Spring 引导 - Oauth2 授权成功期间触发的事件
Spring Boot - What event fired during Oauth2 authorization success
我有一个 spring 启动应用程序,它使用 oauth2 进行身份验证。我想为此添加一个事件侦听器并执行一些自定义操作。我无法弄清楚在 oauth2 的身份验证成功期间触发了什么事件。是AuthenticationSuccessEvent吗?
OAuth2授权成功触发的事件是AuthorizedEvent。这是在 Spring 代码 here 中触发的。但是为了得到这个事件,你需要将 publishAuthorizationSuccess 设置为 true。可以执行以下操作以使其正常工作:
配置变化:
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
....
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
http
.authorizeRequests()
.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
public <O extends FilterSecurityInterceptor> O postProcess(O fsi) {
fsi.setPublishAuthorizationSuccess(true);
return fsi;
}
})
}
....
}
代码监听器:
@Component
@Slf4j
public class HttpSessionEventListener {
@EventListener(value = {AbstractAuthorizationEvent.class})
public void onApplicationEvent(ApplicationEvent event) {
if (event instanceof AuthenticationSuccessEvent) {
Authentication auth = ((AuthenticationSuccessEvent) event).getAuthentication();
if (auth.getPrincipal() instanceof UserCredential) {
log.debug("Login success with AuthenticationSuccessEvent");
}
} else if (event instanceof InteractiveAuthenticationSuccessEvent) {
Authentication auth = ((InteractiveAuthenticationSuccessEvent)event).getAuthentication();
log.debug("Login success with InteractiveAuthenticationSuccessEvent");
} else if (event instanceof AbstractAuthenticationFailureEvent) {
Authentication auth = ((AbstractAuthenticationFailureEvent) event).getAuthentication();
log.debug("Login failed with AbstractAuthenticationFailureEvent");
} else if (event instanceof AuthorizedEvent) {
Authentication auth = ((AuthorizedEvent)event).getAuthentication();
log.debug("Login success with AuthorizedEvent");
} else if (event instanceof AuthorizationFailureEvent) {
Authentication auth = ((AuthorizationFailureEvent)event).getAuthentication();
log.debug("Login fail with AuthorizationFailureEvent");
}
}
}
我有一个 spring 启动应用程序,它使用 oauth2 进行身份验证。我想为此添加一个事件侦听器并执行一些自定义操作。我无法弄清楚在 oauth2 的身份验证成功期间触发了什么事件。是AuthenticationSuccessEvent吗?
OAuth2授权成功触发的事件是AuthorizedEvent。这是在 Spring 代码 here 中触发的。但是为了得到这个事件,你需要将 publishAuthorizationSuccess 设置为 true。可以执行以下操作以使其正常工作:
配置变化:
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
....
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
http
.authorizeRequests()
.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
public <O extends FilterSecurityInterceptor> O postProcess(O fsi) {
fsi.setPublishAuthorizationSuccess(true);
return fsi;
}
})
}
....
}
代码监听器:
@Component
@Slf4j
public class HttpSessionEventListener {
@EventListener(value = {AbstractAuthorizationEvent.class})
public void onApplicationEvent(ApplicationEvent event) {
if (event instanceof AuthenticationSuccessEvent) {
Authentication auth = ((AuthenticationSuccessEvent) event).getAuthentication();
if (auth.getPrincipal() instanceof UserCredential) {
log.debug("Login success with AuthenticationSuccessEvent");
}
} else if (event instanceof InteractiveAuthenticationSuccessEvent) {
Authentication auth = ((InteractiveAuthenticationSuccessEvent)event).getAuthentication();
log.debug("Login success with InteractiveAuthenticationSuccessEvent");
} else if (event instanceof AbstractAuthenticationFailureEvent) {
Authentication auth = ((AbstractAuthenticationFailureEvent) event).getAuthentication();
log.debug("Login failed with AbstractAuthenticationFailureEvent");
} else if (event instanceof AuthorizedEvent) {
Authentication auth = ((AuthorizedEvent)event).getAuthentication();
log.debug("Login success with AuthorizedEvent");
} else if (event instanceof AuthorizationFailureEvent) {
Authentication auth = ((AuthorizationFailureEvent)event).getAuthentication();
log.debug("Login fail with AuthorizationFailureEvent");
}
}
}