com.ar.dev.tierra.api.config.security.CustomLogoutSuccessHandler.java Source code

Java tutorial

  1. HOME
  2. Java
  3. com.ar.dev.tierra.api.config.security.CustomLogoutSuccessHandler.java

Introduction

Here is the source code for com.ar.dev.tierra.api.config.security.CustomLogoutSuccessHandler.java

Source

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
package com.ar.dev.tierra.api.config.security;

import com.ar.dev.tierra.api.dao.UsuariosDAO;
import com.ar.dev.tierra.api.model.Usuarios;
import java.io.IOException;
import java.util.Calendar;
import java.util.Date;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.stereotype.Component;

/**
 *
 * @author PauloGaldo
 */
@Component
public class CustomLogoutSuccessHandler extends AbstractAuthenticationTargetUrlRequestHandler
        implements LogoutSuccessHandler {

    private static final String BEARER_AUTHENTICATION = "Bearer ";
    private static final String HEADER_AUTHORIZATION = "authorization";

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private UsuariosDAO usuariosDAO;

    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response,
            Authentication authentication) throws IOException, ServletException {

        String token = request.getHeader(HEADER_AUTHORIZATION);
        if (token != null && token.startsWith(BEARER_AUTHENTICATION)) {
            OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(token.split(" ")[1]);
            if (oAuth2AccessToken != null) {
                Calendar cal = Calendar.getInstance();
                Date date = cal.getTime();
                Map<String, Object> map = oAuth2AccessToken.getAdditionalInformation();
                OAuth2Authentication auth = tokenStore.readAuthentication(oAuth2AccessToken);
                User user = (User) auth.getPrincipal();
                Usuarios u = usuariosDAO.findUsuarioByUsername(user.getUsername());
                u.setUltimaConexion(date);
                usuariosDAO.updateUsuario(u);
                tokenStore.removeAccessToken(oAuth2AccessToken);
                response.setStatus(HttpServletResponse.SC_OK);
            } else {
                response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
            }
        }
    }

}