GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Remove AuthorizationCodeRequestRedirectFilter. setAuthorizationRequestMatcher

pull/4623/head
Joe Grandja 9 years ago
parent
6b16fa0d8c
commit
efa4bf409c
3 changed files with 22 additions and 42 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeGrantConfigurer.java
  2. 28
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
  3. 19
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java

17
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeGrantConfigurer.java
Unescape View File

@ -65,7 +65,7 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
// ***** Authorization Request members // ***** Authorization Request members
private AuthorizationCodeRequestRedirectFilter authorizationRequestFilter; private AuthorizationCodeRequestRedirectFilter authorizationRequestFilter;
private RequestMatcher authorizationRequestMatcher; private String authorizationRequestBaseUri = AuthorizationCodeRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
private AuthorizationRequestUriBuilder authorizationRequestBuilder; private AuthorizationRequestUriBuilder authorizationRequestBuilder;
private AuthorizationRequestRepository authorizationRequestRepository; private AuthorizationRequestRepository authorizationRequestRepository;
@ -80,9 +80,9 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
private Map<URI, Class<? extends OAuth2User>> customUserTypes = new HashMap<>(); private Map<URI, Class<? extends OAuth2User>> customUserTypes = new HashMap<>();
private GrantedAuthoritiesMapper userAuthoritiesMapper; private GrantedAuthoritiesMapper userAuthoritiesMapper;
public AuthorizationCodeGrantConfigurer<B> authorizationRequestMatcher(RequestMatcher authorizationRequestMatcher) { public AuthorizationCodeGrantConfigurer<B> authorizationRequestBaseUri(String authorizationRequestBaseUri) {
Assert.notNull(authorizationRequestMatcher, "authorizationRequestMatcher cannot be null"); Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");
this.authorizationRequestMatcher = authorizationRequestMatcher; this.authorizationRequestBaseUri = authorizationRequestBaseUri;
return this; return this;
} }
@ -183,10 +183,7 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
// //
// -> AuthorizationCodeRequestRedirectFilter // -> AuthorizationCodeRequestRedirectFilter
this.authorizationRequestFilter = new AuthorizationCodeRequestRedirectFilter( this.authorizationRequestFilter = new AuthorizationCodeRequestRedirectFilter(
this.getClientRegistrationRepository()); this.authorizationRequestBaseUri, this.getClientRegistrationRepository());
if (this.authorizationRequestMatcher != null) {
this.authorizationRequestFilter.setAuthorizationRequestMatcher(this.authorizationRequestMatcher);
}
if (this.authorizationRequestBuilder != null) { if (this.authorizationRequestBuilder != null) {
this.authorizationRequestFilter.setAuthorizationUriBuilder(this.authorizationRequestBuilder); this.authorizationRequestFilter.setAuthorizationUriBuilder(this.authorizationRequestBuilder);
} }
@ -221,8 +218,8 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
return this.authorizationRequestFilter; return this.authorizationRequestFilter;
} }
RequestMatcher getAuthorizationRequestMatcher() { String getAuthorizationRequestBaseUri() {
return this.authorizationRequestMatcher; return this.authorizationRequestBaseUri;
} }
AuthorizationCodeAuthenticationFilter getAuthorizationResponseFilter() { AuthorizationCodeAuthenticationFilter getAuthorizationResponseFilter() {

28
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
Unescape View File

@ -28,14 +28,12 @@ import org.springframework.security.oauth2.client.registration.InMemoryClientReg
import org.springframework.security.oauth2.client.token.SecurityTokenRepository; import org.springframework.security.oauth2.client.token.SecurityTokenRepository;
import org.springframework.security.oauth2.client.user.OAuth2UserService; import org.springframework.security.oauth2.client.user.OAuth2UserService;
import org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter; import org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter;
import org.springframework.security.oauth2.client.web.AuthorizationCodeRequestRedirectFilter;
import org.springframework.security.oauth2.client.web.AuthorizationGrantTokenExchanger; import org.springframework.security.oauth2.client.web.AuthorizationGrantTokenExchanger;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository; import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
import org.springframework.security.oauth2.client.web.AuthorizationRequestUriBuilder; import org.springframework.security.oauth2.client.web.AuthorizationRequestUriBuilder;
import org.springframework.security.oauth2.core.AccessToken; import org.springframework.security.oauth2.core.AccessToken;
import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -44,8 +42,6 @@ import java.util.Arrays;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import static org.springframework.security.oauth2.client.web.AuthorizationCodeRequestRedirectFilter.REGISTRATION_ID_URI_VARIABLE_NAME;
/** /**
* A security configurer for OAuth 2.0 / OpenID Connect 1.0 login. * A security configurer for OAuth 2.0 / OpenID Connect 1.0 login.
* *
@ -85,9 +81,9 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
private AuthorizationEndpointConfig() { private AuthorizationEndpointConfig() {
} }
public AuthorizationEndpointConfig requestMatcher(RequestMatcher authorizationRequestMatcher) { public AuthorizationEndpointConfig baseUri(String authorizationRequestBaseUri) {
Assert.notNull(authorizationRequestMatcher, "authorizationRequestMatcher cannot be null"); Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");
authorizationCodeGrantConfigurer.authorizationRequestMatcher(authorizationRequestMatcher); authorizationCodeGrantConfigurer.authorizationRequestBaseUri(authorizationRequestBaseUri);
return this; return this;
} }
@ -247,24 +243,10 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
return; return;
} }
String authorizationRequestBaseUri;
RequestMatcher authorizationRequestMatcher = authorizationCodeGrantConfigurer.getAuthorizationRequestMatcher();
if (authorizationRequestMatcher != null && AntPathRequestMatcher.class.isAssignableFrom(authorizationRequestMatcher.getClass())) {
String authorizationRequestPattern = ((AntPathRequestMatcher)authorizationRequestMatcher).getPattern();
String registrationIdTemplateVariable = "{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}";
if (authorizationRequestPattern.endsWith(registrationIdTemplateVariable)) {
authorizationRequestBaseUri = authorizationRequestPattern.substring(
0, authorizationRequestPattern.length() - registrationIdTemplateVariable.length() - 1);
} else {
authorizationRequestBaseUri = authorizationRequestPattern;
}
} else {
authorizationRequestBaseUri = AuthorizationCodeRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
}
Map<String, String> authenticationUrlToClientName = new HashMap<>(); Map<String, String> authenticationUrlToClientName = new HashMap<>();
clientRegistrations.forEach(registration -> authenticationUrlToClientName.put( clientRegistrations.forEach(registration -> authenticationUrlToClientName.put(
authorizationRequestBaseUri + "/" + registration.getRegistrationId(), registration.getClientName())); authorizationCodeGrantConfigurer.getAuthorizationRequestBaseUri() + "/" + registration.getRegistrationId(),
registration.getClientName()));
loginPageGeneratingFilter.setOauth2LoginEnabled(true); loginPageGeneratingFilter.setOauth2LoginEnabled(true);
loginPageGeneratingFilter.setOauth2AuthenticationUrlToClientName(authenticationUrlToClientName); loginPageGeneratingFilter.setOauth2AuthenticationUrlToClientName(authenticationUrlToClientName);
loginPageGeneratingFilter.setLoginPageUrl(this.getLoginPage()); loginPageGeneratingFilter.setLoginPageUrl(this.getLoginPage());

19
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java
Unescape View File

@ -64,8 +64,7 @@ import java.util.Map;
public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter { public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter {
public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization/code"; public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization/code";
public static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId"; public static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
public static final String DEFAULT_AUTHORIZATION_REQUEST_URI = DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}"; private final RequestMatcher authorizationRequestMatcher;
private RequestMatcher authorizationRequestMatcher = new AntPathRequestMatcher(DEFAULT_AUTHORIZATION_REQUEST_URI);
private final ClientRegistrationRepository clientRegistrationRepository; private final ClientRegistrationRepository clientRegistrationRepository;
private AuthorizationRequestUriBuilder authorizationUriBuilder = new DefaultAuthorizationRequestUriBuilder(); private AuthorizationRequestUriBuilder authorizationUriBuilder = new DefaultAuthorizationRequestUriBuilder();
private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy(); private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();
@ -73,15 +72,17 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository(); private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) { public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) {
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); this(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI, clientRegistrationRepository);
this.clientRegistrationRepository = clientRegistrationRepository;
} }
public final void setAuthorizationRequestMatcher(RequestMatcher authorizationRequestMatcher) { public AuthorizationCodeRequestRedirectFilter(
Assert.notNull(authorizationRequestMatcher, "authorizationRequestMatcher cannot be null"); String authorizationRequestBaseUri, ClientRegistrationRepository clientRegistrationRepository) {
Assert.isInstanceOf(RequestVariablesExtractor.class, authorizationRequestMatcher,
"authorizationRequestMatcher must also be a " + RequestVariablesExtractor.class.getName()); Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");
this.authorizationRequestMatcher = authorizationRequestMatcher; Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
this.authorizationRequestMatcher = new AntPathRequestMatcher(
authorizationRequestBaseUri + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}");
this.clientRegistrationRepository = clientRegistrationRepository;
} }
public final void setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder) { public final void setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder) {

Write Preview
Loading…
Cancel
Save