diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeAuthenticationFilterConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeAuthenticationFilterConfigurer.java index 386f47d87d..83505b09b9 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeAuthenticationFilterConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeAuthenticationFilterConfigurer.java @@ -17,20 +17,21 @@ package org.springframework.security.config.annotation.web.configurers.oauth2.cl import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer; +import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; import org.springframework.security.jwt.JwtDecoder; import org.springframework.security.jwt.nimbus.NimbusJwtDecoderJwkSupport; import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationProcessingFilter; import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationProvider; import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationToken; import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger; +import org.springframework.security.oauth2.client.authentication.jwt.DefaultProviderJwtDecoderRegistry; +import org.springframework.security.oauth2.client.authentication.jwt.ProviderJwtDecoderRegistry; import org.springframework.security.oauth2.client.authentication.nimbus.NimbusAuthorizationCodeTokenExchanger; import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.user.OAuth2UserService; import org.springframework.security.oauth2.client.user.nimbus.NimbusOAuth2UserService; -import org.springframework.security.oauth2.client.authentication.jwt.DefaultProviderJwtDecoderRegistry; import org.springframework.security.oauth2.core.provider.DefaultProviderMetadata; -import org.springframework.security.oauth2.client.authentication.jwt.ProviderJwtDecoderRegistry; import org.springframework.security.oauth2.core.provider.ProviderMetadata; import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.security.web.util.matcher.RequestMatcher; @@ -54,7 +55,7 @@ final class AuthorizationCodeAuthenticationFilterConfigurer> customUserTypes = new HashMap<>(); private Map userNameAttributeNames = new HashMap<>(); - + private GrantedAuthoritiesMapper userAuthoritiesMapper; AuthorizationCodeAuthenticationFilterConfigurer() { super(new AuthorizationCodeAuthenticationProcessingFilter(), null); @@ -95,6 +96,12 @@ final class AuthorizationCodeAuthenticationFilterConfigurer userAuthoritiesMapper(GrantedAuthoritiesMapper userAuthoritiesMapper) { + Assert.notNull(userAuthoritiesMapper, "userAuthoritiesMapper cannot be null"); + this.userAuthoritiesMapper = userAuthoritiesMapper; + return this; + } + String getLoginUrl() { return super.getLoginPage(); } @@ -107,6 +114,9 @@ final class AuthorizationCodeAuthenticationFilterConfigurer> exten return this; } + public OAuth2LoginConfigurer userAuthoritiesMapper(GrantedAuthoritiesMapper userAuthoritiesMapper) { + Assert.notNull(userAuthoritiesMapper, "userAuthoritiesMapper cannot be null"); + this.authorizationCodeAuthenticationFilterConfigurer.userAuthoritiesMapper(userAuthoritiesMapper); + return this; + } + public UserInfoEndpointConfig userInfoEndpoint() { return this.userInfoEndpointConfig; }