GitHub-Spring
/
spring-authorization-server
mirror of https://github.com/spring-projects/spring-authorization-server.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish gh-1997

pull/2032/head
Joe Grandja 7 months ago
parent
ce528eed9b
commit
fe4b5ada8c
2 changed files with 15 additions and 7 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java
  2. 17
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProviderTests.java

5
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java
Unescape View File

@ -22,6 +22,7 @@ import java.util.Set; @@ -22,6 +22,7 @@ import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.log.LogMessage;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
@ -114,6 +115,10 @@ public final class OAuth2DeviceVerificationAuthenticationProvider implements Aut @@ -114,6 +115,10 @@ public final class OAuth2DeviceVerificationAuthenticationProvider implements Aut
if (!userCode.isInvalidated()) {
authorization = OAuth2AuthenticationProviderUtils.invalidate(authorization, userCode.getToken());
this.authorizationService.save(authorization);
if (this.logger.isWarnEnabled()) {
this.logger.warn(LogMessage.format("Invalidated user code used by registered client '%s'",
authorization.getRegisteredClientId()));
}
}
throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_GRANT);
}

17
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProviderTests.java
Unescape View File

@ -56,6 +56,7 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType; @@ -56,6 +56,7 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
@ -147,7 +148,7 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests { @@ -147,7 +148,7 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests {
}
@Test
public void authenticateWhenUserCodeIsInvalidedThenThrowOAuth2AuthenticationException() {
public void authenticateWhenUserCodeIsInvalidatedThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
// @formatter:off
OAuth2Authorization authorization = TestOAuth2Authorizations
@ -157,7 +158,9 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests { @@ -157,7 +158,9 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests {
.attribute(OAuth2ParameterNames.SCOPE, registeredClient.getScopes())
.build();
// @formatter:on
given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
given(this.authorizationService.findByToken(eq(USER_CODE),
eq(OAuth2DeviceVerificationAuthenticationProvider.USER_CODE_TOKEN_TYPE)))
.willReturn(authorization);
Authentication authentication = createAuthentication();
// @formatter:off
assertThatExceptionOfType(OAuth2AuthenticationException.class)
@ -174,7 +177,7 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests { @@ -174,7 +177,7 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests {
}
@Test
public void authenticateWhenUserCodeIsExpiredButNotInvalidatedThenInvalidateUserCodeAndThrowOAuth2AuthenticationException() {
public void authenticateWhenUserCodeIsExpiredAndNotInvalidatedThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
// @formatter:off
OAuth2Authorization authorization = TestOAuth2Authorizations
@ -185,7 +188,9 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests { @@ -185,7 +188,9 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests {
.attribute(OAuth2ParameterNames.SCOPE, registeredClient.getScopes())
.build();
// @formatter:on
given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
given(this.authorizationService.findByToken(eq(USER_CODE),
eq(OAuth2DeviceVerificationAuthenticationProvider.USER_CODE_TOKEN_TYPE)))
.willReturn(authorization);
Authentication authentication = createAuthentication();
// @formatter:off
assertThatExceptionOfType(OAuth2AuthenticationException.class)
@ -203,9 +208,7 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests { @@ -203,9 +208,7 @@ public class OAuth2DeviceVerificationAuthenticationProviderTests {
verifyNoInteractions(this.registeredClientRepository, this.authorizationConsentService);
OAuth2Authorization updatedAuthorization = authorizationCaptor.getValue();
assertThat(updatedAuthorization.getToken(OAuth2UserCode.class))
.extracting(isInvalidated())
.isEqualTo(true);
assertThat(updatedAuthorization.getToken(OAuth2UserCode.class)).extracting(isInvalidated()).isEqualTo(true);
}
@Test

Write Preview
Loading…
Cancel
Save