How to set success and failure handlers in OAuth2 WebFlux

Question

In Spring Web (non-reactive), we can set the success and failure handlers for oauth2login as below:

http.oauth2Login()
    .successHandler(oauth2AuthenticationSuccessHandler)
    .failureHandler(oauth2AuthenticationFailureHandler)

But in WebFlux, we don't have these methods. When I looked at ServerHttpSecurity.configure, I see that the handlers are hardcoded:

protected void configure(ServerHttpSecurity http) {

    ...

    RedirectServerAuthenticationSuccessHandler redirectHandler = new RedirectServerAuthenticationSuccessHandler();

    authenticationFilter.setAuthenticationSuccessHandler(redirectHandler);
    authenticationFilter.setAuthenticationFailureHandler(new ServerAuthenticationFailureHandler() {
        @Override
        public Mono<Void> onAuthenticationFailure(WebFilterExchange webFilterExchange,
                AuthenticationException exception) {
            return Mono.error(exception);
        }
    });

    ...
}

Do we have plans to make these configurable in a near-future Spring version? Should I create a ticket for this? And, for now, what'd be a way to override these?

score 2 · Accepted Answer · answered Sep 16 '19 at 05:03

2

Since Spring version 5.2 there is a way to set authentication success and failure handlers. ServerHttpSecurity. under OAuth2LoginSpec. You need to update your dependencies.

answered Sep 16 '19 at 05:03

shazin

21,379
3
54
71

How to set success and failure handlers in OAuth2 WebFlux

1 Answers1