Polish BearerTokenAuthenticationConverter

Issue gh-8840

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java

@@ -80,8 +80,8 @@ import org.springframework.web.accept.HeaderContentNegotiationStrategy;
  * authentication failures are handled
  * <li>{@link #bearerTokenResolver(BearerTokenResolver)} - customizes how to resolve a
  * bearer token from the request</li>
- * <li>{@link #bearerTokenAuthenticationConverter(AuthenticationConverter)}</li> -
- * customizes how to convert a bear token authentication from the request
+ * <li>{@link #authenticationConverter(AuthenticationConverter)}</li> - customizes how to
+ * convert a bearer token authentication from the request
  * <li>{@link #jwt(Customizer)} - enables Jwt-encoded bearer token support</li>
  * <li>{@link #opaqueToken(Customizer)} - enables opaque bearer token support</li>
  * </ul>
@@ -195,8 +195,7 @@ public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<
 		return this;
 	}
 
-	public OAuth2ResourceServerConfigurer<H> bearerTokenAuthenticationConverter(
-			AuthenticationConverter authenticationConverter) {
+	public OAuth2ResourceServerConfigurer<H> authenticationConverter(AuthenticationConverter authenticationConverter) {
 		Assert.notNull(authenticationConverter, "authenticationConverter cannot be null");
 		this.authenticationConverter = authenticationConverter;
 		return this;
@@ -266,7 +265,7 @@ public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<
 			resolver = (request) -> authenticationManager;
 		}
 
-		this.authenticationConverter = getBearerTokenAuthenticationConverter();
+		this.authenticationConverter = getAuthenticationConverter();
 
 		BearerTokenAuthenticationFilter filter = new BearerTokenAuthenticationFilter(resolver);
 		filter.setAuthenticationConverter(this.authenticationConverter);
@@ -363,7 +362,7 @@ public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<
 		return this.bearerTokenResolver;
 	}
 
-	AuthenticationConverter getBearerTokenAuthenticationConverter() {
+	AuthenticationConverter getAuthenticationConverter() {
 		if (this.authenticationConverter == null) {
 			if (this.context.getBeanNamesForType(BearerTokenAuthenticationConverter.class).length > 0) {
 				this.authenticationConverter = this.context.getBean(BearerTokenAuthenticationConverter.class);

config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java

@@ -732,8 +732,8 @@ public class OAuth2ResourceServerConfigurerTests {
 		context.registerBean("converterTwo", BearerTokenAuthenticationConverter.class, () -> converterBean);
 		this.spring.context(context).autowire();
 		OAuth2ResourceServerConfigurer oauth2 = new OAuth2ResourceServerConfigurer(context);
-		oauth2.bearerTokenAuthenticationConverter(converter);
-		assertThat(oauth2.getBearerTokenAuthenticationConverter()).isEqualTo(converter);
+		oauth2.authenticationConverter(converter);
+		assertThat(oauth2.getAuthenticationConverter()).isEqualTo(converter);
 	}
 
 	@Test
@@ -751,16 +751,15 @@ public class OAuth2ResourceServerConfigurerTests {
 		context.registerBean(BearerTokenAuthenticationConverter.class, () -> converterBean);
 		this.spring.context(context).autowire();
 		OAuth2ResourceServerConfigurer oauth2 = new OAuth2ResourceServerConfigurer(context);
-		oauth2.bearerTokenAuthenticationConverter(converter);
-		assertThat(oauth2.getBearerTokenAuthenticationConverter()).isEqualTo(converter);
+		oauth2.authenticationConverter(converter);
+		assertThat(oauth2.getAuthenticationConverter()).isEqualTo(converter);
 	}
 
 	@Test
 	public void getBearerTokenAuthenticationConverterWhenNoConverterSpecifiedThenTheDefaultIsUsed() {
 		ApplicationContext context = this.spring.context(new GenericWebApplicationContext()).getContext();
 		OAuth2ResourceServerConfigurer oauth2 = new OAuth2ResourceServerConfigurer(context);
-		assertThat(oauth2.getBearerTokenAuthenticationConverter())
-				.isInstanceOf(BearerTokenAuthenticationConverter.class);
+		assertThat(oauth2.getAuthenticationConverter()).isInstanceOf(BearerTokenAuthenticationConverter.class);
 	}
 
 	@Test
@@ -770,7 +769,7 @@ public class OAuth2ResourceServerConfigurerTests {
 		context.registerBean(BearerTokenAuthenticationConverter.class, () -> converterBean);
 		this.spring.context(context).autowire();
 		OAuth2ResourceServerConfigurer oauth2 = new OAuth2ResourceServerConfigurer(context);
-		assertThat(oauth2.getBearerTokenAuthenticationConverter()).isEqualTo(converterBean);
+		assertThat(oauth2.getAuthenticationConverter()).isEqualTo(converterBean);
 
 	}
 
@@ -783,7 +782,7 @@ public class OAuth2ResourceServerConfigurerTests {
 		this.spring.context(context).autowire();
 		OAuth2ResourceServerConfigurer oauth2 = new OAuth2ResourceServerConfigurer(context);
 		BearerTokenAuthenticationToken bearerTokenAuthenticationToken = (BearerTokenAuthenticationToken) oauth2
-				.getBearerTokenAuthenticationConverter().convert(servletRequest);
+				.getAuthenticationConverter().convert(servletRequest);
 		String token = bearerTokenAuthenticationToken.getToken();
 		assertThat(token).isEqualTo("bearer customToken");
 

oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/BearerTokenAuthenticationConverter.java

@@ -36,13 +36,9 @@ import org.springframework.util.Assert;
  */
 public final class BearerTokenAuthenticationConverter implements AuthenticationConverter {
 
-	private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
-
-	private BearerTokenResolver bearerTokenResolver;
+	private BearerTokenResolver bearerTokenResolver = new DefaultBearerTokenResolver();
 
-	public BearerTokenAuthenticationConverter() {
-		this.bearerTokenResolver = new DefaultBearerTokenResolver();
-	}
+	private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
 
 	@Override
 	public BearerTokenAuthenticationToken convert(HttpServletRequest request) {

oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationFilter.java

@@ -153,6 +153,17 @@ public final class BearerTokenAuthenticationFilter extends OncePerRequestFilter
 		((BearerTokenAuthenticationConverter) this.authenticationConverter).setBearerTokenResolver(bearerTokenResolver);
 	}
 
+	/**
+	 * Set the {@link AuthenticationConverter} to use. Defaults to
+	 * {@link BearerTokenAuthenticationConverter}.
+	 * @param authenticationConverter the {@code AuthenticationConverter} to use
+	 * @since 5.5
+	 */
+	public void setAuthenticationConverter(AuthenticationConverter authenticationConverter) {
+		Assert.notNull(authenticationConverter, "authenticationConverter cannot be null");
+		this.authenticationConverter = authenticationConverter;
+	}
+
 	/**
 	 * Set the {@link AuthenticationEntryPoint} to use. Defaults to
 	 * {@link BearerTokenAuthenticationEntryPoint}.
@@ -174,15 +185,4 @@ public final class BearerTokenAuthenticationFilter extends OncePerRequestFilter
 		this.authenticationFailureHandler = authenticationFailureHandler;
 	}
 
-	/**
-	 * Set the {@link AuthenticationConverter} to use. Defaults to
-	 * {@link BearerTokenAuthenticationConverter}.
-	 * @param authenticationConverter the {@code AuthenticationConverter} to use
-	 * @since 5.5
-	 */
-	public void setAuthenticationConverter(AuthenticationConverter authenticationConverter) {
-		Assert.notNull(authenticationConverter, "authenticationConverter cannot be null");
-		this.authenticationConverter = authenticationConverter;
-	}
-
 }