From e71278631c775bf5e3d269ca8986ac7feae73451 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Wed, 11 Jan 2023 07:31:17 +0300
Subject: Fix OAuth login

---
 src/main/java/com/juick/config/SecurityConfig.java | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

(limited to 'src/main/java/com/juick')

diff --git a/src/main/java/com/juick/config/SecurityConfig.java b/src/main/java/com/juick/config/SecurityConfig.java
index 255b0c5d..d8faff7b 100644
--- a/src/main/java/com/juick/config/SecurityConfig.java
+++ b/src/main/java/com/juick/config/SecurityConfig.java
@@ -148,21 +148,13 @@ public class SecurityConfig {
     public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http)
             throws Exception {
         OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
-        var loginUrlAuthenticationEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
-        loginUrlAuthenticationEntryPoint.setForceHttps(true);
         http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
                 .authorizationServerSettings(AuthorizationServerSettings.builder()
                         .authorizationEndpoint("/oauth/authorize")
                         .tokenEndpoint("/oauth/token")
                         .build())
-                .oidc(Customizer.withDefaults());	// Enable OpenID Connect 1.0
-        http
-                // Redirect to the login page when not authenticated from the
-                // authorization endpoint
-                .exceptionHandling((exceptions) -> exceptions
-                        .authenticationEntryPoint(loginUrlAuthenticationEntryPoint)
-                )
-                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
+                .oidc(Customizer.withDefaults());
+        http.cors(cors -> cors.configurationSource(corsConfigurationSource()))
                 // Accept access tokens for User Info and/or Client Registration
                 .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
 
@@ -262,7 +254,8 @@ public class SecurityConfig {
                 .logout(logout -> logout
                         .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
                         .invalidateHttpSession(true)
-                        .logoutSuccessUrl("/")
+                        .clearAuthentication(true)
+                        .logoutSuccessUrl("/login")
                         .deleteCookies("hash", COOKIE_NAME))
                 .formLogin(form -> form.loginPage("/login")
                         .usernameParameter("username")
-- 
cgit v1.2.3