Rename AuthorizationCodeAuthenticationFilter -> OAuth2LoginAuthenticationFilter

Fixes gh-4686
2017-10-24 13:38:24 -04:00 · 2017-10-24 13:38:24 -04:00 · 4ae24f2fbe
parent 09a94a4ef4
commit 4ae24f2fbe
7 changed files with 21 additions and 27 deletions
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
@ -89,7 +89,7 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
 				order);
 		order += STEP;
 		filterToOrder.put(
-			"org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter",
+			"org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter",
 			order);
 		order += STEP;
 		put(UsernamePasswordAuthenticationFilter.class, order);
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
@ -35,7 +35,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
 import org.springframework.security.oauth2.client.token.SecurityTokenRepository;
-import org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter;
+import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter;
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
 import org.springframework.security.oauth2.core.AccessToken;
@ -63,7 +63,7 @@ import java.util.Map;
 * @since 5.0
 */
 public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> extends
-	AbstractAuthenticationFilterConfigurer<B, OAuth2LoginConfigurer<B>, AuthorizationCodeAuthenticationFilter> {
+	AbstractAuthenticationFilterConfigurer<B, OAuth2LoginConfigurer<B>, OAuth2LoginAuthenticationFilter> {

 	private static final String DEFAULT_LOGIN_PROCESSING_URI = "/login/oauth2/authorize/code/*";
 	private final AuthorizationEndpointConfig authorizationEndpointConfig = new AuthorizationEndpointConfig();
@ -72,7 +72,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 	private final UserInfoEndpointConfig userInfoEndpointConfig = new UserInfoEndpointConfig();

 	public OAuth2LoginConfigurer() {
-		super(new AuthorizationCodeAuthenticationFilter(DEFAULT_LOGIN_PROCESSING_URI), DEFAULT_LOGIN_PROCESSING_URI);
+		super(new OAuth2LoginAuthenticationFilter(DEFAULT_LOGIN_PROCESSING_URI), DEFAULT_LOGIN_PROCESSING_URI);
 	}

 	public OAuth2LoginConfigurer<B> clients(ClientRegistration... clientRegistrations) {
@ -305,7 +305,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 		}
 		http.addFilter(this.postProcess(authorizationRequestFilter));

-		AuthorizationCodeAuthenticationFilter authorizationResponseFilter = this.getAuthenticationFilter();
+		OAuth2LoginAuthenticationFilter authorizationResponseFilter = this.getAuthenticationFilter();
 		if (this.redirectionEndpointConfig.authorizationResponseBaseUri != null) {
 			authorizationResponseFilter.setFilterProcessesUrl(this.redirectionEndpointConfig.authorizationResponseBaseUri);
 		}
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilter.java
@ -60,7 +60,6 @@ import java.util.Map;
 * @see AuthorizationRequestUriBuilder
 * @see ClientRegistration
 * @see ClientRegistrationRepository
- * @see AuthorizationCodeAuthenticationFilter
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.1">Section 4.1.1 Authorization Request (Authorization Code)</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2">Section 4.2 Implicit Grant</a>
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
@ -27,7 +27,7 @@ import javax.servlet.http.HttpServletResponse;
 * <p>
 * Used by the {@link AuthorizationRequestRedirectFilter} for persisting the <i>Authorization Request</i>
 * before it initiates the authorization code grant flow.
- * As well, used by the {@link AuthorizationCodeAuthenticationFilter} for resolving
+ * As well, used by the {@link OAuth2LoginAuthenticationFilter} for resolving
 * the associated <i>Authorization Request</i> when handling the <i>Authorization Response</i>.
 *
 * @author Joe Grandja
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
@ -73,17 +73,17 @@ import java.io.IOException;
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Response</a>
 */
-public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
+public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 	public static final String DEFAULT_AUTHORIZATION_RESPONSE_BASE_URI = "/oauth2/authorize/code/*";
 	private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
 	private ClientRegistrationRepository clientRegistrationRepository;
 	private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();

-	public AuthorizationCodeAuthenticationFilter() {
+	public OAuth2LoginAuthenticationFilter() {
 		this(DEFAULT_AUTHORIZATION_RESPONSE_BASE_URI);
 	}

-	public AuthorizationCodeAuthenticationFilter(String authorizationResponseBaseUri) {
+	public OAuth2LoginAuthenticationFilter(String authorizationResponseBaseUri) {
 		super(authorizationResponseBaseUri);
 	}

@ -134,11 +134,6 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
 		return this.getAuthenticationManager().authenticate(clientAuthentication);
 	}

-	public final void setAuthorizationResponseBaseUri(String authorizationResponseBaseUri) {
-		Assert.hasText(authorizationResponseBaseUri, "authorizationResponseBaseUri cannot be empty");
-		this.setFilterProcessesUrl(authorizationResponseBaseUri);
-	}
-
 	public final void setClientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) {
 		Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
 		this.clientRegistrationRepository = clientRegistrationRepository;
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilterTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilterTests.java
@ -49,17 +49,17 @@ import java.util.Map;
 import static org.mockito.Mockito.mock;

 /**
- * Tests {@link AuthorizationCodeAuthenticationFilter}.
+ * Tests {@link OAuth2LoginAuthenticationFilter}.
 *
 * @author Joe Grandja
 */
-public class AuthorizationCodeAuthenticationFilterTests {
+public class OAuth2LoginAuthenticationFilterTests {

 	@Test
 	public void doFilterWhenNotAuthorizationCodeResponseThenContinueChain() throws Exception {
 		ClientRegistration clientRegistration = TestUtil.googleClientRegistration();

-		AuthorizationCodeAuthenticationFilter filter = Mockito.spy(setupFilter(clientRegistration));
+		OAuth2LoginAuthenticationFilter filter = Mockito.spy(setupFilter(clientRegistration));

 		String requestURI = "/path";
 		MockHttpServletRequest request = new MockHttpServletRequest("GET", requestURI);
@ -77,7 +77,7 @@ public class AuthorizationCodeAuthenticationFilterTests {
 	public void doFilterWhenAuthorizationCodeErrorResponseThenAuthenticationFailureHandlerIsCalled() throws Exception {
 		ClientRegistration clientRegistration = TestUtil.githubClientRegistration();

-		AuthorizationCodeAuthenticationFilter filter = Mockito.spy(setupFilter(clientRegistration));
+		OAuth2LoginAuthenticationFilter filter = Mockito.spy(setupFilter(clientRegistration));
 		AuthenticationFailureHandler failureHandler = mock(AuthenticationFailureHandler.class);
 		filter.setAuthenticationFailureHandler(failureHandler);

@ -106,7 +106,7 @@ public class AuthorizationCodeAuthenticationFilterTests {
 		AuthenticationManager authenticationManager = mock(AuthenticationManager.class);
 		Mockito.when(authenticationManager.authenticate(Matchers.any(Authentication.class))).thenReturn(clientAuthentication);

-		AuthorizationCodeAuthenticationFilter filter = Mockito.spy(setupFilter(authenticationManager, clientRegistration));
+		OAuth2LoginAuthenticationFilter filter = Mockito.spy(setupFilter(authenticationManager, clientRegistration));
 		AuthenticationSuccessHandler successHandler = mock(AuthenticationSuccessHandler.class);
 		filter.setAuthenticationSuccessHandler(successHandler);
 		AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
@ -135,7 +135,7 @@ public class AuthorizationCodeAuthenticationFilterTests {
 	public void doFilterWhenAuthorizationCodeSuccessResponseAndNoMatchingAuthorizationRequestThenThrowOAuth2AuthenticationExceptionAuthorizationRequestNotFound() throws Exception {
 		ClientRegistration clientRegistration = TestUtil.githubClientRegistration();

-		AuthorizationCodeAuthenticationFilter filter = Mockito.spy(setupFilter(clientRegistration));
+		OAuth2LoginAuthenticationFilter filter = Mockito.spy(setupFilter(clientRegistration));
 		AuthenticationFailureHandler failureHandler = mock(AuthenticationFailureHandler.class);
 		filter.setAuthenticationFailureHandler(failureHandler);

@ -152,7 +152,7 @@ public class AuthorizationCodeAuthenticationFilterTests {
 		verifyThrowsOAuth2AuthenticationExceptionWithErrorCode(filter, failureHandler, "authorization_request_not_found");
 	}

-	private void verifyThrowsOAuth2AuthenticationExceptionWithErrorCode(AuthorizationCodeAuthenticationFilter filter,
+	private void verifyThrowsOAuth2AuthenticationExceptionWithErrorCode(OAuth2LoginAuthenticationFilter filter,
 																		AuthenticationFailureHandler failureHandler,
 																		String errorCode) throws Exception {

@ -169,18 +169,18 @@ public class AuthorizationCodeAuthenticationFilterTests {
 		Assertions.assertThat(oauth2AuthenticationException.getError().getErrorCode()).isEqualTo(errorCode);
 	}

-	private AuthorizationCodeAuthenticationFilter setupFilter(ClientRegistration... clientRegistrations) throws Exception {
+	private OAuth2LoginAuthenticationFilter setupFilter(ClientRegistration... clientRegistrations) throws Exception {
 		AuthenticationManager authenticationManager = mock(AuthenticationManager.class);

 		return setupFilter(authenticationManager, clientRegistrations);
 	}

-	private AuthorizationCodeAuthenticationFilter setupFilter(
+	private OAuth2LoginAuthenticationFilter setupFilter(
 			AuthenticationManager authenticationManager, ClientRegistration... clientRegistrations) throws Exception {

 		ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations);

-		AuthorizationCodeAuthenticationFilter filter = new AuthorizationCodeAuthenticationFilter();
+		OAuth2LoginAuthenticationFilter filter = new OAuth2LoginAuthenticationFilter();
 		filter.setClientRegistrationRepository(clientRegistrationRepository);
 		filter.setAuthenticationManager(authenticationManager);

--- a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
+++ b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
@ -41,7 +41,7 @@ import org.springframework.security.oauth2.client.authentication.AuthorizationGr
 import org.springframework.security.oauth2.client.authentication.userinfo.OAuth2UserService;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
-import org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter;
+import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter;
 import org.springframework.security.oauth2.core.AccessToken;
 import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
@ -71,7 +71,7 @@ import static org.mockito.Mockito.when;

 /**
 * Integration tests for the OAuth 2.0 client filters {@link AuthorizationRequestRedirectFilter}
- * and {@link AuthorizationCodeAuthenticationFilter}.
+ * and {@link OAuth2LoginAuthenticationFilter}.
 * These filters work together to realize the Authorization Code Grant flow.
 *
 * @author Joe Grandja