|
|
package cn.mb.cloud.auth.security.social;
|
|
import cn.mb.cloud.common.core.constant.SecurityConstants;
|
import lombok.Getter;
|
import lombok.Setter;
|
import org.springframework.http.HttpMethod;
|
import org.springframework.security.authentication.AuthenticationEventPublisher;
|
import org.springframework.security.authentication.AuthenticationServiceException;
|
import org.springframework.security.authentication.BadCredentialsException;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.web.AuthenticationEntryPoint;
|
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
|
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
|
/**
|
* @author jason
|
* 手机号登录验证filter
|
*/
|
public class SocialAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
|
private static final String SPRING_SECURITY_FORM_MOBILE_KEY = "mobile";
|
@Getter
|
@Setter
|
private String socialParameter = SPRING_SECURITY_FORM_MOBILE_KEY;
|
@Getter
|
@Setter
|
private boolean postOnly = true;
|
@Getter
|
@Setter
|
private AuthenticationEventPublisher eventPublisher;
|
@Getter
|
@Setter
|
private AuthenticationEntryPoint authenticationEntryPoint;
|
|
|
public SocialAuthenticationFilter() {
|
super(new AntPathRequestMatcher(SecurityConstants.MOBILE_TOKEN_URL, "POST"));
|
}
|
|
@Override
|
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
|
if (postOnly && !request.getMethod().equals(HttpMethod.POST.name())) {
|
throw new AuthenticationServiceException(
|
"Authentication method not supported: " + request.getMethod());
|
}
|
|
String social = obtainSocial(request);
|
|
if (social == null) {
|
social = "";
|
}
|
|
social = social.trim();
|
|
SocialAuthenticationToken mobileAuthenticationToken = new SocialAuthenticationToken(social);
|
|
setDetails(request, mobileAuthenticationToken);
|
|
Authentication authResult = null;
|
try {
|
authResult = this.getAuthenticationManager().authenticate(mobileAuthenticationToken);
|
|
logger.debug("Authentication success: " + authResult);
|
SecurityContextHolder.getContext().setAuthentication(authResult);
|
|
} catch (Exception failed) {
|
SecurityContextHolder.clearContext();
|
logger.debug("Authentication request failed: " + failed);
|
|
eventPublisher.publishAuthenticationFailure(new BadCredentialsException(failed.getMessage(), failed),
|
new PreAuthenticatedAuthenticationToken("access-token", "N/A"));
|
|
try {
|
authenticationEntryPoint.commence(request, response,
|
new UsernameNotFoundException(failed.getMessage(), failed));
|
} catch (Exception e) {
|
logger.error("authenticationEntryPoint handle error:{}", failed);
|
}
|
}
|
|
return authResult;
|
}
|
|
private String obtainSocial(HttpServletRequest request) {
|
return request.getParameter(socialParameter);
|
}
|
|
private void setDetails(HttpServletRequest request, SocialAuthenticationToken authRequest) {
|
authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
|
}
|
}
|
