package com.kidgrow.oauth2.config;
import com.kidgrow.common.utils.ResponseUtil;
import com.kidgrow.oauth2.handler.OauthLogoutHandler;
import com.fasterxml.jackson.databind.ObjectMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.exceptions.*;
import org.springframework.security.oauth2.provider.error.DefaultWebResponseExceptionTranslator;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020
*
* @Description: 认证错误处理
* @Project:
* @CreateDate: Created in 2020/2/20 09:19
* @Author: liuke
*/
@Slf4j
@Configuration
public class SecurityHandlerConfig {
@Resource
private ObjectMapper objectMapper;
/**
* 登陆失败,返回401
*/
@Bean
public AuthenticationFailureHandler loginFailureHandler() {
return (request, response, exception) -> {
String msg;
if (exception instanceof BadCredentialsException) {
msg = "密码错误";
} else {
msg = exception.getMessage();
}
ResponseUtil.responseWriter(objectMapper, response, msg, HttpStatus.UNAUTHORIZED.value());
};
}
@Bean
public OauthLogoutHandler oauthLogoutHandler() {
return new OauthLogoutHandler();
}
@Bean
public WebResponseExceptionTranslator webResponseExceptionTranslator() {
return new DefaultWebResponseExceptionTranslator() {
public static final String BAD_MSG = "坏的凭证";
@Override
public ResponseEntity translate(Exception e) throws Exception {
OAuth2Exception oAuth2Exception;
if (e.getMessage() != null && e.getMessage().equals(BAD_MSG)) {
oAuth2Exception = new InvalidGrantException("用户名或密码错误", e);
} else if (e instanceof InternalAuthenticationServiceException) {
oAuth2Exception = new InvalidGrantException(e.getMessage(), e);
} else if (e instanceof RedirectMismatchException) {
oAuth2Exception = new InvalidGrantException(e.getMessage(), e);
} else if (e instanceof InvalidScopeException) {
oAuth2Exception = new InvalidGrantException(e.getMessage(), e);
} else {
oAuth2Exception = new UnsupportedResponseTypeException("服务内部错误", e);
}
ResponseEntity response = super.translate(oAuth2Exception);
ResponseEntity.status(oAuth2Exception.getHttpErrorCode());
response.getBody().addAdditionalInformation("code", oAuth2Exception.getHttpErrorCode() + "");
response.getBody().addAdditionalInformation("msg", oAuth2Exception.getMessage());
return response;
}
};
}
/**
* 登陆成功
*/
@Bean
public AuthenticationSuccessHandler loginSuccessHandler() {
return new SavedRequestAwareAuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
super.onAuthenticationSuccess(request, response, authentication);
}
};
}
}