GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

OidcConfigurationProvider improve invalid issuer error 

Issue: gh-5355
pull/5365/head
Rob Winch 8 years ago
parent
18c8af8f0d
commit
db889973a8
2 changed files with 15 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      config/src/main/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProvider.java
  2. 6
      config/src/test/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProviderTests.java

11
config/src/main/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProvider.java
Unescape View File

@ -68,8 +68,7 @@ public final class OidcConfigurationProvider { @@ -68,8 +68,7 @@ public final class OidcConfigurationProvider {
* @return a {@link ClientRegistration.Builder} that was initialized by the OpenID Provider Configuration.
*/
public static ClientRegistration.Builder issuer(String issuer) {
RestTemplate rest = new RestTemplate();
String openidConfiguration = rest.getForObject(issuer + "/.well-known/openid-configuration", String.class);
String openidConfiguration = getOpenidConfiguration(issuer);
OIDCProviderMetadata metadata = parse(openidConfiguration);
String name = URI.create(issuer).getHost();
ClientAuthenticationMethod method = getClientAuthenticationMethod(issuer, metadata.getTokenEndpointAuthMethods());
@ -92,6 +91,14 @@ public final class OidcConfigurationProvider { @@ -92,6 +91,14 @@ public final class OidcConfigurationProvider {
.clientName(issuer);
}
private static String getOpenidConfiguration(String issuer) {
RestTemplate rest = new RestTemplate();
try {
return rest.getForObject(issuer + "/.well-known/openid-configuration", String.class);
} catch(RuntimeException e) {
throw new IllegalArgumentException("Unable to resolve the OpenID Configuration with the provided Issuer of \"" + issuer + "\"", e);
}
}
private static ClientAuthenticationMethod getClientAuthenticationMethod(String issuer, List<com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod> metadataAuthMethods) {
if (metadataAuthMethods == null || metadataAuthMethods.contains(com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod.CLIENT_SECRET_BASIC)) {

6
config/src/test/java/org/springframework/security/config/oauth2/client/oidc/OidcConfigurationProviderTests.java
Unescape View File

@ -202,6 +202,12 @@ public class OidcConfigurationProviderTests { @@ -202,6 +202,12 @@ public class OidcConfigurationProviderTests {
.hasMessageContaining("Only ClientAuthenticationMethod.BASIC and ClientAuthenticationMethod.POST are supported. The issuer \"" + this.issuer + "\" returned a configuration of [tls_client_auth]");
}
@Test
public void issuerWhenEmptyStringThenMeaningfulErrorMessage() {
assertThatThrownBy(() -> OidcConfigurationProvider.issuer(""))
.hasMessageContaining("Unable to resolve the OpenID Configuration with the provided Issuer of \"\"");
}
private ClientRegistration registration(String path) throws Exception {
String body = this.mapper.writeValueAsString(this.response);
MockResponse mockResponse = new MockResponse()

Write Preview
Loading…
Cancel
Save