Source Code of fr.ippon.tatami.security.TatamiAuthenticationSuccessHandler

package fr.ippon.tatami.security;

import fr.ippon.tatami.repository.AppleDeviceRepository;
import fr.ippon.tatami.repository.AppleDeviceUserRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * Tatami specific Spring Security success handler, that understands Ajax requests.
 */
@Component
public class TatamiAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {

    private final Logger log = LoggerFactory.getLogger(TatamiAuthenticationSuccessHandler.class);

    private RequestCache requestCache = new HttpSessionRequestCache();

    @Inject
    private AppleDeviceRepository appleDeviceRepository;

    @Inject
    private AppleDeviceUserRepository appleDeviceUserRepository;

    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                                        Authentication authentication) throws ServletException, IOException {
        SavedRequest savedRequest = requestCache.getRequest(request, response);

        manageAppleDevice(authentication.getName(), request.getParameter("device_token"));

        if (savedRequest == null) {
            super.onAuthenticationSuccess(request, response, authentication);
            return;
        }
        if (savedRequest.getHeaderNames().contains("X-Requested-With") &&
                "XMLHttpRequest".equals(savedRequest.getHeaderValues("X-Requested-With").get(0))) {

            requestCache.removeRequest(request, response);
            clearAuthenticationAttributes(request);
            response.sendRedirect(getDefaultTargetUrl());
            return;
        }

        String targetUrlParameter = getTargetUrlParameter();
        if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
            requestCache.removeRequest(request, response);
            super.onAuthenticationSuccess(request, response, authentication);

            return;
        }

        clearAuthenticationAttributes(request);

        // Use the DefaultSavedRequest URL
        String targetUrl = savedRequest.getRedirectUrl();
        getRedirectStrategy().sendRedirect(request, response, targetUrl);
    }

    public void setRequestCache(RequestCache requestCache) {
        this.requestCache = requestCache;
    }

    private void manageAppleDevice(String login, String deviceToken) {
        if (deviceToken == null) {
            return;
        }
        log.debug("Device token: {}", deviceToken);
        String deviceId = deviceToken.substring(1, deviceToken.length() - 1);
        log.debug("Device Id: {}", deviceId);
        String existingDeviceLogin = appleDeviceUserRepository.findLoginForDeviceId(deviceId);
        if (existingDeviceLogin != null) {
            appleDeviceRepository.removeAppleDevice(existingDeviceLogin, deviceId);
            appleDeviceUserRepository.removeAppleDeviceForUser(deviceId);
        }
        appleDeviceUserRepository.createAppleDeviceForUser(deviceId, login);
        appleDeviceRepository.createAppleDevice(login, deviceId);
    }
}