Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

OAuth2AuthorizationRequestRedirectWebFilter handles ClientAuthorizationRequiredException 

Fixes: gh-5383
This commit is contained in:
Rob Winch 2018-05-24 15:03:12 -05:00
parent 6a12415d23
commit 2658577396
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectWebFilter.java
View File

@ -136,6 +136,7 @@ public class OAuth2AuthorizationRequestRedirectWebFilter implements WebFilter {
.map(ServerWebExchangeMatcher.MatchResult::getVariables) .map(ServerWebExchangeMatcher.MatchResult::getVariables)
.map(variables -> variables.get(REGISTRATION_ID_URI_VARIABLE_NAME)) .map(variables -> variables.get(REGISTRATION_ID_URI_VARIABLE_NAME))
.cast(String.class) .cast(String.class)
.onErrorResume(ClientAuthorizationRequiredException.class, e -> Mono.just(e.getClientRegistrationId()))
.flatMap(clientRegistrationId -> this.findByRegistrationId(exchange, clientRegistrationId)) .flatMap(clientRegistrationId -> this.findByRegistrationId(exchange, clientRegistrationId))
.flatMap(clientRegistration -> sendRedirectForAuthorization(exchange, clientRegistration)); .flatMap(clientRegistration -> sendRedirectForAuthorization(exchange, clientRegistration));
} }

12
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectWebFilterTests.java
View File

@ -21,6 +21,7 @@ import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.mockito.Mock; import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner; import org.mockito.junit.MockitoJUnitRunner;
import org.springframework.security.oauth2.client.ClientAuthorizationRequiredException;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
@ -133,4 +134,15 @@ public class OAuth2AuthorizationRequestRedirectWebFilterTests {
}); });
verify(this.authzRequestRepository).saveAuthorizationRequest(any(), any()); verify(this.authzRequestRepository).saveAuthorizationRequest(any(), any());
} }
@Test
public void filterWhenExceptionThenRedirected() {
FilteringWebHandler webHandler = new FilteringWebHandler(e -> Mono.error(new ClientAuthorizationRequiredException(this.github.getRegistrationId())), Arrays.asList(this.filter));
this.client = WebTestClient.bindToWebHandler(webHandler).build();
FluxExchangeResult<String> result = this.client.get()
.uri("https://example.com/foo").exchange()
.expectStatus()
.is3xxRedirection()
.returnResult(String.class);
}
} }