GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Use constants from Spring Security 6.3 

Issue gh-60
Issue gh-1562
pull/1578/head
Steve Riesenberg 2 years ago
parent
ea026ad1b3
commit
ddb2cd43ed
No known key found for this signature in database
GPG Key ID: 3D0169B18AB8F0A9
6 changed files with 40 additions and 69 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 14
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java
  2. 5
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java
  3. 5
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenExchangeTokenCustomizers.java
  4. 3
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
  5. 3
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationServerMetadataEndpointFilter.java
  6. 79
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2TokenExchangeAuthenticationConverter.java

14
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java
Unescape View File

@ -37,6 +37,7 @@ import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.OAuth2ErrorCodes; import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.security.oauth2.core.OAuth2Token;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.oidc.StandardClaimNames; import org.springframework.security.oauth2.core.oidc.StandardClaimNames;
import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
@ -70,15 +71,10 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti
private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2"; private static final String ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
private static final AuthorizationGrantType TOKEN_EXCHANGE = new AuthorizationGrantType(
"urn:ietf:params:oauth:grant-type:token-exchange");
private static final String JWT_TOKEN_TYPE_VALUE = "urn:ietf:params:oauth:token-type:jwt"; private static final String JWT_TOKEN_TYPE_VALUE = "urn:ietf:params:oauth:token-type:jwt";
private static final String MAY_ACT = "may_act"; private static final String MAY_ACT = "may_act";
private static final String ISSUED_TOKEN_TYPE = "issued_token_type";
private final Log logger = LogFactory.getLog(getClass()); private final Log logger = LogFactory.getLog(getClass());
private final OAuth2AuthorizationService authorizationService; private final OAuth2AuthorizationService authorizationService;
@ -112,7 +108,7 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti
this.logger.trace("Retrieved registered client"); this.logger.trace("Retrieved registered client");
} }
if (!registeredClient.getAuthorizationGrantTypes().contains(TOKEN_EXCHANGE)) { if (!registeredClient.getAuthorizationGrantTypes().contains(AuthorizationGrantType.TOKEN_EXCHANGE)) {
throw new OAuth2AuthenticationException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT); throw new OAuth2AuthenticationException(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
} }
@ -218,7 +214,7 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti
.authorizationServerContext(AuthorizationServerContextHolder.getContext()) .authorizationServerContext(AuthorizationServerContextHolder.getContext())
.authorizedScopes(authorizedScopes) .authorizedScopes(authorizedScopes)
.tokenType(OAuth2TokenType.ACCESS_TOKEN) .tokenType(OAuth2TokenType.ACCESS_TOKEN)
.authorizationGrantType(TOKEN_EXCHANGE) .authorizationGrantType(AuthorizationGrantType.TOKEN_EXCHANGE)
.authorizationGrant(tokenExchangeAuthentication); .authorizationGrant(tokenExchangeAuthentication);
// @formatter:on // @formatter:on
@ -242,7 +238,7 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti
// @formatter:off // @formatter:off
OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient) OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
.principalName(subjectAuthorization.getPrincipalName()) .principalName(subjectAuthorization.getPrincipalName())
.authorizationGrantType(TOKEN_EXCHANGE) .authorizationGrantType(AuthorizationGrantType.TOKEN_EXCHANGE)
.authorizedScopes(authorizedScopes) .authorizedScopes(authorizedScopes)
.attribute(Principal.class.getName(), principal); .attribute(Principal.class.getName(), principal);
// @formatter:on // @formatter:on
@ -264,7 +260,7 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti
} }
Map<String, Object> additionalParameters = new HashMap<>(); Map<String, Object> additionalParameters = new HashMap<>();
additionalParameters.put(ISSUED_TOKEN_TYPE, tokenExchangeAuthentication.getRequestedTokenType()); additionalParameters.put(OAuth2ParameterNames.ISSUED_TOKEN_TYPE, tokenExchangeAuthentication.getRequestedTokenType());
if (this.logger.isTraceEnabled()) { if (this.logger.isTraceEnabled()) {
this.logger.trace("Authenticated token request"); this.logger.trace("Authenticated token request");

5
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java
Unescape View File

@ -36,9 +36,6 @@ import org.springframework.util.Assert;
*/ */
public class OAuth2TokenExchangeAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken { public class OAuth2TokenExchangeAuthenticationToken extends OAuth2AuthorizationGrantAuthenticationToken {
private static final AuthorizationGrantType TOKEN_EXCHANGE = new AuthorizationGrantType(
"urn:ietf:params:oauth:grant-type:token-exchange");
private final List<String> resources; private final List<String> resources;
private final List<String> audiences; private final List<String> audiences;
@ -73,7 +70,7 @@ public class OAuth2TokenExchangeAuthenticationToken extends OAuth2AuthorizationG
@Nullable Set<String> scopes, @Nullable String requestedTokenType, String subjectToken, @Nullable Set<String> scopes, @Nullable String requestedTokenType, String subjectToken,
String subjectTokenType, @Nullable String actorToken, @Nullable String actorTokenType, String subjectTokenType, @Nullable String actorToken, @Nullable String actorTokenType,
Authentication clientPrincipal, @Nullable Map<String, Object> additionalParameters) { Authentication clientPrincipal, @Nullable Map<String, Object> additionalParameters) {
super(TOKEN_EXCHANGE, clientPrincipal, additionalParameters); super(AuthorizationGrantType.TOKEN_EXCHANGE, clientPrincipal, additionalParameters);
Assert.notNull(resources, "resources cannot be null"); Assert.notNull(resources, "resources cannot be null");
Assert.notNull(audiences, "audiences cannot be null"); Assert.notNull(audiences, "audiences cannot be null");
Assert.hasText(requestedTokenType, "requestedTokenType cannot be empty"); Assert.hasText(requestedTokenType, "requestedTokenType cannot be empty");

5
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenExchangeTokenCustomizers.java
Unescape View File

@ -38,9 +38,6 @@ import org.springframework.util.CollectionUtils;
*/ */
final class OAuth2TokenExchangeTokenCustomizers { final class OAuth2TokenExchangeTokenCustomizers {
private static final AuthorizationGrantType TOKEN_EXCHANGE = new AuthorizationGrantType(
"urn:ietf:params:oauth:grant-type:token-exchange");
private OAuth2TokenExchangeTokenCustomizers() { private OAuth2TokenExchangeTokenCustomizers() {
} }
@ -53,7 +50,7 @@ final class OAuth2TokenExchangeTokenCustomizers {
} }
private static void customize(OAuth2TokenContext context, Map<String, Object> claims) { private static void customize(OAuth2TokenContext context, Map<String, Object> claims) {
if (!TOKEN_EXCHANGE.equals(context.getAuthorizationGrantType())) { if (!AuthorizationGrantType.TOKEN_EXCHANGE.equals(context.getAuthorizationGrantType())) {
return; return;
} }

3
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
Unescape View File

@ -105,8 +105,7 @@ public final class OidcProviderConfigurationEndpointFilter extends OncePerReques
.grantType(AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) .grantType(AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.grantType(AuthorizationGrantType.REFRESH_TOKEN.getValue()) .grantType(AuthorizationGrantType.REFRESH_TOKEN.getValue())
.grantType(AuthorizationGrantType.DEVICE_CODE.getValue()) .grantType(AuthorizationGrantType.DEVICE_CODE.getValue())
// TODO: Replace with constant from spring-security: .grantType(AuthorizationGrantType.TOKEN_EXCHANGE.getValue())
.grantType(new AuthorizationGrantType("urn:ietf:params:oauth:grant-type:token-exchange").getValue())
.tokenRevocationEndpoint(asUrl(issuer, authorizationServerSettings.getTokenRevocationEndpoint())) .tokenRevocationEndpoint(asUrl(issuer, authorizationServerSettings.getTokenRevocationEndpoint()))
.tokenRevocationEndpointAuthenticationMethods(clientAuthenticationMethods()) .tokenRevocationEndpointAuthenticationMethods(clientAuthenticationMethods())
.tokenIntrospectionEndpoint(asUrl(issuer, authorizationServerSettings.getTokenIntrospectionEndpoint())) .tokenIntrospectionEndpoint(asUrl(issuer, authorizationServerSettings.getTokenIntrospectionEndpoint()))

3
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationServerMetadataEndpointFilter.java
Unescape View File

@ -101,8 +101,7 @@ public final class OAuth2AuthorizationServerMetadataEndpointFilter extends OnceP
.grantType(AuthorizationGrantType.CLIENT_CREDENTIALS.getValue()) .grantType(AuthorizationGrantType.CLIENT_CREDENTIALS.getValue())
.grantType(AuthorizationGrantType.REFRESH_TOKEN.getValue()) .grantType(AuthorizationGrantType.REFRESH_TOKEN.getValue())
.grantType(AuthorizationGrantType.DEVICE_CODE.getValue()) .grantType(AuthorizationGrantType.DEVICE_CODE.getValue())
// TODO: Replace with constant from spring-security: .grantType(AuthorizationGrantType.TOKEN_EXCHANGE.getValue())
.grantType(new AuthorizationGrantType("urn:ietf:params:oauth:grant-type:token-exchange").getValue())
.tokenRevocationEndpoint(asUrl(issuer, authorizationServerSettings.getTokenRevocationEndpoint())) .tokenRevocationEndpoint(asUrl(issuer, authorizationServerSettings.getTokenRevocationEndpoint()))
.tokenRevocationEndpointAuthenticationMethods(clientAuthenticationMethods()) .tokenRevocationEndpointAuthenticationMethods(clientAuthenticationMethods())
.tokenIntrospectionEndpoint(asUrl(issuer, authorizationServerSettings.getTokenIntrospectionEndpoint())) .tokenIntrospectionEndpoint(asUrl(issuer, authorizationServerSettings.getTokenIntrospectionEndpoint()))

79
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2TokenExchangeAuthenticationConverter.java
Unescape View File

@ -56,23 +56,6 @@ public final class OAuth2TokenExchangeAuthenticationConverter implements Authent
private static final String TOKEN_TYPE_IDENTIFIERS_URI = "https://datatracker.ietf.org/doc/html/rfc8693#section-3"; private static final String TOKEN_TYPE_IDENTIFIERS_URI = "https://datatracker.ietf.org/doc/html/rfc8693#section-3";
private static final AuthorizationGrantType TOKEN_EXCHANGE = new AuthorizationGrantType(
"urn:ietf:params:oauth:grant-type:token-exchange");
private static final String AUDIENCE = "audience";
private static final String RESOURCE = "resource";
private static final String REQUESTED_TOKEN_TYPE = "requested_token_type";
private static final String SUBJECT_TOKEN = "subject_token";
private static final String SUBJECT_TOKEN_TYPE = "subject_token_type";
private static final String ACTOR_TOKEN = "actor_token";
private static final String ACTOR_TOKEN_TYPE = "actor_token_type";
private static final String ACCESS_TOKEN_TYPE_VALUE = "urn:ietf:params:oauth:token-type:access_token"; private static final String ACCESS_TOKEN_TYPE_VALUE = "urn:ietf:params:oauth:token-type:access_token";
private static final String JWT_TOKEN_TYPE_VALUE = "urn:ietf:params:oauth:token-type:jwt"; private static final String JWT_TOKEN_TYPE_VALUE = "urn:ietf:params:oauth:token-type:jwt";
@ -86,27 +69,27 @@ public final class OAuth2TokenExchangeAuthenticationConverter implements Authent
// grant_type (REQUIRED) // grant_type (REQUIRED)
String grantType = parameters.getFirst(OAuth2ParameterNames.GRANT_TYPE); String grantType = parameters.getFirst(OAuth2ParameterNames.GRANT_TYPE);
if (!TOKEN_EXCHANGE.getValue().equals(grantType)) { if (!AuthorizationGrantType.TOKEN_EXCHANGE.getValue().equals(grantType)) {
return null; return null;
} }
Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication(); Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();
// resource (OPTIONAL) // resource (OPTIONAL)
List<String> resources = parameters.getOrDefault(RESOURCE, Collections.emptyList()); List<String> resources = parameters.getOrDefault(OAuth2ParameterNames.RESOURCE, Collections.emptyList());
if (!CollectionUtils.isEmpty(resources)) { if (!CollectionUtils.isEmpty(resources)) {
for (String resource : resources) { for (String resource : resources) {
if (!isValidUri(resource)) { if (!isValidUri(resource)) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
RESOURCE, OAuth2ParameterNames.RESOURCE,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
} }
} }
// audience (OPTIONAL) // audience (OPTIONAL)
List<String> audiences = parameters.getOrDefault(AUDIENCE, Collections.emptyList()); List<String> audiences = parameters.getOrDefault(OAuth2ParameterNames.AUDIENCE, Collections.emptyList());
// scope (OPTIONAL) // scope (OPTIONAL)
String scope = parameters.getFirst(OAuth2ParameterNames.SCOPE); String scope = parameters.getFirst(OAuth2ParameterNames.SCOPE);
@ -125,87 +108,87 @@ public final class OAuth2TokenExchangeAuthenticationConverter implements Authent
} }
// requested_token_type (OPTIONAL) // requested_token_type (OPTIONAL)
String requestedTokenType = parameters.getFirst(REQUESTED_TOKEN_TYPE); String requestedTokenType = parameters.getFirst(OAuth2ParameterNames.REQUESTED_TOKEN_TYPE);
if (StringUtils.hasText(requestedTokenType)) { if (StringUtils.hasText(requestedTokenType)) {
if (parameters.get(REQUESTED_TOKEN_TYPE).size() != 1) { if (parameters.get(OAuth2ParameterNames.REQUESTED_TOKEN_TYPE).size() != 1) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
REQUESTED_TOKEN_TYPE, OAuth2ParameterNames.REQUESTED_TOKEN_TYPE,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
validateTokenType(REQUESTED_TOKEN_TYPE, requestedTokenType); validateTokenType(OAuth2ParameterNames.REQUESTED_TOKEN_TYPE, requestedTokenType);
} else { } else {
requestedTokenType = ACCESS_TOKEN_TYPE_VALUE; requestedTokenType = ACCESS_TOKEN_TYPE_VALUE;
} }
// subject_token (REQUIRED) // subject_token (REQUIRED)
String subjectToken = parameters.getFirst(SUBJECT_TOKEN); String subjectToken = parameters.getFirst(OAuth2ParameterNames.SUBJECT_TOKEN);
if (!StringUtils.hasText(subjectToken) || if (!StringUtils.hasText(subjectToken) ||
parameters.get(SUBJECT_TOKEN).size() != 1) { parameters.get(OAuth2ParameterNames.SUBJECT_TOKEN).size() != 1) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
SUBJECT_TOKEN, OAuth2ParameterNames.SUBJECT_TOKEN,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
// subject_token_type (REQUIRED) // subject_token_type (REQUIRED)
String subjectTokenType = parameters.getFirst(SUBJECT_TOKEN_TYPE); String subjectTokenType = parameters.getFirst(OAuth2ParameterNames.SUBJECT_TOKEN_TYPE);
if (!StringUtils.hasText(subjectTokenType) || if (!StringUtils.hasText(subjectTokenType) ||
parameters.get(SUBJECT_TOKEN_TYPE).size() != 1) { parameters.get(OAuth2ParameterNames.SUBJECT_TOKEN_TYPE).size() != 1) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
SUBJECT_TOKEN_TYPE, OAuth2ParameterNames.SUBJECT_TOKEN_TYPE,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} else { } else {
validateTokenType(SUBJECT_TOKEN_TYPE, subjectTokenType); validateTokenType(OAuth2ParameterNames.SUBJECT_TOKEN_TYPE, subjectTokenType);
} }
// actor_token (OPTIONAL, REQUIRED if actor_token_type is provided) // actor_token (OPTIONAL, REQUIRED if actor_token_type is provided)
String actorToken = parameters.getFirst(ACTOR_TOKEN); String actorToken = parameters.getFirst(OAuth2ParameterNames.ACTOR_TOKEN);
if (StringUtils.hasText(actorToken) && if (StringUtils.hasText(actorToken) &&
parameters.get(ACTOR_TOKEN).size() != 1) { parameters.get(OAuth2ParameterNames.ACTOR_TOKEN).size() != 1) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
ACTOR_TOKEN, OAuth2ParameterNames.ACTOR_TOKEN,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
// actor_token_type (OPTIONAL, REQUIRED if actor_token is provided) // actor_token_type (OPTIONAL, REQUIRED if actor_token is provided)
String actorTokenType = parameters.getFirst(ACTOR_TOKEN_TYPE); String actorTokenType = parameters.getFirst(OAuth2ParameterNames.ACTOR_TOKEN_TYPE);
if (StringUtils.hasText(actorTokenType)) { if (StringUtils.hasText(actorTokenType)) {
if (parameters.get(ACTOR_TOKEN_TYPE).size() != 1) { if (parameters.get(OAuth2ParameterNames.ACTOR_TOKEN_TYPE).size() != 1) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
ACTOR_TOKEN_TYPE, OAuth2ParameterNames.ACTOR_TOKEN_TYPE,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
validateTokenType(ACTOR_TOKEN_TYPE, actorTokenType); validateTokenType(OAuth2ParameterNames.ACTOR_TOKEN_TYPE, actorTokenType);
} }
if (!StringUtils.hasText(actorToken) && StringUtils.hasText(actorTokenType)) { if (!StringUtils.hasText(actorToken) && StringUtils.hasText(actorTokenType)) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
ACTOR_TOKEN, OAuth2ParameterNames.ACTOR_TOKEN,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} else if (StringUtils.hasText(actorToken) && !StringUtils.hasText(actorTokenType)) { } else if (StringUtils.hasText(actorToken) && !StringUtils.hasText(actorTokenType)) {
OAuth2EndpointUtils.throwError( OAuth2EndpointUtils.throwError(
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
ACTOR_TOKEN_TYPE, OAuth2ParameterNames.ACTOR_TOKEN_TYPE,
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
Map<String, Object> additionalParameters = new HashMap<>(); Map<String, Object> additionalParameters = new HashMap<>();
parameters.forEach((key, value) -> { parameters.forEach((key, value) -> {
if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) && if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
!key.equals(RESOURCE) && !key.equals(OAuth2ParameterNames.RESOURCE) &&
!key.equals(AUDIENCE) && !key.equals(OAuth2ParameterNames.AUDIENCE) &&
!key.equals(REQUESTED_TOKEN_TYPE) && !key.equals(OAuth2ParameterNames.REQUESTED_TOKEN_TYPE) &&
!key.equals(SUBJECT_TOKEN) && !key.equals(OAuth2ParameterNames.SUBJECT_TOKEN) &&
!key.equals(SUBJECT_TOKEN_TYPE) && !key.equals(OAuth2ParameterNames.SUBJECT_TOKEN_TYPE) &&
!key.equals(ACTOR_TOKEN) && !key.equals(OAuth2ParameterNames.ACTOR_TOKEN) &&
!key.equals(ACTOR_TOKEN_TYPE) && !key.equals(OAuth2ParameterNames.ACTOR_TOKEN_TYPE) &&
!key.equals(OAuth2ParameterNames.SCOPE)) { !key.equals(OAuth2ParameterNames.SCOPE)) {
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0])); additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
} }

Write Preview
Loading…
Cancel
Save