diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java index 1b0b09c8..69b0613d 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java @@ -52,8 +52,6 @@ import org.springframework.util.Assert; import org.springframework.util.CollectionUtils; import org.springframework.util.StringUtils; -import static org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthenticationProviderUtils.getAuthenticatedClientElseThrowInvalidClient; - /** * An {@link AuthenticationProvider} implementation for the OAuth 2.0 Token Exchange * Grant. @@ -103,8 +101,8 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti public Authentication authenticate(Authentication authentication) throws AuthenticationException { OAuth2TokenExchangeAuthenticationToken tokenExchangeAuthentication = (OAuth2TokenExchangeAuthenticationToken) authentication; - OAuth2ClientAuthenticationToken clientPrincipal = getAuthenticatedClientElseThrowInvalidClient( - tokenExchangeAuthentication); + OAuth2ClientAuthenticationToken clientPrincipal = OAuth2AuthenticationProviderUtils + .getAuthenticatedClientElseThrowInvalidClient(tokenExchangeAuthentication); RegisteredClient registeredClient = clientPrincipal.getRegisteredClient(); if (this.logger.isTraceEnabled()) { diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java index 944c4458..24d6a9fc 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationToken.java @@ -80,10 +80,10 @@ public class OAuth2TokenExchangeAuthenticationToken extends OAuth2AuthorizationG this.actorToken = actorToken; this.actorTokenType = actorTokenType; this.resources = Collections - .unmodifiableSet(resources != null ? new LinkedHashSet<>(resources) : Collections.emptySet()); + .unmodifiableSet((resources != null) ? new LinkedHashSet<>(resources) : Collections.emptySet()); this.audiences = Collections - .unmodifiableSet(audiences != null ? new LinkedHashSet<>(audiences) : Collections.emptySet()); - this.scopes = Collections.unmodifiableSet(scopes != null ? new HashSet<>(scopes) : Collections.emptySet()); + .unmodifiableSet((audiences != null) ? new LinkedHashSet<>(audiences) : Collections.emptySet()); + this.scopes = Collections.unmodifiableSet((scopes != null) ? new HashSet<>(scopes) : Collections.emptySet()); } /** diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java index e9c20bd8..02d7f5b8 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeCompositeAuthenticationToken.java @@ -41,7 +41,7 @@ public class OAuth2TokenExchangeCompositeAuthenticationToken extends AbstractAut public OAuth2TokenExchangeCompositeAuthenticationToken(Authentication subject, List actors) { - super(subject != null ? subject.getAuthorities() : null); + super((subject != null) ? subject.getAuthorities() : null); Assert.notNull(subject, "subject cannot be null"); Assert.notNull(actors, "actors cannot be null"); this.subject = subject; diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509SelfSignedCertificateVerifier.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509SelfSignedCertificateVerifier.java index cad5d567..964c7592 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509SelfSignedCertificateVerifier.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509SelfSignedCertificateVerifier.java @@ -108,7 +108,7 @@ final class X509SelfSignedCertificateVerifier implements Consumer { + private static final class JwkSetSupplier implements Function { private static final MediaType APPLICATION_JWK_SET_JSON = new MediaType("application", "jwk-set+json"); @@ -168,7 +168,7 @@ final class X509SelfSignedCertificateVerifier implements Consumer { + private final class JwkSetHolder implements Supplier { private final ReentrantReadWriteLock rwLock = new ReentrantReadWriteLock(); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizers.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizers.java index 1a6c8441..3b054c35 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizers.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizers.java @@ -44,6 +44,9 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2Toke */ final class DefaultOAuth2TokenCustomizers { + private DefaultOAuth2TokenCustomizers() { + } + static OAuth2TokenCustomizer jwtCustomizer() { return (context) -> context.getClaims().claims((claims) -> customize(context, claims)); } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java index 3bc75484..e2e7332b 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationEndpointConfigurer.java @@ -51,8 +51,6 @@ import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; import org.springframework.util.StringUtils; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for the OAuth 2.0 Authorization Endpoint. * @@ -240,7 +238,8 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String authorizationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint()) : authorizationServerSettings.getAuthorizationEndpoint(); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.GET.name()), @@ -261,7 +260,8 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String authorizationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint()) : authorizationServerSettings.getAuthorizationEndpoint(); OAuth2AuthorizationEndpointFilter authorizationEndpointFilter = new OAuth2AuthorizationEndpointFilter( authenticationManager, authorizationEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java index de856aff..ba991e9c 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java @@ -56,8 +56,6 @@ import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * An {@link AbstractHttpConfigurer} for OAuth 2.0 Authorization Server support. * @@ -327,7 +325,7 @@ public final class OAuth2AuthorizationServerConfigurer requestMatchers.add(configurer.getRequestMatcher()); }); String jwkSetEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getJwkSetEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getJwkSetEndpoint()) : authorizationServerSettings.getJwkSetEndpoint(); requestMatchers.add(new AntPathRequestMatcher(jwkSetEndpointUri, HttpMethod.GET.name())); this.endpointsMatcher = new OrRequestMatcher(requestMatchers); @@ -357,7 +355,7 @@ public final class OAuth2AuthorizationServerConfigurer JWKSource jwkSource = OAuth2ConfigurerUtils.getJwkSource(httpSecurity); if (jwkSource != null) { String jwkSetEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getJwkSetEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getJwkSetEndpoint()) : authorizationServerSettings.getJwkSetEndpoint(); NimbusJwkSetEndpointFilter jwkSetEndpointFilter = new NimbusJwkSetEndpointFilter(jwkSource, jwkSetEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java index a3f79cfe..65ffdfc6 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientAuthenticationConfigurer.java @@ -53,8 +53,6 @@ import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for OAuth 2.0 Client Authentication. * @@ -184,16 +182,19 @@ public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Co AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String tokenEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getTokenEndpoint()) : authorizationServerSettings.getTokenEndpoint(); String tokenIntrospectionEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenIntrospectionEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getTokenIntrospectionEndpoint()) : authorizationServerSettings.getTokenIntrospectionEndpoint(); String tokenRevocationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenRevocationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getTokenRevocationEndpoint()) : authorizationServerSettings.getTokenRevocationEndpoint(); String deviceAuthorizationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getDeviceAuthorizationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getDeviceAuthorizationEndpoint()) : authorizationServerSettings.getDeviceAuthorizationEndpoint(); this.requestMatcher = new OrRequestMatcher(new AntPathRequestMatcher(tokenEndpointUri, HttpMethod.POST.name()), new AntPathRequestMatcher(tokenIntrospectionEndpointUri, HttpMethod.POST.name()), diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceAuthorizationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceAuthorizationEndpointConfigurer.java index 4d774fa7..9115ac40 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceAuthorizationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceAuthorizationEndpointConfigurer.java @@ -45,8 +45,6 @@ import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; import org.springframework.util.StringUtils; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for the OAuth 2.0 Device Authorization Endpoint. * @@ -201,7 +199,8 @@ public final class OAuth2DeviceAuthorizationEndpointConfigurer extends AbstractO AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(builder); String deviceAuthorizationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getDeviceAuthorizationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getDeviceAuthorizationEndpoint()) : authorizationServerSettings.getDeviceAuthorizationEndpoint(); this.requestMatcher = new AntPathRequestMatcher(deviceAuthorizationEndpointUri, HttpMethod.POST.name()); @@ -221,7 +220,8 @@ public final class OAuth2DeviceAuthorizationEndpointConfigurer extends AbstractO .getAuthorizationServerSettings(builder); String deviceAuthorizationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getDeviceAuthorizationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getDeviceAuthorizationEndpoint()) : authorizationServerSettings.getDeviceAuthorizationEndpoint(); OAuth2DeviceAuthorizationEndpointFilter deviceAuthorizationEndpointFilter = new OAuth2DeviceAuthorizationEndpointFilter( authenticationManager, deviceAuthorizationEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceVerificationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceVerificationEndpointConfigurer.java index 97f60c18..185f05c4 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceVerificationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2DeviceVerificationEndpointConfigurer.java @@ -50,8 +50,6 @@ import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; import org.springframework.util.StringUtils; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for the OAuth 2.0 Device Verification Endpoint. * @@ -236,7 +234,8 @@ public final class OAuth2DeviceVerificationEndpointConfigurer extends AbstractOA AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(builder); String deviceVerificationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getDeviceVerificationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getDeviceVerificationEndpoint()) : authorizationServerSettings.getDeviceVerificationEndpoint(); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher(deviceVerificationEndpointUri, HttpMethod.GET.name()), @@ -258,7 +257,8 @@ public final class OAuth2DeviceVerificationEndpointConfigurer extends AbstractOA .getAuthorizationServerSettings(builder); String deviceVerificationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getDeviceVerificationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getDeviceVerificationEndpoint()) : authorizationServerSettings.getDeviceVerificationEndpoint(); OAuth2DeviceVerificationEndpointFilter deviceVerificationEndpointFilter = new OAuth2DeviceVerificationEndpointFilter( authenticationManager, deviceVerificationEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java index b5f31dea..c8dd386b 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java @@ -56,8 +56,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for the OAuth 2.0 Token Endpoint. * @@ -189,7 +187,7 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String tokenEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getTokenEndpoint()) : authorizationServerSettings.getTokenEndpoint(); this.requestMatcher = new AntPathRequestMatcher(tokenEndpointUri, HttpMethod.POST.name()); @@ -209,7 +207,7 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure .getAuthorizationServerSettings(httpSecurity); String tokenEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getTokenEndpoint()) : authorizationServerSettings.getTokenEndpoint(); OAuth2TokenEndpointFilter tokenEndpointFilter = new OAuth2TokenEndpointFilter(authenticationManager, tokenEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java index 0a40b65d..808c55da 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenIntrospectionEndpointConfigurer.java @@ -43,8 +43,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for the OAuth 2.0 Token Introspection Endpoint. * @@ -184,7 +182,8 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String tokenIntrospectionEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenIntrospectionEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getTokenIntrospectionEndpoint()) : authorizationServerSettings.getTokenIntrospectionEndpoint(); this.requestMatcher = new AntPathRequestMatcher(tokenIntrospectionEndpointUri, HttpMethod.POST.name()); @@ -203,7 +202,8 @@ public final class OAuth2TokenIntrospectionEndpointConfigurer extends AbstractOA AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String tokenIntrospectionEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenIntrospectionEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getTokenIntrospectionEndpoint()) : authorizationServerSettings.getTokenIntrospectionEndpoint(); OAuth2TokenIntrospectionEndpointFilter introspectionEndpointFilter = new OAuth2TokenIntrospectionEndpointFilter( authenticationManager, tokenIntrospectionEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java index b37f1c8b..be9955cf 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenRevocationEndpointConfigurer.java @@ -42,8 +42,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for the OAuth 2.0 Token Revocation Endpoint. * @@ -183,7 +181,8 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String tokenRevocationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenRevocationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getTokenRevocationEndpoint()) : authorizationServerSettings.getTokenRevocationEndpoint(); this.requestMatcher = new AntPathRequestMatcher(tokenRevocationEndpointUri, HttpMethod.POST.name()); @@ -203,7 +202,8 @@ public final class OAuth2TokenRevocationEndpointConfigurer extends AbstractOAuth .getAuthorizationServerSettings(httpSecurity); String tokenRevocationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getTokenRevocationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getTokenRevocationEndpoint()) : authorizationServerSettings.getTokenRevocationEndpoint(); OAuth2TokenRevocationEndpointFilter revocationEndpointFilter = new OAuth2TokenRevocationEndpointFilter( authenticationManager, tokenRevocationEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java index 377a0fd9..c07ec431 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcClientRegistrationEndpointConfigurer.java @@ -46,8 +46,6 @@ import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for OpenID Connect 1.0 Dynamic Client Registration Endpoint. * @@ -194,7 +192,8 @@ public final class OidcClientRegistrationEndpointConfigurer extends AbstractOAut AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String clientRegistrationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getOidcClientRegistrationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getOidcClientRegistrationEndpoint()) : authorizationServerSettings.getOidcClientRegistrationEndpoint(); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher(clientRegistrationEndpointUri, HttpMethod.POST.name()), @@ -216,7 +215,8 @@ public final class OidcClientRegistrationEndpointConfigurer extends AbstractOAut .getAuthorizationServerSettings(httpSecurity); String clientRegistrationEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getOidcClientRegistrationEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getOidcClientRegistrationEndpoint()) : authorizationServerSettings.getOidcClientRegistrationEndpoint(); OidcClientRegistrationEndpointFilter oidcClientRegistrationEndpointFilter = new OidcClientRegistrationEndpointFilter( authenticationManager, clientRegistrationEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcLogoutEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcLogoutEndpointConfigurer.java index a9330529..c29fbc91 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcLogoutEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcLogoutEndpointConfigurer.java @@ -44,8 +44,6 @@ import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for OpenID Connect 1.0 RP-Initiated Logout Endpoint. * @@ -169,7 +167,7 @@ public final class OidcLogoutEndpointConfigurer extends AbstractOAuth2Configurer AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String logoutEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getOidcLogoutEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getOidcLogoutEndpoint()) : authorizationServerSettings.getOidcLogoutEndpoint(); this.requestMatcher = new OrRequestMatcher(new AntPathRequestMatcher(logoutEndpointUri, HttpMethod.GET.name()), new AntPathRequestMatcher(logoutEndpointUri, HttpMethod.POST.name())); @@ -190,7 +188,7 @@ public final class OidcLogoutEndpointConfigurer extends AbstractOAuth2Configurer .getAuthorizationServerSettings(httpSecurity); String logoutEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getOidcLogoutEndpoint()) + ? OAuth2ConfigurerUtils.withMultipleIssuersPattern(authorizationServerSettings.getOidcLogoutEndpoint()) : authorizationServerSettings.getOidcLogoutEndpoint(); OidcLogoutEndpointFilter oidcLogoutEndpointFilter = new OidcLogoutEndpointFilter(authenticationManager, logoutEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java index 31daa35f..02a020af 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OidcUserInfoEndpointConfigurer.java @@ -49,8 +49,6 @@ import org.springframework.security.web.util.matcher.OrRequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.util.Assert; -import static org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2ConfigurerUtils.withMultipleIssuersPattern; - /** * Configurer for OpenID Connect 1.0 UserInfo Endpoint. * @@ -212,7 +210,8 @@ public final class OidcUserInfoEndpointConfigurer extends AbstractOAuth2Configur AuthorizationServerSettings authorizationServerSettings = OAuth2ConfigurerUtils .getAuthorizationServerSettings(httpSecurity); String userInfoEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getOidcUserInfoEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getOidcUserInfoEndpoint()) : authorizationServerSettings.getOidcUserInfoEndpoint(); this.requestMatcher = new OrRequestMatcher( new AntPathRequestMatcher(userInfoEndpointUri, HttpMethod.GET.name()), @@ -234,7 +233,8 @@ public final class OidcUserInfoEndpointConfigurer extends AbstractOAuth2Configur .getAuthorizationServerSettings(httpSecurity); String userInfoEndpointUri = authorizationServerSettings.isMultipleIssuersAllowed() - ? withMultipleIssuersPattern(authorizationServerSettings.getOidcUserInfoEndpoint()) + ? OAuth2ConfigurerUtils + .withMultipleIssuersPattern(authorizationServerSettings.getOidcUserInfoEndpoint()) : authorizationServerSettings.getOidcUserInfoEndpoint(); OidcUserInfoEndpointFilter oidcUserInfoEndpointFilter = new OidcUserInfoEndpointFilter(authenticationManager, userInfoEndpointUri); diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandler.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandler.java index 4455c109..918be8fe 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandler.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2AccessTokenResponseAuthenticationSuccessHandler.java @@ -23,7 +23,6 @@ import java.util.function.Consumer; import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverter.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverter.java index 0938d574..dd68b7a4 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverter.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/X509ClientCertificateAuthenticationConverter.java @@ -66,7 +66,7 @@ public final class X509ClientCertificateAuthenticationConverter implements Authe Map additionalParameters = OAuth2EndpointUtils .getParametersIfMatchesAuthorizationCodeGrantRequest(request, OAuth2ParameterNames.CLIENT_ID); - ClientAuthenticationMethod clientAuthenticationMethod = clientCertificateChain.length == 1 + ClientAuthenticationMethod clientAuthenticationMethod = (clientCertificateChain.length == 1) ? ClientAuthenticationMethod.SELF_SIGNED_TLS_CLIENT_AUTH : ClientAuthenticationMethod.TLS_CLIENT_AUTH; return new OAuth2ClientAuthenticationToken(clientId, clientAuthenticationMethod, clientCertificateChain,