From adbe012770a36ac6157c92262a20c34ee0ed1470 Mon Sep 17 00:00:00 2001 From: Scott Murphy Date: Sun, 22 Apr 2018 17:39:17 -0400 Subject: [PATCH] Send servlet response to session strategy so that a strategy implementation can take advantage of cookies. --- .../social/security/SocialAuthenticationFilter.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/spring-social-security/src/main/java/org/springframework/social/security/SocialAuthenticationFilter.java b/spring-social-security/src/main/java/org/springframework/social/security/SocialAuthenticationFilter.java index bbeb5cb04..f541745d7 100644 --- a/spring-social-security/src/main/java/org/springframework/social/security/SocialAuthenticationFilter.java +++ b/spring-social-security/src/main/java/org/springframework/social/security/SocialAuthenticationFilter.java @@ -296,7 +296,7 @@ private Authentication attemptAuthService(final SocialAuthenticationService a Authentication auth = getAuthentication(); // Check if not already authenticated or is already logged in anonymous. if (auth == null || !auth.isAuthenticated() || authenticationTrustResolver.isAnonymous(auth)) { - return doAuthentication(authService, request, token); + return doAuthentication(authService, request, response, token); } else { addConnection(authService, request, token, auth); return auth; @@ -351,7 +351,7 @@ private void addConnection(final SocialAuthenticationService authService, Htt } } - private Authentication doAuthentication(SocialAuthenticationService authService, HttpServletRequest request, SocialAuthenticationToken token) { + private Authentication doAuthentication(SocialAuthenticationService authService, HttpServletRequest request, HttpServletResponse response, SocialAuthenticationToken token) { try { if (!authService.getConnectionCardinality().isAuthenticatePossible()) return null; token.setDetails(authenticationDetailsSource.buildDetails(request)); @@ -363,7 +363,7 @@ private Authentication doAuthentication(SocialAuthenticationService authServi // connection unknown, register new user? if (signupUrl != null) { // store ConnectionData in session and redirect to register page - sessionStrategy.setAttribute(new ServletWebRequest(request), ProviderSignInAttempt.SESSION_ATTRIBUTE, new ProviderSignInAttempt(token.getConnection())); + sessionStrategy.setAttribute(new ServletWebRequest(request, response), ProviderSignInAttempt.SESSION_ATTRIBUTE, new ProviderSignInAttempt(token.getConnection())); throw new SocialAuthenticationRedirectException(buildSignupUrl(request)); } throw e;