Should I use both SocialAuthenticationFilter and ProviderSignInController together

I had a similar situation where I wanted to use the SocialAuthenticationFilter for auth and implicit signup with Spring Security, rather than the ProviderSignInController (I agree it feels a little dirty using the controller).

I hooked it up & it mostly worked, but I lost my onAuthenticationSuccess events that the normal log-in gave me.

What I finally did to get my filter working as I needed, was to add an ObjectPostProcessor to it. This allowed me to manually set my AuthenticationSuccessHandler after the filter had been initialised deep within the SpringSocialConfigurer (without a handle on it).

Here's a snippet.

            // Spring Social configurer integrates with Spring Security for us            .and().apply(new SpringSocialConfigurer()                    .postLoginUrl("/")                    // other setup                    .addObjectPostProcessor(new ObjectPostProcessor<SocialAuthenticationFilter>() {                        @Override                        public <O extends SocialAuthenticationFilter> O postProcess(O filter) {                            filter.setAuthenticationSuccessHandler(loginSuccessHandler);                            return filter;                            }                    });

loginSuccessHandler, is just the same bean I set in my normal filter configuration via, .formLogin().successHandler(loginSuccessHandler).

You could also set your failureHandler here.

This served my purposes ok. The solution now uses my SocialUserDetailsService for auth and ConnectionSignUp for implicit signup (when registered on the UsersConnectionRepository).

Hope this helps.