Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish #5994

This commit is contained in:
Joe Grandja 2019-07-08 11:56:46 -04:00
parent 9432670f1d
commit 23d61d43e5
5 changed files with 86 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientService.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2002-2019 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,12 +32,13 @@ import java.util.concurrent.ConcurrentHashMap;
* @since 5.0 * @since 5.0
* @see OAuth2AuthorizedClientService * @see OAuth2AuthorizedClientService
* @see OAuth2AuthorizedClient * @see OAuth2AuthorizedClient
* @see OAuth2AuthorizedClientId
* @see ClientRegistration * @see ClientRegistration
* @see Authentication * @see Authentication
*/ */
public final class InMemoryOAuth2AuthorizedClientService implements OAuth2AuthorizedClientService { public final class InMemoryOAuth2AuthorizedClientService implements OAuth2AuthorizedClientService {
private final Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients;
private final ClientRegistrationRepository clientRegistrationRepository; private final ClientRegistrationRepository clientRegistrationRepository;
private Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients = new ConcurrentHashMap<>();
/** /**
* Constructs an {@code InMemoryOAuth2AuthorizedClientService} using the provided parameters. * Constructs an {@code InMemoryOAuth2AuthorizedClientService} using the provided parameters.
@ -47,15 +48,22 @@ public final class InMemoryOAuth2AuthorizedClientService implements OAuth2Author
public InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository clientRegistrationRepository) { public InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository clientRegistrationRepository) {
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
this.clientRegistrationRepository = clientRegistrationRepository; this.clientRegistrationRepository = clientRegistrationRepository;
this.authorizedClients = new ConcurrentHashMap<>();
} }
/** /**
* Sets the map of authorized clients to use. * Constructs an {@code InMemoryOAuth2AuthorizedClientService} using the provided parameters.
* @param authorizedClients the map of authorized clients *
* @since 5.2
* @param clientRegistrationRepository the repository of client registrations
* @param authorizedClients the initial {@code Map} of authorized client(s) keyed by {@link OAuth2AuthorizedClientId}
*/ */
public void setAuthorizedClients(Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients) { public InMemoryOAuth2AuthorizedClientService(ClientRegistrationRepository clientRegistrationRepository,
Assert.notNull(authorizedClients, "authorizedClients cannot be null"); Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients) {
this.authorizedClients = authorizedClients; Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
Assert.notEmpty(authorizedClients, "authorizedClients cannot be empty");
this.clientRegistrationRepository = clientRegistrationRepository;
this.authorizedClients = new ConcurrentHashMap<>(authorizedClients);
} }
@Override @Override
@ -67,14 +75,14 @@ public final class InMemoryOAuth2AuthorizedClientService implements OAuth2Author
if (registration == null) { if (registration == null) {
return null; return null;
} }
return (T) this.authorizedClients.get(OAuth2AuthorizedClientId.create(registration, principalName)); return (T) this.authorizedClients.get(new OAuth2AuthorizedClientId(clientRegistrationId, principalName));
} }
@Override @Override
public void saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) { public void saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) {
Assert.notNull(authorizedClient, "authorizedClient cannot be null"); Assert.notNull(authorizedClient, "authorizedClient cannot be null");
Assert.notNull(principal, "principal cannot be null"); Assert.notNull(principal, "principal cannot be null");
this.authorizedClients.put(OAuth2AuthorizedClientId.create(authorizedClient.getClientRegistration(), this.authorizedClients.put(new OAuth2AuthorizedClientId(authorizedClient.getClientRegistration().getRegistrationId(),
principal.getName()), authorizedClient); principal.getName()), authorizedClient);
} }
@ -84,8 +92,7 @@ public final class InMemoryOAuth2AuthorizedClientService implements OAuth2Author
Assert.hasText(principalName, "principalName cannot be empty"); Assert.hasText(principalName, "principalName cannot be empty");
ClientRegistration registration = this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId); ClientRegistration registration = this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId);
if (registration != null) { if (registration != null) {
this.authorizedClients.remove(OAuth2AuthorizedClientId.create(registration, principalName)); this.authorizedClients.remove(new OAuth2AuthorizedClientId(clientRegistrationId, principalName));
} }
} }
} }

22
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/InMemoryReactiveOAuth2AuthorizedClientService.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2002-2019 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -15,16 +15,15 @@
*/ */
package org.springframework.security.oauth2.client; package org.springframework.security.oauth2.client;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
/** /**
* An {@link OAuth2AuthorizedClientService} that stores * An {@link OAuth2AuthorizedClientService} that stores
* {@link OAuth2AuthorizedClient Authorized Client(s)} in-memory. * {@link OAuth2AuthorizedClient Authorized Client(s)} in-memory.
@ -38,11 +37,11 @@ import reactor.core.publisher.Mono;
* @see Authentication * @see Authentication
*/ */
public final class InMemoryReactiveOAuth2AuthorizedClientService implements ReactiveOAuth2AuthorizedClientService { public final class InMemoryReactiveOAuth2AuthorizedClientService implements ReactiveOAuth2AuthorizedClientService {
private final Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients = new ConcurrentHashMap<>();; private final Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients = new ConcurrentHashMap<>();
private final ReactiveClientRegistrationRepository clientRegistrationRepository; private final ReactiveClientRegistrationRepository clientRegistrationRepository;
/** /**
* Constructs an {@code InMemoryOAuth2AuthorizedClientService} using the provided parameters. * Constructs an {@code InMemoryReactiveOAuth2AuthorizedClientService} using the provided parameters.
* *
* @param clientRegistrationRepository the repository of client registrations * @param clientRegistrationRepository the repository of client registrations
*/ */
@ -57,7 +56,7 @@ public final class InMemoryReactiveOAuth2AuthorizedClientService implements Reac
Assert.hasText(clientRegistrationId, "clientRegistrationId cannot be empty"); Assert.hasText(clientRegistrationId, "clientRegistrationId cannot be empty");
Assert.hasText(principalName, "principalName cannot be empty"); Assert.hasText(principalName, "principalName cannot be empty");
return (Mono<T>) this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId) return (Mono<T>) this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId)
.map(clientRegistration -> OAuth2AuthorizedClientId.create(clientRegistration, principalName)) .map(clientRegistration -> new OAuth2AuthorizedClientId(clientRegistrationId, principalName))
.flatMap(identifier -> Mono.justOrEmpty(this.authorizedClients.get(identifier))); .flatMap(identifier -> Mono.justOrEmpty(this.authorizedClients.get(identifier)));
} }
@ -66,8 +65,8 @@ public final class InMemoryReactiveOAuth2AuthorizedClientService implements Reac
Assert.notNull(authorizedClient, "authorizedClient cannot be null"); Assert.notNull(authorizedClient, "authorizedClient cannot be null");
Assert.notNull(principal, "principal cannot be null"); Assert.notNull(principal, "principal cannot be null");
return Mono.fromRunnable(() -> { return Mono.fromRunnable(() -> {
OAuth2AuthorizedClientId identifier = OAuth2AuthorizedClientId.create( OAuth2AuthorizedClientId identifier = new OAuth2AuthorizedClientId(
authorizedClient.getClientRegistration(), principal.getName()); authorizedClient.getClientRegistration().getRegistrationId(), principal.getName());
this.authorizedClients.put(identifier, authorizedClient); this.authorizedClients.put(identifier, authorizedClient);
}); });
} }
@ -77,9 +76,8 @@ public final class InMemoryReactiveOAuth2AuthorizedClientService implements Reac
Assert.hasText(clientRegistrationId, "clientRegistrationId cannot be empty"); Assert.hasText(clientRegistrationId, "clientRegistrationId cannot be empty");
Assert.hasText(principalName, "principalName cannot be empty"); Assert.hasText(principalName, "principalName cannot be empty");
return this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId) return this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId)
.map(clientRegistration -> OAuth2AuthorizedClientId.create(clientRegistration, principalName)) .map(clientRegistration -> new OAuth2AuthorizedClientId(clientRegistrationId, principalName))
.doOnNext(this.authorizedClients::remove) .doOnNext(this.authorizedClients::remove)
.then(Mono.empty()); .then(Mono.empty());
} }
} }

42
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientId.java
View File

@ -1,11 +1,11 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2002-2019 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * https://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
@ -13,15 +13,14 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.oauth2.client; package org.springframework.security.oauth2.client;
import org.springframework.security.core.SpringSecurityCoreVersion;
import org.springframework.util.Assert;
import java.io.Serializable; import java.io.Serializable;
import java.util.Objects; import java.util.Objects;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.util.Assert;
/** /**
* The identifier for {@link OAuth2AuthorizedClient}. * The identifier for {@link OAuth2AuthorizedClient}.
* *
@ -31,37 +30,29 @@ import org.springframework.util.Assert;
* @see OAuth2AuthorizedClientService * @see OAuth2AuthorizedClientService
*/ */
public final class OAuth2AuthorizedClientId implements Serializable { public final class OAuth2AuthorizedClientId implements Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
private final String clientRegistrationId; private final String clientRegistrationId;
private final String principalName; private final String principalName;
private OAuth2AuthorizedClientId(String clientRegistrationId, String principalName) { /**
Assert.notNull(clientRegistrationId, "clientRegistrationId cannot be null"); * Constructs an {@code OAuth2AuthorizedClientId} using the provided parameters.
Assert.notNull(principalName, "principalName cannot be null"); *
* @param clientRegistrationId the identifier for the client's registration
* @param principalName the name of the End-User {@code Principal} (Resource Owner)
*/
public OAuth2AuthorizedClientId(String clientRegistrationId, String principalName) {
Assert.hasText(clientRegistrationId, "clientRegistrationId cannot be empty");
Assert.hasText(principalName, "principalName cannot be empty");
this.clientRegistrationId = clientRegistrationId; this.clientRegistrationId = clientRegistrationId;
this.principalName = principalName; this.principalName = principalName;
} }
/**
* Factory method for creating new {@link OAuth2AuthorizedClientId} using
* {@link ClientRegistration} and principal name.
* @param clientRegistration the client registration
* @param principalName the principal name
* @return the new authorized client id
*/
public static OAuth2AuthorizedClientId create(ClientRegistration clientRegistration,
String principalName) {
return new OAuth2AuthorizedClientId(clientRegistration.getRegistrationId(),
principalName);
}
@Override @Override
public boolean equals(Object obj) { public boolean equals(Object obj) {
if (this == obj) { if (this == obj) {
return true; return true;
} }
if (obj == null || getClass() != obj.getClass()) { if (obj == null || this.getClass() != obj.getClass()) {
return false; return false;
} }
OAuth2AuthorizedClientId that = (OAuth2AuthorizedClientId) obj; OAuth2AuthorizedClientId that = (OAuth2AuthorizedClientId) obj;
@ -73,5 +64,4 @@ public final class OAuth2AuthorizedClientId implements Serializable {
public int hashCode() { public int hashCode() {
return Objects.hash(this.clientRegistrationId, this.principalName); return Objects.hash(this.clientRegistrationId, this.principalName);
} }
} }

29
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/InMemoryOAuth2AuthorizedClientServiceTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2002-2019 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -15,11 +15,7 @@
*/ */
package org.springframework.security.oauth2.client; package org.springframework.security.oauth2.client;
import java.util.Collections;
import java.util.Map;
import org.junit.Test; import org.junit.Test;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@ -27,10 +23,12 @@ import org.springframework.security.oauth2.client.registration.InMemoryClientReg
import org.springframework.security.oauth2.client.registration.TestClientRegistrations; import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import java.util.Collections;
import java.util.Map;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
@ -66,25 +64,24 @@ public class InMemoryOAuth2AuthorizedClientServiceTests {
} }
@Test @Test
public void constructorWhenAuthorizedClientsIsNullThenIllegalArgumentException() { public void constructorWhenAuthorizedClientsIsNullThenThrowIllegalArgumentException() {
assertThatExceptionOfType(IllegalArgumentException.class) assertThatThrownBy(() -> new InMemoryOAuth2AuthorizedClientService(this.clientRegistrationRepository, null))
.isThrownBy(() -> this.authorizedClientService.setAuthorizedClients(null)) .isInstanceOf(IllegalArgumentException.class)
.withMessage("authorizedClients cannot be null"); .hasMessage("authorizedClients cannot be empty");
} }
@Test @Test
public void constructorWhenAuthorizedClientsIsEmptyMapThenRepositoryUsingSuppliedAuthorizedClients() { public void constructorWhenAuthorizedClientsProvidedThenUseProvidedAuthorizedClients() {
String registrationId = this.registration3.getRegistrationId(); String registrationId = this.registration3.getRegistrationId();
Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients = Collections.singletonMap( Map<OAuth2AuthorizedClientId, OAuth2AuthorizedClient> authorizedClients = Collections.singletonMap(
OAuth2AuthorizedClientId.create(this.registration3, this.principalName1), new OAuth2AuthorizedClientId(this.registration3.getRegistrationId(), this.principalName1),
mock(OAuth2AuthorizedClient.class)); mock(OAuth2AuthorizedClient.class));
ClientRegistrationRepository clientRegistrationRepository = mock(ClientRegistrationRepository.class); ClientRegistrationRepository clientRegistrationRepository = mock(ClientRegistrationRepository.class);
given(clientRegistrationRepository.findByRegistrationId(eq(registrationId))).willReturn(this.registration3); when(clientRegistrationRepository.findByRegistrationId(eq(registrationId))).thenReturn(this.registration3);
InMemoryOAuth2AuthorizedClientService authorizedClientService = new InMemoryOAuth2AuthorizedClientService( InMemoryOAuth2AuthorizedClientService authorizedClientService = new InMemoryOAuth2AuthorizedClientService(
this.clientRegistrationRepository); clientRegistrationRepository, authorizedClients);
authorizedClientService.setAuthorizedClients(authorizedClients);
assertThat((OAuth2AuthorizedClient) authorizedClientService.loadAuthorizedClient( assertThat((OAuth2AuthorizedClient) authorizedClientService.loadAuthorizedClient(
registrationId, this.principalName1)).isNotNull(); registrationId, this.principalName1)).isNotNull();
} }

67
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientIdTests.java
View File

@ -1,11 +1,11 @@
/* /*
* Copyright 2002-2018 the original author or authors. * Copyright 2002-2019 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * https://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
@ -13,15 +13,12 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
package org.springframework.security.oauth2.client; package org.springframework.security.oauth2.client;
import org.junit.Test; import org.junit.Test;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
/** /**
* Tests for {@link OAuth2AuthorizedClientId}. * Tests for {@link OAuth2AuthorizedClientId}.
@ -30,65 +27,59 @@ import static org.assertj.core.api.Assertions.assertThat;
*/ */
public class OAuth2AuthorizedClientIdTests { public class OAuth2AuthorizedClientIdTests {
@Test
public void constructorWhenRegistrationIdNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizedClientId(null, "test-principal"))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("clientRegistrationId cannot be empty");
}
@Test
public void constructorWhenPrincipalNameNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2AuthorizedClientId("test-client", null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("principalName cannot be empty");
}
@Test @Test
public void equalsWhenSameRegistrationIdAndPrincipalThenShouldReturnTrue() { public void equalsWhenSameRegistrationIdAndPrincipalThenShouldReturnTrue() {
OAuth2AuthorizedClientId id1 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"), OAuth2AuthorizedClientId id1 = new OAuth2AuthorizedClientId("test-client", "test-principal");
"test-principal"); OAuth2AuthorizedClientId id2 = new OAuth2AuthorizedClientId("test-client", "test-principal");
OAuth2AuthorizedClientId id2 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"),
"test-principal");
assertThat(id1.equals(id2)).isTrue(); assertThat(id1.equals(id2)).isTrue();
} }
@Test @Test
public void equalsWhenDifferentRegistrationIdAndSamePrincipalThenShouldReturnFalse() { public void equalsWhenDifferentRegistrationIdAndSamePrincipalThenShouldReturnFalse() {
OAuth2AuthorizedClientId id1 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client1"), OAuth2AuthorizedClientId id1 = new OAuth2AuthorizedClientId("test-client1", "test-principal");
"test-principal"); OAuth2AuthorizedClientId id2 = new OAuth2AuthorizedClientId("test-client2", "test-principal");
OAuth2AuthorizedClientId id2 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client2"),
"test-principal");
assertThat(id1.equals(id2)).isFalse(); assertThat(id1.equals(id2)).isFalse();
} }
@Test @Test
public void equalsWhenSameRegistrationIdAndDifferentPrincipalThenShouldReturnFalse() { public void equalsWhenSameRegistrationIdAndDifferentPrincipalThenShouldReturnFalse() {
OAuth2AuthorizedClientId id1 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"), OAuth2AuthorizedClientId id1 = new OAuth2AuthorizedClientId("test-client", "test-principal1");
"test-principal1"); OAuth2AuthorizedClientId id2 = new OAuth2AuthorizedClientId("test-client", "test-principal2");
OAuth2AuthorizedClientId id2 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"),
"test-principal2");
assertThat(id1.equals(id2)).isFalse(); assertThat(id1.equals(id2)).isFalse();
} }
@Test @Test
public void hashCodeWhenSameRegistrationIdAndPrincipalThenShouldReturnSame() { public void hashCodeWhenSameRegistrationIdAndPrincipalThenShouldReturnSame() {
OAuth2AuthorizedClientId id1 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"), OAuth2AuthorizedClientId id1 = new OAuth2AuthorizedClientId("test-client", "test-principal");
"test-principal"); OAuth2AuthorizedClientId id2 = new OAuth2AuthorizedClientId("test-client", "test-principal");
OAuth2AuthorizedClientId id2 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"),
"test-principal");
assertThat(id1.hashCode()).isEqualTo(id2.hashCode()); assertThat(id1.hashCode()).isEqualTo(id2.hashCode());
} }
@Test @Test
public void hashCodeWhenDifferentRegistrationIdAndSamePrincipalThenShouldNotReturnSame() { public void hashCodeWhenDifferentRegistrationIdAndSamePrincipalThenShouldNotReturnSame() {
OAuth2AuthorizedClientId id1 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client1"), OAuth2AuthorizedClientId id1 = new OAuth2AuthorizedClientId("test-client1", "test-principal");
"test-principal"); OAuth2AuthorizedClientId id2 = new OAuth2AuthorizedClientId("test-client2", "test-principal");
OAuth2AuthorizedClientId id2 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client2"),
"test-principal");
assertThat(id1.hashCode()).isNotEqualTo(id2.hashCode()); assertThat(id1.hashCode()).isNotEqualTo(id2.hashCode());
} }
@Test @Test
public void hashCodeWhenSameRegistrationIdAndDifferentPrincipalThenShouldNotReturnSame() { public void hashCodeWhenSameRegistrationIdAndDifferentPrincipalThenShouldNotReturnSame() {
OAuth2AuthorizedClientId id1 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"), OAuth2AuthorizedClientId id1 = new OAuth2AuthorizedClientId("test-client", "test-principal1");
"test-principal1"); OAuth2AuthorizedClientId id2 = new OAuth2AuthorizedClientId("test-client", "test-principal2");
OAuth2AuthorizedClientId id2 = OAuth2AuthorizedClientId.create(testClientRegistration("test-client"),
"test-principal2");
assertThat(id1.hashCode()).isNotEqualTo(id2.hashCode()); assertThat(id1.hashCode()).isNotEqualTo(id2.hashCode());
} }
private static ClientRegistration testClientRegistration(String registrationId) {
return ClientRegistration.withRegistrationId(registrationId).clientId("id").clientSecret("secret")
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")
.authorizationUri("http://example.com/authorize").tokenUri("http://example.com/token").build();
}
} }