GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish Error Messages for OpaqueTokenIntrospectors

pull/7953/head
Josh Cummings 6 years ago
parent
6c310213a8
commit
c4ccc96655
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
5 changed files with 6 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
  2. 4
      oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java
  3. 2
      oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java
  4. 2
      oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java
  5. 2
      oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java

2
config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
Unescape View File

@ -1127,7 +1127,7 @@ public class OAuth2ResourceServerConfigurerTests {
.with(bearerToken("token"))) .with(bearerToken("token")))
.andExpect(status().isUnauthorized()) .andExpect(status().isUnauthorized())
.andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE,
containsString("Provided token [token] isn't active"))); containsString("Provided token isn't active")));
} }
@Test @Test

4
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java
Unescape View File

@ -133,7 +133,7 @@ public class NimbusOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
public OAuth2AuthenticatedPrincipal introspect(String token) { public OAuth2AuthenticatedPrincipal introspect(String token) {
RequestEntity<?> requestEntity = this.requestEntityConverter.convert(token); RequestEntity<?> requestEntity = this.requestEntityConverter.convert(token);
if (requestEntity == null) { if (requestEntity == null) {
throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); throw new OAuth2IntrospectionException("requestEntityConverter returned a null entity");
} }
ResponseEntity<String> responseEntity = makeRequest(requestEntity); ResponseEntity<String> responseEntity = makeRequest(requestEntity);
@ -143,7 +143,7 @@ public class NimbusOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
// relying solely on the authorization server to validate this token (not checking 'exp', for example) // relying solely on the authorization server to validate this token (not checking 'exp', for example)
if (!introspectionSuccessResponse.isActive()) { if (!introspectionSuccessResponse.isActive()) {
throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); throw new OAuth2IntrospectionException("Provided token isn't active");
} }
return convertClaimsSet(introspectionSuccessResponse); return convertClaimsSet(introspectionSuccessResponse);

2
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java
Unescape View File

@ -154,7 +154,7 @@ public class NimbusReactiveOpaqueTokenIntrospector implements ReactiveOpaqueToke
private void validate(String token, TokenIntrospectionSuccessResponse response) { private void validate(String token, TokenIntrospectionSuccessResponse response) {
// relying solely on the authorization server to validate this token (not checking 'exp', for example) // relying solely on the authorization server to validate this token (not checking 'exp', for example)
if (!response.isActive()) { if (!response.isActive()) {
throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); throw new OAuth2IntrospectionException("Provided token isn't active");
} }
} }

2
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java
Unescape View File

@ -168,7 +168,7 @@ public class NimbusOpaqueTokenIntrospectorTests {
assertThatCode(() -> introspectionClient.introspect("token")) assertThatCode(() -> introspectionClient.introspect("token"))
.isInstanceOf(OAuth2IntrospectionException.class) .isInstanceOf(OAuth2IntrospectionException.class)
.extracting("message") .extracting("message")
.containsExactly("Provided token [token] isn't active"); .containsExactly("Provided token isn't active");
} }
@Test @Test

2
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java
Unescape View File

@ -142,7 +142,7 @@ public class NimbusReactiveOpaqueTokenIntrospectorTests {
assertThatCode(() -> introspectionClient.introspect("token").block()) assertThatCode(() -> introspectionClient.introspect("token").block())
.isInstanceOf(OAuth2IntrospectionException.class) .isInstanceOf(OAuth2IntrospectionException.class)
.extracting("message") .extracting("message")
.containsExactly("Provided token [token] isn't active"); .containsExactly("Provided token isn't active");
} }
@Test @Test

Write Preview
Loading…
Cancel
Save