GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '5.8.x' 

Closes gh-12234
pull/12109/merge
Steve Riesenberg 3 years ago
parent
102c5e7a72 52888d6206
commit
a3d35ecf3c
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 24 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 24
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java

24
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
Unescape View File

@ -24,9 +24,14 @@ import java.util.HashMap; @@ -24,9 +24,14 @@ import java.util.HashMap;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.log.LogMessage;
import org.springframework.security.core.SpringSecurityCoreVersion;
import org.springframework.security.oauth2.core.AuthenticationMethod;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
@ -39,6 +44,7 @@ import org.springframework.util.StringUtils; @@ -39,6 +44,7 @@ import org.springframework.util.StringUtils;
* Provider.
*
* @author Joe Grandja
* @author Michael Sosa
* @since 5.0
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-2">Section 2
* Client Registration</a>
@ -323,6 +329,12 @@ public final class ClientRegistration implements Serializable { @@ -323,6 +329,12 @@ public final class ClientRegistration implements Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
private static final Log logger = LogFactory.getLog(Builder.class);
private static final List<AuthorizationGrantType> AUTHORIZATION_GRANT_TYPES = Arrays.asList(
AuthorizationGrantType.AUTHORIZATION_CODE, AuthorizationGrantType.CLIENT_CREDENTIALS,
AuthorizationGrantType.REFRESH_TOKEN, AuthorizationGrantType.IMPLICIT, AuthorizationGrantType.PASSWORD);
private String registrationId;
private String clientId;
@ -597,6 +609,7 @@ public final class ClientRegistration implements Serializable { @@ -597,6 +609,7 @@ public final class ClientRegistration implements Serializable {
else if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType)) {
this.validateAuthorizationCodeGrantType();
}
this.validateAuthorizationGrantTypes();
this.validateScopes();
return this.create();
}
@ -664,6 +677,17 @@ public final class ClientRegistration implements Serializable { @@ -664,6 +677,17 @@ public final class ClientRegistration implements Serializable {
Assert.hasText(this.tokenUri, "tokenUri cannot be empty");
}
private void validateAuthorizationGrantTypes() {
for (AuthorizationGrantType authorizationGrantType : AUTHORIZATION_GRANT_TYPES) {
if (authorizationGrantType.getValue().equalsIgnoreCase(this.authorizationGrantType.getValue())
&& !authorizationGrantType.equals(this.authorizationGrantType)) {
logger.warn(LogMessage.format(
"AuthorizationGrantType: %s does not match the pre-defined constant %s and won't match a valid OAuth2AuthorizedClientProvider",
this.authorizationGrantType, authorizationGrantType));
}
}
}
private void validateScopes() {
if (this.scopes == null) {
return;

Write Preview
Loading…
Cancel
Save