spring-projects · ttddyy · Aug 29, 2019 · jgrandja · Sep 5, 2019 · ttddyy
diff --git a/.../security/oauth2/client/web/DefaultOAuth2AuthorizationCodeGrantFinalRedirectStrategy.java b/.../security/oauth2/client/web/DefaultOAuth2AuthorizationCodeGrantFinalRedirectStrategy.java
@@ -0,0 +1,45 @@
+package org.springframework.security.oauth2.client.web;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
+import org.springframework.security.web.RedirectStrategy;
+import org.springframework.security.web.savedrequest.RequestCache;
+import org.springframework.security.web.savedrequest.SavedRequest;
+
+/**
+ * Default implementation of {@link OAuth2AuthorizationCodeGrantFinalRedirectStrategy}.
+ *
+ * @author Tadaya Tsuyukubo
+ * @since 5.2
+ * @see OAuth2AuthorizationCodeGrantFilter
+ */
+public class DefaultOAuth2AuthorizationCodeGrantFinalRedirectStrategy implements OAuth2AuthorizationCodeGrantFinalRedirectStrategy {
+
+	private final RedirectStrategy redirectStrategy;
+	private final RequestCache requestCache;
+
+	public DefaultOAuth2AuthorizationCodeGrantFinalRedirectStrategy(RedirectStrategy redirectStrategy, RequestCache requestCache) {
+		this.redirectStrategy = redirectStrategy;
+		this.requestCache = requestCache;
+	}
+
+	@Override
+	public void sendRedirect(HttpServletRequest request, HttpServletResponse response,
+			OAuth2AuthorizationRequest authorizationRequest, OAuth2AuthorizationResponse authorizationResponse) throws IOException {
+
+		String redirectUrl = authorizationResponse.getRedirectUri();
+		SavedRequest savedRequest = this.requestCache.getRequest(request, response);
+		if (savedRequest != null) {
+			redirectUrl = savedRequest.getRedirectUrl();
+			this.requestCache.removeRequest(request, response);
+		}
+
+		this.redirectStrategy.sendRedirect(request, response, redirectUrl);
+	}
+
+}
diff --git a/...va/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java b/...va/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java
@@ -99,6 +99,8 @@ public class OAuth2AuthorizationCodeGrantFilter extends OncePerRequestFilter {
 	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
 	private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
 	private final RequestCache requestCache = new HttpSessionRequestCache();
+	private OAuth2AuthorizationCodeGrantFinalRedirectStrategy finalRedirectStrategy =
+			new DefaultOAuth2AuthorizationCodeGrantFinalRedirectStrategy(this.redirectStrategy, this.requestCache);
 
 	/**
 	 * Constructs an {@code OAuth2AuthorizationCodeGrantFilter} using the provided parameters.
@@ -128,6 +130,17 @@ public final void setAuthorizationRequestRepository(AuthorizationRequestReposito
 		this.authorizationRequestRepository = authorizationRequestRepository;
 	}
 
+	/**
+	 * Sets the final redirect strategy.
+	 *
+	 * @param finalRedirectStrategy the final redirect strategy
+	 * @since 5.2
+	 */
+	public final void setFinalRedirectStrategy(OAuth2AuthorizationCodeGrantFinalRedirectStrategy finalRedirectStrategy) {
+		Assert.notNull(finalRedirectStrategy, "finalRedirectStrategy cannot be null");
+		this.finalRedirectStrategy = finalRedirectStrategy;
+	}
+
 	@Override
 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
 		throws ServletException, IOException {
@@ -206,13 +219,6 @@ private void processAuthorizationResponse(HttpServletRequest request, HttpServle
 
 		this.authorizedClientRepository.saveAuthorizedClient(authorizedClient, currentAuthentication, request, response);
 
-		String redirectUrl = authorizationResponse.getRedirectUri();
-		SavedRequest savedRequest = this.requestCache.getRequest(request, response);
-		if (savedRequest != null) {
-			redirectUrl = savedRequest.getRedirectUrl();
-			this.requestCache.removeRequest(request, response);
-		}
-
-		this.redirectStrategy.sendRedirect(request, response, redirectUrl);
+		this.finalRedirectStrategy.sendRedirect(request, response, authorizationRequest, authorizationResponse);
 	}
 }
diff --git a/...amework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFinalRedirectStrategy.java b/...amework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFinalRedirectStrategy.java
@@ -0,0 +1,23 @@
+package org.springframework.security.oauth2.client.web;
+
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Strategy interface to perform final redirect at the end of OAuth2 Authorization Code Grant Flow.
+ *
+ * @author Tadaya Tsuyukubo
+ * @since 5.2
+ * @see OAuth2AuthorizationCodeGrantFilter
+ */
+public interface OAuth2AuthorizationCodeGrantFinalRedirectStrategy {
+
+	void sendRedirect(HttpServletRequest request, HttpServletResponse response,
+			OAuth2AuthorizationRequest authorizationRequest,
+			OAuth2AuthorizationResponse authorizationResponse) throws IOException;
+
+}