Remove unused code

Signed-off-by: JohnNiang <[email protected]>
halo-sigs · Oct 10, 2024 · d2edf4a · d2edf4a
1 parent c329c09
commit d2edf4a
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 184 deletions.
diff --git a/build.gradle b/build.gradle
@@ -8,15 +8,14 @@ group 'run.halo.oauth'
 sourceCompatibility = JavaVersion.VERSION_17
 
 repositories {
-    mavenLocal()
     maven { url 'https://s01.oss.sonatype.org/content/repositories/releases' }
     maven { url 'https://s01.oss.sonatype.org/content/repositories/snapshots/' }
     maven { url 'https://repo.spring.io/milestone' }
     mavenCentral()
 }
 
 dependencies {
-    implementation platform('run.halo.tools.platform:plugin:2.20.0+local.6')
+    implementation platform('run.halo.tools.platform:plugin:2.20.0-SNAPSHOT')
     compileOnly 'run.halo.app:api'
 
     testImplementation 'run.halo.app:api'

diff --git a/src/main/java/run/halo/oauth/HaloOAuth2AuthenticationWebFilter.java b/src/main/java/run/halo/oauth/HaloOAuth2AuthenticationWebFilter.java
@@ -38,9 +38,9 @@ public HaloOAuth2AuthenticationWebFilter(Oauth2LoginConfiguration configuration,
         var converter = new ServerOAuth2AuthorizationCodeAuthenticationTokenConverter(
             configuration.getClientRegistrationRepository()
         );
-        filter.setAuthenticationSuccessHandler(
-            new RedirectServerAuthenticationSuccessHandler("/uc")
-        );
+        var successHandler = new RedirectServerAuthenticationSuccessHandler("/uc");
+        successHandler.setRequestCache(configuration.getRequestCache());
+        filter.setAuthenticationSuccessHandler(successHandler);
         filter.setAuthenticationFailureHandler(
             new RedirectServerAuthenticationFailureHandler("/login?oauth2_error")
         );

diff --git a/src/main/java/run/halo/oauth/Oauth2LoginConfiguration.java b/src/main/java/run/halo/oauth/Oauth2LoginConfiguration.java
@@ -2,57 +2,19 @@
 
 import static org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames.REGISTRATION_ID;
 
-import com.google.common.base.Throwables;
 import lombok.Getter;
-import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.scheduling.annotation.EnableAsync;
-import org.springframework.security.authentication.DelegatingReactiveAuthenticationManager;
-import org.springframework.security.authentication.ReactiveAuthenticationManager;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
-import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
-import org.springframework.security.oauth2.client.authentication.OAuth2LoginReactiveAuthenticationManager;
-import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
-import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient;
-import org.springframework.security.oauth2.client.endpoint.WebClientReactiveAuthorizationCodeTokenResponseClient;
-import org.springframework.security.oauth2.client.oidc.authentication.OidcAuthorizationCodeReactiveAuthenticationManager;
-import org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory;
-import org.springframework.security.oauth2.client.oidc.userinfo.OidcReactiveOAuth2UserService;
-import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
-import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
-import org.springframework.security.oauth2.client.userinfo.DefaultReactiveOAuth2UserService;
-import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
-import org.springframework.security.oauth2.client.userinfo.ReactiveOAuth2UserService;
 import org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository;
-import org.springframework.security.oauth2.client.web.server.OAuth2AuthorizationRequestRedirectWebFilter;
-import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository;
-import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationCodeAuthenticationTokenConverter;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
-import org.springframework.security.oauth2.client.web.server.WebSessionOAuth2ServerAuthorizationRequestRepository;
-import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
-import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
-import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
-import org.springframework.security.oauth2.core.user.OAuth2User;
-import org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory;
-import org.springframework.security.web.server.DefaultServerRedirectStrategy;
-import org.springframework.security.web.server.ServerRedirectStrategy;
-import org.springframework.security.web.server.WebFilterExchange;
-import org.springframework.security.web.server.authentication.RedirectServerAuthenticationFailureHandler;
-import org.springframework.security.web.server.authentication.ServerAuthenticationConverter;
-import org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler;
 import org.springframework.security.web.server.savedrequest.ServerRequestCache;
 import org.springframework.security.web.server.savedrequest.WebSessionServerRequestCache;
 import org.springframework.security.web.server.util.matcher.PathPatternParserServerWebExchangeMatcher;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
-import org.springframework.util.ClassUtils;
-import org.springframework.util.MultiValueMap;
-import reactor.core.publisher.Mono;
 import run.halo.app.extension.ReactiveExtensionClient;
 import run.halo.app.security.LoginHandlerEnhancer;
 
@@ -67,21 +29,10 @@
 @Configuration
 @EnableAsync
 public class Oauth2LoginConfiguration {
-    private final ReactiveAuthenticationManager authenticationManager;
-    private final ServerAuthenticationFailureHandler authenticationFailureHandler;
     private final ServerWebExchangeMatcher authenticationMatcher;
     private final ServerOAuth2AuthorizedClientRepository authorizedClientRepository;
-    private final ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>
-        authorizationRequestRepository;
-    private final ServerRedirectStrategy authorizationRedirectStrategy;
-    private final ServerAuthenticationConverter authenticationConverter;
-    private final ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest>
-        accessTokenResponseClient;
-    private final ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService;
-    private final ReactiveOAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;
     private final ReactiveClientRegistrationRepository clientRegistrationRepository;
     private final ReactiveOAuth2AuthorizedClientService authorizedClientService;
-    private final OAuth2AuthorizationRequestRedirectWebFilter redirectWebFilter;
 
     private final ReactiveExtensionClient extensionClient;
 
@@ -95,20 +46,10 @@ public Oauth2LoginConfiguration(ReactiveExtensionClient extensionClient,
         this.loginHandlerEnhancer = loginHandlerEnhancer;
 
         Initializer initializer = new Initializer();
-        this.authenticationManager = initializer.getAuthenticationManager();
-        this.authenticationFailureHandler = initializer.getAuthenticationFailureHandler();
         this.authenticationMatcher = initializer.getAuthenticationMatcher();
         this.authorizedClientRepository = initializer.getAuthorizedClientRepository();
-        this.authorizationRequestRepository = initializer.getAuthorizationRequestRepository();
-        this.authorizationRedirectStrategy = initializer.getAuthorizationRedirectStrategy();
-        this.authenticationConverter =
-            initializer.getAuthenticationConverter(initializer.getClientRegistrationRepository());
-        this.accessTokenResponseClient = initializer.getAccessTokenResponseClient();
-        this.oauth2UserService = initializer.getOauth2UserService();
-        this.oidcUserService = initializer.getOidcUserService();
         this.clientRegistrationRepository = initializer.getClientRegistrationRepository();
         this.authorizedClientService = initializer.getAuthorizedClientService();
-        this.redirectWebFilter = initializer.getRedirectWebFilter();
     }
 
     @Autowired(required = false)
@@ -118,146 +59,26 @@ public void setRequestCache(ServerRequestCache requestCache) {
 
     class Initializer {
 
-        ServerAuthenticationFailureHandler getAuthenticationFailureHandler() {
-            return new RedirectServerAuthenticationFailureHandler("/console/login?error") {
-                @Override
-                public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange,
-                    AuthenticationException exception) {
-                    var queryParams = webFilterExchange.getExchange().getRequest().getQueryParams();
-                    var response = new OAuth2ErrorResponse(queryParams);
-                    log.error("An error occurred while attempting to oauth2 authenticate: \n{}",
-                        response, Throwables.getRootCause(exception));
-                    return loginHandlerEnhancer.onLoginFailure(webFilterExchange.getExchange(),
-                            exception)
-                        .then(super.onAuthenticationFailure(webFilterExchange, exception));
-                }
-            };
-        }
-
-        @RequiredArgsConstructor
-        static class OAuth2ErrorResponse {
-            private final MultiValueMap<String, String> queryParams;
-
-            public String error() {
-                return queryParams.getFirst("error");
-            }
-
-            public String errorDescription() {
-                return queryParams.getFirst("error_description");
-            }
-
-            public String errorUri() {
-                return queryParams.getFirst("error_uri");
-            }
-
-            @Override
-            public String toString() {
-                return """
-                    error: %s
-                    error_description: %s
-                    error_uri: %s
-                    """.formatted(error(), errorDescription(), errorUri());
-            }
-        }
-
-        GrantedAuthoritiesMapper getAuthoritiesMapper() {
-            return new SimpleAuthorityMapper();
-        }
-
-        ReactiveAuthenticationManager getAuthenticationManager() {
-            return createDefaultAuthenticationManager();
-        }
-
         ServerWebExchangeMatcher getAuthenticationMatcher() {
             return createAttemptAuthenticationRequestMatcher();
         }
 
-        ReactiveAuthenticationManager createDefaultAuthenticationManager() {
-            ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> client =
-                getAccessTokenResponseClient();
-            OAuth2LoginReactiveAuthenticationManager oauth2Manager =
-                new OAuth2LoginReactiveAuthenticationManager(
-                    client, getOauth2UserService());
-
-            GrantedAuthoritiesMapper authoritiesMapper = getAuthoritiesMapper();
-            oauth2Manager.setAuthoritiesMapper(authoritiesMapper);
-
-            boolean oidcAuthenticationProviderEnabled = ClassUtils
-                .isPresent("org.springframework.security.oauth2.jwt.JwtDecoder",
-                    this.getClass().getClassLoader());
-            if (!oidcAuthenticationProviderEnabled) {
-                return oauth2Manager;
-            }
-            OidcAuthorizationCodeReactiveAuthenticationManager oidc =
-                new OidcAuthorizationCodeReactiveAuthenticationManager(
-                    client, getOidcUserService());
-
-            oidc.setJwtDecoderFactory(getReactiveJwtDecoderFactory());
-
-            oidc.setAuthoritiesMapper(authoritiesMapper);
-            return new DelegatingReactiveAuthenticationManager(oidc, oauth2Manager);
-        }
-
-        ReactiveJwtDecoderFactory<ClientRegistration> getReactiveJwtDecoderFactory() {
-            return new ReactiveOidcIdTokenDecoderFactory();
-        }
-
         ServerWebExchangeMatcher createAttemptAuthenticationRequestMatcher() {
             return new PathPatternParserServerWebExchangeMatcher(
                 "/login/oauth2/code/{" + REGISTRATION_ID + "}");
         }
 
-        ReactiveOAuth2UserService<OidcUserRequest, OidcUser> getOidcUserService() {
-            return new OidcReactiveOAuth2UserService();
-        }
-
-        ReactiveOAuth2UserService<OAuth2UserRequest, OAuth2User> getOauth2UserService() {
-            return new DefaultReactiveOAuth2UserService();
-        }
-
-        ReactiveOAuth2AccessTokenResponseClient
-            <OAuth2AuthorizationCodeGrantRequest> getAccessTokenResponseClient() {
-            return new WebClientReactiveAuthorizationCodeTokenResponseClient();
-        }
-
         ReactiveClientRegistrationRepository getClientRegistrationRepository() {
             return new OauthClientRegistrationRepository(extensionClient);
         }
 
-        OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
-            var requestResolver = new SocialServerOauth2AuthorizationRequestResolver(
-                getClientRegistrationRepository());
-            return new OAuth2AuthorizationRequestRedirectWebFilter(requestResolver);
-        }
-
         ServerOAuth2AuthorizedClientRepository getAuthorizedClientRepository() {
             ReactiveOAuth2AuthorizedClientService authorizedClientService =
                 getAuthorizedClientService();
             return new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(
                 authorizedClientService);
         }
 
-        ServerAuthenticationConverter getAuthenticationConverter(
-            ReactiveClientRegistrationRepository clientRegistrationRepository) {
-            ServerOAuth2AuthorizationCodeAuthenticationTokenConverter delegate =
-                new ServerOAuth2AuthorizationCodeAuthenticationTokenConverter(
-                    clientRegistrationRepository);
-            delegate.setAuthorizationRequestRepository(getAuthorizationRequestRepository());
-            return (exchange) -> delegate.convert(exchange).onErrorMap(
-                OAuth2AuthorizationException.class,
-                (e) -> new OAuth2AuthenticationException(e.getError(),
-                    e.getError().toString()));
-        }
-
-        ServerAuthorizationRequestRepository
-            <OAuth2AuthorizationRequest> getAuthorizationRequestRepository() {
-            return new WebSessionOAuth2ServerAuthorizationRequestRepository();
-        }
-
-        ServerRedirectStrategy getAuthorizationRedirectStrategy() {
-            return new DefaultServerRedirectStrategy();
-        }
-
         ReactiveOAuth2AuthorizedClientService getAuthorizedClientService() {
             return new DefaultOAuth2AuthorizedClientService(extensionClient,
                 getClientRegistrationRepository());