Hello, i am new to spring social module and i am trying to sso with fb. I need to have better insight in the lifecycle of the social module. Can someone point out what exactly is on the stack-trace when i click sign in using the spring social. I noticed that there are couple of sections:

1. After the user clicks the sign in button spring's ProviderSignInController fetches the request and redirects the user to the login page of the provider (for e.g. facebook's login page) and instructs it when the user logs-in successfully to return to a given url (have't tried what happens if i am not logged in successfully, any hints here?).

2. I guess next is the Interceptor which checks if the user is already signed in and if that holds true it just returns true and passes on control to the next object in the chain.. If the user is not signed in the method requireSignIn(req, resp) is called which actually creates new RedirectView("/signin", true).render(null, request, response) and returns false. I guess this is actually performing the redirection to /signin and returns false just to stop the execution of servlets/filters that come next in the chain. Anyway i can't quite understand this (this is the quickstart example for sso with fb):

This is in the preHandle method of the UserInterceptor:

rememberUser(request, response);
handleSignOut(request, response);
if (SecurityContext.userSignedIn() || requestForSignIn(request)) {
return true;
} else {
return requireSignIn(request, response);
}

Why in the if statement first it's checked if the user is signed in and if he's not and request for sign in then the method returns true..? Is it that the preHandler should return true or false to stop executing next servlet/filter in the chain?

3. Next spring fetches stuff returned from fb, access_token for sure and other possibly, and tries to call the class which implements the SignInAdapter which has to actually recieve the api of the provider wrapped in the Connection class.. And here is where i do the signing in with my app (using my services and db queries).. If i can't sign him in i return the /signin/facebook url again and if i sign him in successfully i return him to the homepage as logged user..


Now my question is, where does ConnectionSignUp comes in, is it before my SignInAdapter is called, and i assume if that's true i need to check if the user is in my db with the provided id, and if he's not i should perform silent signup so that next SignInAdapter can sign in the user just previously added in the ConnectionSignUp's callback method.

So i need to get the lifecycle of the callback methods of various components in the social module. This way i can know where i should put my code that checks and updates my app db corectly.

Ahh yeah, one more question.. The userId that is send to the callback methods of ConnectionSignUp for e.g. is that the id returned from the social-network, for e.g. facebook id? I can quite find where this id is extracted from.. I assume this has to do something with the ProviderSignInController..

Thanks!