orElse(redirectUri);
redirectStrategy.sendRedirect(request, response, uri);
.map(Object::toString).orElse(redirectUri))
.queryParam(SpringAddonsOidcClientProperties.POST_AUTHENTICATION_FAILURE_CAUSE_ATTRIBUTE, HtmlUtils.htmlEscape(exception.getMessage())).build()
.toUri();
redirectStrategy.sendRedirect(request, response, uri.toString());
}
}

0 comments on commit 2a5c0a3

Please sign in to comment.