程序包 io.github.mangocrisp.spring.taybct.auth.security.util

类 ResponseHandler

java.lang.Object
io.github.mangocrisp.spring.taybct.auth.security.util.ResponseHandler
所有已实现的接口:
org.springframework.security.web.access.AccessDeniedHandler, org.springframework.security.web.authentication.AuthenticationFailureHandler, org.springframework.security.web.authentication.AuthenticationSuccessHandler, org.springframework.security.web.AuthenticationEntryPoint
public class ResponseHandler extends Object implements org.springframework.security.web.authentication.AuthenticationFailureHandler, org.springframework.security.web.authentication.AuthenticationSuccessHandler, org.springframework.security.web.AuthenticationEntryPoint, org.springframework.security.web.access.AccessDeniedHandler
返回结果处理器
这个注解用不了 RestControllerAdvice,这里写一下统一的 response 返回结果处理类

  • 字段概要

    字段
    修饰符和类型
    字段
    说明
    private boolean
    allowSessionCreation
     
    protected org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest,?>
    authenticationDetailsSource
     
    private org.springframework.security.authentication.AuthenticationManager
    authenticationManager
     
    private org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper
    authoritiesMapper
     
    private boolean
    continueChainBeforeSuccessfulAuthentication
     
    private static final org.springframework.security.web.util.matcher.AntPathRequestMatcher
    DEFAULT_ANT_PATH_REQUEST_MATCHER
     
    protected org.springframework.context.ApplicationEventPublisher
    eventPublisher
     
    private org.springframework.security.web.authentication.AuthenticationFailureHandler
    failureHandler
     
    private io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalExceptionReporter
    globalExceptionReporter
     
    private final io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalPrinter
    globalPrinter
     
    protected org.springframework.context.support.MessageSourceAccessor
    messages
     
    private Consumer<org.springframework.security.core.Authentication>
    operationsBeforeOutput
    其他的操作,这里,指的是希望使用 Authentication 做点什么,这个操作会在往前端输出之前操作
    private org.springframework.security.web.authentication.RememberMeServices
    rememberMeServices
     
    private org.springframework.security.web.util.matcher.RequestMatcher
    requiresAuthenticationRequestMatcher
     
    private org.springframework.security.core.context.SecurityContextHolderStrategy
    securityContextHolderStrategy
     
    private org.springframework.security.web.context.SecurityContextRepository
    securityContextRepository
     
    private org.springframework.security.web.authentication.session.SessionAuthenticationStrategy
    sessionStrategy
     
    private org.springframework.security.web.authentication.AuthenticationSuccessHandler
    successHandler
     
    private BiFunction<org.springframework.security.core.Authentication,jakarta.servlet.http.HttpServletResponse,io.github.mangocrisp.spring.taybct.tool.core.result.R<?>>
    successResultConverter
     

  • 构造器概要

    构造器
    构造器
    说明
    ResponseHandler(io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalExceptionReporter globalExceptionReporter, io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalPrinter globalPrinter)
     

  • 方法概要

    修饰符和类型
    方法
    说明
    protected final void
    clearAuthenticationAttributes(jakarta.servlet.http.HttpServletRequest request)
    Removes temporary authentication-related data which may have been stored in the session during the authentication process.
    void
    commence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception)
     
    protected org.springframework.security.core.Authentication
    createSuccessAuthentication(org.springframework.security.core.Authentication authentication)
    创建可以用于存储在 session holder 里面的数据
    void
    failure(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Exception exception)
     
    protected boolean
    getAllowSessionCreation()
     
    protected org.springframework.security.authentication.AuthenticationManager
    getAuthenticationManager()
     
    protected org.springframework.security.web.authentication.AuthenticationFailureHandler
    getFailureHandler()
     
    org.springframework.security.web.authentication.RememberMeServices
    getRememberMeServices()
     
    protected org.springframework.security.web.authentication.AuthenticationSuccessHandler
    getSuccessHandler()
     
    void
    handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException exception)
     
    void
    onAuthenticationFailure(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception)
     
    void
    onAuthenticationSuccess(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, org.springframework.security.core.Authentication authentication)
     
    void
    onAuthenticationSuccess(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication)
     
    protected final void
    saveException(jakarta.servlet.http.HttpServletRequest request, org.springframework.security.core.AuthenticationException exception)
    Caches the AuthenticationException for use in view rendering.
    void
    setAllowSessionCreation(boolean allowSessionCreation)
     
    void
    setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher)
     
    void
    setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest,?> authenticationDetailsSource)
     
    void
    setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler failureHandler)
     
    void
    setAuthenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager)
     
    void
    setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler successHandler)
    Sets the strategy used to handle a successful authentication.
    void
    setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)
    Indicates if the filter chain should be continued prior to delegation to #successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) , which may be useful in certain environment (such as Tapestry applications).
    void
    setMessageSource(org.springframework.context.MessageSource messageSource)
     
    void
    setRememberMeServices(org.springframework.security.web.authentication.RememberMeServices rememberMeServices)
     
    void
    setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy)
    Sets the SecurityContextHolderStrategy to use.
    void
    setSecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository securityContextRepository)
    Sets the SecurityContextRepository to save the SecurityContext on authentication success.
    void
    setSessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionStrategy)
    The session handling strategy which will be invoked immediately after an authentication request is successfully processed by the AuthenticationManager.
    protected void
    successfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication)
    Default behaviour for successful authentication.
    protected void
    unsuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed)
    Default behaviour for unsuccessful authentication.

    从类继承的方法 java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • 字段详细资料

    • successResultConverter

      private BiFunction<org.springframework.security.core.Authentication,jakarta.servlet.http.HttpServletResponse,io.github.mangocrisp.spring.taybct.tool.core.result.R<?>> successResultConverter

    • globalExceptionReporter

      private io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalExceptionReporter globalExceptionReporter

    • globalPrinter

      private final io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalPrinter globalPrinter

    • operationsBeforeOutput

      private Consumer<org.springframework.security.core.Authentication> operationsBeforeOutput
      其他的操作,这里,指的是希望使用 Authentication 做点什么,这个操作会在往前端输出之前操作

    • securityContextHolderStrategy

      private org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy

    • eventPublisher

      protected org.springframework.context.ApplicationEventPublisher eventPublisher

    • authenticationDetailsSource

      protected org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest,?> authenticationDetailsSource

    • authenticationManager

      private org.springframework.security.authentication.AuthenticationManager authenticationManager

    • messages

      protected org.springframework.context.support.MessageSourceAccessor messages

    • rememberMeServices

      private org.springframework.security.web.authentication.RememberMeServices rememberMeServices

    • requiresAuthenticationRequestMatcher

      private org.springframework.security.web.util.matcher.RequestMatcher requiresAuthenticationRequestMatcher

    • continueChainBeforeSuccessfulAuthentication

      private boolean continueChainBeforeSuccessfulAuthentication

    • sessionStrategy

      private org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionStrategy

    • allowSessionCreation

      private boolean allowSessionCreation

    • successHandler

      private org.springframework.security.web.authentication.AuthenticationSuccessHandler successHandler

    • failureHandler

      private org.springframework.security.web.authentication.AuthenticationFailureHandler failureHandler

    • securityContextRepository

      private org.springframework.security.web.context.SecurityContextRepository securityContextRepository

    • DEFAULT_ANT_PATH_REQUEST_MATCHER

      private static final org.springframework.security.web.util.matcher.AntPathRequestMatcher DEFAULT_ANT_PATH_REQUEST_MATCHER

    • authoritiesMapper

      private org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper authoritiesMapper

  • 构造器详细资料

    • ResponseHandler

      public ResponseHandler(io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalExceptionReporter globalExceptionReporter, io.github.mangocrisp.spring.taybct.tool.core.exception.handler.IGlobalPrinter globalPrinter)

  • 方法详细资料

    • onAuthenticationFailure

      public void onAuthenticationFailure(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception) throws IOException, jakarta.servlet.ServletException
      指定者:
      onAuthenticationFailure 在接口中 org.springframework.security.web.authentication.AuthenticationFailureHandler
      抛出:
      IOException
      jakarta.servlet.ServletException

    • commence

      public void commence(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException exception) throws IOException
      指定者:
      commence 在接口中 org.springframework.security.web.AuthenticationEntryPoint
      抛出:
      IOException

    • handle

      public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.access.AccessDeniedException exception) throws IOException, jakarta.servlet.ServletException
      指定者:
      handle 在接口中 org.springframework.security.web.access.AccessDeniedHandler
      抛出:
      IOException
      jakarta.servlet.ServletException

    • failure

      public void failure(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Exception exception)

    • saveException

      protected final void saveException(jakarta.servlet.http.HttpServletRequest request, org.springframework.security.core.AuthenticationException exception)
      Caches the AuthenticationException for use in view rendering.

      If forwardToDestination is set to true, request scope will be used, otherwise it will attempt to store the exception in the session. If there is no session and allowSessionCreation is true a session will be created. Otherwise the exception will not be stored.

    • onAuthenticationSuccess

      public void onAuthenticationSuccess(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain chain, org.springframework.security.core.Authentication authentication) throws IOException, jakarta.servlet.ServletException
      指定者:
      onAuthenticationSuccess 在接口中 org.springframework.security.web.authentication.AuthenticationSuccessHandler
      抛出:
      IOException
      jakarta.servlet.ServletException

    • onAuthenticationSuccess

      public void onAuthenticationSuccess(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication) throws IOException
      指定者:
      onAuthenticationSuccess 在接口中 org.springframework.security.web.authentication.AuthenticationSuccessHandler
      抛出:
      IOException

    • createSuccessAuthentication

      protected org.springframework.security.core.Authentication createSuccessAuthentication(org.springframework.security.core.Authentication authentication)
      创建可以用于存储在 session holder 里面的数据
      参数:
      authentication - 自定义的 token
      返回:
      OAuth2 授权服务器可以接受的 token

    • clearAuthenticationAttributes

      protected final void clearAuthenticationAttributes(jakarta.servlet.http.HttpServletRequest request)
      Removes temporary authentication-related data which may have been stored in the session during the authentication process.

    • successfulAuthentication

      protected void successfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.Authentication authentication)
      Default behaviour for successful authentication. 
       Sets the successful Authentication object on the
 SecurityContextHolder
 Informs the configured RememberMeServices of the successful login
 Fires an InteractiveAuthenticationSuccessEvent via the configured
 ApplicationEventPublisher
 Delegates additional behaviour to the
 AuthenticationSuccessHandler.

      Subclasses can override this method to continue the FilterChain after successful authentication.

      参数:
      authentication - the object returned from the attemptAuthentication method.

    • unsuccessfulAuthentication

      protected void unsuccessfulAuthentication(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, org.springframework.security.core.AuthenticationException failed) throws IOException, jakarta.servlet.ServletException
      Default behaviour for unsuccessful authentication. 
       Clears the SecurityContextHolder
 Stores the exception in the session (if it exists or
 allowSesssionCreation is set to true)
 Informs the configured RememberMeServices of the failed login
 Delegates additional behaviour to the
 AuthenticationFailureHandler.
      抛出:
      IOException
      jakarta.servlet.ServletException

    • getAuthenticationManager

      protected org.springframework.security.authentication.AuthenticationManager getAuthenticationManager()

    • setAuthenticationManager

      public void setAuthenticationManager(org.springframework.security.authentication.AuthenticationManager authenticationManager)

    • getRememberMeServices

      public org.springframework.security.web.authentication.RememberMeServices getRememberMeServices()

    • setRememberMeServices

      public void setRememberMeServices(org.springframework.security.web.authentication.RememberMeServices rememberMeServices)

    • setContinueChainBeforeSuccessfulAuthentication

      public void setContinueChainBeforeSuccessfulAuthentication(boolean continueChainBeforeSuccessfulAuthentication)
      Indicates if the filter chain should be continued prior to delegation to #successfulAuthentication(HttpServletRequest, HttpServletResponse, FilterChain, Authentication) , which may be useful in certain environment (such as Tapestry applications). Defaults to false.

    • setApplicationEventPublisher

      public void setApplicationEventPublisher(org.springframework.context.ApplicationEventPublisher eventPublisher)

    • setAuthenticationDetailsSource

      public void setAuthenticationDetailsSource(org.springframework.security.authentication.AuthenticationDetailsSource<jakarta.servlet.http.HttpServletRequest,?> authenticationDetailsSource)

    • setMessageSource

      public void setMessageSource(org.springframework.context.MessageSource messageSource)

    • getAllowSessionCreation

      protected boolean getAllowSessionCreation()

    • setAllowSessionCreation

      public void setAllowSessionCreation(boolean allowSessionCreation)

    • setSessionAuthenticationStrategy

      public void setSessionAuthenticationStrategy(org.springframework.security.web.authentication.session.SessionAuthenticationStrategy sessionStrategy)
       The session handling strategy which will be invoked immediately after an
 authentication request is successfully processed by the
 AuthenticationManager. Used, for example, to handle changing of the
 session identifier to prevent session fixation attacks.
      参数:
      sessionStrategy - the implementation to use. If not set a null implementation is used.

    • setAuthenticationSuccessHandler

      public void setAuthenticationSuccessHandler(org.springframework.security.web.authentication.AuthenticationSuccessHandler successHandler)
      Sets the strategy used to handle a successful authentication. By default a SavedRequestAwareAuthenticationSuccessHandler is used.

    • setAuthenticationFailureHandler

      public void setAuthenticationFailureHandler(org.springframework.security.web.authentication.AuthenticationFailureHandler failureHandler)

    • setSecurityContextRepository

      public void setSecurityContextRepository(org.springframework.security.web.context.SecurityContextRepository securityContextRepository)
      Sets the SecurityContextRepository to save the SecurityContext on authentication success. The default action is not to save the SecurityContext.
      参数:
      securityContextRepository - the SecurityContextRepository to use. Cannot be null.

    • setSecurityContextHolderStrategy

      public void setSecurityContextHolderStrategy(org.springframework.security.core.context.SecurityContextHolderStrategy securityContextHolderStrategy)
      Sets the SecurityContextHolderStrategy to use. The default action is to use the SecurityContextHolderStrategy stored in SecurityContextHolder.
      从以下版本开始:
      5.8

    • getSuccessHandler

      protected org.springframework.security.web.authentication.AuthenticationSuccessHandler getSuccessHandler()

    • getFailureHandler

      protected org.springframework.security.web.authentication.AuthenticationFailureHandler getFailureHandler()