List of usage examples for org.springframework.web.context.request ServletWebRequest setAttribute
@Override public void setAttribute(String name, Object value, int scope)
From source file:org.socialsignin.springsocial.security.signin.SpringSocialSecurityConnectInterceptor.java
/** * This callback 1) Ensures that 2 different local users * cannot share the same 3rd party connection 2) Updates the current * user's authentication if the set of roles they are assigned * needs to change now that this connection has been made. * 3) Looks for a request previously saved by an access denied * handler, and if present, sets the url of this original * pre-authorisation request as a session attribute * //from ww w . j av a 2s . c o m */ @Override public void postConnect(Connection<S> connection, WebRequest webRequest) { super.postConnect(connection, webRequest); /** * User roles are generated according to connected * providers in spring-social-security * * Now that this connection has been made, * doe we need to update the user roles? * * If so, update the current user's authentication and update * remember-me services accordingly. */ Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); Collection<? extends GrantedAuthority> existingAuthorities = authentication.getAuthorities(); GrantedAuthority newAuthority = userAuthoritiesService.getProviderAuthority(connection.getKey()); if (!existingAuthorities.contains(newAuthority)) { Authentication newAuthentication = authenticationFactory .updateAuthenticationForNewConnection(authentication, connection); SecurityContextHolder.getContext().setAuthentication(newAuthentication); if (rememberMeServices != null && webRequest instanceof ServletWebRequest) { ServletWebRequest servletWebRequest = ((ServletWebRequest) webRequest); rememberMeServices.loginSuccess(servletWebRequest.getRequest(), servletWebRequest.getResponse(), newAuthentication); } } /** * This connection may have been instigated by an * access denied handler which may have saved the * original request made by the user before their access * was denied. * * Spring Social sends the user to a particular view * on completion of connection. We may wish to offer the * user a "continue" link on this view, allowing their * original request (if saved by the access denied handler) * to be re-attempted * */ if (webRequest instanceof ServletWebRequest) { ServletWebRequest servletWebRequest = (ServletWebRequest) webRequest; SavedRequest savedRequest = requestCache.getRequest(servletWebRequest.getRequest(), servletWebRequest.getResponse()); if (savedRequest != null) { String redirectUrl = savedRequest.getRedirectUrl(); if (redirectUrl != null && savedRequest.getMethod().equalsIgnoreCase("get")) { servletWebRequest.setAttribute(SAVED_REQUEST_URL_ATTRIBUTE_NAME, savedRequest.getRedirectUrl(), RequestAttributes.SCOPE_SESSION); } } } }