Prevent duplicate AuthenticationSuccessEvent

LEDfan · LEDfan · commit 8baf4195e361 · 2021-02-19T10:37:47.000+01:00
An event would be published both for AuthenticationSuccessEvent and InteractiveAuthenticationSuccessEvent. The listen InteractiveAuthenticationSuccessEvent event was added in commit c173790 , because ODIC would not publish the AuthenticationSuccessEvent. This is now fixed in Spring (spring-projects/spring-security#6009) and therefore we don't have to listen for both events.
diff --git a/src/main/java/eu/openanalytics/containerproxy/service/UserService.java b/src/main/java/eu/openanalytics/containerproxy/service/UserService.java
@@ -193,18 +193,6 @@ public void onApplicationEvent(AbstractAuthenticationEvent event) {
 					this,
 					userId,
 					RequestContextHolder.currentRequestAttributes().getSessionId()));
-		} else if (event instanceof AuthenticationSuccessEvent) {
-//		} else if (event instanceof AuthenticationSuccessEvent || event instanceof InteractiveAuthenticationSuccessEvent) {
-			String userName = source.getName();
-			log.info(String.format("User logged in [user: %s]", userName));
-			eventService.post(EventType.Login.toString(), userName, null);
-
-			String userId = getUserId(source);
-			// TODO test for anonymous users
-			applicationEventPublisher.publishEvent(new UserLoginEvent(
-					this,
-					userId,
-					RequestContextHolder.currentRequestAttributes().getSessionId()));
 		}
 	}
 
@@ -225,6 +213,22 @@ public void logout(Authentication auth) {
 				false));
 	}
 
+	@EventListener
+	public void onAuthenticationSuccessEvent(AuthenticationSuccessEvent event) {
+		Authentication auth = event.getAuthentication();
+		String userName = auth.getName();
+
+		log.info(String.format("User logged in [user: %s]", userName));
+		eventService.post(EventType.Login.toString(), userName, null);
+
+		// TODO test for anonymous users
+		String userId = getUserId(auth);
+		applicationEventPublisher.publishEvent(new UserLoginEvent(
+				this,
+				userId,
+				RequestContextHolder.currentRequestAttributes().getSessionId()));
+	}
+
 	@EventListener
 	public void onSessionExpiredEvent(SessionExpiredEvent event) {
 		Session session = event.getSession();
