Add extensible ClientSettings to ClientRegistration

Signed-off-by: Pranav Manglik <pranav@undreamt.in>
6 days ago · 8a68648de5
2 changed files with 93 additions and 12 deletions
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
@ -755,14 +755,31 @@ public final class ClientRegistration implements Serializable {
				@@ -755,14 +755,31 @@ public final class ClientRegistration implements Serializable {
 		@Serial
 		private static final long serialVersionUID = 7495627155437124692L;

-		private boolean requireProofKey;
-
-		private ClientSettings() {
+		private final Map<String, Object> settings;

+		private ClientSettings(Map<String, Object> settings) {
+			this.settings = Collections.unmodifiableMap(new LinkedHashMap<>(settings));
 		}

 		public boolean isRequireProofKey() {
-			return this.requireProofKey;
+			return getSetting("settings.client.require-proof-key", true);
+		}
+
+		@SuppressWarnings("unchecked")
+		public <T> @Nullable T getSetting(String name) {
+			Assert.hasText(name, "name cannot be empty");
+			return (T) this.settings.get(name);
+		}
+
+		@SuppressWarnings("unchecked")
+		public <T> T getSetting(String name, T defaultValue) {
+			Assert.hasText(name, "name cannot be empty");
+			T value = (T) this.settings.get(name);
+			return (value != null) ? value : defaultValue;
+		}
+
+		public Map<String, Object> getSettings() {
+			return this.settings;
 		}

 		@Override
@ -773,17 +790,17 @@ public final class ClientRegistration implements Serializable {
				@@ -773,17 +790,17 @@ public final class ClientRegistration implements Serializable {
 			if (!(o instanceof ClientSettings that)) {
 				return false;
 			}
-			return this.requireProofKey == that.requireProofKey;
+			return Objects.equals(this.settings, that.settings);
 		}

 		@Override
 		public int hashCode() {
-			return Objects.hashCode(this.requireProofKey);
+			return Objects.hashCode(this.settings);
 		}

 		@Override
 		public String toString() {
-			return "ClientSettings{" + "requireProofKey=" + this.requireProofKey + '}';
+			return "ClientSettings{" + "settings=" + this.settings + '}';
 		}

 		public static Builder builder() {
@ -792,9 +809,10 @@ public final class ClientRegistration implements Serializable {
				@@ -792,9 +809,10 @@ public final class ClientRegistration implements Serializable {

 		public static final class Builder {

-			private boolean requireProofKey = true;
+			private final Map<String, Object> settings = new LinkedHashMap<>();

 			private Builder() {
+				this.settings.put("settings.client.require-proof-key", true);
 			}

 			/**
@ -805,14 +823,35 @@ public final class ClientRegistration implements Serializable {
				@@ -805,14 +823,35 @@ public final class ClientRegistration implements Serializable {
 			 * @return the {@link Builder} for further configuration
 			 */
 			public Builder requireProofKey(boolean requireProofKey) {
-				this.requireProofKey = requireProofKey;
+				return setting("settings.client.require-proof-key", requireProofKey);
+			}
+
+			/**
+			 * Sets a configuration setting.
+			 * @param name the name of the setting
+			 * @param value the value of the setting
+			 * @return the {@link Builder} for further configuration
+			 */
+			public Builder setting(String name, Object value) {
+				Assert.hasText(name, "name cannot be empty");
+				Assert.notNull(value, "value cannot be null");
+				this.settings.put(name, value);
+				return this;
+			}
+
+			/**
+			 * Sets the configuration settings.
+			 * @param settings the configuration settings
+			 * @return the {@link Builder} for further configuration
+			 */
+			public Builder settings(Map<String, Object> settings) {
+				Assert.notNull(settings, "settings cannot be null");
+				this.settings.putAll(settings);
 				return this;
 			}

 			public ClientSettings build() {
-				ClientSettings clientSettings = new ClientSettings();
-				clientSettings.requireProofKey = this.requireProofKey;
-				return clientSettings;
+				return new ClientSettings(this.settings);
 			}

 		}
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java
@ -751,4 +751,46 @@ public class ClientRegistrationTests {
				@@ -751,4 +751,46 @@ public class ClientRegistrationTests {
 		}
 	}

+	@Test
+	void buildWhenScopesHaveInvalidCharactersThenThrowException() {
+		assertThatIllegalArgumentException().isThrownBy(() ->
+		// @formatter:off
+			ClientRegistration.withRegistrationId("test")
+					.clientId("client")
+					.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
+					.redirectUri("{baseUrl}/login/oauth2/code/{registrationId}")
+					.authorizationUri("https://provider.com/auth")
+					.tokenUri("https://provider.com/token")
+					.scope("read", "invalid scope ^") // space is 0x20, which is outside the valid range
+					.build()
+		// @formatter:on
+		);
+	}
+
+	@Test
+	void buildWhenClientCredentialsMissingTokenUriThenThrowException() {
+		assertThatIllegalArgumentException().isThrownBy(() ->
+		// @formatter:off
+			ClientRegistration.withRegistrationId("test")
+					.clientId("client")
+					.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
+					// Missing tokenUri
+					.build()
+		// @formatter:on
+		);
+	}
+
+	@Test
+	void buildWhenValidThenSettingsAreCorrect() {
+		// @formatter:off
+		ClientRegistration registration = ClientRegistration.withRegistrationId("google")
+				.clientId("my-client")
+				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
+				.tokenUri("https://google.com/token")
+				.build();
+		// @formatter:on
+		assertThat(registration.getRegistrationId()).isEqualTo("google");
+		assertThat(registration.getClientId()).isEqualTo("my-client");
+	}
+
 }