From 7cfc16e04d2532012003f2935cea670dcaf2a699 Mon Sep 17 00:00:00 2001 From: Orlando M Guerreiro Date: Thu, 12 Jun 2025 15:00:19 +0100 Subject: [PATCH] root/resilient#9 Passou a redireccionar login SAML2 com sucesso para o sucess-url, quando definido --- .../saml2/Saml2AuthenticationHandler.java | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/src/main/java/com/oguerreiro/resilient/security/saml2/Saml2AuthenticationHandler.java b/src/main/java/com/oguerreiro/resilient/security/saml2/Saml2AuthenticationHandler.java index dcdc5d6..f072998 100644 --- a/src/main/java/com/oguerreiro/resilient/security/saml2/Saml2AuthenticationHandler.java +++ b/src/main/java/com/oguerreiro/resilient/security/saml2/Saml2AuthenticationHandler.java @@ -162,19 +162,12 @@ public class Saml2AuthenticationHandler implements AuthenticationSuccessHandler, userdetails.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(newAuthentication); - // This is a sugar-code when in development environment. - if (isDevProfileActive()) { - // If this is a mock-idp, it can provide the parameter 'SAMLDevEnvironmentUrl' - // that gives the base URL to use. This is because in DEV mode usually the - // Angular side runs in localhost:42000 but server-side is in localhost:8080. - // Without this, SAMLv2 authentication would end up in error redirecting the user to - // localhost:8080 (NOT the client-side) - // In PROD we don't need this, because the app url is the same - String successUrl = resilientSaml2Properties.getSuccessUrl(); - - if (successUrl != null && !successUrl.isBlank()) { - response.sendRedirect(successUrl); - } + // Send to success URL, if configured + String successUrl = resilientSaml2Properties.getSuccessUrl(); + if (successUrl != null && !successUrl.isBlank()) { + // This is mandatory in DEV environment. Optional in PROD because the app url is the same. + // Even so, I think its a good practice to define the success url + response.sendRedirect(successUrl); } }