package com.github.kazuki43zoo.web.security; import com.github.kazuki43zoo.domain.service.security.CustomAuthenticationDetails; import com.github.kazuki43zoo.web.CustomHttpHeaders; import com.google.common.net.HttpHeaders; import org.springframework.security.authentication.AuthenticationDetailsSource; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; @Component public final class CustomAuthenticationDetailsSource implements AuthenticationDetailsSource<HttpServletRequest, CustomAuthenticationDetails> { @Override public CustomAuthenticationDetails buildDetails(final HttpServletRequest request) { final String forwardedFor = request.getHeader(HttpHeaders.X_FORWARDED_FOR); final String remoteAddress; if (forwardedFor != null) { remoteAddress = forwardedFor; } else { remoteAddress = request.getRemoteAddr(); } final HttpSession session = request.getSession(false); final String requestedSessionId = (session != null) ? session.getId() : null; final String agent = request.getHeader(HttpHeaders.USER_AGENT); final String trackingId = String.class.cast(request.getAttribute(CustomHttpHeaders.X_TRACK)); return new CustomAuthenticationDetails(remoteAddress, requestedSessionId, agent, trackingId); } }