mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-15 01:07:30 +08:00
Merge pull request #41278 from Chu3laMan
* pr/41278: Polish "Publish an AuditEvent on logout" Publish an AuditEvent on logout Closes gh-41278
This commit is contained in:
commit
edafc78375
@ -24,6 +24,7 @@ import org.springframework.boot.actuate.audit.AuditEvent;
|
|||||||
import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
|
import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
|
||||||
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
|
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
|
||||||
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
||||||
|
import org.springframework.security.authentication.event.LogoutSuccessEvent;
|
||||||
import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent;
|
import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent;
|
||||||
import org.springframework.util.ClassUtils;
|
import org.springframework.util.ClassUtils;
|
||||||
|
|
||||||
@ -51,6 +52,13 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList
|
|||||||
*/
|
*/
|
||||||
public static final String AUTHENTICATION_SWITCH = "AUTHENTICATION_SWITCH";
|
public static final String AUTHENTICATION_SWITCH = "AUTHENTICATION_SWITCH";
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Logout success event type.
|
||||||
|
*
|
||||||
|
* @since 3.4.0
|
||||||
|
*/
|
||||||
|
public static final String LOGOUT_SUCCESS = "LOGOUT_SUCCESS";
|
||||||
|
|
||||||
private static final String WEB_LISTENER_CHECK_CLASS = "org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent";
|
private static final String WEB_LISTENER_CHECK_CLASS = "org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent";
|
||||||
|
|
||||||
private final WebAuditListener webListener = maybeCreateWebListener();
|
private final WebAuditListener webListener = maybeCreateWebListener();
|
||||||
@ -73,6 +81,9 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList
|
|||||||
else if (event instanceof AuthenticationSuccessEvent successEvent) {
|
else if (event instanceof AuthenticationSuccessEvent successEvent) {
|
||||||
onAuthenticationSuccessEvent(successEvent);
|
onAuthenticationSuccessEvent(successEvent);
|
||||||
}
|
}
|
||||||
|
else if (event instanceof LogoutSuccessEvent logoutSuccessEvent) {
|
||||||
|
onLogoutSuccessEvent(logoutSuccessEvent);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void onAuthenticationFailureEvent(AbstractAuthenticationFailureEvent event) {
|
private void onAuthenticationFailureEvent(AbstractAuthenticationFailureEvent event) {
|
||||||
@ -93,6 +104,14 @@ public class AuthenticationAuditListener extends AbstractAuthenticationAuditList
|
|||||||
publish(new AuditEvent(event.getAuthentication().getName(), AUTHENTICATION_SUCCESS, data));
|
publish(new AuditEvent(event.getAuthentication().getName(), AUTHENTICATION_SUCCESS, data));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void onLogoutSuccessEvent(LogoutSuccessEvent event) {
|
||||||
|
Map<String, Object> data = new LinkedHashMap<>();
|
||||||
|
if (event.getAuthentication().getDetails() != null) {
|
||||||
|
data.put("details", event.getAuthentication().getDetails());
|
||||||
|
}
|
||||||
|
publish(new AuditEvent(event.getAuthentication().getName(), LOGOUT_SUCCESS, data));
|
||||||
|
}
|
||||||
|
|
||||||
private static final class WebAuditListener {
|
private static final class WebAuditListener {
|
||||||
|
|
||||||
void process(AuthenticationAuditListener listener, AbstractAuthenticationEvent input) {
|
void process(AuthenticationAuditListener listener, AbstractAuthenticationEvent input) {
|
||||||
|
@ -29,6 +29,7 @@ import org.springframework.security.authentication.event.AbstractAuthenticationE
|
|||||||
import org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent;
|
import org.springframework.security.authentication.event.AuthenticationFailureExpiredEvent;
|
||||||
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
|
||||||
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
|
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
|
||||||
|
import org.springframework.security.authentication.event.LogoutSuccessEvent;
|
||||||
import org.springframework.security.core.authority.AuthorityUtils;
|
import org.springframework.security.core.authority.AuthorityUtils;
|
||||||
import org.springframework.security.core.userdetails.User;
|
import org.springframework.security.core.userdetails.User;
|
||||||
import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent;
|
import org.springframework.security.web.authentication.switchuser.AuthenticationSwitchUserEvent;
|
||||||
@ -60,6 +61,13 @@ class AuthenticationAuditListenerTests {
|
|||||||
assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.AUTHENTICATION_SUCCESS);
|
assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.AUTHENTICATION_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void testLogoutSuccess() {
|
||||||
|
AuditApplicationEvent event = handleAuthenticationEvent(
|
||||||
|
new LogoutSuccessEvent(new UsernamePasswordAuthenticationToken("user", "password")));
|
||||||
|
assertThat(event.getAuditEvent().getType()).isEqualTo(AuthenticationAuditListener.LOGOUT_SUCCESS);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void testOtherAuthenticationSuccess() {
|
void testOtherAuthenticationSuccess() {
|
||||||
this.listener.onApplicationEvent(new InteractiveAuthenticationSuccessEvent(
|
this.listener.onApplicationEvent(new InteractiveAuthenticationSuccessEvent(
|
||||||
|
Loading…
Reference in New Issue
Block a user