GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish gh-1233

pull/1349/head
Joe Grandja 3 years ago
parent
6e1ed9fd87
commit
bdc0b4de5f
2 changed files with 6 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java
  2. 8
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java

3
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java
Unescape View File

@ -36,7 +36,6 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.session.SessionInformation; import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry; import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.oauth2.core.AbstractOAuth2Token;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClaimAccessor; import org.springframework.security.oauth2.core.ClaimAccessor;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
@ -155,7 +154,7 @@ public final class OAuth2AuthorizationCodeAuthenticationProvider implements Auth
if (!authorizationCode.isActive()) { if (!authorizationCode.isActive()) {
if (authorizationCode.isInvalidated()) { if (authorizationCode.isInvalidated()) {
OAuth2Authorization.Token<? extends AbstractOAuth2Token> token = authorization.getRefreshToken() != null ? OAuth2Authorization.Token<? extends OAuth2Token> token = authorization.getRefreshToken() != null ?
authorization.getRefreshToken() : authorization.getRefreshToken() :
authorization.getAccessToken(); authorization.getAccessToken();
if (token != null) { if (token != null) {

8
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java
Unescape View File

@ -85,6 +85,7 @@ import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.doAnswer; import static org.mockito.Mockito.doAnswer;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.spy; import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.times; import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verify;
@ -283,16 +284,15 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
assertThat(updatedAuthorization.getRefreshToken().isInvalidated()).isTrue(); assertThat(updatedAuthorization.getRefreshToken().isInvalidated()).isTrue();
} }
// gh PR 1233 // gh-1233
@Test @Test
public void authenticateWhenInvalidatedCodeAndNullRefreshAndAccessTokensThenThrowOAuth2AuthenticationException() { public void authenticateWhenInvalidatedCodeAndAccessTokenNullThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build(); RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
OAuth2AuthorizationCode authorizationCode = new OAuth2AuthorizationCode( OAuth2AuthorizationCode authorizationCode = new OAuth2AuthorizationCode(
AUTHORIZATION_CODE, Instant.now(), Instant.now().plusSeconds(120)); AUTHORIZATION_CODE, Instant.now(), Instant.now().plusSeconds(120));
OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient, authorizationCode) OAuth2Authorization authorization = TestOAuth2Authorizations.authorization(registeredClient, authorizationCode)
.token(authorizationCode, (metadata) -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true)) .token(authorizationCode, (metadata) -> metadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, true))
.build(); .build();
when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE))) when(this.authorizationService.findByToken(eq(AUTHORIZATION_CODE), eq(AUTHORIZATION_CODE_TOKEN_TYPE)))
.thenReturn(authorization); .thenReturn(authorization);
@ -308,6 +308,8 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
.extracting(ex -> ((OAuth2AuthenticationException) ex).getError()) .extracting(ex -> ((OAuth2AuthenticationException) ex).getError())
.extracting("errorCode") .extracting("errorCode")
.isEqualTo(OAuth2ErrorCodes.INVALID_GRANT); .isEqualTo(OAuth2ErrorCodes.INVALID_GRANT);
verify(this.authorizationService, never()).save(any());
} }
// gh-290 // gh-290

Write Preview
Loading…
Cancel
Save