diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidator.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidator.java index e16cf7fef3..0dfe9e7db2 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidator.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidator.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,11 +25,11 @@ import org.springframework.util.Assert; /** * A composite validator * - * @param the type of {@link AbstractOAuth2Token} this validator validates + * @param the type of {@link OAuth2Token} this validator validates * @author Josh Cummings * @since 5.1 */ -public final class DelegatingOAuth2TokenValidator implements OAuth2TokenValidator { +public final class DelegatingOAuth2TokenValidator implements OAuth2TokenValidator { private final Collection> tokenValidators; diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2TokenValidator.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2TokenValidator.java index 25cb8f78a3..cf05444de3 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2TokenValidator.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2TokenValidator.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,7 +25,7 @@ package org.springframework.security.oauth2.core; * @since 5.1 */ @FunctionalInterface -public interface OAuth2TokenValidator { +public interface OAuth2TokenValidator { /** * Verify the validity and/or constraints of the provided OAuth 2.0 Token. diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidatorTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidatorTests.java index 82aa06722b..8b52650d6e 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidatorTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/DelegatingOAuth2TokenValidatorTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -40,20 +40,20 @@ public class DelegatingOAuth2TokenValidatorTests { @Test public void validateWhenNoValidatorsConfiguredThenReturnsSuccessfulResult() { - DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>(); - AbstractOAuth2Token token = mock(AbstractOAuth2Token.class); + DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>(); + OAuth2Token token = mock(OAuth2Token.class); assertThat(tokenValidator.validate(token).hasErrors()).isFalse(); } @Test public void validateWhenAnyValidatorFailsThenReturnsFailureResultContainingDetailFromFailingValidator() { - OAuth2TokenValidator success = mock(OAuth2TokenValidator.class); - OAuth2TokenValidator failure = mock(OAuth2TokenValidator.class); - given(success.validate(any(AbstractOAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); - given(failure.validate(any(AbstractOAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.failure(DETAIL)); - DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>( + OAuth2TokenValidator success = mock(OAuth2TokenValidator.class); + OAuth2TokenValidator failure = mock(OAuth2TokenValidator.class); + given(success.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); + given(failure.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.failure(DETAIL)); + DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>( Arrays.asList(success, failure)); - AbstractOAuth2Token token = mock(AbstractOAuth2Token.class); + OAuth2Token token = mock(OAuth2Token.class); OAuth2TokenValidatorResult result = tokenValidator.validate(token); assertThat(result.hasErrors()).isTrue(); assertThat(result.getErrors()).containsExactly(DETAIL); @@ -61,16 +61,15 @@ public class DelegatingOAuth2TokenValidatorTests { @Test public void validateWhenMultipleValidatorsFailThenReturnsFailureResultContainingAllDetails() { - OAuth2TokenValidator firstFailure = mock(OAuth2TokenValidator.class); - OAuth2TokenValidator secondFailure = mock(OAuth2TokenValidator.class); + OAuth2TokenValidator firstFailure = mock(OAuth2TokenValidator.class); + OAuth2TokenValidator secondFailure = mock(OAuth2TokenValidator.class); OAuth2Error otherDetail = new OAuth2Error("another-error"); - given(firstFailure.validate(any(AbstractOAuth2Token.class))) - .willReturn(OAuth2TokenValidatorResult.failure(DETAIL)); - given(secondFailure.validate(any(AbstractOAuth2Token.class))) + given(firstFailure.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.failure(DETAIL)); + given(secondFailure.validate(any(OAuth2Token.class))) .willReturn(OAuth2TokenValidatorResult.failure(otherDetail)); - DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>( - firstFailure, secondFailure); - AbstractOAuth2Token token = mock(AbstractOAuth2Token.class); + DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>(firstFailure, + secondFailure); + OAuth2Token token = mock(OAuth2Token.class); OAuth2TokenValidatorResult result = tokenValidator.validate(token); assertThat(result.hasErrors()).isTrue(); assertThat(result.getErrors()).containsExactly(DETAIL, otherDetail); @@ -78,13 +77,13 @@ public class DelegatingOAuth2TokenValidatorTests { @Test public void validateWhenAllValidatorsSucceedThenReturnsSuccessfulResult() { - OAuth2TokenValidator firstSuccess = mock(OAuth2TokenValidator.class); - OAuth2TokenValidator secondSuccess = mock(OAuth2TokenValidator.class); - given(firstSuccess.validate(any(AbstractOAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); - given(secondSuccess.validate(any(AbstractOAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); - DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>( + OAuth2TokenValidator firstSuccess = mock(OAuth2TokenValidator.class); + OAuth2TokenValidator secondSuccess = mock(OAuth2TokenValidator.class); + given(firstSuccess.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); + given(secondSuccess.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); + DelegatingOAuth2TokenValidator tokenValidator = new DelegatingOAuth2TokenValidator<>( Arrays.asList(firstSuccess, secondSuccess)); - AbstractOAuth2Token token = mock(AbstractOAuth2Token.class); + OAuth2Token token = mock(OAuth2Token.class); OAuth2TokenValidatorResult result = tokenValidator.validate(token); assertThat(result.hasErrors()).isFalse(); assertThat(result.getErrors()).isEmpty(); @@ -92,21 +91,21 @@ public class DelegatingOAuth2TokenValidatorTests { @Test public void constructorWhenInvokedWithNullValidatorListThenThrowsIllegalArgumentException() { - assertThatIllegalArgumentException().isThrownBy(() -> new DelegatingOAuth2TokenValidator<>( - (Collection>) null)); + assertThatIllegalArgumentException().isThrownBy( + () -> new DelegatingOAuth2TokenValidator<>((Collection>) null)); } @Test public void constructorsWhenInvokedWithSameInputsThenResultInSameOutputs() { - OAuth2TokenValidator firstSuccess = mock(OAuth2TokenValidator.class); - OAuth2TokenValidator secondSuccess = mock(OAuth2TokenValidator.class); - given(firstSuccess.validate(any(AbstractOAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); - given(secondSuccess.validate(any(AbstractOAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); - DelegatingOAuth2TokenValidator firstValidator = new DelegatingOAuth2TokenValidator<>( + OAuth2TokenValidator firstSuccess = mock(OAuth2TokenValidator.class); + OAuth2TokenValidator secondSuccess = mock(OAuth2TokenValidator.class); + given(firstSuccess.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); + given(secondSuccess.validate(any(OAuth2Token.class))).willReturn(OAuth2TokenValidatorResult.success()); + DelegatingOAuth2TokenValidator firstValidator = new DelegatingOAuth2TokenValidator<>( Arrays.asList(firstSuccess, secondSuccess)); - DelegatingOAuth2TokenValidator secondValidator = new DelegatingOAuth2TokenValidator<>( - firstSuccess, secondSuccess); - AbstractOAuth2Token token = mock(AbstractOAuth2Token.class); + DelegatingOAuth2TokenValidator secondValidator = new DelegatingOAuth2TokenValidator<>(firstSuccess, + secondSuccess); + OAuth2Token token = mock(OAuth2Token.class); firstValidator.validate(token); secondValidator.validate(token); verify(firstSuccess, times(2)).validate(token); diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/AbstractOAuth2TokenAuthenticationToken.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/AbstractOAuth2TokenAuthenticationToken.java index d221136802..27535c2172 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/AbstractOAuth2TokenAuthenticationToken.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/AbstractOAuth2TokenAuthenticationToken.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,8 +23,8 @@ import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.SpringSecurityCoreVersion; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.OAuth2AccessToken; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.util.Assert; @@ -45,7 +45,7 @@ import org.springframework.util.Assert; * @see 2.2 * Introspection Response */ -public abstract class AbstractOAuth2TokenAuthenticationToken +public abstract class AbstractOAuth2TokenAuthenticationToken extends AbstractAuthenticationToken { private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServerBearerExchangeFilterFunction.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServerBearerExchangeFilterFunction.java index 9d39a3a590..f7574bdaa1 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServerBearerExchangeFilterFunction.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServerBearerExchangeFilterFunction.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2019 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ import reactor.core.publisher.Mono; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.ReactiveSecurityContextHolder; import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.web.reactive.function.client.ClientRequest; import org.springframework.web.reactive.function.client.ClientResponse; import org.springframework.web.reactive.function.client.ExchangeFilterFunction; @@ -30,7 +30,7 @@ import org.springframework.web.reactive.function.client.ExchangeFunction; /** * An {@link ExchangeFilterFunction} that adds the * Bearer - * Token from an existing {@link AbstractOAuth2Token} tied to the current + * Token from an existing {@link OAuth2Token} tied to the current * {@link Authentication}. * * Suitable for Reactive applications, applying it to a typical @@ -60,12 +60,12 @@ public final class ServerBearerExchangeFilterFunction implements ExchangeFilterF // @formatter:on } - private Mono oauth2Token() { + private Mono oauth2Token() { // @formatter:off return currentAuthentication() - .filter((authentication) -> authentication.getCredentials() instanceof AbstractOAuth2Token) + .filter((authentication) -> authentication.getCredentials() instanceof OAuth2Token) .map(Authentication::getCredentials) - .cast(AbstractOAuth2Token.class); + .cast(OAuth2Token.class); // @formatter:on } @@ -76,7 +76,7 @@ public final class ServerBearerExchangeFilterFunction implements ExchangeFilterF // @formatter:on } - private ClientRequest bearer(ClientRequest request, AbstractOAuth2Token token) { + private ClientRequest bearer(ClientRequest request, OAuth2Token token) { // @formatter:off return ClientRequest.from(request) .headers((headers) -> headers.setBearerAuth(token.getTokenValue())) diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServletBearerExchangeFilterFunction.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServletBearerExchangeFilterFunction.java index 739e88c801..23ded0f70f 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServletBearerExchangeFilterFunction.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/reactive/function/client/ServletBearerExchangeFilterFunction.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2019 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import reactor.core.publisher.Mono; import reactor.util.context.Context; import org.springframework.security.core.Authentication; -import org.springframework.security.oauth2.core.AbstractOAuth2Token; +import org.springframework.security.oauth2.core.OAuth2Token; import org.springframework.web.reactive.function.client.ClientRequest; import org.springframework.web.reactive.function.client.ClientResponse; import org.springframework.web.reactive.function.client.ExchangeFilterFunction; @@ -31,7 +31,7 @@ import org.springframework.web.reactive.function.client.ExchangeFunction; /** * An {@link ExchangeFilterFunction} that adds the * Bearer - * Token from an existing {@link AbstractOAuth2Token} tied to the current + * Token from an existing {@link OAuth2Token} tied to the current * {@link Authentication}. * * Suitable for Servlet applications, applying it to a typical @@ -71,14 +71,14 @@ public final class ServletBearerExchangeFilterFunction implements ExchangeFilter // @formatter:on } - private Mono oauth2Token() { + private Mono oauth2Token() { // @formatter:off return Mono.deferContextual(Mono::just) .cast(Context.class) .flatMap(this::currentAuthentication) - .filter((authentication) -> authentication.getCredentials() instanceof AbstractOAuth2Token) + .filter((authentication) -> authentication.getCredentials() instanceof OAuth2Token) .map(Authentication::getCredentials) - .cast(AbstractOAuth2Token.class); + .cast(OAuth2Token.class); // @formatter:on } @@ -96,7 +96,7 @@ public final class ServletBearerExchangeFilterFunction implements ExchangeFilter return attributes.get(clazz); } - private ClientRequest bearer(ClientRequest request, AbstractOAuth2Token token) { + private ClientRequest bearer(ClientRequest request, OAuth2Token token) { // @formatter:off return ClientRequest.from(request) .headers((headers) -> headers.setBearerAuth(token.getTokenValue()))