Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-02-28 18:39:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add setRedirectStrategy to OidcClientInitiatedServerLogoutSuccessHandler

Browse Source 
Closes gh-16556

Signed-off-by: Max Batischev <mblancer@mail.ru>
This commit is contained in:
Max Batischev 2025-02-07 15:24:07 +03:00 committed by Steve Riesenberg
parent 0ccbd20f0a
commit 00cd95be76
2 changed files with 39 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/web/server/logout/OidcClientInitiatedServerLogoutSuccessHandler.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -51,7 +51,7 @@ import org.springframework.web.util.UriComponentsBuilder;
*/
public class OidcClientInitiatedServerLogoutSuccessHandler implements ServerLogoutSuccessHandler {
private final ServerRedirectStrategy redirectStrategy = new DefaultServerRedirectStrategy();
private ServerRedirectStrategy redirectStrategy = new DefaultServerRedirectStrategy();
private final RedirectServerLogoutSuccessHandler serverLogoutSuccessHandler = new RedirectServerLogoutSuccessHandler();
@ -199,6 +199,17 @@ public class OidcClientInitiatedServerLogoutSuccessHandler implements ServerLogo
this.redirectUriResolver = redirectUriResolver;
}
/**
* Set the {@link ServerRedirectStrategy} to use, default
* {@link DefaultServerRedirectStrategy}
* @param redirectStrategy {@link ServerRedirectStrategy}
* @since 6.5
*/
public void setRedirectStrategy(ServerRedirectStrategy redirectStrategy) {
Assert.notNull(redirectStrategy, "redirectStrategy cannot be null");
this.redirectStrategy = redirectStrategy;
}
/**
* Parameters, required for redirect URI resolving.
*

27
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/web/server/logout/OidcClientInitiatedServerLogoutSuccessHandlerTests.java
View File

@ -1,5 +1,5 @@
/*
* Copyright 2002-2024 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -37,14 +37,18 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
import org.springframework.security.oauth2.core.oidc.user.TestOidcUsers;
import org.springframework.security.oauth2.core.user.TestOAuth2Users;
import org.springframework.security.web.server.ServerRedirectStrategy;
import org.springframework.security.web.server.WebFilterExchange;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilterChain;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
/**
* Tests for {@link OidcClientInitiatedServerLogoutSuccessHandler}
@ -219,6 +223,27 @@ public class OidcClientInitiatedServerLogoutSuccessHandlerTests {
assertThat(redirectedUrl(this.exchange)).isEqualTo("https://test.com");
}
@Test
public void setRedirectStrategyWhenGivenNullThenThrowsException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setRedirectStrategy(null));
}
@Test
public void logoutWhenCustomRedirectStrategySetThenCustomRedirectStrategyUse() {
ServerRedirectStrategy redirectStrategy = mock(ServerRedirectStrategy.class);
given(redirectStrategy.sendRedirect(any(), any())).willReturn(Mono.empty());
OAuth2AuthenticationToken token = new OAuth2AuthenticationToken(TestOidcUsers.create(),
AuthorityUtils.NO_AUTHORITIES, this.registration.getRegistrationId());
WebFilterExchange filterExchange = new WebFilterExchange(this.exchange, this.chain);
given(this.exchange.getRequest())
.willReturn(MockServerHttpRequest.get("/").queryParam("location", "https://test.com").build());
this.handler.setRedirectStrategy(redirectStrategy);
this.handler.onLogoutSuccess(filterExchange, token).block();
verify(redirectStrategy, times(1)).sendRedirect(any(), any());
}
private String redirectedUrl(ServerWebExchange exchange) {
return exchange.getResponse().getHeaders().getFirst("Location");
}