From f8d613c22be0f8347ba8eb3ae9b42374480bb392 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Wed, 4 May 2022 06:30:37 -0400 Subject: [PATCH] Change interface that only contain constants to final class Closes gh-728 --- ...AuthorizationServerMetadataClaimNames.java | 33 +++++++++-------- .../oidc/OidcClientMetadataClaimNames.java | 37 ++++++++++--------- .../oidc/OidcProviderMetadataClaimNames.java | 11 ++++-- .../token/OAuth2TokenClaimNames.java | 19 ++++++---- 4 files changed, 56 insertions(+), 44 deletions(-) diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java index e6bd62be..cd9e119d 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2021 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,71 +24,74 @@ package org.springframework.security.oauth2.core; * @see 2. Authorization Server Metadata * @see 3. OpenID Provider Metadata */ -public interface OAuth2AuthorizationServerMetadataClaimNames { +public class OAuth2AuthorizationServerMetadataClaimNames { /** * {@code issuer} - the {@code URL} the Authorization Server asserts as its Issuer Identifier */ - String ISSUER = "issuer"; + public static final String ISSUER = "issuer"; /** * {@code authorization_endpoint} - the {@code URL} of the OAuth 2.0 Authorization Endpoint */ - String AUTHORIZATION_ENDPOINT = "authorization_endpoint"; + public static final String AUTHORIZATION_ENDPOINT = "authorization_endpoint"; /** * {@code token_endpoint} - the {@code URL} of the OAuth 2.0 Token Endpoint */ - String TOKEN_ENDPOINT = "token_endpoint"; + public static final String TOKEN_ENDPOINT = "token_endpoint"; /** * {@code token_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Endpoint */ - String TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED = "token_endpoint_auth_methods_supported"; + public static final String TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED = "token_endpoint_auth_methods_supported"; /** * {@code jwks_uri} - the {@code URL} of the JSON Web Key Set */ - String JWKS_URI = "jwks_uri"; + public static final String JWKS_URI = "jwks_uri"; /** * {@code scopes_supported} - the OAuth 2.0 {@code scope} values supported */ - String SCOPES_SUPPORTED = "scopes_supported"; + public static final String SCOPES_SUPPORTED = "scopes_supported"; /** * {@code response_types_supported} - the OAuth 2.0 {@code response_type} values supported */ - String RESPONSE_TYPES_SUPPORTED = "response_types_supported"; + public static final String RESPONSE_TYPES_SUPPORTED = "response_types_supported"; /** * {@code grant_types_supported} - the OAuth 2.0 {@code grant_type} values supported */ - String GRANT_TYPES_SUPPORTED = "grant_types_supported"; + public static final String GRANT_TYPES_SUPPORTED = "grant_types_supported"; /** * {@code revocation_endpoint} - the {@code URL} of the OAuth 2.0 Token Revocation Endpoint */ - String REVOCATION_ENDPOINT = "revocation_endpoint"; + public static final String REVOCATION_ENDPOINT = "revocation_endpoint"; /** * {@code revocation_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Revocation Endpoint */ - String REVOCATION_ENDPOINT_AUTH_METHODS_SUPPORTED = "revocation_endpoint_auth_methods_supported"; + public static final String REVOCATION_ENDPOINT_AUTH_METHODS_SUPPORTED = "revocation_endpoint_auth_methods_supported"; /** * {@code introspection_endpoint} - the {@code URL} of the OAuth 2.0 Token Introspection Endpoint */ - String INTROSPECTION_ENDPOINT = "introspection_endpoint"; + public static final String INTROSPECTION_ENDPOINT = "introspection_endpoint"; /** * {@code introspection_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Introspection Endpoint */ - String INTROSPECTION_ENDPOINT_AUTH_METHODS_SUPPORTED = "introspection_endpoint_auth_methods_supported"; + public static final String INTROSPECTION_ENDPOINT_AUTH_METHODS_SUPPORTED = "introspection_endpoint_auth_methods_supported"; /** * {@code code_challenge_methods_supported} - the Proof Key for Code Exchange (PKCE) {@code code_challenge_method} values supported */ - String CODE_CHALLENGE_METHODS_SUPPORTED = "code_challenge_methods_supported"; + public static final String CODE_CHALLENGE_METHODS_SUPPORTED = "code_challenge_methods_supported"; + + protected OAuth2AuthorizationServerMetadataClaimNames() { + } } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcClientMetadataClaimNames.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcClientMetadataClaimNames.java index 475c50e9..5af060a9 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcClientMetadataClaimNames.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcClientMetadataClaimNames.java @@ -1,5 +1,5 @@ /* - * Copyright 2020-2021 the original author or authors. + * Copyright 2020-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,42 +28,42 @@ import org.springframework.security.oauth2.jwt.Jwt; * @since 0.1.1 * @see 2. Client Metadata */ -public interface OidcClientMetadataClaimNames { +public final class OidcClientMetadataClaimNames { /** * {@code client_id} - the Client Identifier */ - String CLIENT_ID = "client_id"; + public static final String CLIENT_ID = "client_id"; /** * {@code client_id_issued_at} - the time at which the Client Identifier was issued */ - String CLIENT_ID_ISSUED_AT = "client_id_issued_at"; + public static final String CLIENT_ID_ISSUED_AT = "client_id_issued_at"; /** * {@code client_secret} - the Client Secret */ - String CLIENT_SECRET = "client_secret"; + public static final String CLIENT_SECRET = "client_secret"; /** * {@code client_secret_expires_at} - the time at which the {@code client_secret} will expire or 0 if it will not expire */ - String CLIENT_SECRET_EXPIRES_AT = "client_secret_expires_at"; + public static final String CLIENT_SECRET_EXPIRES_AT = "client_secret_expires_at"; /** * {@code client_name} - the name of the Client to be presented to the End-User */ - String CLIENT_NAME = "client_name"; + public static final String CLIENT_NAME = "client_name"; /** * {@code redirect_uris} - the redirection {@code URI} values used by the Client */ - String REDIRECT_URIS = "redirect_uris"; + public static final String REDIRECT_URIS = "redirect_uris"; /** * {@code token_endpoint_auth_method} - the authentication method used by the Client for the Token Endpoint */ - String TOKEN_ENDPOINT_AUTH_METHOD = "token_endpoint_auth_method"; + public static final String TOKEN_ENDPOINT_AUTH_METHOD = "token_endpoint_auth_method"; /** * {@code token_endpoint_auth_signing_alg} - the {@link JwsAlgorithm JWS} algorithm that must be used for signing the {@link Jwt JWT} @@ -71,44 +71,47 @@ public interface OidcClientMetadataClaimNames { * {@link ClientAuthenticationMethod#CLIENT_SECRET_JWT client_secret_jwt} authentication methods * @since 0.2.2 */ - String TOKEN_ENDPOINT_AUTH_SIGNING_ALG = "token_endpoint_auth_signing_alg"; + public static final String TOKEN_ENDPOINT_AUTH_SIGNING_ALG = "token_endpoint_auth_signing_alg"; /** * {@code grant_types} - the OAuth 2.0 {@code grant_type} values that the Client will restrict itself to using */ - String GRANT_TYPES = "grant_types"; + public static final String GRANT_TYPES = "grant_types"; /** * {@code response_types} - the OAuth 2.0 {@code response_type} values that the Client will restrict itself to using */ - String RESPONSE_TYPES = "response_types"; + public static final String RESPONSE_TYPES = "response_types"; /** * {@code scope} - a space-separated list of OAuth 2.0 {@code scope} values that the Client will restrict itself to using */ - String SCOPE = "scope"; + public static final String SCOPE = "scope"; /** * {@code jwks_uri} - the {@code URL} for the Client's JSON Web Key Set * @since 0.2.2 */ - String JWKS_URI = "jwks_uri"; + public static final String JWKS_URI = "jwks_uri"; /** * {@code id_token_signed_response_alg} - the {@link JwsAlgorithm JWS} algorithm required for signing the {@link OidcIdToken ID Token} issued to the Client */ - String ID_TOKEN_SIGNED_RESPONSE_ALG = "id_token_signed_response_alg"; + public static final String ID_TOKEN_SIGNED_RESPONSE_ALG = "id_token_signed_response_alg"; /** * {@code registration_access_token} - the Registration Access Token that can be used at the Client Configuration Endpoint * @since 0.2.1 */ - String REGISTRATION_ACCESS_TOKEN = "registration_access_token"; + public static final String REGISTRATION_ACCESS_TOKEN = "registration_access_token"; /** * {@code registration_client_uri} - the {@code URL} of the Client Configuration Endpoint where the Registration Access Token can be used * @since 0.2.1 */ - String REGISTRATION_CLIENT_URI = "registration_client_uri"; + public static final String REGISTRATION_CLIENT_URI = "registration_client_uri"; + + private OidcClientMetadataClaimNames() { + } } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java index d77a53f7..4129babb 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java @@ -27,22 +27,25 @@ import org.springframework.security.oauth2.jose.jws.JwsAlgorithm; * @see OAuth2AuthorizationServerMetadataClaimNames * @see 3. OpenID Provider Metadata */ -public interface OidcProviderMetadataClaimNames extends OAuth2AuthorizationServerMetadataClaimNames { +public final class OidcProviderMetadataClaimNames extends OAuth2AuthorizationServerMetadataClaimNames { /** * {@code subject_types_supported} - the Subject Identifier types supported */ - String SUBJECT_TYPES_SUPPORTED = "subject_types_supported"; + public static final String SUBJECT_TYPES_SUPPORTED = "subject_types_supported"; /** * {@code id_token_signing_alg_values_supported} - the {@link JwsAlgorithm JWS} signing algorithms supported for the {@link OidcIdToken ID Token} */ - String ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = "id_token_signing_alg_values_supported"; + public static final String ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = "id_token_signing_alg_values_supported"; /** * {@code userinfo_endpoint} - the {@code URL} of the OpenID Connect 1.0 UserInfo Endpoint * @since 0.2.2 */ - String USER_INFO_ENDPOINT = "userinfo_endpoint"; + public static final String USER_INFO_ENDPOINT = "userinfo_endpoint"; + + private OidcProviderMetadataClaimNames() { + } } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimNames.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimNames.java index a6e29ade..63f5efe8 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimNames.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimNames.java @@ -27,43 +27,46 @@ import org.springframework.security.oauth2.core.OAuth2Token; * @see OAuth2TokenClaimsSet * @see OAuth2Token */ -public interface OAuth2TokenClaimNames { +public final class OAuth2TokenClaimNames { /** * {@code iss} - the Issuer claim identifies the principal that issued the OAuth 2.0 Token */ - String ISS = "iss"; + public static final String ISS = "iss"; /** * {@code sub} - the Subject claim identifies the principal that is the subject of the OAuth 2.0 Token */ - String SUB = "sub"; + public static final String SUB = "sub"; /** * {@code aud} - the Audience claim identifies the recipient(s) that the OAuth 2.0 Token is intended for */ - String AUD = "aud"; + public static final String AUD = "aud"; /** * {@code exp} - the Expiration time claim identifies the expiration time on or after * which the OAuth 2.0 Token MUST NOT be accepted for processing */ - String EXP = "exp"; + public static final String EXP = "exp"; /** * {@code nbf} - the Not Before claim identifies the time before which the OAuth 2.0 Token * MUST NOT be accepted for processing */ - String NBF = "nbf"; + public static final String NBF = "nbf"; /** * {@code iat} - The Issued at claim identifies the time at which the OAuth 2.0 Token was issued */ - String IAT = "iat"; + public static final String IAT = "iat"; /** * {@code jti} - The ID claim provides a unique identifier for the OAuth 2.0 Token */ - String JTI = "jti"; + public static final String JTI = "jti"; + + private OAuth2TokenClaimNames() { + } }