GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Replace stream usage with for loops 

Closes gh-401
pull/411/head
Joe Grandja 4 years ago
parent
42d611828a
commit
ea1f95b4ed
15 changed files with 116 additions and 110 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java
  2. 11
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2Authorization.java
  3. 13
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationConsent.java
  4. 6
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java
  5. 14
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java
  6. 17
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenIntrospectionEndpointFilter.java
  7. 15
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/DelegatingAuthenticationConverter.java
  8. 21
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AuthorizationCodeAuthenticationConverter.java
  9. 23
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AuthorizationCodeRequestAuthenticationConverter.java
  10. 17
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2ClientCredentialsAuthenticationConverter.java
  11. 19
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2RefreshTokenAuthenticationConverter.java
  12. 17
      oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java
  13. 16
      oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java
  14. 16
      oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OidcTests.java
  15. 11
      samples/boot/oauth2-integration/authorizationserver-custom-consent-page/src/main/java/sample/web/AuthorizationConsentController.java

10
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationService.java
Unescape View File

@ -97,10 +97,12 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
@Override @Override
public OAuth2Authorization findByToken(String token, @Nullable OAuth2TokenType tokenType) { public OAuth2Authorization findByToken(String token, @Nullable OAuth2TokenType tokenType) {
Assert.hasText(token, "token cannot be empty"); Assert.hasText(token, "token cannot be empty");
return this.authorizations.values().stream() for (OAuth2Authorization authorization : this.authorizations.values()) {
.filter(authorization -> hasToken(authorization, token, tokenType)) if (hasToken(authorization, token, tokenType)) {
.findFirst() return authorization;
.orElse(null); }
}
return null;
} }
private static boolean hasToken(OAuth2Authorization authorization, String token, @Nullable OAuth2TokenType tokenType) { private static boolean hasToken(OAuth2Authorization authorization, String token, @Nullable OAuth2TokenType tokenType) {

11
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2Authorization.java
Unescape View File

@ -150,11 +150,12 @@ public class OAuth2Authorization implements Serializable {
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public <T extends OAuth2Token> Token<T> getToken(String tokenValue) { public <T extends OAuth2Token> Token<T> getToken(String tokenValue) {
Assert.hasText(tokenValue, "tokenValue cannot be empty"); Assert.hasText(tokenValue, "tokenValue cannot be empty");
Token<?> token = this.tokens.values().stream() for (Token<?> token : this.tokens.values()) {
.filter(t -> t.getToken().getTokenValue().equals(tokenValue)) if (token.getToken().getTokenValue().equals(tokenValue)) {
.findFirst() return (Token<T>) token;
.orElse(null); }
return token != null ? (Token<T>) token : null; }
return null;
} }
/** /**

13
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationConsent.java
Unescape View File

@ -21,7 +21,6 @@ import java.util.HashSet;
import java.util.Objects; import java.util.Objects;
import java.util.Set; import java.util.Set;
import java.util.function.Consumer; import java.util.function.Consumer;
import java.util.stream.Collectors;
import org.springframework.lang.NonNull; import org.springframework.lang.NonNull;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
@ -91,11 +90,13 @@ public final class OAuth2AuthorizationConsent implements Serializable {
* @return the {@code scope}s granted to the client by the principal. * @return the {@code scope}s granted to the client by the principal.
*/ */
public Set<String> getScopes() { public Set<String> getScopes() {
return getAuthorities().stream() Set<String> authorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : getAuthorities()) {
.filter(authority -> authority.startsWith(AUTHORITIES_SCOPE_PREFIX)) if (authority.getAuthority().startsWith(AUTHORITIES_SCOPE_PREFIX)) {
.map(scope -> scope.replaceFirst(AUTHORITIES_SCOPE_PREFIX, "")) authorities.add(authority.getAuthority().replaceFirst(AUTHORITIES_SCOPE_PREFIX, ""));
.collect(Collectors.toSet()); }
}
return authorities;
} }
@Override @Override

6
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java
Unescape View File

@ -18,7 +18,6 @@ package org.springframework.security.oauth2.server.authorization.authentication;
import java.security.Principal; import java.security.Principal;
import java.time.Instant; import java.time.Instant;
import java.time.temporal.ChronoUnit; import java.time.temporal.ChronoUnit;
import java.util.Arrays;
import java.util.Base64; import java.util.Base64;
import java.util.Collections; import java.util.Collections;
import java.util.HashMap; import java.util.HashMap;
@ -448,7 +447,10 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen
return false; return false;
} }
try { try {
int[] address = Arrays.stream(ipv4Octets).mapToInt(Integer::parseInt).toArray(); int[] address = new int[ipv4Octets.length];
for (int i=0; i < ipv4Octets.length; i++) {
address[i] = Integer.parseInt(ipv4Octets[i]);
}
return address[0] == 127 && address[1] >= 0 && address[1] <= 255 && address[2] >= 0 && return address[0] == 127 && address[1] >= 0 && address[1] <= 255 && address[2] >= 0 &&
address[2] <= 255 && address[3] >= 1 && address[3] <= 255; address[2] <= 255 && address[3] >= 1 && address[3] <= 255;
} catch (NumberFormatException ex) { } catch (NumberFormatException ex) {

14
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java
Unescape View File

@ -18,7 +18,6 @@ package org.springframework.security.oauth2.server.authorization.authentication;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
import java.util.Set; import java.util.Set;
import java.util.function.Consumer; import java.util.function.Consumer;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.AuthenticationProvider;
@ -34,12 +33,12 @@ import org.springframework.security.oauth2.jwt.JoseHeader;
import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtClaimsSet; import org.springframework.security.oauth2.jwt.JwtClaimsSet;
import org.springframework.security.oauth2.jwt.JwtEncoder; import org.springframework.security.oauth2.jwt.JwtEncoder;
import org.springframework.security.oauth2.server.authorization.JwtEncodingContext;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings; import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
import org.springframework.security.oauth2.server.authorization.JwtEncodingContext;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils; import org.springframework.util.CollectionUtils;
@ -112,11 +111,10 @@ public final class OAuth2ClientCredentialsAuthenticationProvider implements Auth
Set<String> authorizedScopes = registeredClient.getScopes(); // Default to configured scopes Set<String> authorizedScopes = registeredClient.getScopes(); // Default to configured scopes
if (!CollectionUtils.isEmpty(clientCredentialsAuthentication.getScopes())) { if (!CollectionUtils.isEmpty(clientCredentialsAuthentication.getScopes())) {
Set<String> unauthorizedScopes = clientCredentialsAuthentication.getScopes().stream() for (String requestedScope : clientCredentialsAuthentication.getScopes()) {
.filter(requestedScope -> !registeredClient.getScopes().contains(requestedScope)) if (!registeredClient.getScopes().contains(requestedScope)) {
.collect(Collectors.toSet()); throw new OAuth2AuthenticationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_SCOPE));
if (!CollectionUtils.isEmpty(unauthorizedScopes)) { }
throw new OAuth2AuthenticationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_SCOPE));
} }
authorizedScopes = new LinkedHashSet<>(clientCredentialsAuthentication.getScopes()); authorizedScopes = new LinkedHashSet<>(clientCredentialsAuthentication.getScopes());
} }

17
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenIntrospectionEndpointFilter.java
Unescape View File

@ -16,8 +16,8 @@
package org.springframework.security.oauth2.server.authorization.web; package org.springframework.security.oauth2.server.authorization.web;
import java.io.IOException; import java.io.IOException;
import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
import javax.servlet.ServletException; import javax.servlet.ServletException;
@ -161,14 +161,13 @@ public final class OAuth2TokenIntrospectionEndpointFilter extends OncePerRequest
throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.TOKEN_TYPE_HINT); throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.TOKEN_TYPE_HINT);
} }
// @formatter:off Map<String, Object> additionalParameters = new HashMap<>();
Map<String, Object> additionalParameters = parameters parameters.forEach((key, value) -> {
.entrySet() if (!key.equals(OAuth2ParameterNames.TOKEN) &&
.stream() !key.equals(OAuth2ParameterNames.TOKEN_TYPE_HINT)) {
.filter(e -> !e.getKey().equals(OAuth2ParameterNames.TOKEN) && additionalParameters.put(key, value.get(0));
!e.getKey().equals(OAuth2ParameterNames.TOKEN_TYPE_HINT)) }
.collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().get(0))); });
// @formatter:on
return new OAuth2TokenIntrospectionAuthenticationToken( return new OAuth2TokenIntrospectionAuthenticationToken(
token, clientPrincipal, tokenTypeHint, additionalParameters); token, clientPrincipal, tokenTypeHint, additionalParameters);

15
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/DelegatingAuthenticationConverter.java
Unescape View File

@ -18,7 +18,6 @@ package org.springframework.security.oauth2.server.authorization.web.authenticat
import java.util.Collections; import java.util.Collections;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -56,12 +55,12 @@ public final class DelegatingAuthenticationConverter implements AuthenticationCo
@Override @Override
public Authentication convert(HttpServletRequest request) { public Authentication convert(HttpServletRequest request) {
Assert.notNull(request, "request cannot be null"); Assert.notNull(request, "request cannot be null");
// @formatter:off for (AuthenticationConverter converter : this.converters) {
return this.converters.stream() Authentication authentication = converter.convert(request);
.map(converter -> converter.convert(request)) if (authentication != null) {
.filter(Objects::nonNull) return authentication;
.findFirst() }
.orElse(null); }
// @formatter:on return null;
} }
} }

21
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AuthorizationCodeAuthenticationConverter.java
Unescape View File

@ -15,8 +15,8 @@
*/ */
package org.springframework.security.oauth2.server.authorization.web.authentication; package org.springframework.security.oauth2.server.authorization.web.authentication;
import java.util.HashMap;
import java.util.Map; import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -78,16 +78,15 @@ public final class OAuth2AuthorizationCodeAuthenticationConverter implements Aut
OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI); OAuth2EndpointUtils.ACCESS_TOKEN_REQUEST_ERROR_URI);
} }
// @formatter:off Map<String, Object> additionalParameters = new HashMap<>();
Map<String, Object> additionalParameters = parameters parameters.forEach((key, value) -> {
.entrySet() if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
.stream() !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
.filter(e -> !e.getKey().equals(OAuth2ParameterNames.GRANT_TYPE) && !key.equals(OAuth2ParameterNames.CODE) &&
!e.getKey().equals(OAuth2ParameterNames.CLIENT_ID) && !key.equals(OAuth2ParameterNames.REDIRECT_URI)) {
!e.getKey().equals(OAuth2ParameterNames.CODE) && additionalParameters.put(key, value.get(0));
!e.getKey().equals(OAuth2ParameterNames.REDIRECT_URI)) }
.collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().get(0))); });
// @formatter:on
return new OAuth2AuthorizationCodeAuthenticationToken( return new OAuth2AuthorizationCodeAuthenticationToken(
code, clientPrincipal, redirectUri, additionalParameters); code, clientPrincipal, redirectUri, additionalParameters);

23
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AuthorizationCodeRequestAuthenticationConverter.java
Unescape View File

@ -16,10 +16,10 @@
package org.springframework.security.oauth2.server.authorization.web.authentication; package org.springframework.security.oauth2.server.authorization.web.authentication;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -139,17 +139,16 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationConverter impleme
throwError(OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE_METHOD, PKCE_ERROR_URI); throwError(OAuth2ErrorCodes.INVALID_REQUEST, PkceParameterNames.CODE_CHALLENGE_METHOD, PKCE_ERROR_URI);
} }
// @formatter:off Map<String, Object> additionalParameters = new HashMap<>();
Map<String, Object> additionalParameters = parameters parameters.forEach((key, value) -> {
.entrySet() if (!key.equals(OAuth2ParameterNames.RESPONSE_TYPE) &&
.stream() !key.equals(OAuth2ParameterNames.CLIENT_ID) &&
.filter(e -> !e.getKey().equals(OAuth2ParameterNames.RESPONSE_TYPE) && !key.equals(OAuth2ParameterNames.REDIRECT_URI) &&
!e.getKey().equals(OAuth2ParameterNames.CLIENT_ID) && !key.equals(OAuth2ParameterNames.SCOPE) &&
!e.getKey().equals(OAuth2ParameterNames.REDIRECT_URI) && !key.equals(OAuth2ParameterNames.STATE)) {
!e.getKey().equals(OAuth2ParameterNames.SCOPE) && additionalParameters.put(key, value.get(0));
!e.getKey().equals(OAuth2ParameterNames.STATE)) }
.collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().get(0))); });
// @formatter:on
return OAuth2AuthorizationCodeRequestAuthenticationToken.with(clientId, principal) return OAuth2AuthorizationCodeRequestAuthenticationToken.with(clientId, principal)
.authorizationUri(authorizationUri) .authorizationUri(authorizationUri)

17
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2ClientCredentialsAuthenticationConverter.java
Unescape View File

@ -16,10 +16,10 @@
package org.springframework.security.oauth2.server.authorization.web.authentication; package org.springframework.security.oauth2.server.authorization.web.authentication;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -75,14 +75,13 @@ public final class OAuth2ClientCredentialsAuthenticationConverter implements Aut
Arrays.asList(StringUtils.delimitedListToStringArray(scope, " "))); Arrays.asList(StringUtils.delimitedListToStringArray(scope, " ")));
} }
// @formatter:off Map<String, Object> additionalParameters = new HashMap<>();
Map<String, Object> additionalParameters = parameters parameters.forEach((key, value) -> {
.entrySet() if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
.stream() !key.equals(OAuth2ParameterNames.SCOPE)) {
.filter(e -> !e.getKey().equals(OAuth2ParameterNames.GRANT_TYPE) && additionalParameters.put(key, value.get(0));
!e.getKey().equals(OAuth2ParameterNames.SCOPE)) }
.collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().get(0))); });
// @formatter:on
return new OAuth2ClientCredentialsAuthenticationToken( return new OAuth2ClientCredentialsAuthenticationToken(
clientPrincipal, requestedScopes, additionalParameters); clientPrincipal, requestedScopes, additionalParameters);

19
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2RefreshTokenAuthenticationConverter.java
Unescape View File

@ -16,10 +16,10 @@
package org.springframework.security.oauth2.server.authorization.web.authentication; package org.springframework.security.oauth2.server.authorization.web.authentication;
import java.util.Arrays; import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -85,15 +85,14 @@ public final class OAuth2RefreshTokenAuthenticationConverter implements Authenti
Arrays.asList(StringUtils.delimitedListToStringArray(scope, " "))); Arrays.asList(StringUtils.delimitedListToStringArray(scope, " ")));
} }
// @formatter:off Map<String, Object> additionalParameters = new HashMap<>();
Map<String, Object> additionalParameters = parameters parameters.forEach((key, value) -> {
.entrySet() if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
.stream() !key.equals(OAuth2ParameterNames.REFRESH_TOKEN) &&
.filter(e -> !e.getKey().equals(OAuth2ParameterNames.GRANT_TYPE) && !key.equals(OAuth2ParameterNames.SCOPE)) {
!e.getKey().equals(OAuth2ParameterNames.REFRESH_TOKEN) && additionalParameters.put(key, value.get(0));
!e.getKey().equals(OAuth2ParameterNames.SCOPE)) }
.collect(Collectors.toMap(Map.Entry::getKey, e -> e.getValue().get(0))); });
// @formatter:on
return new OAuth2RefreshTokenAuthenticationToken( return new OAuth2RefreshTokenAuthenticationToken(
refreshToken, clientPrincipal, requestedScopes, additionalParameters); refreshToken, clientPrincipal, requestedScopes, additionalParameters);

17
oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java
Unescape View File

@ -24,9 +24,9 @@ import java.text.MessageFormat;
import java.time.Instant; import java.time.Instant;
import java.time.temporal.ChronoUnit; import java.time.temporal.ChronoUnit;
import java.util.Base64; import java.util.Base64;
import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.source.JWKSource; import com.nimbusds.jose.jwk.source.JWKSource;
@ -273,9 +273,11 @@ public class OAuth2AuthorizationCodeGrantTests {
Jwt jwt = this.jwtDecoder.decode(accessTokenResponse.getAccessToken().getTokenValue()); Jwt jwt = this.jwtDecoder.decode(accessTokenResponse.getAccessToken().getTokenValue());
List<String> authoritiesClaim = jwt.getClaim(AUTHORITIES_CLAIM); List<String> authoritiesClaim = jwt.getClaim(AUTHORITIES_CLAIM);
Authentication principal = authorization.getAttribute(Principal.class.getName()); Authentication principal = authorization.getAttribute(Principal.class.getName());
Set<String> userAuthorities = principal.getAuthorities().stream() Set<String> userAuthorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : principal.getAuthorities()) {
.collect(Collectors.toSet()); userAuthorities.add(authority.getAuthority());
}
assertThat(authoritiesClaim).containsExactlyInAnyOrderElementsOf(userAuthorities); assertThat(authoritiesClaim).containsExactlyInAnyOrderElementsOf(userAuthorities);
} }
@ -612,9 +614,10 @@ public class OAuth2AuthorizationCodeGrantTests {
if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(context.getAuthorizationGrantType()) && if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(context.getAuthorizationGrantType()) &&
OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) { OAuth2TokenType.ACCESS_TOKEN.equals(context.getTokenType())) {
Authentication principal = context.getPrincipal(); Authentication principal = context.getPrincipal();
Set<String> authorities = principal.getAuthorities().stream() Set<String> authorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : principal.getAuthorities()) {
.collect(Collectors.toSet()); authorities.add(authority.getAuthority());
}
context.getClaims().claim(AUTHORITIES_CLAIM, authorities); context.getClaims().claim(AUTHORITIES_CLAIM, authorities);
} }
}; };

16
oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java
Unescape View File

@ -19,9 +19,9 @@ import java.net.URLEncoder;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.Principal; import java.security.Principal;
import java.util.Base64; import java.util.Base64;
import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.source.JWKSource; import com.nimbusds.jose.jwk.source.JWKSource;
@ -174,9 +174,10 @@ public class OAuth2RefreshTokenGrantTests {
Jwt jwt = jwtDecoder.decode(accessTokenResponse.getAccessToken().getTokenValue()); Jwt jwt = jwtDecoder.decode(accessTokenResponse.getAccessToken().getTokenValue());
List<String> authoritiesClaim = jwt.getClaim(AUTHORITIES_CLAIM); List<String> authoritiesClaim = jwt.getClaim(AUTHORITIES_CLAIM);
Authentication principal = authorization.getAttribute(Principal.class.getName()); Authentication principal = authorization.getAttribute(Principal.class.getName());
Set<String> userAuthorities = principal.getAuthorities().stream() Set<String> userAuthorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : principal.getAuthorities()) {
.collect(Collectors.toSet()); userAuthorities.add(authority.getAuthority());
}
assertThat(authoritiesClaim).containsExactlyInAnyOrderElementsOf(userAuthorities); assertThat(authoritiesClaim).containsExactlyInAnyOrderElementsOf(userAuthorities);
} }
@ -231,9 +232,10 @@ public class OAuth2RefreshTokenGrantTests {
return context -> { return context -> {
if (AuthorizationGrantType.REFRESH_TOKEN.equals(context.getAuthorizationGrantType())) { if (AuthorizationGrantType.REFRESH_TOKEN.equals(context.getAuthorizationGrantType())) {
Authentication principal = context.getPrincipal(); Authentication principal = context.getPrincipal();
Set<String> authorities = principal.getAuthorities().stream() Set<String> authorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : principal.getAuthorities()) {
.collect(Collectors.toSet()); authorities.add(authority.getAuthority());
}
context.getClaims().claim(AUTHORITIES_CLAIM, authorities); context.getClaims().claim(AUTHORITIES_CLAIM, authorities);
} }
}; };

16
oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OidcTests.java
Unescape View File

@ -21,9 +21,9 @@ import java.net.URLEncoder;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.Principal; import java.security.Principal;
import java.util.Base64; import java.util.Base64;
import java.util.HashSet;
import java.util.List; import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.source.JWKSource; import com.nimbusds.jose.jwk.source.JWKSource;
@ -223,9 +223,10 @@ public class OidcTests {
Jwt idToken = this.jwtDecoder.decode((String) accessTokenResponse.getAdditionalParameters().get(OidcParameterNames.ID_TOKEN)); Jwt idToken = this.jwtDecoder.decode((String) accessTokenResponse.getAdditionalParameters().get(OidcParameterNames.ID_TOKEN));
List<String> authoritiesClaim = idToken.getClaim(AUTHORITIES_CLAIM); List<String> authoritiesClaim = idToken.getClaim(AUTHORITIES_CLAIM);
Authentication principal = authorization.getAttribute(Principal.class.getName()); Authentication principal = authorization.getAttribute(Principal.class.getName());
Set<String> userAuthorities = principal.getAuthorities().stream() Set<String> userAuthorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : principal.getAuthorities()) {
.collect(Collectors.toSet()); userAuthorities.add(authority.getAuthority());
}
assertThat(authoritiesClaim).containsExactlyInAnyOrderElementsOf(userAuthorities); assertThat(authoritiesClaim).containsExactlyInAnyOrderElementsOf(userAuthorities);
} }
@ -304,9 +305,10 @@ public class OidcTests {
return context -> { return context -> {
if (context.getTokenType().getValue().equals(OidcParameterNames.ID_TOKEN)) { if (context.getTokenType().getValue().equals(OidcParameterNames.ID_TOKEN)) {
Authentication principal = context.getPrincipal(); Authentication principal = context.getPrincipal();
Set<String> authorities = principal.getAuthorities().stream() Set<String> authorities = new HashSet<>();
.map(GrantedAuthority::getAuthority) for (GrantedAuthority authority : principal.getAuthorities()) {
.collect(Collectors.toSet()); authorities.add(authority.getAuthority());
}
context.getClaims().claim(AUTHORITIES_CLAIM, authorities); context.getClaims().claim(AUTHORITIES_CLAIM, authorities);
} }
}; };

11
samples/boot/oauth2-integration/authorizationserver-custom-consent-page/src/main/java/sample/web/AuthorizationConsentController.java
Unescape View File

@ -21,7 +21,6 @@ import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsent; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsent;
@ -84,10 +83,12 @@ public class AuthorizationConsentController {
} }
private static Set<ScopeWithDescription> withDescription(Set<String> scopes) { private static Set<ScopeWithDescription> withDescription(Set<String> scopes) {
return scopes Set<ScopeWithDescription> scopeWithDescriptions = new HashSet<>();
.stream() for (String scope : scopes) {
.map(ScopeWithDescription::new) scopeWithDescriptions.add(new ScopeWithDescription(scope));
.collect(Collectors.toSet());
}
return scopeWithDescriptions;
} }
public static class ScopeWithDescription { public static class ScopeWithDescription {

Write Preview
Loading…
Cancel
Save