:bug: 修复社交登录、验证码登录 成功、失败事件不通知问题

pigx-auth/src/main/java/com/pig4cloud/pigx/auth/config/AuthorizationServerConfig.java

@@ -21,6 +21,7 @@ package com.pig4cloud.pigx.auth.config;
 
 import com.pig4cloud.pigx.common.core.constant.SecurityConstants;
 import com.pig4cloud.pigx.common.security.component.PigxWebResponseExceptionTranslator;
+import com.pig4cloud.pigx.common.security.service.PigxClientDetailsService;
 import com.pig4cloud.pigx.common.security.service.PigxUserDetailsService;
 import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Bean;
@@ -34,7 +35,6 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.A
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
-import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
@@ -59,21 +59,21 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
 
 	@Override
 	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
-		JdbcClientDetailsService clientDetailsService = new JdbcClientDetailsService(dataSource);
+		PigxClientDetailsService clientDetailsService = new PigxClientDetailsService(dataSource);
 		clientDetailsService.setSelectClientDetailsSql(SecurityConstants.DEFAULT_SELECT_STATEMENT);
 		clientDetailsService.setFindClientDetailsSql(SecurityConstants.DEFAULT_FIND_STATEMENT);
 		clients.withClientDetails(clientDetailsService);
 	}
 
 	@Override
-	public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
+	public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
 		oauthServer
 			.allowFormAuthenticationForClients()
 			.checkTokenAccess("permitAll()");
 	}
 
 	@Override
-	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+	public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
 		endpoints
 			.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
 			.tokenStore(tokenStore())

pigx-auth/src/main/java/com/pig4cloud/pigx/auth/config/WebSecurityConfigurer.java

@@ -89,8 +89,10 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
 
 	@Bean
 	public MobileSecurityConfigurer mobileSecurityConfigurer() {
-		return new MobileSecurityConfigurer(mobileLoginSuccessHandler()
-			, userDetailsService);
+		MobileSecurityConfigurer mobileSecurityConfigurer = new MobileSecurityConfigurer();
+		mobileSecurityConfigurer.setMobileLoginSuccessHandler(mobileLoginSuccessHandler());
+		mobileSecurityConfigurer.setUserDetailsService(userDetailsService);
+		return mobileSecurityConfigurer;
 	}
 
 

pigx-auth/src/main/java/com/pig4cloud/pigx/auth/handler/PigxAuthenticationFailureEvenHandler.java

@@ -32,7 +32,7 @@ import org.springframework.stereotype.Component;
 public class PigxAuthenticationFailureEvenHandler extends AuthenticationFailureEvenHandler {
 
 	/**
-	 * 处理登录成功方法
+	 * 处理登录失败方法
 	 * <p>
 	 *
 	 * @param authenticationException 登录的authentication 对象

pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/mobile/MobileAuthenticationFilter.java

@@ -24,6 +24,7 @@ import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -43,7 +44,6 @@ import javax.servlet.http.HttpServletResponse;
  */
 public class MobileAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 	private static final String SPRING_SECURITY_FORM_MOBILE_KEY = "mobile";
-	private AuthenticationEventPublisher eventPublisher = new MobileAuthenticationFilter.NullEventPublisher();
 	private AuthenticationEntryPoint authenticationEntryPoint = new MobileAuthenticationEntryPoint();
 	@Getter
 	@Setter
@@ -51,6 +51,9 @@ public class MobileAuthenticationFilter extends AbstractAuthenticationProcessing
 	@Getter
 	@Setter
 	private boolean postOnly = true;
+	@Getter
+	@Setter
+	private AuthenticationEventPublisher eventPublisher;
 
 	public MobileAuthenticationFilter() {
 		super(new AntPathRequestMatcher(SecurityConstants.MOBILE_TOKEN_URL, "POST"));
@@ -76,8 +79,13 @@ public class MobileAuthenticationFilter extends AbstractAuthenticationProcessing
 
 		setDetails(request, mobileAuthenticationToken);
 
+		Authentication authResult = null;
 		try {
-			return this.getAuthenticationManager().authenticate(mobileAuthenticationToken);
+			authResult = this.getAuthenticationManager().authenticate(mobileAuthenticationToken);
+
+			logger.debug("Authentication success: " + authResult);
+			eventPublisher.publishAuthenticationSuccess(authResult);
+			SecurityContextHolder.getContext().setAuthentication(authResult);
 
 		} catch (Exception failed) {
 			SecurityContextHolder.clearContext();
@@ -93,7 +101,8 @@ public class MobileAuthenticationFilter extends AbstractAuthenticationProcessing
 				logger.error("authenticationEntryPoint handle error:{}", failed);
 			}
 		}
-		return null;
+
+		return authResult;
 	}
 
 	private String obtainMobile(HttpServletRequest request) {
@@ -104,15 +113,5 @@ public class MobileAuthenticationFilter extends AbstractAuthenticationProcessing
 							MobileAuthenticationToken authRequest) {
 		authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
 	}
-
-	private static final class NullEventPublisher implements AuthenticationEventPublisher {
-		@Override
-		public void publishAuthenticationFailure(AuthenticationException exception, Authentication authentication) {
-		}
-
-		@Override
-		public void publishAuthenticationSuccess(Authentication authentication) {
-		}
-	}
 }
 

pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/mobile/MobileSecurityConfigurer.java

@@ -18,7 +18,10 @@
 package com.pig4cloud.pigx.common.security.mobile;
 
 import com.pig4cloud.pigx.common.security.service.PigxUserDetailsService;
-import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.AuthenticationEventPublisher;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -32,9 +35,12 @@ import org.springframework.stereotype.Component;
  * @date 2018/8/5
  * 手机号登录配置入口
  */
+@Getter
+@Setter
 @Component
-@AllArgsConstructor
 public class MobileSecurityConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
+	@Autowired
+	private AuthenticationEventPublisher defaultAuthenticationEventPublisher;
 	private AuthenticationSuccessHandler mobileLoginSuccessHandler;
 	private PigxUserDetailsService userDetailsService;
 
@@ -43,6 +49,7 @@ public class MobileSecurityConfigurer extends SecurityConfigurerAdapter<DefaultS
 		MobileAuthenticationFilter mobileAuthenticationFilter = new MobileAuthenticationFilter();
 		mobileAuthenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
 		mobileAuthenticationFilter.setAuthenticationSuccessHandler(mobileLoginSuccessHandler);
+		mobileAuthenticationFilter.setEventPublisher(defaultAuthenticationEventPublisher);
 
 		MobileAuthenticationProvider mobileAuthenticationProvider = new MobileAuthenticationProvider();
 		mobileAuthenticationProvider.setUserDetailsService(userDetailsService);