feature : distinguish api/web for success/failure conditional beans

Author: patternhelloworld

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomAuthenticationFailureHandlerImpl.java renamed to client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomApiAuthenticationFailureHandlerImpl.java

@@ -12,7 +12,9 @@
 import lombok.RequiredArgsConstructor;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
@@ -28,9 +30,11 @@
  *
  * Create this class only if you need a custom implementation that differs from the default.
  */
+@Primary
+@Qualifier("apiAuthenticationFailureHandler")
 @Configuration
 @RequiredArgsConstructor
-public class CustomAuthenticationFailureHandlerImpl implements AuthenticationFailureHandler {
+public class CustomApiAuthenticationFailureHandlerImpl implements AuthenticationFailureHandler {
 
     private static final Logger logger = LoggerFactory.getLogger(KnifeSecurityLogConfig.class);
 

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomAuthenticationSuccessHandlerImpl.java renamed to client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomApiAuthenticationSuccessHandlerImpl.java

@@ -8,7 +8,9 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.server.ServletServerHttpResponse;
 import org.springframework.security.core.Authentication;
@@ -33,9 +35,11 @@
  *
  * Create this class only if you need a custom implementation that differs from the default.
  */
+@Primary
+@Qualifier("apiAuthenticationSuccessHandler")
 @Configuration
 @RequiredArgsConstructor
-public class CustomAuthenticationSuccessHandlerImpl implements AuthenticationSuccessHandler {
+public class CustomApiAuthenticationSuccessHandlerImpl implements AuthenticationSuccessHandler {
 
     private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
             new OAuth2AccessTokenResponseHttpMessageConverter();

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomWebAuthenticationFailureHandlerImpl.java

@@ -0,0 +1,56 @@
+package com.patternknife.securityhelper.oauth2.client.config.securityimpl.response;
+
+
+import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.List;
+
+@Primary
+@Qualifier("webAuthenticationFailureHandler")
+@Configuration
+@RequiredArgsConstructor
+public class CustomWebAuthenticationFailureHandlerImpl implements AuthenticationFailureHandler {
+
+    private static final Logger logger = LoggerFactory.getLogger(CustomWebAuthenticationFailureHandlerImpl.class);
+
+    private final ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService;
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
+        // SecurityKnifeExceptionHandler does NOT handle this error.
+        logger.error("Authentication failed: ", exception);
+
+        String errorMessage = "An unexpected error occurred.";
+        List<String> errorDetails = new ArrayList<>();
+        // Extract error messages if the exception is of type KnifeOauth2AuthenticationException
+        if (exception instanceof KnifeOauth2AuthenticationException) {
+            KnifeOauth2AuthenticationException oauth2Exception = (KnifeOauth2AuthenticationException) exception;
+            errorMessage = oauth2Exception.getErrorMessages().getUserMessage();
+        }
+
+        if(errorMessage.equals("Authorization code missing in GET request")){
+            request.getRequestDispatcher("/login").forward(request, response);
+        }else {
+
+            // Redirect to /error with query parameters
+            request.setAttribute("errorMessage", errorMessage);
+            request.setAttribute("errorDetails", errorDetails);
+
+            request.getRequestDispatcher("/error").forward(request, response);
+        }
+    }
+}

client/src/main/java/com/patternknife/securityhelper/oauth2/client/config/securityimpl/response/CustomWebAuthenticationSuccessHandlerImpl.java

@@ -0,0 +1,36 @@
+package com.patternknife.securityhelper.oauth2.client.config.securityimpl.response;
+
+
+import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+
+import java.io.IOException;
+
+@Primary
+@Qualifier("webAuthenticationSuccessHandler")
+@Configuration
+@RequiredArgsConstructor
+public class CustomWebAuthenticationSuccessHandlerImpl implements AuthenticationSuccessHandler {
+
+    private final ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService;
+
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
+        OAuth2AuthorizationCodeAuthenticationToken oAuth2AuthorizationCodeAuthenticationToken = (OAuth2AuthorizationCodeAuthenticationToken) authentication;
+
+        String redirectUri = oAuth2AuthorizationCodeAuthenticationToken.getRedirectUri();
+        String authorizationCode = oAuth2AuthorizationCodeAuthenticationToken.getCode();
+        String state = oAuth2AuthorizationCodeAuthenticationToken.getAdditionalParameters().get("state").toString();
+
+        response.sendRedirect(redirectUri+"?code="+authorizationCode+"&state="+state);
+    }
+}

lib/src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/response/auth/authentication/DefaultAuthenticationFailureHandlerImpl.java renamed to lib/src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/response/auth/authentication/DefaultApiAuthenticationFailureHandlerImpl.java

@@ -22,7 +22,7 @@
 
 
 @RequiredArgsConstructor
-public class DefaultAuthenticationFailureHandlerImpl implements AuthenticationFailureHandler {
+public class DefaultApiAuthenticationFailureHandlerImpl implements AuthenticationFailureHandler {
 
     private static final Logger logger = LoggerFactory.getLogger(KnifeSecurityLogConfig.class);
 

lib/src/main/java/io/github/patternknife/securityhelper/oauth2/api/config/security/response/auth/authentication/DefaultApiAuthenticationSuccessHandlerImpl.java

@@ -0,0 +1,93 @@
+package io.github.patternknife.securityhelper.oauth2.api.config.security.response.auth.authentication;
+
+
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.dto.KnifeErrorMessages;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.response.error.exception.KnifeOauth2AuthenticationException;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
+import io.github.patternknife.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import lombok.RequiredArgsConstructor;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.server.ServletServerHttpResponse;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.oauth2.core.OAuth2RefreshToken;
+import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
+import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
+import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+
+import java.io.IOException;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.Map;
+
+@RequiredArgsConstructor
+public class DefaultApiAuthenticationSuccessHandlerImpl implements AuthenticationSuccessHandler {
+
+    private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
+            new OAuth2AccessTokenResponseHttpMessageConverter();
+
+    private final ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService;
+
+    @Override
+    public void onAuthenticationSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication authentication) throws IOException {
+
+        final OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = (OAuth2AccessTokenAuthenticationToken) authentication;
+
+        OAuth2AccessToken accessToken = accessTokenAuthentication.getAccessToken();
+        OAuth2RefreshToken refreshToken = accessTokenAuthentication.getRefreshToken();
+        Map<String, Object> additionalParameters = accessTokenAuthentication.getAdditionalParameters();
+
+        if (((String) additionalParameters.get("grant_type")).equals(AuthorizationGrantType.PASSWORD.getValue())
+                || ((String) additionalParameters.get("grant_type")).equals(OAuth2ParameterNames.CODE)) {
+            OAuth2AccessTokenResponse.Builder builder = OAuth2AccessTokenResponse.withToken(accessToken.getTokenValue())
+                    .tokenType(accessToken.getTokenType())
+                    .scopes(accessToken.getScopes());
+            if (accessToken.getExpiresAt() != null) {
+                builder.expiresIn(ChronoUnit.SECONDS.between(Instant.now(), accessToken.getExpiresAt()));
+            }
+            if (refreshToken != null) {
+                builder.refreshToken(refreshToken.getTokenValue());
+            }
+            OAuth2AccessTokenResponse accessTokenResponse = builder.build();
+            ServletServerHttpResponse httpResponse = new ServletServerHttpResponse(response);
+            this.accessTokenHttpResponseConverter.write(accessTokenResponse, null, httpResponse);
+
+        } else if (((String) additionalParameters.get("grant_type")).equals(AuthorizationGrantType.REFRESH_TOKEN.getValue())) {
+            OAuth2AccessTokenResponse.Builder builder = OAuth2AccessTokenResponse.withToken(accessToken.getTokenValue())
+                    .tokenType(accessToken.getTokenType())
+                    .scopes(accessToken.getScopes());
+            if (refreshToken.getExpiresAt() != null) {
+                builder.expiresIn(ChronoUnit.SECONDS.between(Instant.now(), refreshToken.getExpiresAt()));
+            }
+            if (refreshToken != null) {
+                builder.refreshToken(refreshToken.getTokenValue());
+            }
+            OAuth2AccessTokenResponse accessTokenResponse = builder.build();
+            ServletServerHttpResponse httpResponse = new ServletServerHttpResponse(response);
+            this.accessTokenHttpResponseConverter.write(accessTokenResponse, null, httpResponse);
+
+        } else if (((String) additionalParameters.get("grant_type")).equals(AuthorizationGrantType.AUTHORIZATION_CODE.getValue())) {
+            // Authorization Code만 JSON으로 응답
+            String code = (String) additionalParameters.get("authorization_code");
+
+            // JSON 응답 생성 (authorization_code만 포함)
+            String jsonResponse = String.format("{\"code\":\"%s\"}", code);
+
+            // JSON 응답 전송
+            response.setContentType("application/json");
+            response.setCharacterEncoding("UTF-8");
+            response.getWriter().write(jsonResponse);
+
+        } else {
+            throw new KnifeOauth2AuthenticationException(KnifeErrorMessages.builder()
+                    .message("Wrong grant type from Req : " + (String) additionalParameters.get("grant_type"))
+                    .userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_WRONG_GRANT_TYPE))
+                    .build());
+        }
+    }
+}