GitHub-Spring
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '3.0.x' 

Closes gh-35789
pull/35818/head
Andy Wilkinson 3 years ago
parent
a38d5d0fe0 fba0aa805f
commit
b9f7df6cc2
2 changed files with 14 additions and 18 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java
  2. 16
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java

16
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java
Unescape View File

@ -24,7 +24,6 @@ import java.util.Base64; @@ -24,7 +24,6 @@ import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.function.Supplier;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@ -85,8 +84,8 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { @@ -85,8 +84,8 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
NimbusReactiveJwtDecoder nimbusReactiveJwtDecoder = builder.build();
String issuerUri = this.properties.getIssuerUri();
Supplier<OAuth2TokenValidator<Jwt>> defaultValidator = (issuerUri != null)
? () -> JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators::createDefault;
OAuth2TokenValidator<Jwt> defaultValidator = (issuerUri != null)
? JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators.createDefault();
nimbusReactiveJwtDecoder.setJwtValidator(getValidators(defaultValidator));
return nimbusReactiveJwtDecoder;
}
@ -97,14 +96,13 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { @@ -97,14 +96,13 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
}
}
private OAuth2TokenValidator<Jwt> getValidators(Supplier<OAuth2TokenValidator<Jwt>> defaultValidator) {
OAuth2TokenValidator<Jwt> defaultValidators = defaultValidator.get();
private OAuth2TokenValidator<Jwt> getValidators(OAuth2TokenValidator<Jwt> defaultValidator) {
List<String> audiences = this.properties.getAudiences();
if (CollectionUtils.isEmpty(audiences)) {
return defaultValidators;
return defaultValidator;
}
List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
validators.add(defaultValidators);
validators.add(defaultValidator);
validators.add(new JwtClaimValidator<List<String>>(JwtClaimNames.AUD,
(aud) -> aud != null && !Collections.disjoint(aud, audiences)));
return new DelegatingOAuth2TokenValidator<>(validators);
@ -118,7 +116,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { @@ -118,7 +116,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withPublicKey(publicKey)
.signatureAlgorithm(SignatureAlgorithm.from(exactlyOneAlgorithm()))
.build();
jwtDecoder.setJwtValidator(getValidators(JwtValidators::createDefault));
jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefault()));
return jwtDecoder;
}
@ -148,7 +146,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { @@ -148,7 +146,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
NimbusReactiveJwtDecoder jwtDecoder = builder.build();
jwtDecoder.setJwtValidator(
getValidators(() -> JwtValidators.createDefaultWithIssuer(this.properties.getIssuerUri())));
getValidators(JwtValidators.createDefaultWithIssuer(this.properties.getIssuerUri())));
return jwtDecoder;
});
}

16
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java
Unescape View File

@ -24,7 +24,6 @@ import java.util.Base64; @@ -24,7 +24,6 @@ import java.util.Base64;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.function.Supplier;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@ -85,8 +84,8 @@ class OAuth2ResourceServerJwtConfiguration { @@ -85,8 +84,8 @@ class OAuth2ResourceServerJwtConfiguration {
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
NimbusJwtDecoder nimbusJwtDecoder = builder.build();
String issuerUri = this.properties.getIssuerUri();
Supplier<OAuth2TokenValidator<Jwt>> defaultValidator = (issuerUri != null)
? () -> JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators::createDefault;
OAuth2TokenValidator<Jwt> defaultValidator = (issuerUri != null)
? JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators.createDefault();
nimbusJwtDecoder.setJwtValidator(getValidators(defaultValidator));
return nimbusJwtDecoder;
}
@ -97,14 +96,13 @@ class OAuth2ResourceServerJwtConfiguration { @@ -97,14 +96,13 @@ class OAuth2ResourceServerJwtConfiguration {
}
}
private OAuth2TokenValidator<Jwt> getValidators(Supplier<OAuth2TokenValidator<Jwt>> defaultValidator) {
OAuth2TokenValidator<Jwt> defaultValidators = defaultValidator.get();
private OAuth2TokenValidator<Jwt> getValidators(OAuth2TokenValidator<Jwt> defaultValidator) {
List<String> audiences = this.properties.getAudiences();
if (CollectionUtils.isEmpty(audiences)) {
return defaultValidators;
return defaultValidator;
}
List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
validators.add(defaultValidators);
validators.add(defaultValidator);
validators.add(new JwtClaimValidator<List<String>>(JwtClaimNames.AUD,
(aud) -> aud != null && !Collections.disjoint(aud, audiences)));
return new DelegatingOAuth2TokenValidator<>(validators);
@ -118,7 +116,7 @@ class OAuth2ResourceServerJwtConfiguration { @@ -118,7 +116,7 @@ class OAuth2ResourceServerJwtConfiguration {
NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withPublicKey(publicKey)
.signatureAlgorithm(SignatureAlgorithm.from(exactlyOneAlgorithm()))
.build();
jwtDecoder.setJwtValidator(getValidators(JwtValidators::createDefault));
jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefault()));
return jwtDecoder;
}
@ -146,7 +144,7 @@ class OAuth2ResourceServerJwtConfiguration { @@ -146,7 +144,7 @@ class OAuth2ResourceServerJwtConfiguration {
JwkSetUriJwtDecoderBuilder builder = NimbusJwtDecoder.withIssuerLocation(issuerUri);
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
NimbusJwtDecoder jwtDecoder = builder.build();
jwtDecoder.setJwtValidator(getValidators(() -> JwtValidators.createDefaultWithIssuer(issuerUri)));
jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefaultWithIssuer(issuerUri)));
return jwtDecoder;
});
}

Write Preview
Loading…
Cancel
Save