Skip to content

Commit c749429

Browse files
sbglasiussbglasius
committed
Fixed usage of client.getRedirectAction by adding CallContext
1 parent 649468f commit c749429

File tree

1 file changed

+14
-8
lines changed

1 file changed

+14
-8
lines changed

plugin-rest/spring-security-rest/grails-app/controllers/grails/plugin/springsecurity/rest/RestOauthController.groovy

Lines changed: 14 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -32,10 +32,12 @@ import org.apache.commons.codec.binary.Base64
3232
import org.grails.plugins.codecs.URLCodec
3333
import org.pac4j.core.client.IndirectClient
3434
import org.pac4j.core.context.CallContext
35-
import org.pac4j.core.context.WebContext
35+
import org.pac4j.core.context.session.SessionStore
36+
import org.pac4j.core.exception.http.FoundAction
3637
import org.pac4j.core.exception.http.RedirectionAction
3738
import org.pac4j.jee.context.JEEContext
3839
import org.pac4j.jee.context.session.JEESessionStore
40+
import org.pac4j.jee.context.session.JEESessionStoreFactory
3941
import org.springframework.http.HttpStatus
4042
import org.springframework.security.core.userdetails.User
4143

@@ -46,7 +48,7 @@ import java.nio.charset.StandardCharsets
4648
class RestOauthController {
4749

4850
static allowedMethods = [accessToken: 'POST']
49-
51+
private static final SessionStore SESSION_STORE = JEESessionStoreFactory.INSTANCE.newSessionStore(null)
5052
final String CALLBACK_ATTR = "spring-security-rest-callback"
5153

5254
CallbackErrorHandler callbackErrorHandler
@@ -64,8 +66,7 @@ class RestOauthController {
6466
*/
6567
def authenticate(String provider, String callback) {
6668
IndirectClient client = restOauthService.getClient(provider)
67-
WebContext context = new JEEContext(request, response)
68-
69+
6970
if (callback) {
7071
try {
7172
if (Base64.isBase64(callback.getBytes())){
@@ -78,9 +79,14 @@ class RestOauthController {
7879
}
7980
}
8081

81-
RedirectionAction redirectAction = client.getRedirectionAction(context, JEESessionStore.INSTANCE).get()
82-
log.debug "Redirecting to ${redirectAction.location}"
83-
redirect url: redirectAction.location
82+
CallContext callContext = new CallContext(new JEEContext(request, response), SESSION_STORE)
83+
RedirectionAction redirectAction = client.getRedirectionAction(callContext).get()
84+
if(redirectAction instanceof FoundAction) {
85+
log.debug "Redirecting to ${redirectAction.location}"
86+
redirect url: redirectAction.location
87+
} else {
88+
response.status = redirectAction.code
89+
}
8490
}
8591

8692
/**
@@ -89,7 +95,7 @@ class RestOauthController {
8995
* frontend application can store the REST API token locally for subsequent API calls.
9096
*/
9197
def callback(String provider) {
92-
CallContext context = new CallContext(new JEEContext(request, response), null)
98+
CallContext context = new CallContext(new JEEContext(request, response), SESSION_STORE)
9399
def frontendCallbackUrl
94100
if (session[CALLBACK_ATTR]) {
95101
log.debug "Found callback URL in the HTTP session"

0 commit comments

Comments
 (0)