package cn.mb.cloud.auth.security.social; import cn.mb.cloud.common.core.constant.SecurityConstants; import lombok.Getter; import lombok.Setter; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationEventPublisher; import org.springframework.security.authentication.AuthenticationServiceException; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * @author jason * 手机号登录验证filter */ public class SocialAuthenticationFilter extends AbstractAuthenticationProcessingFilter { private static final String SPRING_SECURITY_FORM_MOBILE_KEY = "mobile"; @Getter @Setter private String socialParameter = SPRING_SECURITY_FORM_MOBILE_KEY; @Getter @Setter private boolean postOnly = true; @Getter @Setter private AuthenticationEventPublisher eventPublisher; @Getter @Setter private AuthenticationEntryPoint authenticationEntryPoint; public SocialAuthenticationFilter() { super(new AntPathRequestMatcher(SecurityConstants.MOBILE_TOKEN_URL, "POST")); } @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { if (postOnly && !request.getMethod().equals(HttpMethod.POST.name())) { throw new AuthenticationServiceException( "Authentication method not supported: " + request.getMethod()); } String social = obtainSocial(request); if (social == null) { social = ""; } social = social.trim(); SocialAuthenticationToken mobileAuthenticationToken = new SocialAuthenticationToken(social); setDetails(request, mobileAuthenticationToken); Authentication authResult = null; try { authResult = this.getAuthenticationManager().authenticate(mobileAuthenticationToken); logger.debug("Authentication success: " + authResult); SecurityContextHolder.getContext().setAuthentication(authResult); } catch (Exception failed) { SecurityContextHolder.clearContext(); logger.debug("Authentication request failed: " + failed); eventPublisher.publishAuthenticationFailure(new BadCredentialsException(failed.getMessage(), failed), new PreAuthenticatedAuthenticationToken("access-token", "N/A")); try { authenticationEntryPoint.commence(request, response, new UsernameNotFoundException(failed.getMessage(), failed)); } catch (Exception e) { logger.error("authenticationEntryPoint handle error:{}", failed); } } return authResult; } private String obtainSocial(HttpServletRequest request) { return request.getParameter(socialParameter); } private void setDetails(HttpServletRequest request, SocialAuthenticationToken authRequest) { authRequest.setDetails(authenticationDetailsSource.buildDetails(request)); } }