From 62f4c988f6c61cf0514f2788bb83a3ec71f89f82 Mon Sep 17 00:00:00 2001
From: alvaromaoc <alvaromaoc@gmail.com>
Date: Thu, 29 May 2025 20:49:52 +0200
Subject: [PATCH] Fix auth redirections

---
 .../configuration/SecurityConfiguration.java        | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/main/java/io/autoinvestor/configuration/SecurityConfiguration.java b/src/main/java/io/autoinvestor/configuration/SecurityConfiguration.java
index 5d58cca..9128824 100644
--- a/src/main/java/io/autoinvestor/configuration/SecurityConfiguration.java
+++ b/src/main/java/io/autoinvestor/configuration/SecurityConfiguration.java
@@ -3,9 +3,10 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.Customizer;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
 import org.springframework.security.web.server.SecurityWebFilterChain;
+import org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint;
+import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
 
 @Configuration
@@ -14,6 +15,9 @@ public class SecurityConfiguration {
 
     @Bean
     public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
+        var authenticationEntryPoint = new RedirectServerAuthenticationEntryPoint("/api/oauth2/authorization/okta");
+        var authenticationSuccessHandler = new RedirectServerAuthenticationSuccessHandler("/dashboard");
+
         return http
                 .securityMatcher(ServerWebExchangeMatchers.anyExchange())
                 .csrf(ServerHttpSecurity.CsrfSpec::disable)
@@ -21,7 +25,12 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
                         .pathMatchers("/", "/api/oauth2/**", "/api/login/**").permitAll()
                         .anyExchange().authenticated()
                 )
-                .oauth2Login(Customizer.withDefaults())
+                .exceptionHandling(exceptionHandlingSpec ->
+                        exceptionHandlingSpec.authenticationEntryPoint(authenticationEntryPoint)
+                )
+                .oauth2Login(oauth2 -> oauth2
+                        .authenticationSuccessHandler(authenticationSuccessHandler)
+                )
                 .build();
     }
 }