GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Ensure that ClientSettings cannot be null 

This ensures that ClientRegistration.Builder.ClientSettings cannot be null.
This has a slight advantage in terms of null safety to making this check
happen in the build method since the Builder does not have a null field
either.

Issue gh-16382
pull/16443/head
Rob Winch 11 months ago
parent
0ed7b18f42
commit
2665a92107
No known key found for this signature in database
2 changed files with 26 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
  2. 23
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java

6
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
Unescape View File

@ -378,7 +378,7 @@ public final class ClientRegistration implements Serializable {
private String clientName; private String clientName;
private ClientSettings clientSettings; private ClientSettings clientSettings = ClientSettings.builder().build();
private Builder(String registrationId) { private Builder(String registrationId) {
this.registrationId = registrationId; this.registrationId = registrationId;
@ -614,6 +614,7 @@ public final class ClientRegistration implements Serializable {
* @return the {@link Builder} * @return the {@link Builder}
*/ */
public Builder clientSettings(ClientSettings clientSettings) { public Builder clientSettings(ClientSettings clientSettings) {
Assert.notNull(clientSettings, "clientSettings cannot be null");
this.clientSettings = clientSettings; this.clientSettings = clientSettings;
return this; return this;
} }
@ -651,8 +652,7 @@ public final class ClientRegistration implements Serializable {
clientRegistration.providerDetails = createProviderDetails(clientRegistration); clientRegistration.providerDetails = createProviderDetails(clientRegistration);
clientRegistration.clientName = StringUtils.hasText(this.clientName) ? this.clientName clientRegistration.clientName = StringUtils.hasText(this.clientName) ? this.clientName
: this.registrationId; : this.registrationId;
clientRegistration.clientSettings = (this.clientSettings == null) ? ClientSettings.builder().build() clientRegistration.clientSettings = this.clientSettings;
: this.clientSettings;
return clientRegistration; return clientRegistration;
} }

23
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java
Unescape View File

@ -753,4 +753,27 @@ public class ClientRegistrationTests {
assertThat(clientRegistration.getClientAuthenticationMethod()).isEqualTo(clientAuthenticationMethod); assertThat(clientRegistration.getClientAuthenticationMethod()).isEqualTo(clientAuthenticationMethod);
} }
@Test
void clientSettingsWhenNullThenThrowIllegalArgumentException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> ClientRegistration.withRegistrationId(REGISTRATION_ID).clientSettings(null));
}
// gh-16382
@Test
void buildWhenDefaultClientSettingsThenDefaulted() {
ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(REGISTRATION_ID)
.clientId(CLIENT_ID)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUri(REDIRECT_URI)
.authorizationUri(AUTHORIZATION_URI)
.tokenUri(TOKEN_URI)
.build();
// should not be null
assertThat(clientRegistration.getClientSettings()).isNotNull();
// proof key should be false for passivity
assertThat(clientRegistration.getClientSettings().isRequireProofKey()).isFalse();
}
} }

Write Preview
Loading…
Cancel
Save