Simplify RequestCache by referer

rwinch · rwinch · commit 335e51d41882 · 2018-07-26T14:21:54.000-05:00
diff --git a/src/main/java/com/okta/developer/jugtours/config/SecurityConfiguration.java b/src/main/java/com/okta/developer/jugtours/config/SecurityConfiguration.java
@@ -1,134 +1,44 @@
 package com.okta.developer.jugtours.config;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
-import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
 import org.springframework.security.web.savedrequest.RequestCache;
-import org.springframework.security.web.savedrequest.SavedRequest;
+import org.springframework.security.web.savedrequest.SimpleSavedRequest;
 
-import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.util.Collection;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
 
 @Configuration
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
-    private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
-
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        RequestCache requestCache = refererRequestCache();
-        SavedRequestAwareAuthenticationSuccessHandler handler = new SavedRequestAwareAuthenticationSuccessHandler();
-        handler.setRequestCache(requestCache);
         http
-            .oauth2Login()
-                .successHandler(handler)
-                .and()
+            .oauth2Login().and()
             .csrf()
                 .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
                 .and()
-            .requestCache()
-                .requestCache(requestCache)
-                .and()
             .authorizeRequests()
                 .antMatchers("/**/*.{js,html,css}").permitAll()
                 .antMatchers("/", "/api/user").permitAll()
                 .anyRequest().authenticated();
     }
 
     @Bean
+    @Profile("dev")
     public RequestCache refererRequestCache() {
-        return new RequestCache() {
-            private String savedAttrName = getClass().getName().concat(".SAVED");
-
+        return new HttpSessionRequestCache() {
             @Override
             public void saveRequest(HttpServletRequest request, HttpServletResponse response) {
                 String referrer = request.getHeader("referer");
                 if (referrer != null) {
-                    request.getSession().setAttribute(this.savedAttrName, referrerRequest(referrer));
-                }
-            }
-
-            @Override
-            public SavedRequest getRequest(HttpServletRequest request, HttpServletResponse response) {
-                HttpSession session = request.getSession(false);
-
-                if (session != null) {
-                    return (SavedRequest) session.getAttribute(this.savedAttrName);
-                }
-
-                return null;
-            }
-
-            @Override
-            public HttpServletRequest getMatchingRequest(HttpServletRequest request, HttpServletResponse response) {
-                return request;
-            }
-
-            @Override
-            public void removeRequest(HttpServletRequest request, HttpServletResponse response) {
-                HttpSession session = request.getSession(false);
-
-                if (session != null) {
-                    log.debug("Removing SavedRequest from session if present");
-                    session.removeAttribute(this.savedAttrName);
+                    request.getSession().setAttribute("SPRING_SECURITY_SAVED_REQUEST", new SimpleSavedRequest(referrer));
                 }
             }
         };
     }
-
-    private SavedRequest referrerRequest(final String referrer) {
-        return new SavedRequest() {
-            @Override
-            public String getRedirectUrl() {
-                return referrer;
-            }
-
-            @Override
-            public List<Cookie> getCookies() {
-                return null;
-            }
-
-            @Override
-            public String getMethod() {
-                return null;
-            }
-
-            @Override
-            public List<String> getHeaderValues(String name) {
-                return null;
-            }
-
-            @Override
-            public Collection<String> getHeaderNames() {
-                return null;
-            }
-
-            @Override
-            public List<Locale> getLocales() {
-                return null;
-            }
-
-            @Override
-            public String[] getParameterValues(String name) {
-                return new String[0];
-            }
-
-            @Override
-            public Map<String, String[]> getParameterMap() {
-                return null;
-            }
-        };
-    }
 }
