GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '1.3.x'

pull/1678/head
Joe Grandja 1 year ago
parent
021b60b2e7 14f38e10c5
commit
7c86fb22e8
2 changed files with 4 additions and 41 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 12
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java
  2. 33
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java

12
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java
Unescape View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2020-2024 the original author or authors. * Copyright 2020-2023 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -241,13 +241,9 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C
? OAuth2ConfigurerUtils ? OAuth2ConfigurerUtils
.withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint()) .withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint())
: authorizationServerSettings.getAuthorizationEndpoint(); : authorizationServerSettings.getAuthorizationEndpoint();
List<RequestMatcher> requestMatchers = new ArrayList<>(); this.requestMatcher = new OrRequestMatcher(
requestMatchers.add(new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.GET.name())); new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.GET.name()),
requestMatchers.add(new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.POST.name())); new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.POST.name()));
if (StringUtils.hasText(this.consentPage)) {
requestMatchers.add(new AntPathRequestMatcher(this.consentPage));
}
this.requestMatcher = new OrRequestMatcher(requestMatchers);
List<AuthenticationProvider> authenticationProviders = createDefaultAuthenticationProviders(httpSecurity); List<AuthenticationProvider> authenticationProviders = createDefaultAuthenticationProviders(httpSecurity);
if (!this.authenticationProviders.isEmpty()) { if (!this.authenticationProviders.isEmpty()) {
authenticationProviders.addAll(0, this.authenticationProviders); authenticationProviders.addAll(0, this.authenticationProviders);

33
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java
Unescape View File

@ -104,7 +104,6 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration; import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
import org.springframework.security.oauth2.server.authorization.jackson2.TestingAuthenticationTokenMixin; import org.springframework.security.oauth2.server.authorization.jackson2.TestingAuthenticationTokenMixin;
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings; import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings; import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
@ -126,14 +125,11 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand
import org.springframework.security.web.context.HttpSessionSecurityContextRepository; import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository; import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.stereotype.Controller;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult; import org.springframework.test.web.servlet.MvcResult;
import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.util.UriComponents; import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder; import org.springframework.web.util.UriComponentsBuilder;
import org.springframework.web.util.UriUtils; import org.springframework.web.util.UriUtils;
@ -750,15 +746,6 @@ public class OAuth2AuthorizationCodeGrantTests {
assertThat(authorization).isNotNull(); assertThat(authorization).isNotNull();
} }
// gh-1668
@Test
public void requestWhenCustomConsentPageConfiguredThenAuthorizationServerContextIsAccessible() throws Exception {
this.spring.register(AuthorizationServerConfigurationCustomConsentPageAccessAuthorizationServerContext.class)
.autowire();
this.mvc.perform(get(consentPage).with(user("user"))).andExpect(status().isOk());
}
@Test @Test
public void requestWhenCustomConsentCustomizerConfiguredThenUsed() throws Exception { public void requestWhenCustomConsentCustomizerConfiguredThenUsed() throws Exception {
this.spring.register(AuthorizationServerConfigurationCustomConsentRequest.class).autowire(); this.spring.register(AuthorizationServerConfigurationCustomConsentRequest.class).autowire();
@ -1222,26 +1209,6 @@ public class OAuth2AuthorizationCodeGrantTests {
} }
@EnableWebSecurity
@Configuration(proxyBeanMethods = false)
static class AuthorizationServerConfigurationCustomConsentPageAccessAuthorizationServerContext
extends AuthorizationServerConfigurationCustomConsentPage {
@Controller
class ConsentController {
@GetMapping("/oauth2/consent")
@ResponseBody
String consent() {
// Ensure the AuthorizationServerContext is accessible
AuthorizationServerContextHolder.getContext().getIssuer();
return "";
}
}
}
@EnableWebSecurity @EnableWebSecurity
@Configuration(proxyBeanMethods = false) @Configuration(proxyBeanMethods = false)
static class AuthorizationServerConfigurationCustomConsentRequest extends AuthorizationServerConfiguration { static class AuthorizationServerConfigurationCustomConsentRequest extends AuthorizationServerConfiguration {

Write Preview
Loading…
Cancel
Save