Polish gh-12853

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2DeviceCode.java

@@ -28,7 +28,7 @@ import java.time.Instant;
  * @see <a target="_blank" href= "https://tools.ietf.org/html/rfc8628#section-3.2">Section
  * 3.2 Device Authorization Response</a>
  */
-public final class OAuth2DeviceCode extends AbstractOAuth2Token {
+public class OAuth2DeviceCode extends AbstractOAuth2Token {
 
 	/**
 	 * Constructs an {@code OAuth2DeviceCode} using the provided parameters.

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2UserCode.java

@@ -28,7 +28,7 @@ import java.time.Instant;
  * @see <a target="_blank" href= "https://tools.ietf.org/html/rfc8628#section-3.2">Section
  * 3.2 Device Authorization Response</a>
  */
-public final class OAuth2UserCode extends AbstractOAuth2Token {
+public class OAuth2UserCode extends AbstractOAuth2Token {
 
 	/**
 	 * Constructs an {@code OAuth2UserCode} using the provided parameters.

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2DeviceAuthorizationResponse.java

@@ -129,16 +129,6 @@ public final class OAuth2DeviceAuthorizationResponse {
 		return new Builder(deviceCode, userCode);
 	}
 
-	/**
-	 * Returns a new {@link Builder}, initialized with the provided response.
-	 * @param deviceAuthorizationResponse the response to initialize the builder with
-	 * @return the {@link Builder}
-	 */
-	public static Builder withResponse(OAuth2DeviceAuthorizationResponse deviceAuthorizationResponse) {
-		Assert.notNull(deviceAuthorizationResponse, "deviceAuthorizationResponse cannot be null");
-		return new Builder(deviceAuthorizationResponse);
-	}
-
 	/**
 	 * A builder for {@link OAuth2DeviceAuthorizationResponse}.
 	 */
@@ -158,17 +148,6 @@ public final class OAuth2DeviceAuthorizationResponse {
 
 		private Map<String, Object> additionalParameters;
 
-		private Builder(OAuth2DeviceAuthorizationResponse response) {
-			OAuth2DeviceCode deviceCode = response.getDeviceCode();
-			OAuth2UserCode userCode = response.getUserCode();
-			this.deviceCode = deviceCode.getTokenValue();
-			this.userCode = userCode.getTokenValue();
-			this.verificationUri = response.getVerificationUri();
-			this.verificationUriComplete = response.getVerificationUriComplete();
-			this.expiresIn = ChronoUnit.SECONDS.between(deviceCode.getIssuedAt(), deviceCode.getExpiresAt());
-			this.interval = response.getInterval();
-		}
-
 		private Builder(OAuth2DeviceCode deviceCode, OAuth2UserCode userCode) {
 			this.deviceCode = deviceCode.getTokenValue();
 			this.userCode = userCode.getTokenValue();

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2ParameterNames.java

@@ -152,33 +152,32 @@ public final class OAuth2ParameterNames {
 	public static final String TOKEN_TYPE_HINT = "token_type_hint";
 
 	/**
-	 * {@code device_code} - used in Device Authorization Request and Device Authorization
-	 * Response.
+	 * {@code device_code} - used in Device Authorization Response and Device Access Token
+	 * Request.
 	 * @since 6.1
 	 */
 	public static final String DEVICE_CODE = "device_code";
 
 	/**
-	 * {@code user_code} - used in Device Authorization Request and Device Authorization
-	 * Response.
+	 * {@code user_code} - used in Device Authorization Response.
 	 * @since 6.1
 	 */
 	public static final String USER_CODE = "user_code";
 
 	/**
-	 * {@code verification_uri} - Used in Device Authorization Response.
+	 * {@code verification_uri} - used in Device Authorization Response.
 	 * @since 6.1
 	 */
 	public static final String VERIFICATION_URI = "verification_uri";
 
 	/**
-	 * {@code verification_uri_complete} - Used in Device Authorization Response.
+	 * {@code verification_uri_complete} - used in Device Authorization Response.
 	 * @since 6.1
 	 */
 	public static final String VERIFICATION_URI_COMPLETE = "verification_uri_complete";
 
 	/**
-	 * {@code interval} - Used in Device Authorization Response.
+	 * {@code interval} - used in Device Authorization Response.
 	 * @since 6.1
 	 */
 	public static final String INTERVAL = "interval";

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2DeviceAuthorizationResponseHttpMessageConverter.java

@@ -56,7 +56,7 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 	private static final ParameterizedTypeReference<Map<String, Object>> STRING_OBJECT_MAP = new ParameterizedTypeReference<>() {
 	};
 
-	private final GenericHttpMessageConverter<Object> jsonMessageConvereter = HttpMessageConverters
+	private final GenericHttpMessageConverter<Object> jsonMessageConverter = HttpMessageConverters
 			.getJsonMessageConverter();
 
 	private Converter<Map<String, Object>, OAuth2DeviceAuthorizationResponse> deviceAuthorizationResponseConverter = new DefaultMapOAuth2DeviceAuthorizationResponseConverter();
@@ -74,7 +74,7 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 			HttpInputMessage inputMessage) throws HttpMessageNotReadableException {
 
 		try {
-			Map<String, Object> deviceAuthorizationResponseParameters = (Map<String, Object>) this.jsonMessageConvereter
+			Map<String, Object> deviceAuthorizationResponseParameters = (Map<String, Object>) this.jsonMessageConverter
 					.read(STRING_OBJECT_MAP.getType(), null, inputMessage);
 			return this.deviceAuthorizationResponseConverter.convert(deviceAuthorizationResponseParameters);
 		}
@@ -90,9 +90,9 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 			HttpOutputMessage outputMessage) throws HttpMessageNotWritableException {
 
 		try {
-			Map<String, Object> deviceauthorizationResponseParameters = this.deviceAuthorizationResponseParametersConverter
+			Map<String, Object> deviceAuthorizationResponseParameters = this.deviceAuthorizationResponseParametersConverter
 					.convert(deviceAuthorizationResponse);
-			this.jsonMessageConvereter.write(deviceauthorizationResponseParameters, STRING_OBJECT_MAP.getType(),
+			this.jsonMessageConverter.write(deviceAuthorizationResponseParameters, STRING_OBJECT_MAP.getType(),
 					MediaType.APPLICATION_JSON, outputMessage);
 		}
 		catch (Exception ex) {
@@ -107,7 +107,7 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 	 * @param deviceAuthorizationResponseConverter the {@link Converter} used for
 	 * converting to an {@link OAuth2DeviceAuthorizationResponse}
 	 */
-	public void setDeviceAuthorizationResponseConverter(
+	public final void setDeviceAuthorizationResponseConverter(
 			Converter<Map<String, Object>, OAuth2DeviceAuthorizationResponse> deviceAuthorizationResponseConverter) {
 		Assert.notNull(deviceAuthorizationResponseConverter, "deviceAuthorizationResponseConverter cannot be null");
 		this.deviceAuthorizationResponseConverter = deviceAuthorizationResponseConverter;
@@ -121,7 +121,7 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 	 * for converting to a {@code Map} representation of the Device Authorization Response
 	 * parameters
 	 */
-	public void setDeviceAuthorizationResponseParametersConverter(
+	public final void setDeviceAuthorizationResponseParametersConverter(
 			Converter<OAuth2DeviceAuthorizationResponse, Map<String, Object>> deviceAuthorizationResponseParametersConverter) {
 		Assert.notNull(deviceAuthorizationResponseParametersConverter,
 				"deviceAuthorizationResponseParametersConverter cannot be null");
@@ -167,11 +167,10 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 			return (obj != null) ? obj.toString() : null;
 		}
 
-		private static long getParameterValue(Map<String, Object> tokenResponseParameters, String parameterName,
-				long defaultValue) {
+		private static long getParameterValue(Map<String, Object> parameters, String parameterName, long defaultValue) {
 			long parameterValue = defaultValue;
 
-			Object obj = tokenResponseParameters.get(parameterName);
+			Object obj = parameters.get(parameterName);
 			if (obj != null) {
 				// Final classes Long and Integer do not need to be coerced
 				if (obj.getClass() == Long.class) {
@@ -221,8 +220,9 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 
 		private static long getExpiresIn(OAuth2DeviceAuthorizationResponse deviceAuthorizationResponse) {
 			if (deviceAuthorizationResponse.getDeviceCode().getExpiresAt() != null) {
-				return ChronoUnit.SECONDS.between(Instant.now(),
-						deviceAuthorizationResponse.getDeviceCode().getExpiresAt());
+				Instant issuedAt = (deviceAuthorizationResponse.getDeviceCode().getIssuedAt() != null)
+						? deviceAuthorizationResponse.getDeviceCode().getIssuedAt() : Instant.now();
+				return ChronoUnit.SECONDS.between(issuedAt, deviceAuthorizationResponse.getDeviceCode().getExpiresAt());
 			}
 			return -1;
 		}

oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/http/converter/OAuth2DeviceAuthorizationResponseHttpMessageConverterTests.java

@@ -176,7 +176,7 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverterTests {
 		assertThat(authorizationResponse).contains("\"verification_uri\":\"https://example.com/device\"");
 		assertThat(authorizationResponse)
 				.contains("\"verification_uri_complete\":\"https://example.com/device?user_code=WDJB-MJHT\"");
-		assertThat(authorizationResponse).contains("\"expires_in\":");
+		assertThat(authorizationResponse).contains("\"expires_in\":1800");
 		assertThat(authorizationResponse).contains("\"interval\":5");
 		assertThat(authorizationResponse).contains("\"custom_parameter_1\":\"custom-value-1\"");
 		assertThat(authorizationResponse).contains("\"custom_parameter_2\":\"custom-value-2\"");