0

I have my backend (spring boot) application running on http://localhost:8080

I have my frontend (react js) application running on http://localhost:3000

My front-end SignIn button authenticates with Facebook (http://localhost:8080/connect/facebook) which does the oauth dance with by backend application. This is provided for free with the spring-social plugin.

After successfully authenticating, I have facebookConnected.html redirect to http://localhost:8080/handle-successful-authentication which is an endpoint in my backend application that handles post-authentication logic.

Once I handle this, how do I hand control over back to my frontend?

alphathesis
  • 199
  • 2
  • 12
  • The front-end never hands control over to the back-end. The back-end never has to hand control back. The front-end makes a request to the back-end: it's still in control, it can continue to work, or it can choose to wait until the back-end finishes building and sending its response. Once your back-end controller returns, that's the end of the interaction for your back-end. – Paul Hicks Aug 01 '17 at 01:04
  • How did you solve it? – kevcodez Nov 15 '17 at 22:39
  • @kevcodez I added a custom controller that overwrites the redirect call as suggested in this article: http://www.littlebigextra.com/how-to-change-the-default-spring-social-redirect-flow/. – alphathesis Nov 21 '17 at 20:01

1 Answers1

0

Maybe you should check referer header filed and see if it can fit your needs: use it to redirect back after successful login process. Check this answer for using SimpleUrlAuthenticationSuccessHandler

@Bean
public AuthenticationSuccessHandler successHandler() {
SimpleUrlAuthenticationSuccessHandler handler = new SimpleUrlAuthenticationSuccessHandler();
    handler.setUseReferer(true);
    return handler;
}

Or if you are configuring more pieces in spring manually - you can use this answer for getting referer url in filter phase and save it in session. One modification of that answer could be: extends OAuth2ClientAuthenticationProcessingFilter and in doFilter get referer value

public class MyOAuth2ClientAuthenticationProcessingFilter extends OAuth2ClientAuthenticationProcessingFilter {
...
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) req;
    String referrer = request.getHeader("Referer");        
    if (null != referrer)
        request.getSession().setAttribute("url_prior_login", referrer);

    super.doFilter(req, res, chain);
    }
}

so you can redirect after procesing your '...handle-successful-authentication' - but as I see this redirect is overhead, try to put this logic somewhere else (eg. successHandler() or pricipalExtractor() in UserInfoTokenServices if you need more user details from social oauth provider)

successHandler() could look like this:

@Bean
public AuthenticationSuccessHandler successHandler() { 
    AuthenticationSuccessHandler rst = new AuthenticationSuccessHandler() {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
                Authentication authentication) throws IOException, ServletException {
            ...
            HttpSession session = request.getSession();
            String redirectUrl = null;
            if (session != null) {
                redirectUrl = (String) session
                        .getAttribute("url_prior_login");

            if (null == redirectUrl || redirectUrl.trim().length() <= 0)
                redirectUrl = "http://your_default_redirect_url";

            response.sendRedirect(redirectUrl); 
        };
        return rst;
}

Anyway, check spring docs

Helija
  • 133
  • 2
  • 9