From 35f41f87d120efc70e0c764b42b6f6bae5c650e9 Mon Sep 17 00:00:00 2001 From: Joe Grandja <10884212+jgrandja@users.noreply.github.com> Date: Fri, 12 Sep 2025 14:18:56 -0400 Subject: [PATCH] Temporarily fix integration tests Issue gh-17880 --- .../OAuth2ClientCredentialsGrantTests.java | 2 ++ .../OAuth2RefreshTokenGrantTests.java | 5 ++++- .../ClientSecretAuthenticationProvider.java | 7 +++++-- ...tClientAssertionAuthenticationProvider.java | 5 ++++- ...uthorizationCodeAuthenticationProvider.java | 6 ++++-- ...ationCodeRequestAuthenticationProvider.java | 18 +++++++++++++----- ...orizationConsentAuthenticationProvider.java | 9 ++++++--- ...lientCredentialsAuthenticationProvider.java | 5 ++++- ...orizationRequestAuthenticationProvider.java | 7 +++++-- ...OAuth2DeviceCodeAuthenticationProvider.java | 5 ++++- ...viceVerificationAuthenticationProvider.java | 8 +++++--- ...orizationRequestAuthenticationProvider.java | 12 ++++++++---- ...uth2RefreshTokenAuthenticationProvider.java | 6 ++++-- ...th2TokenExchangeAuthenticationProvider.java | 6 ++++-- ...kenIntrospectionAuthenticationProvider.java | 6 ++++-- ...2TokenRevocationAuthenticationProvider.java | 5 ++++- .../PublicClientAuthenticationProvider.java | 6 ++++-- ...lientCertificateAuthenticationProvider.java | 7 +++++-- ...entConfigurationAuthenticationProvider.java | 4 +++- ...ientRegistrationAuthenticationProvider.java | 4 +++- 20 files changed, 95 insertions(+), 38 deletions(-) diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java index 98e277bbff..ee463f87f9 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java @@ -114,6 +114,7 @@ import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.AuthenticationConverter; import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; +import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.request.MockMvcRequestBuilders; @@ -363,6 +364,7 @@ public class OAuth2ClientCredentialsGrantTests { Instant.now(), Instant.now().plus(Duration.ofHours(1))); OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = new OAuth2AccessTokenAuthenticationToken( registeredClient, clientPrincipal, accessToken); + accessTokenAuthentication.setDetails(new WebAuthenticationDetails("remoteAddress", "sessionId")); given(authenticationProvider.supports(eq(OAuth2ClientCredentialsAuthenticationToken.class))).willReturn(true); given(authenticationProvider.authenticate(any())).willReturn(accessTokenAuthentication); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java index b785ded4dc..ee13cf2837 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java @@ -624,7 +624,10 @@ public class OAuth2RefreshTokenGrantTests { throwInvalidClient("authentication_method"); } - return new PublicClientRefreshTokenAuthenticationToken(registeredClient); + PublicClientRefreshTokenAuthenticationToken publicClientRefreshTokenAuthenticationResult = new PublicClientRefreshTokenAuthenticationToken( + registeredClient); + publicClientRefreshTokenAuthenticationResult.setDetails(publicClientAuthentication.getDetails()); + return publicClientRefreshTokenAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java index 8c1933e3e0..a401fa00be 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java @@ -155,8 +155,11 @@ public final class ClientSecretAuthenticationProvider implements AuthenticationP this.logger.trace("Authenticated client secret"); } - return new OAuth2ClientAuthenticationToken(registeredClient, - clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials()); + OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken( + registeredClient, clientAuthentication.getClientAuthenticationMethod(), + clientAuthentication.getCredentials()); + clientAuthenticationResult.setDetails(clientAuthentication.getDetails()); + return clientAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java index 06efbe8df4..1f38bb7655 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java @@ -138,7 +138,10 @@ public final class JwtClientAssertionAuthenticationProvider implements Authentic this.logger.trace("Authenticated client assertion"); } - return new OAuth2ClientAuthenticationToken(registeredClient, clientAuthenticationMethod, jwtAssertion); + OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken( + registeredClient, clientAuthenticationMethod, jwtAssertion); + clientAuthenticationResult.setDetails(clientAuthentication.getDetails()); + return clientAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java index 1cb945f0d0..bff6a1a51b 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java @@ -312,8 +312,10 @@ public final class OAuth2AuthorizationCodeAuthenticationProvider implements Auth this.logger.trace("Authenticated token request"); } - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken, - additionalParameters); + OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken( + registeredClient, clientPrincipal, accessToken, refreshToken, additionalParameters); + accessTokenAuthenticationResult.setDetails(authorizationCodeAuthentication.getDetails()); + return accessTokenAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java index 9a51ad71e2..b6bd3efc3d 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java @@ -167,11 +167,13 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen authorizationCodeRequestAuthentication, null); } + Object authenticationDetails = authorizationCodeRequestAuthentication.getDetails(); authorizationCodeRequestAuthentication = new OAuth2AuthorizationCodeRequestAuthenticationToken( authorizationCodeRequestAuthentication.getAuthorizationUri(), authorizationRequest.getClientId(), (Authentication) authorizationCodeRequestAuthentication.getPrincipal(), authorizationRequest.getRedirectUri(), authorizationRequest.getState(), authorizationRequest.getScopes(), authorizationRequest.getAdditionalParameters()); + authorizationCodeRequestAuthentication.setDetails(authenticationDetails); } RegisteredClient registeredClient = this.registeredClientRepository @@ -283,8 +285,11 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen Set currentAuthorizedScopes = (currentAuthorizationConsent != null) ? currentAuthorizationConsent.getScopes() : null; - return new OAuth2AuthorizationConsentAuthenticationToken(authorizationRequest.getAuthorizationUri(), - registeredClient.getClientId(), principal, state, currentAuthorizedScopes, null); + OAuth2AuthorizationConsentAuthenticationToken authorizationConsentAuthentication = new OAuth2AuthorizationConsentAuthenticationToken( + authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal, state, + currentAuthorizedScopes, null); + authorizationConsentAuthentication.setDetails(authorizationCodeRequestAuthentication.getDetails()); + return authorizationConsentAuthentication; } OAuth2TokenContext tokenContext = createAuthorizationCodeTokenContext(authorizationCodeRequestAuthentication, @@ -327,9 +332,11 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen this.logger.trace("Authenticated authorization code request"); } - return new OAuth2AuthorizationCodeRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(), - registeredClient.getClientId(), principal, authorizationCode, redirectUri, - authorizationRequest.getState(), authorizationRequest.getScopes()); + OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken( + authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal, + authorizationCode, redirectUri, authorizationRequest.getState(), authorizationRequest.getScopes()); + authorizationCodeRequestAuthenticationResult.setDetails(authorizationCodeRequestAuthentication.getDetails()); + return authorizationCodeRequestAuthenticationResult; } @Override @@ -481,6 +488,7 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen (Authentication) authorizationCodeRequestAuthentication.getPrincipal(), redirectUri, authorizationCodeRequestAuthentication.getState(), authorizationCodeRequestAuthentication.getScopes(), authorizationCodeRequestAuthentication.getAdditionalParameters()); + authorizationCodeRequestAuthenticationResult.setDetails(authorizationCodeRequestAuthentication.getDetails()); throw new OAuth2AuthorizationCodeRequestAuthenticationException(error, authorizationCodeRequestAuthenticationResult); diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java index 539c54d28e..7d47c7ef93 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java @@ -260,9 +260,11 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A this.logger.trace("Authenticated authorization consent request"); } - return new OAuth2AuthorizationCodeRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(), - registeredClient.getClientId(), principal, authorizationCode, redirectUri, - authorizationRequest.getState(), authorizedScopes); + OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken( + authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal, + authorizationCode, redirectUri, authorizationRequest.getState(), authorizedScopes); + authorizationCodeRequestAuthenticationResult.setDetails(authorizationConsentAuthentication.getDetails()); + return authorizationCodeRequestAuthenticationResult; } @Override @@ -362,6 +364,7 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A authorizationConsentAuthentication.getClientId(), (Authentication) authorizationConsentAuthentication.getPrincipal(), redirectUri, state, requestedScopes, null); + authorizationCodeRequestAuthenticationResult.setDetails(authorizationConsentAuthentication.getDetails()); throw new OAuth2AuthorizationCodeRequestAuthenticationException(error, authorizationCodeRequestAuthenticationResult); diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java index 8ac7917a83..b4df877cba 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java @@ -170,7 +170,10 @@ public final class OAuth2ClientCredentialsAuthenticationProvider implements Auth this.logger.trace("Authenticated token request"); } - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken); + OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken( + registeredClient, clientPrincipal, accessToken); + accessTokenAuthenticationResult.setDetails(clientCredentialsAuthentication.getDetails()); + return accessTokenAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java index ce55e092fe..a862599309 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java @@ -181,8 +181,11 @@ public final class OAuth2DeviceAuthorizationRequestAuthenticationProvider implem this.logger.trace("Authenticated device authorization request"); } - return new OAuth2DeviceAuthorizationRequestAuthenticationToken(clientPrincipal, requestedScopes, deviceCode, - userCode); + OAuth2DeviceAuthorizationRequestAuthenticationToken deviceAuthorizationRequestAuthenticationResult = new OAuth2DeviceAuthorizationRequestAuthenticationToken( + clientPrincipal, requestedScopes, deviceCode, userCode); + deviceAuthorizationRequestAuthenticationResult + .setDetails(deviceAuthorizationRequestAuthentication.getDetails()); + return deviceAuthorizationRequestAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java index beca3134e0..d6ade3bfbe 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java @@ -260,7 +260,10 @@ public final class OAuth2DeviceCodeAuthenticationProvider implements Authenticat this.logger.trace("Authenticated device token request"); } - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken); + OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken( + registeredClient, clientPrincipal, accessToken, refreshToken); + accessTokenAuthenticationResult.setDetails(deviceCodeAuthentication.getDetails()); + return accessTokenAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java index 9629807f60..e8ab5d1a95 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java @@ -171,9 +171,11 @@ public final class OAuth2DeviceVerificationAuthenticationProvider implements Aut .getAuthorizationServerSettings(); String deviceVerificationUri = authorizationServerSettings.getDeviceVerificationEndpoint(); - return new OAuth2DeviceAuthorizationConsentAuthenticationToken(deviceVerificationUri, - registeredClient.getClientId(), principal, deviceVerificationAuthentication.getUserCode(), state, - requestedScopes, currentAuthorizedScopes); + OAuth2DeviceAuthorizationConsentAuthenticationToken deviceAuthorizationConsentAuthenticationResult = new OAuth2DeviceAuthorizationConsentAuthenticationToken( + deviceVerificationUri, registeredClient.getClientId(), principal, + deviceVerificationAuthentication.getUserCode(), state, requestedScopes, currentAuthorizedScopes); + deviceAuthorizationConsentAuthenticationResult.setDetails(deviceVerificationAuthentication.getDetails()); + return deviceAuthorizationConsentAuthenticationResult; } // @formatter:off diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProvider.java index 4d0225a27b..0b24835fae 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProvider.java @@ -138,10 +138,14 @@ public final class OAuth2PushedAuthorizationRequestAuthenticationProvider implem this.logger.trace("Authenticated pushed authorization request"); } - return new OAuth2PushedAuthorizationRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(), - authorizationRequest.getClientId(), clientPrincipal, pushedAuthorizationRequestUri.getRequestUri(), - pushedAuthorizationRequestUri.getExpiresAt(), authorizationRequest.getRedirectUri(), - authorizationRequest.getState(), authorizationRequest.getScopes()); + OAuth2PushedAuthorizationRequestAuthenticationToken pushedAuthorizationRequestAuthenticationResult = new OAuth2PushedAuthorizationRequestAuthenticationToken( + authorizationRequest.getAuthorizationUri(), authorizationRequest.getClientId(), clientPrincipal, + pushedAuthorizationRequestUri.getRequestUri(), pushedAuthorizationRequestUri.getExpiresAt(), + authorizationRequest.getRedirectUri(), authorizationRequest.getState(), + authorizationRequest.getScopes()); + pushedAuthorizationRequestAuthenticationResult + .setDetails(pushedAuthorizationRequestAuthentication.getDetails()); + return pushedAuthorizationRequestAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java index c6c50a3215..a43d7bb4b1 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java @@ -283,8 +283,10 @@ public final class OAuth2RefreshTokenAuthenticationProvider implements Authentic this.logger.trace("Authenticated token request"); } - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, - currentRefreshToken, additionalParameters); + OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken( + registeredClient, clientPrincipal, accessToken, currentRefreshToken, additionalParameters); + accessTokenAuthenticationResult.setDetails(refreshTokenAuthentication.getDetails()); + return accessTokenAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java index 50b9b00930..861751edf3 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java @@ -268,8 +268,10 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti this.logger.trace("Authenticated token request"); } - return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, null, - additionalParameters); + OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken( + registeredClient, clientPrincipal, accessToken, null, additionalParameters); + accessTokenAuthenticationResult.setDetails(tokenExchangeAuthentication.getDetails()); + return accessTokenAuthenticationResult; } private static boolean isValidTokenType(String tokenType, OAuth2Authorization.Token token) { diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java index 544cf3cf53..b26ef6a1e3 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java @@ -118,8 +118,10 @@ public final class OAuth2TokenIntrospectionAuthenticationProvider implements Aut this.logger.trace("Authenticated token introspection request"); } - return new OAuth2TokenIntrospectionAuthenticationToken(authorizedToken.getToken().getTokenValue(), - clientPrincipal, tokenClaims); + OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthenticationResult = new OAuth2TokenIntrospectionAuthenticationToken( + authorizedToken.getToken().getTokenValue(), clientPrincipal, tokenClaims); + tokenIntrospectionAuthenticationResult.setDetails(tokenIntrospectionAuthentication.getDetails()); + return tokenIntrospectionAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java index fd3f260ce9..6e24ef207f 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java @@ -89,7 +89,10 @@ public final class OAuth2TokenRevocationAuthenticationProvider implements Authen this.logger.trace("Authenticated token revocation request"); } - return new OAuth2TokenRevocationAuthenticationToken(token.getToken(), clientPrincipal); + OAuth2TokenRevocationAuthenticationToken tokenRevocationAuthenticationResult = new OAuth2TokenRevocationAuthenticationToken( + token.getToken(), clientPrincipal); + tokenRevocationAuthenticationResult.setDetails(tokenRevocationAuthentication.getDetails()); + return tokenRevocationAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProvider.java index 0b486c373d..aef16f16ac 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProvider.java @@ -103,8 +103,10 @@ public final class PublicClientAuthenticationProvider implements AuthenticationP this.logger.trace("Authenticated public client"); } - return new OAuth2ClientAuthenticationToken(registeredClient, - clientAuthentication.getClientAuthenticationMethod(), null); + OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken( + registeredClient, clientAuthentication.getClientAuthenticationMethod(), null); + clientAuthenticationResult.setDetails(clientAuthentication.getDetails()); + return clientAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProvider.java index 7d95ed092b..f8b8bcb311 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProvider.java @@ -125,8 +125,11 @@ public final class X509ClientCertificateAuthenticationProvider implements Authen this.logger.trace("Authenticated client X509Certificate"); } - return new OAuth2ClientAuthenticationToken(registeredClient, - clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials()); + OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken( + registeredClient, clientAuthentication.getClientAuthenticationMethod(), + clientAuthentication.getCredentials()); + clientAuthenticationResult.setDetails(clientAuthentication.getDetails()); + return clientAuthenticationResult; } @Override diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProvider.java index 588a1e784a..e911a9f0f8 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProvider.java @@ -169,8 +169,10 @@ public final class OidcClientConfigurationAuthenticationProvider implements Auth this.logger.trace("Authenticated client configuration request"); } - return new OidcClientRegistrationAuthenticationToken( + OidcClientRegistrationAuthenticationToken clientRegistrationAuthenticationResult = new OidcClientRegistrationAuthenticationToken( (Authentication) clientRegistrationAuthentication.getPrincipal(), clientRegistration); + clientRegistrationAuthenticationResult.setDetails(clientRegistrationAuthentication.getDetails()); + return clientRegistrationAuthenticationResult; } @SuppressWarnings("unchecked") diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java index b402f306d7..665e0d51b9 100644 --- a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java +++ b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java @@ -279,8 +279,10 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe this.logger.trace("Authenticated client registration request"); } - return new OidcClientRegistrationAuthenticationToken( + OidcClientRegistrationAuthenticationToken clientRegistrationAuthenticationResult = new OidcClientRegistrationAuthenticationToken( (Authentication) clientRegistrationAuthentication.getPrincipal(), clientRegistration); + clientRegistrationAuthenticationResult.setDetails(clientRegistrationAuthentication.getDetails()); + return clientRegistrationAuthenticationResult; } private OAuth2Authorization registerAccessToken(RegisteredClient registeredClient) {