From e23134c3ed02cd6418e68f7b45a2ed77b99d6073 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@users.noreply.github.com>
Date: Wed, 25 Oct 2017 22:01:33 -0500
Subject: [PATCH] Add LogoutBuilder ServerLogoutSuccessHandler

Fixes gh-4714
---
 .../config/web/server/ServerHttpSecurity.java | 27 +++++++++++++------
 1 file changed, 19 insertions(+), 8 deletions(-)

diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
index e6f5fa6fd9..ee80990289 100644
--- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -24,28 +24,29 @@ import org.springframework.security.authorization.AuthenticatedReactiveAuthoriza
 import org.springframework.security.authorization.AuthorityReactiveAuthorizationManager;
 import org.springframework.security.authorization.AuthorizationDecision;
 import org.springframework.security.authorization.ReactiveAuthorizationManager;
-import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
 import org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint;
-import org.springframework.security.web.server.ServerFormLoginAuthenticationConverter;
-import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.MatcherSecurityWebFilterChain;
 import org.springframework.security.web.server.SecurityWebFilterChain;
-import org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler;
-import org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler;
+import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
+import org.springframework.security.web.server.ServerFormLoginAuthenticationConverter;
+import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
 import org.springframework.security.web.server.authentication.AuthenticationWebFilter;
+import org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint;
 import org.springframework.security.web.server.authentication.RedirectServerAuthenticationEntryPoint;
 import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
-import org.springframework.security.web.server.authentication.logout.ServerLogoutHandler;
+import org.springframework.security.web.server.authentication.ServerAuthenticationEntryPointFailureHandler;
+import org.springframework.security.web.server.authentication.ServerAuthenticationFailureHandler;
 import org.springframework.security.web.server.authentication.logout.LogoutWebFilter;
 import org.springframework.security.web.server.authentication.logout.SecurityContextServerLogoutHandler;
-import org.springframework.security.web.server.authentication.HttpBasicServerAuthenticationEntryPoint;
+import org.springframework.security.web.server.authentication.logout.ServerLogoutHandler;
+import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
 import org.springframework.security.web.server.authorization.AuthorizationContext;
 import org.springframework.security.web.server.authorization.AuthorizationWebFilter;
 import org.springframework.security.web.server.authorization.DelegatingReactiveAuthorizationManager;
 import org.springframework.security.web.server.authorization.ExceptionTranslationWebFilter;
 import org.springframework.security.web.server.context.AuthenticationReactorContextWebFilter;
-import org.springframework.security.web.server.context.ServerSecurityContextRepository;
 import org.springframework.security.web.server.context.SecurityContextRepositoryWebFilter;
+import org.springframework.security.web.server.context.ServerSecurityContextRepository;
 import org.springframework.security.web.server.context.ServerWebExchangeAttributeServerSecurityContextRepository;
 import org.springframework.security.web.server.context.WebSessionServerSecurityContextRepository;
 import org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter;
@@ -581,6 +582,8 @@ public class ServerHttpSecurity {
 
 		private ServerLogoutHandler serverLogoutHandler = new SecurityContextServerLogoutHandler();
 
+		private ServerLogoutSuccessHandler logoutSuccessHandler;
+
 		private String logoutUrl = "/logout";
 
 		private ServerWebExchangeMatcher requiresLogout = ServerWebExchangeMatchers
@@ -599,6 +602,11 @@ public class ServerHttpSecurity {
 			return this;
 		}
 
+		public LogoutBuilder logoutSuccessHandler(ServerLogoutSuccessHandler handler) {
+			this.logoutSuccessHandler = handler;
+			return this;
+		}
+
 		public ServerHttpSecurity disable() {
 			ServerHttpSecurity.this.logout = null;
 			return and();
@@ -617,6 +625,9 @@ public class ServerHttpSecurity {
 			LogoutWebFilter logoutWebFilter = new LogoutWebFilter();
 			logoutWebFilter.setServerLogoutHandler(this.serverLogoutHandler);
 			logoutWebFilter.setRequiresLogout(this.requiresLogout);
+			if(this.logoutSuccessHandler != null) {
+				logoutWebFilter.setServerLogoutSuccessHandler(this.logoutSuccessHandler);
+			}
 
 			return logoutWebFilter;
 		}