Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-22 20:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish RequestMatcher Migration Path for OAuth 2.0 Login DSL

Browse Source 
Issue gh-16573
This commit is contained in:
Josh Cummings 2025-03-26 16:15:58 -06:00
parent 99345537d6
commit 37b8d019fa
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -351,6 +351,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
public void init(B http) throws Exception { public void init(B http) throws Exception {
OAuth2LoginAuthenticationFilter authenticationFilter = new OAuth2LoginAuthenticationFilter( OAuth2LoginAuthenticationFilter authenticationFilter = new OAuth2LoginAuthenticationFilter(
this.getClientRegistrationRepository(), this.getAuthorizedClientRepository(), this.loginProcessingUrl); this.getClientRegistrationRepository(), this.getAuthorizedClientRepository(), this.loginProcessingUrl);
RequestMatcher processUri = RequestMatcherFactory.matcher(this.loginProcessingUrl);
authenticationFilter.setRequiresAuthenticationRequestMatcher(processUri);
authenticationFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy()); authenticationFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());
this.setAuthenticationFilter(authenticationFilter); this.setAuthenticationFilter(authenticationFilter);
super.loginProcessingUrl(this.loginProcessingUrl); super.loginProcessingUrl(this.loginProcessingUrl);
@ -434,7 +436,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
http.addFilter(this.postProcess(authorizationRequestFilter)); http.addFilter(this.postProcess(authorizationRequestFilter));
OAuth2LoginAuthenticationFilter authenticationFilter = this.getAuthenticationFilter(); OAuth2LoginAuthenticationFilter authenticationFilter = this.getAuthenticationFilter();
if (this.redirectionEndpointConfig.authorizationResponseBaseUri != null) { if (this.redirectionEndpointConfig.authorizationResponseBaseUri != null) {
authenticationFilter.setFilterProcessesUrl(this.redirectionEndpointConfig.authorizationResponseBaseUri); authenticationFilter.setRequiresAuthenticationRequestMatcher(
RequestMatcherFactory.matcher(this.redirectionEndpointConfig.authorizationResponseBaseUri));
} }
if (this.authorizationEndpointConfig.authorizationRequestRepository != null) { if (this.authorizationEndpointConfig.authorizationRequestRepository != null) {
authenticationFilter authenticationFilter