mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-05 00:56:58 +08:00
Publish an AuditEvent on logout
See gh-41278
This commit is contained in:
parent
5689bf56ce
commit
c5953feae6
@ -24,6 +24,7 @@ import org.springframework.boot.actuate.audit.AuditEvent;
|
||||
import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
|
||||
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
|
||||
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
||||
import org.springframework.security.authentication.event.LogoutSuccessEvent;
|
||||
import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent;
|
||||
import org.springframework.util.ClassUtils;
|
||||
|
||||
@ -51,6 +52,14 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList
|
||||
*/
|
||||
public static final String AUTHENTICATION_SWITCH = "AUTHENTICATION_SWITCH";
|
||||
|
||||
/**
|
||||
* This constant is used to indicate that the logout process
|
||||
* has been completed successfully.
|
||||
*
|
||||
* @since 3.4.0
|
||||
*/
|
||||
public static final String LOGOUT_SUCCESS = "LOGOUT_SUCCESS";
|
||||
|
||||
private static final String WEB_LISTENER_CHECK_CLASS = "org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent";
|
||||
|
||||
private final WebAuditListener webListener = maybeCreateWebListener();
|
||||
@ -73,6 +82,9 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList
|
||||
else if (event instanceof AuthenticationSuccessEvent successEvent) {
|
||||
onAuthenticationSuccessEvent(successEvent);
|
||||
}
|
||||
else if (event instanceof LogoutSuccessEvent logoutSuccessEvent) {
|
||||
onLogoutSuccessEvent(logoutSuccessEvent);
|
||||
}
|
||||
}
|
||||
|
||||
private void onAuthenticationFailureEvent(AbstractAuthenticationFailureEvent event) {
|
||||
@ -93,6 +105,15 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList
|
||||
publish(new AuditEvent(event.getAuthentication().getName(), AUTHENTICATION_SUCCESS, data));
|
||||
}
|
||||
|
||||
private void onLogoutSuccessEvent(LogoutSuccessEvent event) {
|
||||
Map<String, Object> data = new LinkedHashMap<>();
|
||||
if (event.getAuthentication().getDetails() != null) {
|
||||
data.put("details", event.getAuthentication().getDetails());
|
||||
}
|
||||
publish(new AuditEvent(event.getAuthentication().getName(), LOGOUT_SUCCESS, data));
|
||||
|
||||
}
|
||||
|
||||
private static final class WebAuditListener {
|
||||
|
||||
void process(AuthenticationAuditListener listener, AbstractAuthenticationEvent input) {
|
||||
|
@ -29,6 +29,7 @@ import org.springframework.security.authentication.event.AbstractAuthenticationE
|
||||
import org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent;
|
||||
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
||||
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
|
||||
import org.springframework.security.authentication.event.LogoutSuccessEvent;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent;
|
||||
@ -60,6 +61,13 @@ class AuthenticationAuditListenerTests {
|
||||
assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.AUTHENTICATION_SUCCESS);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testLogoutSucess() {
|
||||
AuditApplicationEvent event = handleAuthenticationEvent(
|
||||
new LogoutSuccessEvent(new UsernamePasswordAuthenticationToken("user", "password")));
|
||||
assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.LOGOUT_SUCCESS);
|
||||
}
|
||||
|
||||
@Test
|
||||
void testOtherAuthenticationSuccess() {
|
||||
this.listener.onApplicationEvent(new InteractiveAuthenticationSuccessEvent(
|
||||
|
Loading…
Reference in New Issue
Block a user