Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-01 16:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish gh-16133

Browse Source
This commit is contained in:
Steve Riesenberg 2024-11-20 13:56:26 -06:00
parent 73f3f75712
commit 0eb6acde96
No known key found for this signature in database
GPG Key ID: 3D0169B18AB8F0A9
3 changed files with 82 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryReactiveOAuth2AuthorizedClientService.java
View File

@ -68,12 +68,8 @@ public final class InMemoryReactiveOAuth2AuthorizedClientService implements Reac
if (cachedAuthorizedClient == null) { if (cachedAuthorizedClient == null) {
return null; return null;
} }
// @formatter:off return new OAuth2AuthorizedClient(clientRegistration, cachedAuthorizedClient.getPrincipalName(),
return new OAuth2AuthorizedClient(clientRegistration, cachedAuthorizedClient.getAccessToken(), cachedAuthorizedClient.getRefreshToken());
cachedAuthorizedClient.getPrincipalName(),
cachedAuthorizedClient.getAccessToken(),
cachedAuthorizedClient.getRefreshToken());
// @formatter:on
}); });
} }

94
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java
View File

@ -18,15 +18,18 @@ package org.springframework.security.oauth2.client;
import java.util.Collections; import java.util.Collections;
import java.util.Map; import java.util.Map;
import java.util.function.Consumer;
import org.junit.jupiter.api.Test; import org.junit.jupiter.api.Test;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.TestClientRegistrations; import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
@ -126,7 +129,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
this.authorizedClientService.saveAuthorizedClient(authorizedClient, authentication); this.authorizedClientService.saveAuthorizedClient(authorizedClient, authentication);
OAuth2AuthorizedClient loadedAuthorizedClient = this.authorizedClientService OAuth2AuthorizedClient loadedAuthorizedClient = this.authorizedClientService
.loadAuthorizedClient(this.registration1.getRegistrationId(), this.principalName1); .loadAuthorizedClient(this.registration1.getRegistrationId(), this.principalName1);
assertAuthorizedClientEquals(authorizedClient, loadedAuthorizedClient); assertThat(loadedAuthorizedClient).satisfies(isEqualTo(authorizedClient));
} }
@Test @Test
@ -134,27 +137,27 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
ClientRegistration updatedRegistration = ClientRegistration.withClientRegistration(this.registration1) ClientRegistration updatedRegistration = ClientRegistration.withClientRegistration(this.registration1)
.clientSecret("updated secret") .clientSecret("updated secret")
.build(); .build();
ClientRegistrationRepository repository = mock(ClientRegistrationRepository.class);
given(repository.findByRegistrationId(this.registration1.getRegistrationId())).willReturn(this.registration1,
updatedRegistration);
Authentication authentication = mock(Authentication.class); ClientRegistrationRepository clientRegistrationRepository = mock(ClientRegistrationRepository.class);
given(authentication.getName()).willReturn(this.principalName1); given(clientRegistrationRepository.findByRegistrationId(this.registration1.getRegistrationId()))
.willReturn(this.registration1, updatedRegistration);
InMemoryOAuth2AuthorizedClientService service = new InMemoryOAuth2AuthorizedClientService(repository); InMemoryOAuth2AuthorizedClientService authorizedClientService = new InMemoryOAuth2AuthorizedClientService(
clientRegistrationRepository);
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.registration1, this.principalName1, OAuth2AuthorizedClient cachedAuthorizedClient = new OAuth2AuthorizedClient(this.registration1,
mock(OAuth2AccessToken.class)); this.principalName1, mock(OAuth2AccessToken.class), mock(OAuth2RefreshToken.class));
service.saveAuthorizedClient(authorizedClient, authentication); authorizedClientService.saveAuthorizedClient(cachedAuthorizedClient,
new TestingAuthenticationToken(this.principalName1, null));
OAuth2AuthorizedClient authorizedClientWithUpdatedRegistration = new OAuth2AuthorizedClient(updatedRegistration, OAuth2AuthorizedClient authorizedClientWithUpdatedRegistration = new OAuth2AuthorizedClient(updatedRegistration,
this.principalName1, mock(OAuth2AccessToken.class)); this.principalName1, mock(OAuth2AccessToken.class), mock(OAuth2RefreshToken.class));
OAuth2AuthorizedClient firstLoadedClient = service.loadAuthorizedClient(this.registration1.getRegistrationId(), OAuth2AuthorizedClient firstLoadedClient = authorizedClientService
this.principalName1); .loadAuthorizedClient(this.registration1.getRegistrationId(), this.principalName1);
OAuth2AuthorizedClient secondLoadedClient = service.loadAuthorizedClient(this.registration1.getRegistrationId(), OAuth2AuthorizedClient secondLoadedClient = authorizedClientService
this.principalName1); .loadAuthorizedClient(this.registration1.getRegistrationId(), this.principalName1);
assertAuthorizedClientEquals(authorizedClient, firstLoadedClient); assertThat(firstLoadedClient).satisfies(isEqualTo(cachedAuthorizedClient));
assertAuthorizedClientEquals(authorizedClientWithUpdatedRegistration, secondLoadedClient); assertThat(secondLoadedClient).satisfies(isEqualTo(authorizedClientWithUpdatedRegistration));
} }
@Test @Test
@ -178,7 +181,7 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
this.authorizedClientService.saveAuthorizedClient(authorizedClient, authentication); this.authorizedClientService.saveAuthorizedClient(authorizedClient, authentication);
OAuth2AuthorizedClient loadedAuthorizedClient = this.authorizedClientService OAuth2AuthorizedClient loadedAuthorizedClient = this.authorizedClientService
.loadAuthorizedClient(this.registration3.getRegistrationId(), this.principalName2); .loadAuthorizedClient(this.registration3.getRegistrationId(), this.principalName2);
assertAuthorizedClientEquals(authorizedClient, loadedAuthorizedClient); assertThat(loadedAuthorizedClient).satisfies(isEqualTo(authorizedClient));
} }
@Test @Test
@ -210,29 +213,38 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
assertThat(loadedAuthorizedClient).isNull(); assertThat(loadedAuthorizedClient).isNull();
} }
private static void assertAuthorizedClientEquals(OAuth2AuthorizedClient expected, OAuth2AuthorizedClient actual) { private static Consumer<OAuth2AuthorizedClient> isEqualTo(OAuth2AuthorizedClient expected) {
assertThat(actual).isNotNull(); return (actual) -> {
assertThat(actual.getClientRegistration().getRegistrationId()) assertThat(actual).isNotNull();
.isEqualTo(expected.getClientRegistration().getRegistrationId()); assertThat(actual.getClientRegistration().getRegistrationId())
assertThat(actual.getClientRegistration().getClientName()) .isEqualTo(expected.getClientRegistration().getRegistrationId());
.isEqualTo(expected.getClientRegistration().getClientName()); assertThat(actual.getClientRegistration().getClientName())
assertThat(actual.getClientRegistration().getRedirectUri()) .isEqualTo(expected.getClientRegistration().getClientName());
.isEqualTo(expected.getClientRegistration().getRedirectUri()); assertThat(actual.getClientRegistration().getRedirectUri())
assertThat(actual.getClientRegistration().getAuthorizationGrantType()) .isEqualTo(expected.getClientRegistration().getRedirectUri());
.isEqualTo(expected.getClientRegistration().getAuthorizationGrantType()); assertThat(actual.getClientRegistration().getAuthorizationGrantType())
assertThat(actual.getClientRegistration().getClientAuthenticationMethod()) .isEqualTo(expected.getClientRegistration().getAuthorizationGrantType());
.isEqualTo(expected.getClientRegistration().getClientAuthenticationMethod()); assertThat(actual.getClientRegistration().getClientAuthenticationMethod())
assertThat(actual.getClientRegistration().getClientId()) .isEqualTo(expected.getClientRegistration().getClientAuthenticationMethod());
.isEqualTo(expected.getClientRegistration().getClientId()); assertThat(actual.getClientRegistration().getClientId())
assertThat(actual.getClientRegistration().getClientSecret()) .isEqualTo(expected.getClientRegistration().getClientId());
.isEqualTo(expected.getClientRegistration().getClientSecret()); assertThat(actual.getClientRegistration().getClientSecret())
assertThat(actual.getPrincipalName()).isEqualTo(expected.getPrincipalName()); .isEqualTo(expected.getClientRegistration().getClientSecret());
assertThat(actual.getAccessToken().getTokenType()).isEqualTo(expected.getAccessToken().getTokenType()); assertThat(actual.getPrincipalName()).isEqualTo(expected.getPrincipalName());
assertThat(actual.getAccessToken().getTokenValue()).isEqualTo(expected.getAccessToken().getTokenValue()); assertThat(actual.getAccessToken().getTokenType()).isEqualTo(expected.getAccessToken().getTokenType());
assertThat(actual.getAccessToken().getIssuedAt()).isEqualTo(expected.getAccessToken().getIssuedAt()); assertThat(actual.getAccessToken().getTokenValue()).isEqualTo(expected.getAccessToken().getTokenValue());
assertThat(actual.getAccessToken().getExpiresAt()).isEqualTo(expected.getAccessToken().getExpiresAt()); assertThat(actual.getAccessToken().getIssuedAt()).isEqualTo(expected.getAccessToken().getIssuedAt());
assertThat(actual.getAccessToken().getScopes()).isEqualTo(expected.getAccessToken().getScopes()); assertThat(actual.getAccessToken().getExpiresAt()).isEqualTo(expected.getAccessToken().getExpiresAt());
assertThat(actual.getRefreshToken()).isEqualTo(expected.getRefreshToken()); assertThat(actual.getAccessToken().getScopes()).isEqualTo(expected.getAccessToken().getScopes());
if (expected.getRefreshToken() != null) {
assertThat(actual.getRefreshToken()).isNotNull();
assertThat(actual.getRefreshToken().getTokenValue())
.isEqualTo(expected.getRefreshToken().getTokenValue());
assertThat(actual.getRefreshToken().getIssuedAt()).isEqualTo(expected.getRefreshToken().getIssuedAt());
assertThat(actual.getRefreshToken().getExpiresAt())
.isEqualTo(expected.getRefreshToken().getExpiresAt());
}
};
} }
} }

40
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryReactiveOAuth2AuthorizedClientServiceTests.java
View File

@ -36,6 +36,7 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
@ -59,8 +60,9 @@ public class InMemoryReactiveOAuth2AuthorizedClientServiceTests {
private Authentication principal = new TestingAuthenticationToken(this.principalName, "notused"); private Authentication principal = new TestingAuthenticationToken(this.principalName, "notused");
OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "token", Instant.now(), private OAuth2AccessToken accessToken;
Instant.now().plus(Duration.ofDays(1)));
private OAuth2RefreshToken refreshToken;
// @formatter:off // @formatter:off
private ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(this.clientRegistrationId) private ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(this.clientRegistrationId)
@ -82,6 +84,11 @@ public class InMemoryReactiveOAuth2AuthorizedClientServiceTests {
public void setup() { public void setup() {
this.authorizedClientService = new InMemoryReactiveOAuth2AuthorizedClientService( this.authorizedClientService = new InMemoryReactiveOAuth2AuthorizedClientService(
this.clientRegistrationRepository); this.clientRegistrationRepository);
Instant issuedAt = Instant.now();
Instant expiresAt = issuedAt.plus(Duration.ofDays(1));
this.accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "token", issuedAt, expiresAt);
this.refreshToken = new OAuth2RefreshToken("refresh", issuedAt, expiresAt);
} }
@Test @Test
@ -163,26 +170,26 @@ public class InMemoryReactiveOAuth2AuthorizedClientServiceTests {
@Test @Test
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
public void loadAuthorizedClientWhenClientRegistrationChangedThenCurrentVersionFound() { public void loadAuthorizedClientWhenClientRegistrationIsUpdatedThenReturnsAuthorizedClientWithUpdatedClientRegistration() {
ClientRegistration changedClientRegistration = ClientRegistration ClientRegistration updatedRegistration = ClientRegistration.withClientRegistration(this.clientRegistration)
.withClientRegistration(this.clientRegistration)
.clientSecret("updated secret") .clientSecret("updated secret")
.build(); .build();
given(this.clientRegistrationRepository.findByRegistrationId(this.clientRegistrationId)) given(this.clientRegistrationRepository.findByRegistrationId(this.clientRegistrationId))
.willReturn(Mono.just(this.clientRegistration), Mono.just(changedClientRegistration)); .willReturn(Mono.just(this.clientRegistration), Mono.just(updatedRegistration));
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(this.clientRegistration,
this.principalName, this.accessToken); OAuth2AuthorizedClient cachedAuthorizedClient = new OAuth2AuthorizedClient(this.clientRegistration,
OAuth2AuthorizedClient authorizedClientWithChangedRegistration = new OAuth2AuthorizedClient( this.principalName, this.accessToken, this.refreshToken);
changedClientRegistration, this.principalName, this.accessToken); OAuth2AuthorizedClient authorizedClientWithChangedRegistration = new OAuth2AuthorizedClient(updatedRegistration,
this.principalName, this.accessToken, this.refreshToken);
Flux<OAuth2AuthorizedClient> saveAndLoadTwice = this.authorizedClientService Flux<OAuth2AuthorizedClient> saveAndLoadTwice = this.authorizedClientService
.saveAuthorizedClient(authorizedClient, this.principal) .saveAuthorizedClient(cachedAuthorizedClient, this.principal)
.then(this.authorizedClientService.loadAuthorizedClient(this.clientRegistrationId, this.principalName)) .then(this.authorizedClientService.loadAuthorizedClient(this.clientRegistrationId, this.principalName))
.concatWith( .concatWith(
this.authorizedClientService.loadAuthorizedClient(this.clientRegistrationId, this.principalName)); this.authorizedClientService.loadAuthorizedClient(this.clientRegistrationId, this.principalName));
StepVerifier.create(saveAndLoadTwice) StepVerifier.create(saveAndLoadTwice)
.assertNext(isEqualTo(authorizedClient)) .assertNext(isEqualTo(cachedAuthorizedClient))
.assertNext(isEqualTo(authorizedClientWithChangedRegistration)) .assertNext(isEqualTo(authorizedClientWithChangedRegistration))
.verifyComplete(); .verifyComplete();
} }
@ -298,7 +305,14 @@ public class InMemoryReactiveOAuth2AuthorizedClientServiceTests {
assertThat(actual.getAccessToken().getIssuedAt()).isEqualTo(expected.getAccessToken().getIssuedAt()); assertThat(actual.getAccessToken().getIssuedAt()).isEqualTo(expected.getAccessToken().getIssuedAt());
assertThat(actual.getAccessToken().getExpiresAt()).isEqualTo(expected.getAccessToken().getExpiresAt()); assertThat(actual.getAccessToken().getExpiresAt()).isEqualTo(expected.getAccessToken().getExpiresAt());
assertThat(actual.getAccessToken().getScopes()).isEqualTo(expected.getAccessToken().getScopes()); assertThat(actual.getAccessToken().getScopes()).isEqualTo(expected.getAccessToken().getScopes());
assertThat(actual.getRefreshToken()).isEqualTo(expected.getRefreshToken()); if (expected.getRefreshToken() != null) {
assertThat(actual.getRefreshToken()).isNotNull();
assertThat(actual.getRefreshToken().getTokenValue())
.isEqualTo(expected.getRefreshToken().getTokenValue());
assertThat(actual.getRefreshToken().getIssuedAt()).isEqualTo(expected.getRefreshToken().getIssuedAt());
assertThat(actual.getRefreshToken().getExpiresAt())
.isEqualTo(expected.getRefreshToken().getExpiresAt());
}
}; };
} }