GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update Deprecated Spring Web Usage

pull/16986/head
Josh Cummings 8 months ago
parent
216680bb50
commit
834370d8eb
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
7 changed files with 22 additions and 20 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutHandler.java
  2. 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/web/logout/OidcClientInitiatedLogoutSuccessHandler.java
  3. 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
  4. 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
  5. 15
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
  6. 15
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
  7. 4
      saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/RelyingPartyRegistrationPlaceholderResolvers.java

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutHandler.java
Unescape View File

@ -127,7 +127,7 @@ public final class OidcBackChannelLogoutHandler implements LogoutHandler {
String computeLogoutEndpoint(HttpServletRequest request, OidcBackChannelLogoutAuthentication token) { String computeLogoutEndpoint(HttpServletRequest request, OidcBackChannelLogoutAuthentication token) {
// @formatter:off // @formatter:off
UriComponents uriComponents = UriComponentsBuilder UriComponents uriComponents = UriComponentsBuilder
.fromHttpUrl(UrlUtils.buildFullRequestUrl(request)) .fromUriString(UrlUtils.buildFullRequestUrl(request))
.replacePath(request.getContextPath()) .replacePath(request.getContextPath())
.replaceQuery(null) .replaceQuery(null)
.fragment(null) .fragment(null)

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/web/logout/OidcClientInitiatedLogoutSuccessHandler.java
Unescape View File

@ -95,7 +95,7 @@ public class OidcClientInitiatedLogoutSuccessHandler extends SimpleUrlLogoutSucc
} }
// @formatter:off // @formatter:off
UriComponents uriComponents = UriComponentsBuilder UriComponents uriComponents = UriComponentsBuilder
.fromHttpUrl(UrlUtils.buildFullRequestUrl(request)) .fromUriString(UrlUtils.buildFullRequestUrl(request))
.replacePath(request.getContextPath()) .replacePath(request.getContextPath())
.replaceQuery(null) .replaceQuery(null)
.fragment(null) .fragment(null)

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
Unescape View File

@ -226,7 +226,7 @@ public final class DefaultOAuth2AuthorizationRequestResolver implements OAuth2Au
Map<String, String> uriVariables = new HashMap<>(); Map<String, String> uriVariables = new HashMap<>();
uriVariables.put("registrationId", clientRegistration.getRegistrationId()); uriVariables.put("registrationId", clientRegistration.getRegistrationId());
// @formatter:off // @formatter:off
UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(UrlUtils.buildFullRequestUrl(request)) UriComponents uriComponents = UriComponentsBuilder.fromUriString(UrlUtils.buildFullRequestUrl(request))
.replacePath(request.getContextPath()) .replacePath(request.getContextPath())
.replaceQuery(null) .replaceQuery(null)
.fragment(null) .fragment(null)

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
Unescape View File

@ -184,7 +184,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
} }
// @formatter:off // @formatter:off
String redirectUri = UriComponentsBuilder.fromHttpUrl(UrlUtils.buildFullRequestUrl(request)) String redirectUri = UriComponentsBuilder.fromUriString(UrlUtils.buildFullRequestUrl(request))
.replaceQuery(null) .replaceQuery(null)
.build() .build()
.toUriString(); .toUriString();

15
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
Unescape View File

@ -29,6 +29,7 @@ import reactor.core.publisher.Mono;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.HttpStatusCode;
import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.AuthorityUtils;
@ -469,7 +470,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
* A map of HTTP Status Code to OAuth 2.0 Error codes for HTTP status codes that * A map of HTTP Status Code to OAuth 2.0 Error codes for HTTP status codes that
* should be interpreted as authentication or authorization failures. * should be interpreted as authentication or authorization failures.
*/ */
private final Map<Integer, String> httpStatusToOAuth2ErrorCodeMap; private final Map<HttpStatusCode, String> httpStatusToOAuth2ErrorCodeMap;
/** /**
* The {@link ReactiveOAuth2AuthorizationFailureHandler} to notify when an * The {@link ReactiveOAuth2AuthorizationFailureHandler} to notify when an
@ -480,9 +481,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
private AuthorizationFailureForwarder(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) { private AuthorizationFailureForwarder(ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null"); Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null");
this.authorizationFailureHandler = authorizationFailureHandler; this.authorizationFailureHandler = authorizationFailureHandler;
Map<Integer, String> httpStatusToOAuth2Error = new HashMap<>(); Map<HttpStatusCode, String> httpStatusToOAuth2Error = new HashMap<>();
httpStatusToOAuth2Error.put(HttpStatus.UNAUTHORIZED.value(), OAuth2ErrorCodes.INVALID_TOKEN); httpStatusToOAuth2Error.put(HttpStatus.UNAUTHORIZED, OAuth2ErrorCodes.INVALID_TOKEN);
httpStatusToOAuth2Error.put(HttpStatus.FORBIDDEN.value(), OAuth2ErrorCodes.INSUFFICIENT_SCOPE); httpStatusToOAuth2Error.put(HttpStatus.FORBIDDEN, OAuth2ErrorCodes.INSUFFICIENT_SCOPE);
this.httpStatusToOAuth2ErrorCodeMap = Collections.unmodifiableMap(httpStatusToOAuth2Error); this.httpStatusToOAuth2ErrorCodeMap = Collections.unmodifiableMap(httpStatusToOAuth2Error);
} }
@ -525,10 +526,10 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
authParameters.get(OAuth2ParameterNames.ERROR_URI)); authParameters.get(OAuth2ParameterNames.ERROR_URI));
} }
} }
return resolveErrorIfPossible(response.statusCode().value()); return resolveErrorIfPossible(response.statusCode());
} }
private OAuth2Error resolveErrorIfPossible(int statusCode) { private OAuth2Error resolveErrorIfPossible(HttpStatusCode statusCode) {
if (this.httpStatusToOAuth2ErrorCodeMap.containsKey(statusCode)) { if (this.httpStatusToOAuth2ErrorCodeMap.containsKey(statusCode)) {
return new OAuth2Error(this.httpStatusToOAuth2ErrorCodeMap.get(statusCode), null, return new OAuth2Error(this.httpStatusToOAuth2ErrorCodeMap.get(statusCode), null,
"https://tools.ietf.org/html/rfc6750#section-3.1"); "https://tools.ietf.org/html/rfc6750#section-3.1");
@ -563,7 +564,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
*/ */
private Mono<Void> handleWebClientResponseException(ClientRequest request, private Mono<Void> handleWebClientResponseException(ClientRequest request,
WebClientResponseException exception) { WebClientResponseException exception) {
return Mono.justOrEmpty(resolveErrorIfPossible(exception.getRawStatusCode())).flatMap((oauth2Error) -> { return Mono.justOrEmpty(resolveErrorIfPossible(exception.getStatusCode())).flatMap((oauth2Error) -> {
Mono<Optional<ServerWebExchange>> serverWebExchange = effectiveServerWebExchange(request); Mono<Optional<ServerWebExchange>> serverWebExchange = effectiveServerWebExchange(request);
Mono<String> clientRegistrationId = effectiveClientRegistrationId(request); Mono<String> clientRegistrationId = effectiveClientRegistrationId(request);
return Mono return Mono

15
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
Unescape View File

@ -32,6 +32,7 @@ import reactor.util.context.Context;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.HttpStatusCode;
import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.AnonymousAuthenticationToken; import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
@ -585,7 +586,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
* A map of HTTP status code to OAuth 2.0 error code for HTTP status codes that * A map of HTTP status code to OAuth 2.0 error code for HTTP status codes that
* should be interpreted as authentication or authorization failures. * should be interpreted as authentication or authorization failures.
*/ */
private final Map<Integer, String> httpStatusToOAuth2ErrorCodeMap; private final Map<HttpStatusCode, String> httpStatusToOAuth2ErrorCodeMap;
/** /**
* The {@link OAuth2AuthorizationFailureHandler} to notify when an * The {@link OAuth2AuthorizationFailureHandler} to notify when an
@ -596,9 +597,9 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
private AuthorizationFailureForwarder(OAuth2AuthorizationFailureHandler authorizationFailureHandler) { private AuthorizationFailureForwarder(OAuth2AuthorizationFailureHandler authorizationFailureHandler) {
Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null"); Assert.notNull(authorizationFailureHandler, "authorizationFailureHandler cannot be null");
this.authorizationFailureHandler = authorizationFailureHandler; this.authorizationFailureHandler = authorizationFailureHandler;
Map<Integer, String> httpStatusToOAuth2Error = new HashMap<>(); Map<HttpStatusCode, String> httpStatusToOAuth2Error = new HashMap<>();
httpStatusToOAuth2Error.put(HttpStatus.UNAUTHORIZED.value(), OAuth2ErrorCodes.INVALID_TOKEN); httpStatusToOAuth2Error.put(HttpStatus.UNAUTHORIZED, OAuth2ErrorCodes.INVALID_TOKEN);
httpStatusToOAuth2Error.put(HttpStatus.FORBIDDEN.value(), OAuth2ErrorCodes.INSUFFICIENT_SCOPE); httpStatusToOAuth2Error.put(HttpStatus.FORBIDDEN, OAuth2ErrorCodes.INSUFFICIENT_SCOPE);
this.httpStatusToOAuth2ErrorCodeMap = Collections.unmodifiableMap(httpStatusToOAuth2Error); this.httpStatusToOAuth2ErrorCodeMap = Collections.unmodifiableMap(httpStatusToOAuth2Error);
} }
@ -641,10 +642,10 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
authParameters.get(OAuth2ParameterNames.ERROR_URI)); authParameters.get(OAuth2ParameterNames.ERROR_URI));
} }
} }
return resolveErrorIfPossible(response.statusCode().value()); return resolveErrorIfPossible(response.statusCode());
} }
private OAuth2Error resolveErrorIfPossible(int statusCode) { private OAuth2Error resolveErrorIfPossible(HttpStatusCode statusCode) {
if (this.httpStatusToOAuth2ErrorCodeMap.containsKey(statusCode)) { if (this.httpStatusToOAuth2ErrorCodeMap.containsKey(statusCode)) {
return new OAuth2Error(this.httpStatusToOAuth2ErrorCodeMap.get(statusCode), null, return new OAuth2Error(this.httpStatusToOAuth2ErrorCodeMap.get(statusCode), null,
"https://tools.ietf.org/html/rfc6750#section-3.1"); "https://tools.ietf.org/html/rfc6750#section-3.1");
@ -678,7 +679,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
*/ */
private Mono<Void> handleWebClientResponseException(ClientRequest request, private Mono<Void> handleWebClientResponseException(ClientRequest request,
WebClientResponseException exception) { WebClientResponseException exception) {
return Mono.justOrEmpty(resolveErrorIfPossible(exception.getRawStatusCode())).flatMap((oauth2Error) -> { return Mono.justOrEmpty(resolveErrorIfPossible(exception.getStatusCode())).flatMap((oauth2Error) -> {
Map<String, Object> attrs = request.attributes(); Map<String, Object> attrs = request.attributes();
OAuth2AuthorizedClient authorizedClient = getOAuth2AuthorizedClient(attrs); OAuth2AuthorizedClient authorizedClient = getOAuth2AuthorizedClient(attrs);
if (authorizedClient == null) { if (authorizedClient == null) {

4
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/RelyingPartyRegistrationPlaceholderResolvers.java
Unescape View File

@ -82,7 +82,7 @@ public final class RelyingPartyRegistrationPlaceholderResolvers {
private static Map<String, String> uriVariables(HttpServletRequest request) { private static Map<String, String> uriVariables(HttpServletRequest request) {
String baseUrl = getApplicationUri(request); String baseUrl = getApplicationUri(request);
Map<String, String> uriVariables = new HashMap<>(); Map<String, String> uriVariables = new HashMap<>();
UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(baseUrl) UriComponents uriComponents = UriComponentsBuilder.fromUriString(baseUrl)
.replaceQuery(null) .replaceQuery(null)
.fragment(null) .fragment(null)
.build(); .build();
@ -103,7 +103,7 @@ public final class RelyingPartyRegistrationPlaceholderResolvers {
} }
private static String getApplicationUri(HttpServletRequest request) { private static String getApplicationUri(HttpServletRequest request) {
UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(UrlUtils.buildFullRequestUrl(request)) UriComponents uriComponents = UriComponentsBuilder.fromUriString(UrlUtils.buildFullRequestUrl(request))
.replacePath(request.getContextPath()) .replacePath(request.getContextPath())
.replaceQuery(null) .replaceQuery(null)
.fragment(null) .fragment(null)

Write Preview
Loading…
Cancel
Save