fix: login error

Game-as-a-Service · Jul 9, 2023 · d39ff9a · d39ff9a
1 parent b199716
commit d39ff9a
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 17 deletions.
diff --git a/...tlin/tw/waterballsa/gaas/spring/configs/securities/CustomOAuthorizationRequestResolver.kt b/...tlin/tw/waterballsa/gaas/spring/configs/securities/CustomOAuthorizationRequestResolver.kt
@@ -12,7 +12,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames
 import org.springframework.security.oauth2.core.oidc.OidcScopes
 import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames
-import org.springframework.security.web.savedrequest.DefaultSavedRequest
 import org.springframework.security.web.util.UrlUtils.buildFullRequestUrl
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher
 import org.springframework.util.CollectionUtils
@@ -110,9 +109,8 @@ class CustomOAuthorizationRequestResolver(
     override fun resolve(request: HttpServletRequest): OAuth2AuthorizationRequest? {
         val registrationId = resolveRegistrationId(request) ?: return null
         val redirectUriAction = request.getAction("login")
-        val originalRequest = request.session.getAttribute("SPRING_SECURITY_SAVED_REQUEST") as DefaultSavedRequest
         val identityProviders = IdentityProvider.values().map { it.queryParam }
-        val targetIdentityProvider = originalRequest.parameterMap["type"]?.find { it in identityProviders }
+        val targetIdentityProvider = request.parameterMap["type"]?.find { it in identityProviders }
         authorizationRequestCustomizer = Consumer {
             it.parameters { params ->
                 params["connection"] = targetIdentityProvider ?: "google-oauth2"

diff --git a/spring/src/main/kotlin/tw/waterballsa/gaas/spring/configs/securities/SecurityConfig.kt b/spring/src/main/kotlin/tw/waterballsa/gaas/spring/configs/securities/SecurityConfig.kt
@@ -10,11 +10,9 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser
 import org.springframework.security.oauth2.core.oidc.user.OidcUser
-import org.springframework.security.web.AuthenticationEntryPoint
 import org.springframework.security.web.SecurityFilterChain
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler
 import tw.waterballsa.gaas.application.usecases.CreateUserUseCase
-import javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED
 
 @EnableWebSecurity
 class SecurityConfig(
@@ -28,7 +26,7 @@ class SecurityConfig(
         http
             .csrf().disable()
             .authorizeHttpRequests()
-            .antMatchers("/health", "/walking-skeleton").permitAll()
+            .antMatchers("/login", "/health", "/walking-skeleton").permitAll()
             .antMatchers("/swagger-ui/**", "/favicon.ico").permitAll()
             .anyRequest().authenticated()
             .and()
@@ -45,10 +43,7 @@ class SecurityConfig(
             .userInfoEndpoint().oidcUserService(oidcUserService())
             .and()
             .and()
-            .oauth2ResourceServer().jwt().and()
-            .and()
-            .exceptionHandling()
-            .authenticationEntryPoint(redirectToLoginEndPoint())
+            .oauth2ResourceServer().jwt()
 
         return http.build()
     }
@@ -67,11 +62,4 @@ class SecurityConfig(
         }
     }
 
-    private fun redirectToLoginEndPoint(): AuthenticationEntryPoint =
-        AuthenticationEntryPoint { request, response, _ ->
-            when (request.requestURI) {
-                "/login" -> response.sendRedirect("/oauth2/authorization/auth0")
-                else -> response.sendError(SC_UNAUTHORIZED)
-            }
-        }
 }
diff --git a/spring/src/main/kotlin/tw/waterballsa/gaas/spring/controllers/OAuth2Controller.kt b/spring/src/main/kotlin/tw/waterballsa/gaas/spring/controllers/OAuth2Controller.kt
@@ -8,8 +8,12 @@ import org.springframework.security.core.annotation.AuthenticationPrincipal
 import org.springframework.security.oauth2.core.oidc.OidcIdToken
 import org.springframework.security.oauth2.core.oidc.user.OidcUser
 import org.springframework.security.oauth2.jwt.Jwt
+import org.springframework.ui.set
 import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RequestParam
 import org.springframework.web.bind.annotation.RestController
+import org.springframework.web.servlet.mvc.support.RedirectAttributes
+import org.springframework.web.servlet.view.RedirectView
 import org.springframework.web.util.UriComponentsBuilder
 import tw.waterballsa.gaas.application.usecases.CreateUserUseCase
 import tw.waterballsa.gaas.exceptions.PlatformException
@@ -35,6 +39,12 @@ class OAuth2Controller(
         return ResponseEntity.status(FOUND).header(LOCATION, "/").build()
     }
 
+    @GetMapping("/login")
+    fun login(@RequestParam type: String, redirectAttributes: RedirectAttributes): RedirectView{
+        redirectAttributes["type"] = type
+        return RedirectView("oauth2/authorization/auth0")
+    }
+
     private fun sendTokenToFrontend(oidcIdToken: OidcIdToken) {
         val uriString = UriComponentsBuilder.fromUriString(frontendUrl)
             .queryParam("token", oidcIdToken.tokenValue)