set up this own application user type, to the spring security context

rcsoyer · rcsoyer · commit b6713d85c997 · 2025-09-13T13:47:23.000+02:00
diff --git a/src/main/java/org/acme/authorization_server/application/web/LoginSuccessHandler.java b/src/main/java/org/acme/authorization_server/application/web/LoginSuccessHandler.java
@@ -4,12 +4,12 @@
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.acme.authorization_server.domain.service.SecurityService;
 import org.acme.authorization_server.domain.service.UserService;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.stereotype.Component;
@@ -18,24 +18,22 @@
 
 @Slf4j
 @Component
+@RequiredArgsConstructor
 public class LoginSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
 
     private final UserService userService;
-
-    public LoginSuccessHandler(final UserService userService) {
-        super();
-        this.userService = userService;
-    }
+    private final SecurityService securityService;
 
     @Override
     public void onAuthenticationSuccess(final HttpServletRequest request,
                                         final HttpServletResponse response,
                                         final Authentication authentication)
       throws ServletException, IOException {
+        final String userName = ((OAuth2User) authentication.getPrincipal()).getAttribute("email");
 
-        if (userService.existsByEmail(authentication.getName())) {
-            final var applicationAuthentication = setApplicationAuthentication(authentication);
-            super.onAuthenticationSuccess(request, response, applicationAuthentication);
+        if (userService.existsByEmail(userName)) {
+            securityService.setAuthenticationContext(userName);
+            super.onAuthenticationSuccess(request, response, authentication);
         } else {
             userNotFoundInApplication(request, response);
         }
@@ -52,14 +50,4 @@ private void userNotFoundInApplication(final HttpServletRequest request,
                        + "Before making login with identity providers, its necessary "
                        + "to create an User in this application, with the same email as username");
     }
-
-    private Authentication setApplicationAuthentication(final Authentication authentication) {
-        final var principal = (OAuth2AuthenticationToken) authentication.getPrincipal();
-        final OAuth2User oAuth2User = principal.getPrincipal();
-        final String username = oAuth2User.getAttribute("email");
-        final var applicationAuthentication =
-          new UsernamePasswordAuthenticationToken(username, null);
-        SecurityContextHolder.getContext().setAuthentication(applicationAuthentication);
-        return applicationAuthentication;
-    }
 }
diff --git a/src/main/java/org/acme/authorization_server/domain/service/SecurityService.java b/src/main/java/org/acme/authorization_server/domain/service/SecurityService.java
@@ -0,0 +1,34 @@
+package org.acme.authorization_server.domain.service;
+
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.acme.authorization_server.domain.dto.command.AppAuthenticationSuccessEvent;
+import org.springframework.context.ApplicationEventPublisher;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.stereotype.Service;
+
+@Slf4j
+@Service
+@RequiredArgsConstructor
+public class SecurityService {
+
+    private final UserDetailsService userDetailsService;
+    private final ApplicationEventPublisher eventPublisher;
+
+    public void setAuthenticationContext(final String username) {
+        log
+          .atDebug()
+          .addKeyValue("username", username)
+          .log("Validate the User exists in this platform and set it up in the security context");
+        final UserDetails appUser = userDetailsService.loadUserByUsername(username);
+        final var authenticationToken =
+          new UsernamePasswordAuthenticationToken(appUser.getUsername(),
+                                                  appUser.getPassword(),
+                                                  appUser.getAuthorities());
+        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+        eventPublisher.publishEvent(new AppAuthenticationSuccessEvent(authenticationToken));
+    }
+}
