extends the functionality of oauth in Stirling PDF 2.

2024-05-18 23:47:05 +02:00
parent b904a46bca
commit ffec5f7b54
52 changed files with 1055 additions and 786 deletions
--- a/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java
+++ b/src/main/java/stirling/software/SPDF/config/security/CustomAuthenticationFailureHandler.java
@@ -6,18 +6,17 @@ import java.util.Optional;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.InternalAuthenticationServiceException;
 import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
-import org.springframework.stereotype.Component;

 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import stirling.software.SPDF.model.User;

-@Component
 public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

    private LoginAttemptService loginAttemptService;
@@ -28,7 +27,7 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
            LoggerFactory.getLogger(CustomAuthenticationFailureHandler.class);

    public CustomAuthenticationFailureHandler(
-            LoginAttemptService loginAttemptService, UserService userService) {
+            final LoginAttemptService loginAttemptService, UserService userService) {
        this.loginAttemptService = loginAttemptService;
        this.userService = userService;
    }
@@ -41,24 +40,29 @@ public class CustomAuthenticationFailureHandler extends SimpleUrlAuthenticationF
            throws IOException, ServletException {

        String ip = request.getRemoteAddr();
-        logger.error("Failed login attempt from IP: " + ip);
+        logger.error("Failed login attempt from IP: {}", ip);
+
+        if (exception.getClass().isAssignableFrom(InternalAuthenticationServiceException.class)
+                || "Password must not be null".equalsIgnoreCase(exception.getMessage())) {
+            response.sendRedirect("/login?error=oauth2AuthenticationError");
+            return;
+        }

        String username = request.getParameter("username");
-        if (!isDemoUser(username)) {
-            if (loginAttemptService.loginAttemptCheck(username)) {
+        if (username != null && !isDemoUser(username)) {
+            logger.info(
+                    "Remaining attempts for user {}: {}",
+                    username,
+                    loginAttemptService.getRemainingAttempts(username));
+            loginAttemptService.loginFailed(username);
+            if (loginAttemptService.isBlocked(username)
+                    || exception.getClass().isAssignableFrom(LockedException.class)) {
                response.sendRedirect("/login?error=locked");
                return;
-            } else {
-                if (exception.getClass().isAssignableFrom(LockedException.class)) {
-                    response.sendRedirect("/login?error=locked");
-                    return;
-                } else if (exception instanceof UsernameNotFoundException) {
-                    response.sendRedirect("/login?error=oauth2AuthenticationError");
-                    return;
-                }
            }
        }
-        if (exception.getClass().isAssignableFrom(BadCredentialsException.class)) {
+        if (exception.getClass().isAssignableFrom(BadCredentialsException.class)
+                || exception.getClass().isAssignableFrom(UsernameNotFoundException.class)) {
            response.sendRedirect("/login?error=badcredentials");
            return;
        }