From 673a2adf2639e1868aacef5b4f9c8d0449f4fe7f Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Mon, 7 Jan 2019 14:35:41 -0500
Subject: [PATCH] Polish oauth2 client ExchangeFilterFunction's

Fixes gh-6355
---
 ...uthorizedClientExchangeFilterFunction.java | 11 +++++-----
 ...uthorizedClientExchangeFilterFunction.java | 22 +++++++++----------
 2 files changed, 16 insertions(+), 17 deletions(-)

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
index 548c918014..83a6f777f0 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
@@ -253,9 +253,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 		if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
 			return createRequest(request)
 					.flatMap(r -> authorizeWithClientCredentials(clientRegistration, r));
-		} else if (shouldRefresh(authorizedClient)) {
+		} else if (shouldRefreshToken(authorizedClient)) {
 			return createRequest(request)
-				.flatMap(r -> refreshAuthorizedClient(next, authorizedClient, r));
+				.flatMap(r -> authorizeWithRefreshToken(next, authorizedClient, r));
 		}
 		return Mono.just(authorizedClient);
 	}
@@ -273,8 +273,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 						.thenReturn(result));
 	}
 
-	private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ExchangeFunction next,
-			OAuth2AuthorizedClient authorizedClient, OAuth2AuthorizedClientResolver.Request r) {
+	private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ExchangeFunction next,
+																	OAuth2AuthorizedClient authorizedClient,
+																	OAuth2AuthorizedClientResolver.Request r) {
 		ServerWebExchange exchange = r.getExchange();
 		Authentication authentication = r.getAuthentication();
 		ClientRegistration clientRegistration = authorizedClient
@@ -293,7 +294,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 						.thenReturn(result));
 	}
 
-	private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) {
+	private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
 		if (this.authorizedClientRepository == null) {
 			return false;
 		}
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
index 40b244fecf..94ca3decd9 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
@@ -333,7 +333,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
 			throw new IllegalArgumentException("Could not find ClientRegistration with id " + clientRegistrationId);
 		}
 		if (isClientCredentialsGrantType(clientRegistration)) {
-			return getAuthorizedClient(clientRegistration, attrs);
+			return authorizeWithClientCredentials(clientRegistration, attrs);
 		}
 		throw new ClientAuthorizationRequiredException(clientRegistrationId);
 	}
@@ -342,10 +342,8 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
 		return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType());
 	}
 
-
-	private OAuth2AuthorizedClient getAuthorizedClient(ClientRegistration clientRegistration,
-			Map<String, Object> attrs) {
-
+	private OAuth2AuthorizedClient authorizeWithClientCredentials(
+			ClientRegistration clientRegistration, Map<String, Object> attrs) {
 		HttpServletRequest request = getRequest(attrs);
 		HttpServletResponse response = getResponse(attrs);
 		OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest =
@@ -372,16 +370,16 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
 	private Mono<OAuth2AuthorizedClient> authorizedClient(ClientRequest request, ExchangeFunction next, OAuth2AuthorizedClient authorizedClient) {
 		ClientRegistration clientRegistration = authorizedClient.getClientRegistration();
 		if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
-			//Client credentials grant do not have refresh tokens but can expire so we need to get another one
-			return Mono.fromSupplier(() -> getAuthorizedClient(clientRegistration, request.attributes()));
-		} else if (shouldRefresh(authorizedClient)) {
-			return refreshAuthorizedClient(request, next, authorizedClient);
+			// Client credentials grant do not have refresh tokens but can expire so we need to get another one
+			return Mono.fromSupplier(() -> authorizeWithClientCredentials(clientRegistration, request.attributes()));
+		} else if (shouldRefreshToken(authorizedClient)) {
+			return authorizeWithRefreshToken(request, next, authorizedClient);
 		}
 		return Mono.just(authorizedClient);
 	}
 
-	private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ClientRequest request, ExchangeFunction next,
-			OAuth2AuthorizedClient authorizedClient) {
+	private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ClientRequest request, ExchangeFunction next,
+																	OAuth2AuthorizedClient authorizedClient) {
 		ClientRegistration clientRegistration = authorizedClient
 				.getClientRegistration();
 		String tokenUri = clientRegistration
@@ -407,7 +405,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
 				.publishOn(Schedulers.elastic());
 	}
 
-	private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) {
+	private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
 		if (this.authorizedClientRepository == null) {
 			return false;
 		}