GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '6.4.x' into 6.5.x 

Closes gh-17557
pull/17568/head
Joe Grandja 6 months ago
parent
72eb3065de 2a38de48b8
commit
ecec7cb98f
2 changed files with 42 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
  2. 26
      config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java

16
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
Unescape View File

@ -181,6 +181,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> @@ -181,6 +181,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
private OAuth2AuthorizedClientRepository authorizedClientRepository;
private SecurityContextRepository securityContextRepository;
/**
* Sets the repository of client registrations.
* @param clientRegistrationRepository the repository of client registrations
@ -234,6 +236,17 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> @@ -234,6 +236,17 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
return this;
}
/**
* Sets the {@link SecurityContextRepository} to use.
* @param securityContextRepository the {@link SecurityContextRepository} to use
* @return the {@link OAuth2LoginConfigurer} for further configuration
*/
@Override
public OAuth2LoginConfigurer<B> securityContextRepository(SecurityContextRepository securityContextRepository) {
this.securityContextRepository = securityContextRepository;
return this;
}
/**
* Sets the registry for managing the OIDC client-provider session link
* @param oidcSessionRegistry the {@link OidcSessionRegistry} to use
@ -354,6 +367,9 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> @@ -354,6 +367,9 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
RequestMatcher processUri = RequestMatcherFactory.matcher(this.loginProcessingUrl);
authenticationFilter.setRequiresAuthenticationRequestMatcher(processUri);
authenticationFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());
if (this.securityContextRepository != null) {
authenticationFilter.setSecurityContextRepository(this.securityContextRepository);
}
this.setAuthenticationFilter(authenticationFilter);
super.loginProcessingUrl(this.loginProcessingUrl);
if (this.loginPage != null) {

26
config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java
Unescape View File

@ -105,6 +105,7 @@ import org.springframework.security.web.SecurityFilterChain; @@ -105,6 +105,7 @@ import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
import org.springframework.security.web.context.HttpRequestResponseHolder;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.security.web.context.NullSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.session.HttpSessionDestroyedEvent;
import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
@ -114,6 +115,7 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon @@ -114,6 +115,7 @@ import org.springframework.web.context.support.AnnotationConfigWebApplicationCon
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatNoException;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.BDDMockito.given;
@ -729,6 +731,12 @@ public class OAuth2LoginConfigurerTests { @@ -729,6 +731,12 @@ public class OAuth2LoginConfigurerTests {
verify(this.context.getBean(SpyObjectPostProcessor.class).spy).authenticate(any());
}
// gh-16623
@Test
public void oauth2LoginWithCustomSecurityContextRepository() {
assertThatNoException().isThrownBy(() -> loadConfig(OAuth2LoginConfigSecurityContextRepository.class));
}
private void loadConfig(Class<?>... configs) {
AnnotationConfigWebApplicationContext applicationContext = new AnnotationConfigWebApplicationContext();
applicationContext.register(configs);
@ -977,6 +985,24 @@ public class OAuth2LoginConfigurerTests { @@ -977,6 +985,24 @@ public class OAuth2LoginConfigurerTests {
}
@Configuration
@EnableWebSecurity
static class OAuth2LoginConfigSecurityContextRepository extends CommonSecurityFilterChainConfig {
@Bean
SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// @formatter:off
http
.oauth2Login((login) -> login
.clientRegistrationRepository(
new InMemoryClientRegistrationRepository(GOOGLE_CLIENT_REGISTRATION))
.securityContextRepository(new NullSecurityContextRepository()));
// @formatter:on
return super.configureFilterChain(http);
}
}
@Configuration
@EnableWebSecurity
static class OAuth2LoginConfigCustomAuthorizationRequestResolver extends CommonSecurityFilterChainConfig {

Write Preview
Loading…
Cancel
Save