diff options
author | Vitaly Takmazov | 2023-01-11 07:31:17 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2023-01-11 08:24:06 +0300 |
commit | e71278631c775bf5e3d269ca8986ac7feae73451 (patch) | |
tree | 27ba14ae65d9e4ea261262cfa663f488d8cb29a4 /src/main/java/com/juick | |
parent | 6c3663df82c7e29febc0aebd51717184df7da09c (diff) |
Fix OAuth login
Diffstat (limited to 'src/main/java/com/juick')
-rw-r--r-- | src/main/java/com/juick/config/SecurityConfig.java | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java index 255b0c5d..d8faff7b 100644 --- a/src/main/java/com/juick/config/SecurityConfig.java +++ b/src/main/java/com/juick/config/SecurityConfig.java @@ -148,21 +148,13 @@ public class SecurityConfig { public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http); - var loginUrlAuthenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login"); - loginUrlAuthenticationEntryPoint.setForceHttps(true); http.getConfigurer(OAuth2AuthorizationServerConfigurer.class) .authorizationServerSettings(AuthorizationServerSettings.builder() .authorizationEndpoint("/oauth/authorize") .tokenEndpoint("/oauth/token") .build()) - .oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0 - http - // Redirect to the login page when not authenticated from the - // authorization endpoint - .exceptionHandling((exceptions) -> exceptions - .authenticationEntryPoint(loginUrlAuthenticationEntryPoint) - ) - .cors(cors -> cors.configurationSource(corsConfigurationSource())) + .oidc(Customizer.withDefaults()); + http.cors(cors -> cors.configurationSource(corsConfigurationSource())) // Accept access tokens for User Info and/or Client Registration .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt); @@ -262,7 +254,8 @@ public class SecurityConfig { .logout(logout -> logout .logoutRequestMatcher(new AntPathRequestMatcher("/logout")) .invalidateHttpSession(true) - .logoutSuccessUrl("/") + .clearAuthentication(true) + .logoutSuccessUrl("/login") .deleteCookies("hash", COOKIE_NAME)) .formLogin(form -> form.loginPage("/login") .usernameParameter("username") |