auth media

2026-03-15 23:31:12 +01:00
parent f1fa09c8e8
commit dbe8427987
2 changed files with 40 additions and 16 deletions
--- a/gateway-service/src/main/java/com/posthub/gateway/security/OAuth2AuthenticationSuccessHandler.java
+++ b/gateway-service/src/main/java/com/posthub/gateway/security/OAuth2AuthenticationSuccessHandler.java
@@ -32,7 +32,7 @@ public class OAuth2AuthenticationSuccessHandler implements ServerAuthenticationS
    private final RefreshTokenRepository refreshTokenRepository;
    private final JwtTokenProvider jwtTokenProvider;

-    @Value("${oauth2.redirect-uri:https://balexvic.com/login}")
+    @Value("${oauth2.redirect-uri:https://balexvic.com/auth/login}")
    private String redirectUri;

    @Override
@@ -46,19 +46,9 @@ public class OAuth2AuthenticationSuccessHandler implements ServerAuthenticationS
        String email = extractEmail(oAuth2User, registrationId);
        String name = extractName(oAuth2User, registrationId);

-        return userRepository.findByAuthProviderAndProviderId(provider, providerId)
-                .switchIfEmpty(
-                        email != null
-                                ? userRepository.findByEmail(email)
-                                .flatMap(existingUser -> {
-                                    existingUser.setAuthProvider(provider);
-                                    existingUser.setProviderId(providerId);
-                                    existingUser.setUpdated(LocalDateTime.now());
-                                    return userRepository.save(existingUser);
-                                })
-                                .switchIfEmpty(Mono.defer(() -> createNewUser(provider, providerId, email, name)))
-                                : Mono.defer(() -> createNewUser(provider, providerId, email, name))
-                )
+        log.info("OAuth2 login attempt: provider={}, providerId={}, email={}", provider, providerId, email);
+
+        return findOrCreateUser(provider, providerId, email, name)
                .flatMap(user -> {
                    user.setLastLogin(LocalDateTime.now());
                    user.setUpdated(LocalDateTime.now());
@@ -66,12 +56,44 @@ public class OAuth2AuthenticationSuccessHandler implements ServerAuthenticationS
                })
                .flatMap(this::generateTokensAndRedirect)
                .flatMap(redirectUrl -> {
+                    log.info("OAuth2 redirect to: {}", redirectUrl);
                    webFilterExchange.getExchange().getResponse().setStatusCode(HttpStatus.FOUND);
                    webFilterExchange.getExchange().getResponse().getHeaders().setLocation(URI.create(redirectUrl));
                    return webFilterExchange.getExchange().getResponse().setComplete();
+                })
+                .onErrorResume(e -> {
+                    log.error("OAuth2 authentication failed", e);
+                    webFilterExchange.getExchange().getResponse().setStatusCode(HttpStatus.FOUND);
+                    webFilterExchange.getExchange().getResponse().getHeaders()
+                            .setLocation(URI.create(redirectUri + "?error=auth_failed"));
+                    return webFilterExchange.getExchange().getResponse().setComplete();
                });
    }

+    private Mono<User> findOrCreateUser(AuthProvider provider, String providerId, String email, String name) {
+        // 1. Find by provider + providerId (returning OAuth2 user)
+        return userRepository.findByAuthProviderAndProviderId(provider, providerId)
+                .doOnNext(u -> log.info("Found user by provider: id={}, email={}", u.getId(), u.getEmail()))
+                .switchIfEmpty(Mono.defer(() -> {
+                    // 2. Find by email (link existing LOCAL account)
+                    if (email == null) {
+                        return createNewUser(provider, providerId, null, name);
+                    }
+                    return userRepository.findByEmail(email)
+                            .doOnNext(u -> log.info("Found existing user by email: id={}, provider={}", u.getId(), u.getAuthProvider()))
+                            .flatMap(existingUser -> linkAccount(existingUser, provider, providerId))
+                            .switchIfEmpty(Mono.defer(() -> createNewUser(provider, providerId, email, name)));
+                }));
+    }
+
+    private Mono<User> linkAccount(User existingUser, AuthProvider provider, String providerId) {
+        existingUser.setAuthProvider(provider);
+        existingUser.setProviderId(providerId);
+        existingUser.setUpdated(LocalDateTime.now());
+        return userRepository.save(existingUser)
+                .doOnNext(u -> log.info("Linked account: id={}, newProvider={}", u.getId(), u.getAuthProvider()));
+    }
+
    private Mono<User> createNewUser(AuthProvider provider, String providerId, String email, String name) {
        User user = new User();
        user.setAuthProvider(provider);
@@ -105,6 +127,7 @@ public class OAuth2AuthenticationSuccessHandler implements ServerAuthenticationS
                }))
                .map(refreshToken -> {
                    String accessToken = jwtTokenProvider.generateToken(user, refreshToken.getSessionId());
+                    log.info("Generated tokens for user: id={}, email={}", user.getId(), user.getEmail());
                    return redirectUri + "?token=" + accessToken + "&refreshToken=" + refreshToken.getToken();
                });
    }