GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish class names in oauth2-client 

Fixes gh-4722
pull/4631/merge
Joe Grandja 8 years ago
parent
34668e05af
commit
9afefef3b9
19 changed files with 70 additions and 70 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
  2. 2
      config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
  3. 6
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/ImplicitGrantConfigurer.java
  4. 16
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
  5. 4
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AbstractOAuth2AuthorizationGrantAuthenticationToken.java
  6. 4
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationGrantTokenExchanger.java
  7. 6
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/NimbusAuthorizationCodeTokenExchanger.java
  8. 10
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java
  9. 12
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProvider.java
  10. 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationRequestUriBuilder.java
  11. 14
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
  12. 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
  13. 10
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
  14. 12
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
  15. 4
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationRequestUriBuilderTests.java
  16. 22
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java
  17. 2
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchange.java
  18. 2
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUser.java
  19. 8
      samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java

2
config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
Unescape View File

@ -78,7 +78,7 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
put(LogoutFilter.class, order); put(LogoutFilter.class, order);
order += STEP; order += STEP;
filterToOrder.put( filterToOrder.put(
"org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter", "org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter",
order); order);
order += STEP; order += STEP;
put(X509AuthenticationFilter.class, order); put(X509AuthenticationFilter.class, order);

2
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
Unescape View File

@ -1014,7 +1014,7 @@ public final class HttpSecurity extends
* } * }
* *
* &#064;Bean * &#064;Bean
* public AuthorizationGrantTokenExchanger&lt;AuthorizationCodeAuthenticationToken&gt; authorizationCodeTokenExchanger() { * public AuthorizationGrantTokenExchanger&lt;OAuth2AuthorizationCodeAuthenticationToken&gt; authorizationCodeTokenExchanger() {
* // Custom implementation that exchanges an &quot;Authorization Code Grant&quot; for an &quot;Access Token&quot; * // Custom implementation that exchanges an &quot;Authorization Code Grant&quot; for an &quot;Access Token&quot;
* return new AuthorizationCodeTokenExchangerImpl(); * return new AuthorizationCodeTokenExchangerImpl();
* } * }

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/ImplicitGrantConfigurer.java
Unescape View File

@ -19,7 +19,7 @@ import org.springframework.context.ApplicationContext;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter; import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter;
import org.springframework.security.oauth2.client.endpoint.AuthorizationRequestUriBuilder; import org.springframework.security.oauth2.client.endpoint.AuthorizationRequestUriBuilder;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -55,7 +55,7 @@ public final class ImplicitGrantConfigurer<B extends HttpSecurityBuilder<B>> ext
@Override @Override
public void configure(B http) throws Exception { public void configure(B http) throws Exception {
AuthorizationRequestRedirectFilter authorizationRequestFilter = new AuthorizationRequestRedirectFilter( OAuth2AuthorizationRequestRedirectFilter authorizationRequestFilter = new OAuth2AuthorizationRequestRedirectFilter(
this.getAuthorizationRequestBaseUri(), this.getClientRegistrationRepository()); this.getAuthorizationRequestBaseUri(), this.getClientRegistrationRepository());
if (this.authorizationRequestUriBuilder != null) { if (this.authorizationRequestUriBuilder != null) {
authorizationRequestFilter.setAuthorizationRequestUriBuilder(this.authorizationRequestUriBuilder); authorizationRequestFilter.setAuthorizationRequestUriBuilder(this.authorizationRequestUriBuilder);
@ -66,7 +66,7 @@ public final class ImplicitGrantConfigurer<B extends HttpSecurityBuilder<B>> ext
private String getAuthorizationRequestBaseUri() { private String getAuthorizationRequestBaseUri() {
return this.authorizationRequestBaseUri != null ? return this.authorizationRequestBaseUri != null ?
this.authorizationRequestBaseUri : this.authorizationRequestBaseUri :
AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI; OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
} }
private ClientRegistrationRepository getClientRegistrationRepository() { private ClientRegistrationRepository getClientRegistrationRepository() {

16
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
Unescape View File

@ -21,7 +21,7 @@ import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken;
import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger; import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger;
import org.springframework.security.oauth2.client.authentication.NimbusAuthorizationCodeTokenExchanger; import org.springframework.security.oauth2.client.authentication.NimbusAuthorizationCodeTokenExchanger;
import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider; import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider;
@ -39,7 +39,7 @@ import org.springframework.security.oauth2.client.userinfo.CustomUserTypesOAuth2
import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService; import org.springframework.security.oauth2.client.userinfo.DefaultOAuth2UserService;
import org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService; import org.springframework.security.oauth2.client.userinfo.DelegatingOAuth2UserService;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService; import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter; import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository; import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter; import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
@ -133,7 +133,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
} }
public class TokenEndpointConfig { public class TokenEndpointConfig {
private AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger; private AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger;
private OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository; private OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository;
private JwtDecoderRegistry jwtDecoderRegistry; private JwtDecoderRegistry jwtDecoderRegistry;
@ -141,7 +141,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
} }
public TokenEndpointConfig authorizationCodeTokenExchanger( public TokenEndpointConfig authorizationCodeTokenExchanger(
AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger) { AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger) {
Assert.notNull(authorizationCodeTokenExchanger, "authorizationCodeTokenExchanger cannot be null"); Assert.notNull(authorizationCodeTokenExchanger, "authorizationCodeTokenExchanger cannot be null");
this.authorizationCodeTokenExchanger = authorizationCodeTokenExchanger; this.authorizationCodeTokenExchanger = authorizationCodeTokenExchanger;
@ -226,7 +226,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
public void init(B http) throws Exception { public void init(B http) throws Exception {
super.init(http); super.init(http);
AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger = AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger =
this.tokenEndpointConfig.authorizationCodeTokenExchanger; this.tokenEndpointConfig.authorizationCodeTokenExchanger;
if (authorizationCodeTokenExchanger == null) { if (authorizationCodeTokenExchanger == null) {
authorizationCodeTokenExchanger = new NimbusAuthorizationCodeTokenExchanger(); authorizationCodeTokenExchanger = new NimbusAuthorizationCodeTokenExchanger();
@ -274,10 +274,10 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
public void configure(B http) throws Exception { public void configure(B http) throws Exception {
String authorizationRequestBaseUri = this.authorizationEndpointConfig.authorizationRequestBaseUri; String authorizationRequestBaseUri = this.authorizationEndpointConfig.authorizationRequestBaseUri;
if (authorizationRequestBaseUri == null) { if (authorizationRequestBaseUri == null) {
authorizationRequestBaseUri = AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI; authorizationRequestBaseUri = OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
} }
AuthorizationRequestRedirectFilter authorizationRequestFilter = new AuthorizationRequestRedirectFilter( OAuth2AuthorizationRequestRedirectFilter authorizationRequestFilter = new OAuth2AuthorizationRequestRedirectFilter(
authorizationRequestBaseUri, this.getClientRegistrationRepository()); authorizationRequestBaseUri, this.getClientRegistrationRepository());
if (this.authorizationEndpointConfig.authorizationRequestUriBuilder != null) { if (this.authorizationEndpointConfig.authorizationRequestUriBuilder != null) {
authorizationRequestFilter.setAuthorizationRequestUriBuilder( authorizationRequestFilter.setAuthorizationRequestUriBuilder(
@ -341,7 +341,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
String authorizationRequestBaseUri = this.authorizationEndpointConfig.authorizationRequestBaseUri != null ? String authorizationRequestBaseUri = this.authorizationEndpointConfig.authorizationRequestBaseUri != null ?
this.authorizationEndpointConfig.authorizationRequestBaseUri : this.authorizationEndpointConfig.authorizationRequestBaseUri :
AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI; OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
Map<String, String> authenticationUrlToClientName = new HashMap<>(); Map<String, String> authenticationUrlToClientName = new HashMap<>();
clientRegistrations.forEach(registration -> authenticationUrlToClientName.put( clientRegistrations.forEach(registration -> authenticationUrlToClientName.put(

4
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationGrantAuthenticationToken.java → oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AbstractOAuth2AuthorizationGrantAuthenticationToken.java
Unescape View File

@ -31,11 +31,11 @@ import java.util.Collections;
* @see AuthorizationGrantType * @see AuthorizationGrantType
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3">Section 1.3 Authorization Grant</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3">Section 1.3 Authorization Grant</a>
*/ */
public abstract class AuthorizationGrantAuthenticationToken extends AbstractAuthenticationToken { public abstract class AbstractOAuth2AuthorizationGrantAuthenticationToken extends AbstractAuthenticationToken {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
private final AuthorizationGrantType authorizationGrantType; private final AuthorizationGrantType authorizationGrantType;
protected AuthorizationGrantAuthenticationToken(AuthorizationGrantType authorizationGrantType) { protected AbstractOAuth2AuthorizationGrantAuthenticationToken(AuthorizationGrantType authorizationGrantType) {
super(Collections.emptyList()); super(Collections.emptyList());
Assert.notNull(authorizationGrantType, "authorizationGrantType cannot be null"); Assert.notNull(authorizationGrantType, "authorizationGrantType cannot be null");
this.authorizationGrantType = authorizationGrantType; this.authorizationGrantType = authorizationGrantType;

4
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationGrantTokenExchanger.java
Unescape View File

@ -28,13 +28,13 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenRespon
* @author Joe Grandja * @author Joe Grandja
* @since 5.0 * @since 5.0
* @see AuthorizationGrantType * @see AuthorizationGrantType
* @see AuthorizationGrantAuthenticationToken * @see AbstractOAuth2AuthorizationGrantAuthenticationToken
* @see OAuth2AccessTokenResponse * @see OAuth2AccessTokenResponse
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3">Section 1.3 Authorization Grant</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3">Section 1.3 Authorization Grant</a>
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request (Authorization Code Grant)</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request (Authorization Code Grant)</a>
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response (Authorization Code Grant)</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response (Authorization Code Grant)</a>
*/ */
public interface AuthorizationGrantTokenExchanger<T extends AuthorizationGrantAuthenticationToken> { public interface AuthorizationGrantTokenExchanger<T extends AbstractOAuth2AuthorizationGrantAuthenticationToken> {
OAuth2AccessTokenResponse exchange(T authorizationGrantAuthentication) throws OAuth2AuthenticationException; OAuth2AccessTokenResponse exchange(T authorizationGrantAuthentication) throws OAuth2AuthenticationException;

6
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/NimbusAuthorizationCodeTokenExchanger.java
Unescape View File

@ -58,17 +58,17 @@ import java.util.Set;
* @author Joe Grandja * @author Joe Grandja
* @since 5.0 * @since 5.0
* @see AuthorizationGrantTokenExchanger * @see AuthorizationGrantTokenExchanger
* @see AuthorizationCodeAuthenticationToken * @see OAuth2AuthorizationCodeAuthenticationToken
* @see OAuth2AccessTokenResponse * @see OAuth2AccessTokenResponse
* @see <a target="_blank" href="https://connect2id.com/products/nimbus-oauth-openid-connect-sdk">Nimbus OAuth 2.0 SDK</a> * @see <a target="_blank" href="https://connect2id.com/products/nimbus-oauth-openid-connect-sdk">Nimbus OAuth 2.0 SDK</a>
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request (Authorization Code Grant)</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request (Authorization Code Grant)</a>
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response (Authorization Code Grant)</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response (Authorization Code Grant)</a>
*/ */
public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> { public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> {
private static final String INVALID_TOKEN_RESPONSE_ERROR_CODE = "invalid_token_response"; private static final String INVALID_TOKEN_RESPONSE_ERROR_CODE = "invalid_token_response";
@Override @Override
public OAuth2AccessTokenResponse exchange(AuthorizationCodeAuthenticationToken authorizationCodeAuthentication) public OAuth2AccessTokenResponse exchange(OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication)
throws OAuth2AuthenticationException { throws OAuth2AuthenticationException {
ClientRegistration clientRegistration = authorizationCodeAuthentication.getClientRegistration(); ClientRegistration clientRegistration = authorizationCodeAuthentication.getClientRegistration();

10
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java → oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java
Unescape View File

@ -23,23 +23,23 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResp
import org.springframework.util.Assert; import org.springframework.util.Assert;
/** /**
* An implementation of an {@link AuthorizationGrantAuthenticationToken} that holds * An implementation of an {@link AbstractOAuth2AuthorizationGrantAuthenticationToken} that holds
* an <i>authorization code grant</i> credential for a specific client identified in {@link #getClientRegistration()}. * an <i>authorization code grant</i> credential for a specific client identified in {@link #getClientRegistration()}.
* *
* @author Joe Grandja * @author Joe Grandja
* @since 5.0 * @since 5.0
* @see AuthorizationGrantAuthenticationToken * @see AbstractOAuth2AuthorizationGrantAuthenticationToken
* @see ClientRegistration * @see ClientRegistration
* @see OAuth2AuthorizationRequest * @see OAuth2AuthorizationRequest
* @see OAuth2AuthorizationResponse * @see OAuth2AuthorizationResponse
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3.1">Section 1.3.1 Authorization Code Grant</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3.1">Section 1.3.1 Authorization Code Grant</a>
*/ */
public class AuthorizationCodeAuthenticationToken extends AuthorizationGrantAuthenticationToken { public class OAuth2AuthorizationCodeAuthenticationToken extends AbstractOAuth2AuthorizationGrantAuthenticationToken {
private final ClientRegistration clientRegistration; private final ClientRegistration clientRegistration;
private final OAuth2AuthorizationExchange authorizationExchange; private final OAuth2AuthorizationExchange authorizationExchange;
public AuthorizationCodeAuthenticationToken(ClientRegistration clientRegistration, public OAuth2AuthorizationCodeAuthenticationToken(ClientRegistration clientRegistration,
OAuth2AuthorizationExchange authorizationExchange) { OAuth2AuthorizationExchange authorizationExchange) {
super(AuthorizationGrantType.AUTHORIZATION_CODE); super(AuthorizationGrantType.AUTHORIZATION_CODE);
Assert.notNull(clientRegistration, "clientRegistration cannot be null"); Assert.notNull(clientRegistration, "clientRegistration cannot be null");

12
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProvider.java
Unescape View File

@ -47,7 +47,7 @@ import java.util.Collection;
* *
* @author Joe Grandja * @author Joe Grandja
* @since 5.0 * @since 5.0
* @see AuthorizationCodeAuthenticationToken * @see OAuth2AuthorizationCodeAuthenticationToken
* @see OAuth2AuthenticationToken * @see OAuth2AuthenticationToken
* @see OAuth2UserService * @see OAuth2UserService
* @see OAuth2AuthorizedClient * @see OAuth2AuthorizedClient
@ -59,12 +59,12 @@ import java.util.Collection;
public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider { public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider {
private static final String INVALID_STATE_PARAMETER_ERROR_CODE = "invalid_state_parameter"; private static final String INVALID_STATE_PARAMETER_ERROR_CODE = "invalid_state_parameter";
private static final String INVALID_REDIRECT_URI_PARAMETER_ERROR_CODE = "invalid_redirect_uri_parameter"; private static final String INVALID_REDIRECT_URI_PARAMETER_ERROR_CODE = "invalid_redirect_uri_parameter";
private final AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger; private final AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger;
private final OAuth2UserService<OAuth2AuthorizedClient, OAuth2User> userService; private final OAuth2UserService<OAuth2AuthorizedClient, OAuth2User> userService;
private GrantedAuthoritiesMapper authoritiesMapper = (authorities -> authorities); private GrantedAuthoritiesMapper authoritiesMapper = (authorities -> authorities);
public OAuth2LoginAuthenticationProvider( public OAuth2LoginAuthenticationProvider(
AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger, AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger,
OAuth2UserService<OAuth2AuthorizedClient, OAuth2User> userService) { OAuth2UserService<OAuth2AuthorizedClient, OAuth2User> userService) {
Assert.notNull(authorizationCodeTokenExchanger, "authorizationCodeTokenExchanger cannot be null"); Assert.notNull(authorizationCodeTokenExchanger, "authorizationCodeTokenExchanger cannot be null");
@ -75,8 +75,8 @@ public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider
@Override @Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException { public Authentication authenticate(Authentication authentication) throws AuthenticationException {
AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication =
(AuthorizationCodeAuthenticationToken) authentication; (OAuth2AuthorizationCodeAuthenticationToken) authentication;
// Section 3.1.2.1 Authentication Request - http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest // Section 3.1.2.1 Authentication Request - http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
// scope // scope
@ -141,6 +141,6 @@ public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider
@Override @Override
public boolean supports(Class<?> authentication) { public boolean supports(Class<?> authentication) {
return AuthorizationCodeAuthenticationToken.class.isAssignableFrom(authentication); return OAuth2AuthorizationCodeAuthenticationToken.class.isAssignableFrom(authentication);
} }
} }

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationRequestUriBuilder.java → oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationRequestUriBuilder.java
Unescape View File

@ -34,7 +34,7 @@ import java.util.Set;
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.1">Section 4.1.1 Authorization Code Grant Request</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.1">Section 4.1.1 Authorization Code Grant Request</a>
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2.1">Section 4.2.1 Implicit Grant Request</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2.1">Section 4.2.1 Implicit Grant Request</a>
*/ */
public class DefaultAuthorizationRequestUriBuilder implements AuthorizationRequestUriBuilder { public class OAuth2AuthorizationRequestUriBuilder implements AuthorizationRequestUriBuilder {
@Override @Override
public URI build(OAuth2AuthorizationRequest authorizationRequest) { public URI build(OAuth2AuthorizationRequest authorizationRequest) {

14
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
Unescape View File

@ -20,7 +20,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper; import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken;
import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger; import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.jwt.JwtDecoderRegistry; import org.springframework.security.oauth2.client.jwt.JwtDecoderRegistry;
@ -62,7 +62,7 @@ import java.util.List;
* *
* @author Joe Grandja * @author Joe Grandja
* @since 5.0 * @since 5.0
* @see AuthorizationCodeAuthenticationToken * @see OAuth2AuthorizationCodeAuthenticationToken
* @see OAuth2AuthenticationToken * @see OAuth2AuthenticationToken
* @see OidcUserService * @see OidcUserService
* @see OidcAuthorizedClient * @see OidcAuthorizedClient
@ -75,13 +75,13 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
private static final String INVALID_STATE_PARAMETER_ERROR_CODE = "invalid_state_parameter"; private static final String INVALID_STATE_PARAMETER_ERROR_CODE = "invalid_state_parameter";
private static final String INVALID_REDIRECT_URI_PARAMETER_ERROR_CODE = "invalid_redirect_uri_parameter"; private static final String INVALID_REDIRECT_URI_PARAMETER_ERROR_CODE = "invalid_redirect_uri_parameter";
private static final String INVALID_ID_TOKEN_ERROR_CODE = "invalid_id_token"; private static final String INVALID_ID_TOKEN_ERROR_CODE = "invalid_id_token";
private final AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger; private final AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger;
private final OAuth2UserService<OidcAuthorizedClient, OidcUser> userService; private final OAuth2UserService<OidcAuthorizedClient, OidcUser> userService;
private final JwtDecoderRegistry jwtDecoderRegistry; private final JwtDecoderRegistry jwtDecoderRegistry;
private GrantedAuthoritiesMapper authoritiesMapper = (authorities -> authorities); private GrantedAuthoritiesMapper authoritiesMapper = (authorities -> authorities);
public OidcAuthorizationCodeAuthenticationProvider( public OidcAuthorizationCodeAuthenticationProvider(
AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger, AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger,
OAuth2UserService<OidcAuthorizedClient, OidcUser> userService, OAuth2UserService<OidcAuthorizedClient, OidcUser> userService,
JwtDecoderRegistry jwtDecoderRegistry) { JwtDecoderRegistry jwtDecoderRegistry) {
@ -95,8 +95,8 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
@Override @Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException { public Authentication authenticate(Authentication authentication) throws AuthenticationException {
AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication =
(AuthorizationCodeAuthenticationToken) authentication; (OAuth2AuthorizationCodeAuthenticationToken) authentication;
// Section 3.1.2.1 Authentication Request - http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest // Section 3.1.2.1 Authentication Request - http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
// scope // scope
@ -179,7 +179,7 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
@Override @Override
public boolean supports(Class<?> authentication) { public boolean supports(Class<?> authentication) {
return AuthorizationCodeAuthenticationToken.class.isAssignableFrom(authentication); return OAuth2AuthorizationCodeAuthenticationToken.class.isAssignableFrom(authentication);
} }
private void validateIdToken(OidcIdToken idToken, ClientRegistration clientRegistration) { private void validateIdToken(OidcIdToken idToken, ClientRegistration clientRegistration) {

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
Unescape View File

@ -25,7 +25,7 @@ import javax.servlet.http.HttpServletResponse;
* of {@link OAuth2AuthorizationRequest} between requests. * of {@link OAuth2AuthorizationRequest} between requests.
* *
* <p> * <p>
* Used by the {@link AuthorizationRequestRedirectFilter} for persisting the <i>Authorization Request</i> * Used by the {@link OAuth2AuthorizationRequestRedirectFilter} for persisting the <i>Authorization Request</i>
* before it initiates the authorization code grant flow. * before it initiates the authorization code grant flow.
* As well, used by the {@link OAuth2LoginAuthenticationFilter} for resolving * As well, used by the {@link OAuth2LoginAuthenticationFilter} for resolving
* the associated <i>Authorization Request</i> when handling the <i>Authorization Response</i>. * the associated <i>Authorization Request</i> when handling the <i>Authorization Response</i>.

10
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilter.java → oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
Unescape View File

@ -18,7 +18,7 @@ package org.springframework.security.oauth2.client.web;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.security.crypto.keygen.Base64StringKeyGenerator; import org.springframework.security.crypto.keygen.Base64StringKeyGenerator;
import org.springframework.security.crypto.keygen.StringKeyGenerator; import org.springframework.security.crypto.keygen.StringKeyGenerator;
import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationRequestUriBuilder; import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationRequestUriBuilder;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
@ -65,21 +65,21 @@ import java.util.Map;
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2">Section 4.2 Implicit Grant</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2">Section 4.2 Implicit Grant</a>
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2.1">Section 4.2.1 Authorization Request (Implicit)</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2.1">Section 4.2.1 Authorization Request (Implicit)</a>
*/ */
public class AuthorizationRequestRedirectFilter extends OncePerRequestFilter { public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilter {
public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization"; public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization";
private static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId"; private static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
private final AntPathRequestMatcher authorizationRequestMatcher; private final AntPathRequestMatcher authorizationRequestMatcher;
private final ClientRegistrationRepository clientRegistrationRepository; private final ClientRegistrationRepository clientRegistrationRepository;
private AuthorizationRequestUriBuilder authorizationRequestUriBuilder = new DefaultAuthorizationRequestUriBuilder(); private AuthorizationRequestUriBuilder authorizationRequestUriBuilder = new OAuth2AuthorizationRequestUriBuilder();
private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy(); private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();
private final StringKeyGenerator stateGenerator = new Base64StringKeyGenerator(Base64.getUrlEncoder()); private final StringKeyGenerator stateGenerator = new Base64StringKeyGenerator(Base64.getUrlEncoder());
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository(); private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
public AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) { public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) {
this(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI, clientRegistrationRepository); this(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI, clientRegistrationRepository);
} }
public AuthorizationRequestRedirectFilter( public OAuth2AuthorizationRequestRedirectFilter(
String authorizationRequestBaseUri, ClientRegistrationRepository clientRegistrationRepository) { String authorizationRequestBaseUri, ClientRegistrationRepository clientRegistrationRepository) {
Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty"); Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");

12
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
Unescape View File

@ -19,7 +19,7 @@ import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider; import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationProvider;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
@ -59,7 +59,7 @@ import java.io.IOException;
* and redirect the end-user's user-agent back to this <code>Filter</code> (the client). * and redirect the end-user's user-agent back to this <code>Filter</code> (the client).
* </li> * </li>
* <li> * <li>
* This <code>Filter</code> will then create an {@link AuthorizationCodeAuthenticationToken} with * This <code>Filter</code> will then create an {@link OAuth2AuthorizationCodeAuthenticationToken} with
* the {@link OAuth2ParameterNames#CODE} received in the previous step and delegate it to * the {@link OAuth2ParameterNames#CODE} received in the previous step and delegate it to
* {@link OAuth2LoginAuthenticationProvider#authenticate(Authentication)} (indirectly via {@link AuthenticationManager}). * {@link OAuth2LoginAuthenticationProvider#authenticate(Authentication)} (indirectly via {@link AuthenticationManager}).
* </li> * </li>
@ -68,13 +68,13 @@ import java.io.IOException;
* @author Joe Grandja * @author Joe Grandja
* @since 5.0 * @since 5.0
* @see AbstractAuthenticationProcessingFilter * @see AbstractAuthenticationProcessingFilter
* @see AuthorizationCodeAuthenticationToken * @see OAuth2AuthorizationCodeAuthenticationToken
* @see OAuth2AuthenticationToken * @see OAuth2AuthenticationToken
* @see OAuth2LoginAuthenticationProvider * @see OAuth2LoginAuthenticationProvider
* @see OAuth2AuthorizationRequest * @see OAuth2AuthorizationRequest
* @see OAuth2AuthorizationResponse * @see OAuth2AuthorizationResponse
* @see AuthorizationRequestRepository * @see AuthorizationRequestRepository
* @see AuthorizationRequestRedirectFilter * @see OAuth2AuthorizationRequestRedirectFilter
* @see ClientRegistrationRepository * @see ClientRegistrationRepository
* @see OAuth2TokenRepository * @see OAuth2TokenRepository
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a> * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a>
@ -123,7 +123,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
// The clientRegistration.redirectUri may contain Uri template variables, whether it's configured by // The clientRegistration.redirectUri may contain Uri template variables, whether it's configured by
// the user or configured by default. In these cases, the redirectUri will be expanded and ultimately changed // the user or configured by default. In these cases, the redirectUri will be expanded and ultimately changed
// (by AuthorizationRequestRedirectFilter) before setting it in the authorization request. // (by OAuth2AuthorizationRequestRedirectFilter) before setting it in the authorization request.
// The resulting redirectUri used for the authorization request and saved within the AuthorizationRequestRepository // The resulting redirectUri used for the authorization request and saved within the AuthorizationRequestRepository
// MUST BE the same one used to complete the authorization code flow. // MUST BE the same one used to complete the authorization code flow.
// Therefore, we'll create a copy of the clientRegistration and override the redirectUri // Therefore, we'll create a copy of the clientRegistration and override the redirectUri
@ -132,7 +132,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
.redirectUri(authorizationRequest.getRedirectUri()) .redirectUri(authorizationRequest.getRedirectUri())
.build(); .build();
AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = new AuthorizationCodeAuthenticationToken( OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = new OAuth2AuthorizationCodeAuthenticationToken(
clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse)); clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse));
authorizationCodeAuthentication.setDetails(this.authenticationDetailsSource.buildDetails(request)); authorizationCodeAuthentication.setDetails(this.authenticationDetailsSource.buildDetails(request));

4
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationRequestUriBuilderTests.java → oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationRequestUriBuilderTests.java
Unescape View File

@ -30,8 +30,8 @@ import static org.assertj.core.api.Assertions.assertThat;
* @author Rob Winch * @author Rob Winch
* @since 5.0 * @since 5.0
*/ */
public class DefaultAuthorizationRequestUriBuilderTests { public class OAuth2AuthorizationRequestUriBuilderTests {
private DefaultAuthorizationRequestUriBuilder builder = new DefaultAuthorizationRequestUriBuilder(); private OAuth2AuthorizationRequestUriBuilder builder = new OAuth2AuthorizationRequestUriBuilder();
@Test @Test
public void buildWhenScopeMultiThenSeparatedByEncodedSpace() { public void buildWhenScopeMultiThenSeparatedByEncodedSpace() {

22
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilterTests.java → oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java
Unescape View File

@ -32,22 +32,22 @@ import javax.servlet.http.HttpServletResponse;
import java.net.URI; import java.net.URI;
/** /**
* Tests {@link AuthorizationRequestRedirectFilter}. * Tests {@link OAuth2AuthorizationRequestRedirectFilter}.
* *
* @author Joe Grandja * @author Joe Grandja
*/ */
public class AuthorizationRequestRedirectFilterTests { public class OAuth2AuthorizationRequestRedirectFilterTests {
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void constructorWhenClientRegistrationRepositoryIsNullThenThrowIllegalArgumentException() { public void constructorWhenClientRegistrationRepositoryIsNullThenThrowIllegalArgumentException() {
new AuthorizationRequestRedirectFilter(null); new OAuth2AuthorizationRequestRedirectFilter(null);
} }
@Test @Test
public void doFilterWhenRequestDoesNotMatchClientThenContinueChain() throws Exception { public void doFilterWhenRequestDoesNotMatchClientThenContinueChain() throws Exception {
ClientRegistration clientRegistration = TestUtil.googleClientRegistration(); ClientRegistration clientRegistration = TestUtil.googleClientRegistration();
String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString(); String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString();
AuthorizationRequestRedirectFilter filter = OAuth2AuthorizationRequestRedirectFilter filter =
setupFilter(authorizationUri, clientRegistration); setupFilter(authorizationUri, clientRegistration);
String requestURI = "/path"; String requestURI = "/path";
@ -65,7 +65,7 @@ public class AuthorizationRequestRedirectFilterTests {
public void doFilterWhenRequestMatchesClientThenRedirectForAuthorization() throws Exception { public void doFilterWhenRequestMatchesClientThenRedirectForAuthorization() throws Exception {
ClientRegistration clientRegistration = TestUtil.googleClientRegistration(); ClientRegistration clientRegistration = TestUtil.googleClientRegistration();
String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString(); String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString();
AuthorizationRequestRedirectFilter filter = OAuth2AuthorizationRequestRedirectFilter filter =
setupFilter(authorizationUri, clientRegistration); setupFilter(authorizationUri, clientRegistration);
String requestUri = TestUtil.AUTHORIZATION_BASE_URI + "/" + clientRegistration.getRegistrationId(); String requestUri = TestUtil.AUTHORIZATION_BASE_URI + "/" + clientRegistration.getRegistrationId();
@ -85,7 +85,7 @@ public class AuthorizationRequestRedirectFilterTests {
public void doFilterWhenRequestMatchesClientThenAuthorizationRequestSavedInSession() throws Exception { public void doFilterWhenRequestMatchesClientThenAuthorizationRequestSavedInSession() throws Exception {
ClientRegistration clientRegistration = TestUtil.githubClientRegistration(); ClientRegistration clientRegistration = TestUtil.githubClientRegistration();
String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString(); String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString();
AuthorizationRequestRedirectFilter filter = OAuth2AuthorizationRequestRedirectFilter filter =
setupFilter(authorizationUri, clientRegistration); setupFilter(authorizationUri, clientRegistration);
AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository(); AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
filter.setAuthorizationRequestRepository(authorizationRequestRepository); filter.setAuthorizationRequestRepository(authorizationRequestRepository);
@ -114,8 +114,8 @@ public class AuthorizationRequestRedirectFilterTests {
Assertions.assertThat(authorizationRequest.getState()).isNotNull(); Assertions.assertThat(authorizationRequest.getState()).isNotNull();
} }
private AuthorizationRequestRedirectFilter setupFilter(String authorizationUri, private OAuth2AuthorizationRequestRedirectFilter setupFilter(String authorizationUri,
ClientRegistration... clientRegistrations) throws Exception { ClientRegistration... clientRegistrations) throws Exception {
AuthorizationRequestUriBuilder authorizationUriBuilder = Mockito.mock(AuthorizationRequestUriBuilder.class); AuthorizationRequestUriBuilder authorizationUriBuilder = Mockito.mock(AuthorizationRequestUriBuilder.class);
URI authorizationURI = new URI(authorizationUri); URI authorizationURI = new URI(authorizationUri);
@ -124,11 +124,11 @@ public class AuthorizationRequestRedirectFilterTests {
return setupFilter(authorizationUriBuilder, clientRegistrations); return setupFilter(authorizationUriBuilder, clientRegistrations);
} }
private AuthorizationRequestRedirectFilter setupFilter(AuthorizationRequestUriBuilder authorizationUriBuilder, private OAuth2AuthorizationRequestRedirectFilter setupFilter(AuthorizationRequestUriBuilder authorizationUriBuilder,
ClientRegistration... clientRegistrations) throws Exception { ClientRegistration... clientRegistrations) throws Exception {
ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations); ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations);
AuthorizationRequestRedirectFilter filter = new AuthorizationRequestRedirectFilter(clientRegistrationRepository); OAuth2AuthorizationRequestRedirectFilter filter = new OAuth2AuthorizationRequestRedirectFilter(clientRegistrationRepository);
filter.setAuthorizationRequestUriBuilder(authorizationUriBuilder); filter.setAuthorizationRequestUriBuilder(authorizationUriBuilder);
return filter; return filter;

2
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchange.java
Unescape View File

@ -31,7 +31,7 @@ public final class OAuth2AuthorizationExchange {
private final OAuth2AuthorizationResponse authorizationResponse; private final OAuth2AuthorizationResponse authorizationResponse;
public OAuth2AuthorizationExchange(OAuth2AuthorizationRequest authorizationRequest, public OAuth2AuthorizationExchange(OAuth2AuthorizationRequest authorizationRequest,
OAuth2AuthorizationResponse authorizationResponse) { OAuth2AuthorizationResponse authorizationResponse) {
Assert.notNull(authorizationRequest, "authorizationRequest cannot be null"); Assert.notNull(authorizationRequest, "authorizationRequest cannot be null");
Assert.notNull(authorizationResponse, "authorizationResponse cannot be null"); Assert.notNull(authorizationResponse, "authorizationResponse cannot be null");
this.authorizationRequest = authorizationRequest; this.authorizationRequest = authorizationRequest;

2
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUser.java
Unescape View File

@ -58,7 +58,7 @@ public class DefaultOidcUser extends DefaultOAuth2User implements OidcUser {
} }
public DefaultOidcUser(Set<GrantedAuthority> authorities, OidcIdToken idToken, OidcUserInfo userInfo, public DefaultOidcUser(Set<GrantedAuthority> authorities, OidcIdToken idToken, OidcUserInfo userInfo,
String nameAttributeKey) { String nameAttributeKey) {
super(authorities, OidcUser.collectClaims(idToken, userInfo), nameAttributeKey); super(authorities, OidcUser.collectClaims(idToken, userInfo), nameAttributeKey);
this.idToken = idToken; this.idToken = idToken;
this.userInfo = userInfo; this.userInfo = userInfo;

8
samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
Unescape View File

@ -36,13 +36,13 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.client.authentication.AuthorizationCodeAuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken;
import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger; import org.springframework.security.oauth2.client.authentication.AuthorizationGrantTokenExchanger;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService; import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter;
import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter; import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
@ -70,7 +70,7 @@ import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
/** /**
* Integration tests for the OAuth 2.0 client filters {@link AuthorizationRequestRedirectFilter} * Integration tests for the OAuth 2.0 client filters {@link OAuth2AuthorizationRequestRedirectFilter}
* and {@link OAuth2LoginAuthenticationFilter}. * and {@link OAuth2LoginAuthenticationFilter}.
* These filters work together to realize the Authorization Code Grant flow. * These filters work together to realize the Authorization Code Grant flow.
* *
@ -354,7 +354,7 @@ public class OAuth2LoginApplicationTests {
} }
// @formatter:on // @formatter:on
private AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> mockAuthorizationCodeTokenExchanger() { private AuthorizationGrantTokenExchanger<OAuth2AuthorizationCodeAuthenticationToken> mockAuthorizationCodeTokenExchanger() {
OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234") OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234")
.tokenType(OAuth2AccessToken.TokenType.BEARER) .tokenType(OAuth2AccessToken.TokenType.BEARER)
.expiresIn(60 * 1000) .expiresIn(60 * 1000)

Write Preview
Loading…
Cancel
Save