GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix registration access token cannot be deserialized 

Change the authorized scopes Set from SingletonSet to UnmodifiableSet as there is no mixin registered for SingletonSet

Closes gh-495
pull/490/head
Ovidiu Popa 4 years ago committed by Joe Grandja
parent
82e4f3a345
commit
2e2c9ea286
2 changed files with 11 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java
  2. 7
      oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OidcClientRegistrationTests.java

5
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java
Unescape View File

@ -21,6 +21,7 @@ import java.time.Instant; @@ -21,6 +21,7 @@ import java.time.Instant;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.UUID;
@ -218,7 +219,9 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe @@ -218,7 +219,9 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe
private OAuth2Authorization registerAccessToken(RegisteredClient registeredClient) {
JoseHeader headers = JwtUtils.headers().build();
Set<String> authorizedScopes = Collections.singleton(DEFAULT_CLIENT_CONFIGURATION_AUTHORIZED_SCOPE);
Set<String> authorizedScopes = new HashSet<>();
authorizedScopes.add(DEFAULT_CLIENT_CONFIGURATION_AUTHORIZED_SCOPE);
authorizedScopes = Collections.unmodifiableSet(authorizedScopes);
JwtClaimsSet claims = JwtUtils.accessTokenClaims(
registeredClient, this.providerSettings.getIssuer(), registeredClient.getClientId(), authorizedScopes)

7
oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OidcClientRegistrationTests.java
Unescape View File

@ -62,6 +62,8 @@ import org.springframework.security.oauth2.core.oidc.http.converter.OidcClientRe @@ -62,6 +62,8 @@ import org.springframework.security.oauth2.core.oidc.http.converter.OidcClientRe
import org.springframework.security.oauth2.jose.TestJwks;
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository.RegisteredClientParametersMapper;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
@ -323,6 +325,11 @@ public class OidcClientRegistrationTests { @@ -323,6 +325,11 @@ public class OidcClientRegistrationTests {
return registeredClientRepository;
}
@Bean
OAuth2AuthorizationService authorizationService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository) {
return new JdbcOAuth2AuthorizationService(jdbcOperations, registeredClientRepository);
}
@Bean
JdbcOperations jdbcOperations() {
return new JdbcTemplate(db);

Write Preview
Loading…
Cancel
Save