Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-09 06:50:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

UserInfoRetriever.retrieve accepts the type to convert

Browse Source 
Fixes gh-4688
This commit is contained in:
Rob Winch 2017-10-24 15:11:18 -05:00
parent 4dbbcabacf
commit 1bd826897f
5 changed files with 8 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/CustomUserTypesOAuth2UserService.java
View File

@ -60,21 +60,7 @@ public class CustomUserTypesOAuth2UserService implements OAuth2UserService {
return null; return null;
} }
OAuth2User customUser; return this.userInfoRetriever.retrieve(clientAuthentication, customUserType);
try {
customUser = customUserType.newInstance();
} catch (ReflectiveOperationException ex) {
throw new IllegalArgumentException("An error occurred while attempting to instantiate the custom OAuth2User \"" +
customUserType.getName() + "\": " + ex.getMessage(), ex);
}
Map<String, Object> userAttributes = this.userInfoRetriever.retrieve(clientAuthentication);
BeanWrapper wrapper = PropertyAccessorFactory.forBeanPropertyAccess(customUser);
wrapper.setAutoGrowNestedPaths(true);
wrapper.setPropertyValues(userAttributes);
return customUser;
} }
public final void setUserInfoRetriever(UserInfoRetriever userInfoRetriever) { public final void setUserInfoRetriever(UserInfoRetriever userInfoRetriever) {

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/DefaultOAuth2UserService.java
View File

@ -60,7 +60,7 @@ public class DefaultOAuth2UserService implements OAuth2UserService {
clientAuthentication.getClientRegistration().getRegistrationId()); clientAuthentication.getClientRegistration().getRegistrationId());
} }
Map<String, Object> userAttributes = this.userInfoRetriever.retrieve(clientAuthentication); Map<String, Object> userAttributes = this.userInfoRetriever.retrieve(clientAuthentication, Map.class);
GrantedAuthority authority = new OAuth2UserAuthority(userAttributes); GrantedAuthority authority = new OAuth2UserAuthority(userAttributes);
Set<GrantedAuthority> authorities = new HashSet<>(); Set<GrantedAuthority> authorities = new HashSet<>();
authorities.add(authority); authorities.add(authority);

4
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/NimbusUserInfoRetriever.java
View File

@ -52,7 +52,7 @@ public class NimbusUserInfoRetriever implements UserInfoRetriever {
private final HttpMessageConverter jackson2HttpMessageConverter = new MappingJackson2HttpMessageConverter(); private final HttpMessageConverter jackson2HttpMessageConverter = new MappingJackson2HttpMessageConverter();
@Override @Override
public Map<String, Object> retrieve(OAuth2ClientAuthenticationToken clientAuthentication) throws OAuth2AuthenticationException { public <T> T retrieve(OAuth2ClientAuthenticationToken clientAuthentication, Class<T> returnType) throws OAuth2AuthenticationException {
URI userInfoUri = URI.create(clientAuthentication.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri()); URI userInfoUri = URI.create(clientAuthentication.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri());
BearerAccessToken accessToken = new BearerAccessToken(clientAuthentication.getAccessToken().getTokenValue()); BearerAccessToken accessToken = new BearerAccessToken(clientAuthentication.getAccessToken().getTokenValue());
@ -98,7 +98,7 @@ public class NimbusUserInfoRetriever implements UserInfoRetriever {
} }
try { try {
return (Map<String, Object>) this.jackson2HttpMessageConverter.read(Map.class, new NimbusClientHttpResponse(httpResponse)); return (T) this.jackson2HttpMessageConverter.read(returnType, new NimbusClientHttpResponse(httpResponse));
} catch (IOException ex) { } catch (IOException ex) {
OAuth2Error oauth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, OAuth2Error oauth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE,
"An error occurred reading the UserInfo Success response: " + ex.getMessage(), null); "An error occurred reading the UserInfo Success response: " + ex.getMessage(), null);

6
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/UserInfoRetriever.java
View File

@ -15,23 +15,23 @@
*/ */
package org.springframework.security.oauth2.client.authentication.userinfo; package org.springframework.security.oauth2.client.authentication.userinfo;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationException; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationException;
import org.springframework.security.oauth2.client.authentication.OAuth2ClientAuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2ClientAuthenticationToken;
import java.util.Map;
/** /**
* A strategy for retrieving the user attributes * A strategy for retrieving the user attributes
* of the <i>End-User</i> (resource owner) from the <i>UserInfo Endpoint</i> * of the <i>End-User</i> (resource owner) from the <i>UserInfo Endpoint</i>
* using the provided {@link OAuth2ClientAuthenticationToken#getAccessToken()}. * using the provided {@link OAuth2ClientAuthenticationToken#getAccessToken()}.
* *
* @author Joe Grandja * @author Joe Grandja
* @author Rob Winch
* @since 5.0 * @since 5.0
* @see OAuth2ClientAuthenticationToken * @see OAuth2ClientAuthenticationToken
* @see OAuth2UserService * @see OAuth2UserService
*/ */
public interface UserInfoRetriever { public interface UserInfoRetriever {
Map<String, Object> retrieve(OAuth2ClientAuthenticationToken clientAuthentication) throws OAuth2AuthenticationException; <T> T retrieve(OAuth2ClientAuthenticationToken clientAuthentication, Class<T> responseType) throws OAuth2AuthenticationException;
} }

2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/oidc/client/authentication/userinfo/OidcUserService.java
View File

@ -64,7 +64,7 @@ public class OidcUserService implements OAuth2UserService {
UserInfo userInfo = null; UserInfo userInfo = null;
if (this.shouldRetrieveUserInfo(oidcClientAuthentication)) { if (this.shouldRetrieveUserInfo(oidcClientAuthentication)) {
Map<String, Object> userAttributes = this.userInfoRetriever.retrieve(oidcClientAuthentication); Map<String, Object> userAttributes = this.userInfoRetriever.retrieve(oidcClientAuthentication, Map.class);
userInfo = new UserInfo(userAttributes); userInfo = new UserInfo(userAttributes);
// http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse // http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse