Polish gh-17246

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler.java

@@ -60,6 +60,7 @@ import org.springframework.web.server.ServerWebExchange;
  *
  * @author Evgeniy Cheban
  * @since 7.1
+ * @see RefreshTokenReactiveOAuth2AuthorizedClientProvider
  */
 public final class RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler
 		implements ReactiveOAuth2AuthorizationSuccessHandler {
@@ -158,16 +159,6 @@ public final class RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler
 		this.jwtDecoderFactory = jwtDecoderFactory;
 	}
 
-	/**
-	 * Sets a {@link GrantedAuthoritiesMapper} to use for mapping
-	 * {@link GrantedAuthority}s, defaults to no-op implementation.
-	 * @param authoritiesMapper the {@link GrantedAuthoritiesMapper} to use
-	 */
-	public void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) {
-		Assert.notNull(authoritiesMapper, "authoritiesMapper cannot be null");
-		this.authoritiesMapper = authoritiesMapper;
-	}
-
 	/**
 	 * Sets a {@link ReactiveOAuth2UserService} to use for loading an {@link OidcUser}
 	 * from refreshed oidc id-token, defaults to {@link OidcReactiveOAuth2UserService}.
@@ -178,6 +169,16 @@ public final class RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler
 		this.userService = userService;
 	}
 
+	/**
+	 * Sets a {@link GrantedAuthoritiesMapper} to use for mapping
+	 * {@link GrantedAuthority}s, defaults to no-op implementation.
+	 * @param authoritiesMapper the {@link GrantedAuthoritiesMapper} to use
+	 */
+	public void setAuthoritiesMapper(GrantedAuthoritiesMapper authoritiesMapper) {
+		Assert.notNull(authoritiesMapper, "authoritiesMapper cannot be null");
+		this.authoritiesMapper = authoritiesMapper;
+	}
+
 	/**
 	 * Sets the maximum acceptable clock skew, which is used when checking the
 	 * {@link OidcIdToken#getIssuedAt()} to match the existing
@@ -297,7 +298,7 @@ public final class RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler
 		OAuth2AuthenticationToken authenticationResult = new OAuth2AuthenticationToken(oidcUser, mappedAuthorities,
 				clientRegistration.getRegistrationId());
 		authenticationResult.setDetails(authenticationToken.getDetails());
-		SecurityContextImpl securityContext = new SecurityContextImpl(authenticationResult);
+		SecurityContext securityContext = new SecurityContextImpl(authenticationResult);
 		return this.serverSecurityContextRepository.save(exchange, securityContext);
 	}
 

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandlerTests.java

@@ -60,6 +60,42 @@ import static org.mockito.Mockito.mock;
  */
 class RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandlerTests {
 
+	@Test
+	void setServerSecurityContextRepositoryWhenNullThenException() {
+		assertThatException()
+			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler()
+				.setServerSecurityContextRepository(null))
+			.withMessage("serverSecurityContextRepository cannot be null");
+	}
+
+	@Test
+	void setJwtDecoderFactoryWhenNullThenException() {
+		assertThatException()
+			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setJwtDecoderFactory(null))
+			.withMessage("jwtDecoderFactory cannot be null");
+	}
+
+	@Test
+	void setAuthoritiesMapperWhenNullThenException() {
+		assertThatException()
+			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setAuthoritiesMapper(null))
+			.withMessage("authoritiesMapper cannot be null");
+	}
+
+	@Test
+	void setUserServiceWhenNullThenException() {
+		assertThatException()
+			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setUserService(null))
+			.withMessage("userService cannot be null");
+	}
+
+	@Test
+	void setClockSkewWhenNullThenException() {
+		assertThatException()
+			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setClockSkew(null))
+			.withMessage("clockSkew cannot be null");
+	}
+
 	@Test
 	void onAuthorizationSuccessWhenIdTokenValidThenSecurityContextRefreshed() {
 		ClientRegistration clientRegistration = TestClientRegistrations.clientRegistration().build();
@@ -352,42 +388,6 @@ class RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandlerTests {
 			.verifyErrorMessage("[invalid_nonce] Invalid nonce");
 	}
 
-	@Test
-	void setServerSecurityContextRepositoryWhenNullThenException() {
-		assertThatException()
-			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler()
-				.setServerSecurityContextRepository(null))
-			.withMessage("serverSecurityContextRepository cannot be null");
-	}
-
-	@Test
-	void setJwtDecoderFactoryWhenNullThenException() {
-		assertThatException()
-			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setJwtDecoderFactory(null))
-			.withMessage("jwtDecoderFactory cannot be null");
-	}
-
-	@Test
-	void setAuthoritiesMapperWhenNullThenException() {
-		assertThatException()
-			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setAuthoritiesMapper(null))
-			.withMessage("authoritiesMapper cannot be null");
-	}
-
-	@Test
-	void setUserServiceWhenNullThenException() {
-		assertThatException()
-			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setUserService(null))
-			.withMessage("userService cannot be null");
-	}
-
-	@Test
-	void setClockSkewWhenNullThenException() {
-		assertThatException()
-			.isThrownBy(() -> new RefreshOidcUserReactiveOAuth2AuthorizationSuccessHandler().setClockSkew(null))
-			.withMessage("clockSkew cannot be null");
-	}
-
 	private static OAuth2AccessToken createAccessToken() {
 		Instant issuedAt = Instant.now().minus(Duration.ofDays(1));
 		Instant expiresAt = issuedAt.plus(Duration.ofMinutes(60));