From 5811624bbe6695dd9761cf964198e8d934c48210 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Fri, 6 Oct 2017 16:44:19 -0400 Subject: [PATCH] Polish endpoint package * Remove ErrorResponseAttributes * Rename AuthorizationRequestAttributes -> AuthorizationRequest * Remove AuthorizationCodeTokenRequestAttributes * Rename TokenResponseAttributes -> TokenResponse Issue gh-4593 --- .../AuthorizationCodeAuthenticationToken.java | 8 +- .../AuthorizationCodeAuthenticator.java | 4 +- ...AuthorizationCodeAuthenticationFilter.java | 27 +++--- ...uthorizationCodeRequestRedirectFilter.java | 12 +-- .../web/AuthorizationGrantTokenExchanger.java | 6 +- .../web/AuthorizationRequestRepository.java | 14 +-- .../web/AuthorizationRequestUriBuilder.java | 6 +- ...DefaultAuthorizationRequestUriBuilder.java | 18 ++-- ...SessionAuthorizationRequestRepository.java | 20 ++-- .../AuthorizationResponseConverter.java | 23 +++-- .../ErrorResponseAttributesConverter.java | 56 ----------- ...NimbusAuthorizationCodeTokenExchanger.java | 13 ++- .../OidcAuthorizationCodeAuthenticator.java | 4 +- ...rizationCodeAuthenticationFilterTests.java | 8 +- ...izationCodeRequestRedirectFilterTests.java | 22 ++--- .../security/oauth2/core/OAuth2Error.java | 2 +- ...thorizationCodeTokenRequestAttributes.java | 76 --------------- ...ributes.java => AuthorizationRequest.java} | 12 +-- .../core/endpoint/AuthorizationResponse.java | 2 +- .../endpoint/ErrorResponseAttributes.java | 96 ------------------- ...onseAttributes.java => TokenResponse.java} | 8 +- ...izationCodeTokenRequestAttributesTest.java | 75 --------------- ...est.java => AuthorizationRequestTest.java} | 30 +++--- .../endpoint/ErrorResponseAttributesTest.java | 32 ------- ...ibutesTest.java => TokenResponseTest.java} | 12 +-- .../samples/OAuth2LoginApplicationTests.java | 4 +- 26 files changed, 130 insertions(+), 460 deletions(-) delete mode 100644 oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/ErrorResponseAttributesConverter.java delete mode 100644 oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributes.java rename oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/{AuthorizationRequestAttributes.java => AuthorizationRequest.java} (92%) delete mode 100644 oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributes.java rename oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/{TokenResponseAttributes.java => TokenResponse.java} (93%) delete mode 100644 oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributesTest.java rename oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/{AuthorizationRequestAttributesTest.java => AuthorizationRequestTest.java} (79%) delete mode 100644 oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributesTest.java rename oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/{TokenResponseAttributesTest.java => TokenResponseTest.java} (89%) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java index 516f9c6a17..096c4d4a6c 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java @@ -17,7 +17,7 @@ package org.springframework.security.oauth2.client.authentication; import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.core.AuthorizationGrantType; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import org.springframework.util.Assert; /** @@ -33,11 +33,11 @@ import org.springframework.util.Assert; public class AuthorizationCodeAuthenticationToken extends AuthorizationGrantAuthenticationToken { private final String authorizationCode; private final ClientRegistration clientRegistration; - private final AuthorizationRequestAttributes authorizationRequest; + private final AuthorizationRequest authorizationRequest; public AuthorizationCodeAuthenticationToken(String authorizationCode, ClientRegistration clientRegistration, - AuthorizationRequestAttributes authorizationRequest) { + AuthorizationRequest authorizationRequest) { super(AuthorizationGrantType.AUTHORIZATION_CODE); Assert.hasText(authorizationCode, "authorizationCode cannot be empty"); Assert.notNull(clientRegistration, "clientRegistration cannot be null"); @@ -66,7 +66,7 @@ public class AuthorizationCodeAuthenticationToken extends AuthorizationGrantAuth return this.clientRegistration; } - public AuthorizationRequestAttributes getAuthorizationRequest() { + public AuthorizationRequest getAuthorizationRequest() { return this.authorizationRequest; } } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticator.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticator.java index 51aa8f2706..9ddb260100 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticator.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticator.java @@ -17,7 +17,7 @@ package org.springframework.security.oauth2.client.authentication; import org.springframework.security.oauth2.client.web.AuthorizationGrantTokenExchanger; import org.springframework.security.oauth2.core.AccessToken; -import org.springframework.security.oauth2.core.endpoint.TokenResponseAttributes; +import org.springframework.security.oauth2.core.endpoint.TokenResponse; import org.springframework.util.Assert; /** @@ -50,7 +50,7 @@ public class AuthorizationCodeAuthenticator implements AuthorizationGrantAuthent return null; } - TokenResponseAttributes tokenResponse = + TokenResponse tokenResponse = this.authorizationCodeTokenExchanger.exchange(authorizationCodeAuthentication); AccessToken accessToken = new AccessToken(tokenResponse.getTokenType(), diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java index 402a782175..128befb59c 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java @@ -28,11 +28,9 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio import org.springframework.security.oauth2.client.registration.ClientRegistrationIdentifierStrategy; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.client.web.converter.AuthorizationResponseConverter; -import org.springframework.security.oauth2.client.web.converter.ErrorResponseAttributesConverter; import org.springframework.security.oauth2.core.OAuth2Error; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse; -import org.springframework.security.oauth2.core.endpoint.ErrorResponseAttributes; import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter; import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.security.oauth2.oidc.client.authentication.OidcClientAuthenticationToken; @@ -75,7 +73,7 @@ import java.io.IOException; * @see AuthorizationCodeAuthenticationToken * @see AuthorizationCodeAuthenticationProvider * @see AuthorizationCodeRequestRedirectFilter - * @see AuthorizationRequestAttributes + * @see AuthorizationRequest * @see AuthorizationRequestRepository * @see ClientRegistrationRepository * @see Section 4.1 Authorization Code Grant Flow @@ -86,7 +84,6 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found"; private static final String INVALID_STATE_PARAMETER_ERROR_CODE = "invalid_state_parameter"; private static final String INVALID_REDIRECT_URI_PARAMETER_ERROR_CODE = "invalid_redirect_uri_parameter"; - private final ErrorResponseAttributesConverter errorResponseConverter = new ErrorResponseAttributesConverter(); private final AuthorizationResponseConverter authorizationResponseConverter = new AuthorizationResponseConverter(); private ClientRegistrationRepository clientRegistrationRepository; private RequestMatcher authorizationResponseMatcher = new AuthorizationResponseMatcher(); @@ -101,15 +98,15 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException { - ErrorResponseAttributes authorizationError = this.errorResponseConverter.apply(request); - if (authorizationError != null) { - OAuth2Error oauth2Error = new OAuth2Error(authorizationError.getErrorCode(), - authorizationError.getDescription(), authorizationError.getUri()); + AuthorizationResponse authorizationResponse = this.authorizationResponseConverter.apply(request); + + if (authorizationResponse.statusError()) { this.getAuthorizationRequestRepository().removeAuthorizationRequest(request); - throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); + throw new OAuth2AuthenticationException( + authorizationResponse.getError(), authorizationResponse.getError().toString()); } - AuthorizationRequestAttributes matchingAuthorizationRequest = this.resolveAuthorizationRequest(request); + AuthorizationRequest matchingAuthorizationRequest = this.resolveAuthorizationRequest(request); String registrationId = (String)matchingAuthorizationRequest.getAdditionalParameters().get(OAuth2Parameter.REGISTRATION_ID); ClientRegistration clientRegistration = this.getClientRegistrationRepository().findByRegistrationId(registrationId); @@ -124,8 +121,6 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio .redirectUri(matchingAuthorizationRequest.getRedirectUri()) .build(); - AuthorizationResponse authorizationResponse = this.authorizationResponseConverter.apply(request); - AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = new AuthorizationCodeAuthenticationToken( authorizationResponse.getCode(), clientRegistration, matchingAuthorizationRequest); authorizationCodeAuthentication.setDetails(this.authenticationDetailsSource.buildDetails(request)); @@ -177,8 +172,8 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio this.authorizationRequestRepository = authorizationRequestRepository; } - private AuthorizationRequestAttributes resolveAuthorizationRequest(HttpServletRequest request) { - AuthorizationRequestAttributes authorizationRequest = + private AuthorizationRequest resolveAuthorizationRequest(HttpServletRequest request) { + AuthorizationRequest authorizationRequest = this.getAuthorizationRequestRepository().loadAuthorizationRequest(request); if (authorizationRequest == null) { OAuth2Error oauth2Error = new OAuth2Error(AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE); @@ -189,7 +184,7 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio return authorizationRequest; } - private void assertMatchingAuthorizationRequest(HttpServletRequest request, AuthorizationRequestAttributes authorizationRequest) { + private void assertMatchingAuthorizationRequest(HttpServletRequest request, AuthorizationRequest authorizationRequest) { String state = request.getParameter(OAuth2Parameter.STATE); if (!authorizationRequest.getState().equals(state)) { OAuth2Error oauth2Error = new OAuth2Error(INVALID_STATE_PARAMETER_ERROR_CODE); diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java index 273d46e454..dec4ad0266 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java @@ -19,7 +19,7 @@ import org.springframework.http.HttpStatus; import org.springframework.security.crypto.keygen.StringKeyGenerator; import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter; import org.springframework.security.web.DefaultRedirectStrategy; import org.springframework.security.web.RedirectStrategy; @@ -52,7 +52,7 @@ import java.util.Map; * * @author Joe Grandja * @since 5.0 - * @see AuthorizationRequestAttributes + * @see AuthorizationRequest * @see AuthorizationRequestRepository * @see AuthorizationRequestUriBuilder * @see ClientRegistration @@ -127,8 +127,8 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter Map additionalParameters = new HashMap<>(); additionalParameters.put(OAuth2Parameter.REGISTRATION_ID, clientRegistration.getRegistrationId()); - AuthorizationRequestAttributes authorizationRequestAttributes = - AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest authorizationRequest = + AuthorizationRequest.authorizationCode() .clientId(clientRegistration.getClientId()) .authorizeUri(clientRegistration.getProviderDetails().getAuthorizationUri()) .redirectUri(redirectUriStr) @@ -137,9 +137,9 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter .additionalParameters(additionalParameters) .build(); - this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequestAttributes, request, response); + this.authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, request, response); - URI redirectUri = this.authorizationUriBuilder.build(authorizationRequestAttributes); + URI redirectUri = this.authorizationUriBuilder.build(authorizationRequest); this.authorizationRedirectStrategy.sendRedirect(request, response, redirectUri.toString()); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationGrantTokenExchanger.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationGrantTokenExchanger.java index ec33c5e6cc..67a73094c6 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationGrantTokenExchanger.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationGrantTokenExchanger.java @@ -19,7 +19,7 @@ package org.springframework.security.oauth2.client.web; import org.springframework.security.oauth2.client.authentication.AuthorizationGrantAuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.AuthorizationGrantType; -import org.springframework.security.oauth2.core.endpoint.TokenResponseAttributes; +import org.springframework.security.oauth2.core.endpoint.TokenResponse; /** * Implementations of this interface are responsible for "exchanging" @@ -30,13 +30,13 @@ import org.springframework.security.oauth2.core.endpoint.TokenResponseAttributes * @since 5.0 * @see AuthorizationGrantType * @see AuthorizationGrantAuthenticationToken - * @see TokenResponseAttributes + * @see TokenResponse * @see Section 1.3 Authorization Grant * @see Section 4.1.3 Access Token Request (Authorization Code Grant) * @see Section 4.1.4 Access Token Response (Authorization Code Grant) */ public interface AuthorizationGrantTokenExchanger { - TokenResponseAttributes exchange(T authorizationGrantAuthentication) throws OAuth2AuthenticationException; + TokenResponse exchange(T authorizationGrantAuthentication) throws OAuth2AuthenticationException; } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java index f110c1248e..fd457008c3 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java @@ -15,14 +15,14 @@ */ package org.springframework.security.oauth2.client.web; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Implementations of this interface are responsible for the persistence - * of {@link AuthorizationRequestAttributes} between requests. + * of {@link AuthorizationRequest} between requests. * *

* Used by the {@link AuthorizationCodeRequestRedirectFilter} for persisting the Authorization Request @@ -32,16 +32,16 @@ import javax.servlet.http.HttpServletResponse; * * @author Joe Grandja * @since 5.0 - * @see AuthorizationRequestAttributes + * @see AuthorizationRequest * @see HttpSessionAuthorizationRequestRepository */ public interface AuthorizationRequestRepository { - AuthorizationRequestAttributes loadAuthorizationRequest(HttpServletRequest request); + AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request); - void saveAuthorizationRequest(AuthorizationRequestAttributes authorizationRequest, HttpServletRequest request, - HttpServletResponse response); + void saveAuthorizationRequest(AuthorizationRequest authorizationRequest, HttpServletRequest request, + HttpServletResponse response); - AuthorizationRequestAttributes removeAuthorizationRequest(HttpServletRequest request); + AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestUriBuilder.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestUriBuilder.java index a2fe694c36..e474fc8ca7 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestUriBuilder.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestUriBuilder.java @@ -16,7 +16,7 @@ package org.springframework.security.oauth2.client.web; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import java.net.URI; @@ -37,10 +37,10 @@ import java.net.URI; * * @author Joe Grandja * @since 5.0 - * @see AuthorizationRequestAttributes + * @see AuthorizationRequest * @see Section 4.1.1 Authorization Request */ public interface AuthorizationRequestUriBuilder { - URI build(AuthorizationRequestAttributes authorizationRequestAttributes); + URI build(AuthorizationRequest authorizationRequest); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultAuthorizationRequestUriBuilder.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultAuthorizationRequestUriBuilder.java index f5e7b6d7bf..45896bc9a3 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultAuthorizationRequestUriBuilder.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultAuthorizationRequestUriBuilder.java @@ -15,7 +15,7 @@ */ package org.springframework.security.oauth2.client.web; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter; import org.springframework.security.oauth2.core.endpoint.ResponseType; import org.springframework.web.util.UriComponentsBuilder; @@ -29,24 +29,24 @@ import java.util.stream.Collectors; * * @author Joe Grandja * @since 5.0 - * @see AuthorizationRequestAttributes + * @see AuthorizationRequest * @see Section 4.1.1 Authorization Request */ public class DefaultAuthorizationRequestUriBuilder implements AuthorizationRequestUriBuilder { @Override - public URI build(AuthorizationRequestAttributes authorizationRequestAttributes) { + public URI build(AuthorizationRequest authorizationRequest) { UriComponentsBuilder uriBuilder = UriComponentsBuilder - .fromUriString(authorizationRequestAttributes.getAuthorizeUri()) + .fromUriString(authorizationRequest.getAuthorizeUri()) .queryParam(OAuth2Parameter.RESPONSE_TYPE, ResponseType.CODE.getValue()); - if (authorizationRequestAttributes.getRedirectUri() != null) { - uriBuilder.queryParam(OAuth2Parameter.REDIRECT_URI, authorizationRequestAttributes.getRedirectUri()); + if (authorizationRequest.getRedirectUri() != null) { + uriBuilder.queryParam(OAuth2Parameter.REDIRECT_URI, authorizationRequest.getRedirectUri()); } uriBuilder - .queryParam(OAuth2Parameter.CLIENT_ID, authorizationRequestAttributes.getClientId()) + .queryParam(OAuth2Parameter.CLIENT_ID, authorizationRequest.getClientId()) .queryParam(OAuth2Parameter.SCOPE, - authorizationRequestAttributes.getScope().stream().collect(Collectors.joining(" "))) - .queryParam(OAuth2Parameter.STATE, authorizationRequestAttributes.getState()); + authorizationRequest.getScope().stream().collect(Collectors.joining(" "))) + .queryParam(OAuth2Parameter.STATE, authorizationRequest.getState()); return uriBuilder.build().encode().toUri(); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java index 926b74d6d5..b05ce8600c 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java @@ -15,7 +15,7 @@ */ package org.springframework.security.oauth2.client.web; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -23,11 +23,11 @@ import javax.servlet.http.HttpSession; /** * An implementation of an {@link AuthorizationRequestRepository} that stores - * {@link AuthorizationRequestAttributes} in the {@link HttpSession}. + * {@link AuthorizationRequest} in the {@link HttpSession}. * * @author Joe Grandja * @since 5.0 - * @see AuthorizationRequestAttributes + * @see AuthorizationRequest */ public final class HttpSessionAuthorizationRequestRepository implements AuthorizationRequestRepository { private static final String DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME = @@ -35,18 +35,18 @@ public final class HttpSessionAuthorizationRequestRepository implements Authoriz private String sessionAttributeName = DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME; @Override - public AuthorizationRequestAttributes loadAuthorizationRequest(HttpServletRequest request) { - AuthorizationRequestAttributes authorizationRequest = null; + public AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request) { + AuthorizationRequest authorizationRequest = null; HttpSession session = request.getSession(false); if (session != null) { - authorizationRequest = (AuthorizationRequestAttributes) session.getAttribute(this.sessionAttributeName); + authorizationRequest = (AuthorizationRequest) session.getAttribute(this.sessionAttributeName); } return authorizationRequest; } @Override - public void saveAuthorizationRequest(AuthorizationRequestAttributes authorizationRequest, HttpServletRequest request, - HttpServletResponse response) { + public void saveAuthorizationRequest(AuthorizationRequest authorizationRequest, HttpServletRequest request, + HttpServletResponse response) { if (authorizationRequest == null) { this.removeAuthorizationRequest(request); return; @@ -55,8 +55,8 @@ public final class HttpSessionAuthorizationRequestRepository implements Authoriz } @Override - public AuthorizationRequestAttributes removeAuthorizationRequest(HttpServletRequest request) { - AuthorizationRequestAttributes authorizationRequest = this.loadAuthorizationRequest(request); + public AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request) { + AuthorizationRequest authorizationRequest = this.loadAuthorizationRequest(request); if (authorizationRequest != null) { request.getSession().removeAttribute(this.sessionAttributeName); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java index 65b1c392f5..68ebac7c92 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java @@ -17,7 +17,7 @@ package org.springframework.security.oauth2.client.web.converter; import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse; import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter; -import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import javax.servlet.http.HttpServletRequest; import java.util.function.Function; @@ -36,12 +36,23 @@ public final class AuthorizationResponseConverter implements FunctionFunction that converts an OAuth 2.0 Error Response - * (in the form of a {@link HttpServletRequest}) to a {@link ErrorResponseAttributes}. - * - * @author Joe Grandja - * @since 5.0 - * @see ErrorResponseAttributes - */ -public final class ErrorResponseAttributesConverter implements Function { - - @Override - public ErrorResponseAttributes apply(HttpServletRequest request) { - ErrorResponseAttributes response; - - String errorCode = request.getParameter(OAuth2Parameter.ERROR); - if (!StringUtils.hasText(errorCode)) { - return null; - } - - String description = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION); - String uri = request.getParameter(OAuth2Parameter.ERROR_URI); - String state = request.getParameter(OAuth2Parameter.STATE); - - response = ErrorResponseAttributes.withErrorCode(errorCode) - .description(description) - .uri(uri) - .state(state) - .build(); - - return response; - } -} diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/nimbus/NimbusAuthorizationCodeTokenExchanger.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/nimbus/NimbusAuthorizationCodeTokenExchanger.java index bfda53029c..666fb67089 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/nimbus/NimbusAuthorizationCodeTokenExchanger.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/nimbus/NimbusAuthorizationCodeTokenExchanger.java @@ -24,7 +24,6 @@ import com.nimbusds.oauth2.sdk.ErrorObject; import com.nimbusds.oauth2.sdk.ParseException; import com.nimbusds.oauth2.sdk.TokenErrorResponse; import com.nimbusds.oauth2.sdk.TokenRequest; -import com.nimbusds.oauth2.sdk.TokenResponse; import com.nimbusds.oauth2.sdk.auth.ClientAuthentication; import com.nimbusds.oauth2.sdk.auth.ClientSecretBasic; import com.nimbusds.oauth2.sdk.auth.ClientSecretPost; @@ -40,7 +39,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio import org.springframework.security.oauth2.core.AccessToken; import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.OAuth2Error; -import org.springframework.security.oauth2.core.endpoint.TokenResponseAttributes; +import org.springframework.security.oauth2.core.endpoint.TokenResponse; import org.springframework.util.CollectionUtils; import java.io.IOException; @@ -62,7 +61,7 @@ import java.util.stream.Collectors; * @author Joe Grandja * @since 5.0 * @see AuthorizationCodeAuthenticationToken - * @see TokenResponseAttributes + * @see TokenResponse * @see Nimbus OAuth 2.0 SDK * @see Section 4.1.3 Access Token Request (Authorization Code Grant) * @see Section 4.1.4 Access Token Response (Authorization Code Grant) @@ -71,7 +70,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant private static final String INVALID_TOKEN_RESPONSE_ERROR_CODE = "invalid_token_response"; @Override - public TokenResponseAttributes exchange(AuthorizationCodeAuthenticationToken authorizationCodeAuthenticationToken) + public TokenResponse exchange(AuthorizationCodeAuthenticationToken authorizationCodeAuthenticationToken) throws OAuth2AuthenticationException { ClientRegistration clientRegistration = authorizationCodeAuthenticationToken.getClientRegistration(); @@ -92,7 +91,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant clientAuthentication = new ClientSecretBasic(clientId, clientSecret); } - TokenResponse tokenResponse; + com.nimbusds.oauth2.sdk.TokenResponse tokenResponse; try { // Send the Access Token request TokenRequest tokenRequest = new TokenRequest(tokenUri, clientAuthentication, authorizationCodeGrant); @@ -100,7 +99,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant httpRequest.setAccept(MediaType.APPLICATION_JSON_VALUE); httpRequest.setConnectTimeout(30000); httpRequest.setReadTimeout(30000); - tokenResponse = TokenResponse.parse(httpRequest.send()); + tokenResponse = com.nimbusds.oauth2.sdk.TokenResponse.parse(httpRequest.send()); } catch (ParseException pe) { // This error occurs if the Access Token Response is not well-formed, // for example, a required attribute is missing @@ -134,7 +133,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant Map additionalParameters = accessTokenResponse.getCustomParameters().entrySet().stream() .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)); - return TokenResponseAttributes.withToken(accessToken) + return TokenResponse.withToken(accessToken) .tokenType(accessTokenType) .expiresIn(expiresIn) .scope(scope) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/oidc/client/authentication/OidcAuthorizationCodeAuthenticator.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/oidc/client/authentication/OidcAuthorizationCodeAuthenticator.java index 082dd192f2..bb926d75a2 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/oidc/client/authentication/OidcAuthorizationCodeAuthenticator.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/oidc/client/authentication/OidcAuthorizationCodeAuthenticator.java @@ -25,7 +25,7 @@ import org.springframework.security.oauth2.client.authentication.jwt.JwtDecoderR import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.web.AuthorizationGrantTokenExchanger; import org.springframework.security.oauth2.core.AccessToken; -import org.springframework.security.oauth2.core.endpoint.TokenResponseAttributes; +import org.springframework.security.oauth2.core.endpoint.TokenResponse; import org.springframework.security.oauth2.oidc.core.IdToken; import org.springframework.security.oauth2.oidc.core.endpoint.OidcParameter; import org.springframework.util.Assert; @@ -66,7 +66,7 @@ public class OidcAuthorizationCodeAuthenticator implements AuthorizationGrantAut ClientRegistration clientRegistration = authorizationCodeAuthentication.getClientRegistration(); - TokenResponseAttributes tokenResponse = + TokenResponse tokenResponse = this.authorizationCodeTokenExchanger.exchange(authorizationCodeAuthentication); AccessToken accessToken = new AccessToken(tokenResponse.getTokenType(), diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilterTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilterTests.java index 08c6eada39..ce3672d9ea 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilterTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilterTests.java @@ -34,7 +34,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.core.AccessToken; import org.springframework.security.oauth2.core.OAuth2Error; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter; import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.security.web.authentication.AuthenticationFailureHandler; @@ -245,8 +245,8 @@ public class AuthorizationCodeAuthenticationFilterTests { Map additionalParameters = new HashMap<>(); additionalParameters.put(OAuth2Parameter.REGISTRATION_ID, clientRegistration.getRegistrationId()); - AuthorizationRequestAttributes authorizationRequestAttributes = - AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest authorizationRequest = + AuthorizationRequest.authorizationCode() .clientId(clientRegistration.getClientId()) .authorizeUri(clientRegistration.getProviderDetails().getAuthorizationUri()) .redirectUri(clientRegistration.getRedirectUri()) @@ -255,7 +255,7 @@ public class AuthorizationCodeAuthenticationFilterTests { .additionalParameters(additionalParameters) .build(); - authorizationRequestRepository.saveAuthorizationRequest(authorizationRequestAttributes, request, response); + authorizationRequestRepository.saveAuthorizationRequest(authorizationRequest, request, response); } private MockHttpServletRequest setupRequest(ClientRegistration clientRegistration) { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilterTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilterTests.java index 70478c5f3c..e817f5d6c3 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilterTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilterTests.java @@ -23,7 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; -import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes; +import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest; import javax.servlet.FilterChain; import javax.servlet.http.HttpServletRequest; @@ -100,17 +100,17 @@ public class AuthorizationCodeRequestRedirectFilterTests { Mockito.verifyZeroInteractions(filterChain); // Request should not proceed up the chain // The authorization request attributes are saved in the session before the redirect happens - AuthorizationRequestAttributes authorizationRequestAttributes = + AuthorizationRequest authorizationRequest = authorizationRequestRepository.loadAuthorizationRequest(request); - Assertions.assertThat(authorizationRequestAttributes).isNotNull(); + Assertions.assertThat(authorizationRequest).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getAuthorizeUri()).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getGrantType()).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getResponseType()).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getClientId()).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getRedirectUri()).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getScope()).isNotNull(); - Assertions.assertThat(authorizationRequestAttributes.getState()).isNotNull(); + Assertions.assertThat(authorizationRequest.getAuthorizeUri()).isNotNull(); + Assertions.assertThat(authorizationRequest.getGrantType()).isNotNull(); + Assertions.assertThat(authorizationRequest.getResponseType()).isNotNull(); + Assertions.assertThat(authorizationRequest.getClientId()).isNotNull(); + Assertions.assertThat(authorizationRequest.getRedirectUri()).isNotNull(); + Assertions.assertThat(authorizationRequest.getScope()).isNotNull(); + Assertions.assertThat(authorizationRequest.getState()).isNotNull(); } private AuthorizationCodeRequestRedirectFilter setupFilter(String authorizationUri, @@ -118,7 +118,7 @@ public class AuthorizationCodeRequestRedirectFilterTests { AuthorizationRequestUriBuilder authorizationUriBuilder = Mockito.mock(AuthorizationRequestUriBuilder.class); URI authorizationURI = new URI(authorizationUri); - Mockito.when(authorizationUriBuilder.build(Matchers.any(AuthorizationRequestAttributes.class))).thenReturn(authorizationURI); + Mockito.when(authorizationUriBuilder.build(Matchers.any(AuthorizationRequest.class))).thenReturn(authorizationURI); return setupFilter(authorizationUriBuilder, clientRegistrations); } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Error.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Error.java index 39841a9fcf..9836e9b0e0 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Error.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Error.java @@ -30,7 +30,7 @@ import org.springframework.util.Assert; * @since 5.0 * @see Section 11.4 OAuth Extensions Error Registry */ -public class OAuth2Error { +public final class OAuth2Error { // Standard error codes public static final String INVALID_REQUEST_ERROR_CODE = "invalid_request"; public static final String INVALID_CLIENT_ERROR_CODE = "invalid_client"; diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributes.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributes.java deleted file mode 100644 index 0803ffdbb2..0000000000 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributes.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright 2012-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.oauth2.core.endpoint; - -import org.springframework.util.Assert; - -/** - * A representation of an OAuth 2.0 Access Token Request for the authorization code grant type. - * - * @author Joe Grandja - * @since 5.0 - * @see Section 4.1.3 Access Token Request - */ -public final class AuthorizationCodeTokenRequestAttributes { - private String code; - private String clientId; - private String redirectUri; - - private AuthorizationCodeTokenRequestAttributes() { - } - - public String getCode() { - return this.code; - } - - public String getClientId() { - return this.clientId; - } - - public String getRedirectUri() { - return this.redirectUri; - } - - public static Builder withCode(String code) { - return new Builder(code); - } - - public static class Builder { - private final AuthorizationCodeTokenRequestAttributes authorizationCodeTokenRequest; - - private Builder(String code) { - Assert.hasText(code, "code cannot be empty"); - this.authorizationCodeTokenRequest = new AuthorizationCodeTokenRequestAttributes(); - this.authorizationCodeTokenRequest.code = code; - } - - public Builder clientId(String clientId) { - this.authorizationCodeTokenRequest.clientId = clientId; - return this; - } - - public Builder redirectUri(String redirectUri) { - this.authorizationCodeTokenRequest.redirectUri = redirectUri; - return this; - } - - public AuthorizationCodeTokenRequestAttributes build() { - Assert.hasText(this.authorizationCodeTokenRequest.clientId, "clientId cannot be empty"); - Assert.hasText(this.authorizationCodeTokenRequest.redirectUri, "redirectUri cannot be empty"); - return this.authorizationCodeTokenRequest; - } - } -} diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributes.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequest.java similarity index 92% rename from oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributes.java rename to oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequest.java index 06df2dbaf9..2e0ff1bd9b 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributes.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequest.java @@ -37,7 +37,7 @@ import java.util.Set; * @see Section 4.1.1 Authorization Code Grant Request * @see Section 4.2.1 Implicit Grant Request */ -public final class AuthorizationRequestAttributes implements Serializable { +public final class AuthorizationRequest implements Serializable { private String authorizeUri; private AuthorizationGrantType authorizationGrantType; private ResponseType responseType; @@ -47,7 +47,7 @@ public final class AuthorizationRequestAttributes implements Serializable { private String state; private Map additionalParameters; - private AuthorizationRequestAttributes() { + private AuthorizationRequest() { } public String getAuthorizeUri() { @@ -82,16 +82,16 @@ public final class AuthorizationRequestAttributes implements Serializable { return this.additionalParameters; } - public static Builder withAuthorizationCode() { + public static Builder authorizationCode() { return new Builder(AuthorizationGrantType.AUTHORIZATION_CODE); } public static class Builder { - private final AuthorizationRequestAttributes authorizationRequest; + private final AuthorizationRequest authorizationRequest; private Builder(AuthorizationGrantType authorizationGrantType) { Assert.notNull(authorizationGrantType, "authorizationGrantType cannot be null"); - this.authorizationRequest = new AuthorizationRequestAttributes(); + this.authorizationRequest = new AuthorizationRequest(); this.authorizationRequest.authorizationGrantType = authorizationGrantType; if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(authorizationGrantType)) { this.authorizationRequest.responseType = ResponseType.CODE; @@ -128,7 +128,7 @@ public final class AuthorizationRequestAttributes implements Serializable { return this; } - public AuthorizationRequestAttributes build() { + public AuthorizationRequest build() { Assert.hasText(this.authorizationRequest.clientId, "clientId cannot be empty"); Assert.hasText(this.authorizationRequest.authorizeUri, "authorizeUri cannot be empty"); this.authorizationRequest.scope = Collections.unmodifiableSet( diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationResponse.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationResponse.java index 734ef377dc..da77580141 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationResponse.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationResponse.java @@ -51,7 +51,7 @@ public final class AuthorizationResponse { } public boolean statusError() { - return this.error != null && this.error.getErrorCode() != null; + return (this.error != null && this.error.getErrorCode() != null); } public static Builder success(String code) { diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributes.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributes.java deleted file mode 100644 index dca297df36..0000000000 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributes.java +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright 2012-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.oauth2.core.endpoint; - -import org.springframework.security.oauth2.core.OAuth2Error; -import org.springframework.util.Assert; - -/** - * A representation of an OAuth 2.0 Error Response. - * - *

- * An error response may be returned from either of the following locations: - *

- * - * @author Joe Grandja - * @since 5.0 - */ -public final class ErrorResponseAttributes { - private OAuth2Error errorObject; - private String state; - - private ErrorResponseAttributes() { - } - - public String getErrorCode() { - return this.errorObject.getErrorCode(); - } - - public String getDescription() { - return this.errorObject.getDescription(); - } - - public String getUri() { - return this.errorObject.getUri(); - } - - public String getState() { - return this.state; - } - - public static Builder withErrorCode(String errorCode) { - return new Builder(errorCode); - } - - public static class Builder { - private String errorCode; - private String description; - private String uri; - private String state; - - private Builder(String errorCode) { - Assert.hasText(errorCode, "errorCode cannot be empty"); - this.errorCode = errorCode; - } - - public Builder description(String description) { - this.description = description; - return this; - } - - public Builder uri(String uri) { - this.uri = uri; - return this; - } - - public Builder state(String state) { - this.state = state; - return this; - } - - public ErrorResponseAttributes build() { - ErrorResponseAttributes errorResponse = new ErrorResponseAttributes(); - errorResponse.errorObject = new OAuth2Error(this.errorCode, this.description, this.uri); - errorResponse.state = this.state; - return errorResponse; - } - } -} diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponseAttributes.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponse.java similarity index 93% rename from oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponseAttributes.java rename to oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponse.java index ffb9ca81ea..a4aa50f8d4 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponseAttributes.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponse.java @@ -31,11 +31,11 @@ import java.util.Set; * @see AccessToken * @see Section 5.1 Access Token Response */ -public final class TokenResponseAttributes { +public final class TokenResponse { private AccessToken accessToken; private Map additionalParameters; - private TokenResponseAttributes() { + private TokenResponse() { } public String getTokenValue() { @@ -97,12 +97,12 @@ public final class TokenResponseAttributes { return this; } - public TokenResponseAttributes build() { + public TokenResponse build() { Assert.isTrue(this.expiresIn >= 0, "expiresIn must be a positive number"); Instant issuedAt = Instant.now(); AccessToken accessToken = new AccessToken(this.tokenType, this.tokenValue, issuedAt, issuedAt.plusSeconds(this.expiresIn), this.scope); - TokenResponseAttributes tokenResponse = new TokenResponseAttributes(); + TokenResponse tokenResponse = new TokenResponse(); tokenResponse.accessToken = accessToken; tokenResponse.additionalParameters = Collections.unmodifiableMap( this.additionalParameters != null ? this.additionalParameters : Collections.emptyMap()); diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributesTest.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributesTest.java deleted file mode 100644 index f781036508..0000000000 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeTokenRequestAttributesTest.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright 2012-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.oauth2.core.endpoint; - -import org.junit.Test; -import org.springframework.security.oauth2.core.AuthorizationGrantType; - -import static org.assertj.core.api.Assertions.assertThat; - -/** - * Tests {@link AuthorizationCodeTokenRequestAttributes} - * - * @author Luander Ribeiro - */ -public class AuthorizationCodeTokenRequestAttributesTest { - private static final String CODE = "code"; - private static final String CLIENT_ID = "client id"; - private static final String REDIRECT_URI = "http://redirect.uri/"; - - @Test(expected = IllegalArgumentException.class) - public void buildWhenCodeIsNullThenThrowIllegalArgumentException() { - AuthorizationCodeTokenRequestAttributes - .withCode(null) - .clientId(CLIENT_ID) - .redirectUri(REDIRECT_URI) - .build(); - } - - @Test(expected = IllegalArgumentException.class) - public void buildWhenClientIdIsNullThenThrowIllegalArgumentException() { - AuthorizationCodeTokenRequestAttributes - .withCode(CODE) - .clientId(null) - .redirectUri(REDIRECT_URI) - .build(); - } - - @Test(expected = IllegalArgumentException.class) - public void buildWhenRedirectUriIsNullThenThrowIllegalArgumentException() { - AuthorizationCodeTokenRequestAttributes - .withCode(CODE) - .clientId(CLIENT_ID) - .redirectUri(null) - .build(); - } - - @Test(expected = IllegalArgumentException.class) - public void buildWhenClientIdNotSetThenThrowIllegalArgumentException() { - AuthorizationCodeTokenRequestAttributes - .withCode(CODE) - .redirectUri(REDIRECT_URI) - .build(); - } - - @Test(expected = IllegalArgumentException.class) - public void buildWhenRedirectUriNotSetThenThrowIllegalArgumentException() { - AuthorizationCodeTokenRequestAttributes - .withCode(CODE) - .clientId(CLIENT_ID) - .build(); - } -} diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributesTest.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestTest.java similarity index 79% rename from oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributesTest.java rename to oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestTest.java index 24c794a64a..49cb7f2dc4 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributesTest.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestTest.java @@ -24,11 +24,11 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatCode; /** - * Tests {@link AuthorizationRequestAttributes} + * Tests {@link AuthorizationRequest} * * @author Luander Ribeiro */ -public class AuthorizationRequestAttributesTest { +public class AuthorizationRequestTest { private static final String AUTHORIZE_URI = "http://authorize.uri/"; private static final String CLIENT_ID = "client id"; private static final String REDIRECT_URI = "http://redirect.uri/"; @@ -37,7 +37,7 @@ public class AuthorizationRequestAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenAuthorizationUriIsNullThenThrowIllegalArgumentException() { - AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest.authorizationCode() .authorizeUri(null) .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) @@ -48,7 +48,7 @@ public class AuthorizationRequestAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenAuthorizeUriNotSetThenThrowIllegalArgumentException() { - AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest.authorizationCode() .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) .scope(SCOPE) @@ -58,7 +58,7 @@ public class AuthorizationRequestAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenClientIdIsNullThenThrowIllegalArgumentException() { - AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(null) .redirectUri(REDIRECT_URI) @@ -69,7 +69,7 @@ public class AuthorizationRequestAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenClientIdNotSetThenThrowIllegalArgumentException() { - AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .redirectUri(REDIRECT_URI) .scope(SCOPE) @@ -79,8 +79,8 @@ public class AuthorizationRequestAttributesTest { @Test public void buildWhenGetResponseTypeIsCalledThenReturnCode() { - AuthorizationRequestAttributes attributes; - attributes = AuthorizationRequestAttributes.withAuthorizationCode() + AuthorizationRequest authorizationRequest; + authorizationRequest = AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) @@ -88,12 +88,12 @@ public class AuthorizationRequestAttributesTest { .state(STATE) .build(); - assertThat(attributes.getResponseType()).isEqualTo(ResponseType.CODE); + assertThat(authorizationRequest.getResponseType()).isEqualTo(ResponseType.CODE); } @Test public void buildWhenRedirectUriIsNullThenDoesNotThrowAnyException() { - assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode() + assertThatCode(() -> AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .redirectUri(null) @@ -104,7 +104,7 @@ public class AuthorizationRequestAttributesTest { @Test public void buildWhenRedirectUriNotSetThenDoesNotThrowAnyException() { - assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode() + assertThatCode(() -> AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .scope(SCOPE) @@ -114,7 +114,7 @@ public class AuthorizationRequestAttributesTest { @Test public void buildWhenScopesIsNullThenDoesNotThrowAnyException() { - assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode() + assertThatCode(() -> AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) @@ -125,7 +125,7 @@ public class AuthorizationRequestAttributesTest { @Test public void buildWhenScopesNotSetThenDoesNotThrowAnyException() { - assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode() + assertThatCode(() -> AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) @@ -135,7 +135,7 @@ public class AuthorizationRequestAttributesTest { @Test public void buildWhenStateIsNullThenDoesNotThrowAnyException() { - assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode() + assertThatCode(() -> AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) @@ -146,7 +146,7 @@ public class AuthorizationRequestAttributesTest { @Test public void buildWhenStateNotSetThenDoesNotThrowAnyException() { - assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode() + assertThatCode(() -> AuthorizationRequest.authorizationCode() .authorizeUri(AUTHORIZE_URI) .clientId(CLIENT_ID) .redirectUri(REDIRECT_URI) diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributesTest.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributesTest.java deleted file mode 100644 index dbe9904d42..0000000000 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/ErrorResponseAttributesTest.java +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright 2012-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.oauth2.core.endpoint; - -import org.junit.Test; - -/** - * Tests {@link ErrorResponseAttributes} - * - * @author Luander Ribeiro - */ -public class ErrorResponseAttributesTest { - - @Test(expected = IllegalArgumentException.class) - public void withErrorCodeWhenCodeIsNullThenThrowIllegalArgumentException() { - ErrorResponseAttributes.withErrorCode(null) - .build(); - } -} diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseAttributesTest.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseTest.java similarity index 89% rename from oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseAttributesTest.java rename to oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseTest.java index ee663f0c97..6c1d8fd5d8 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseAttributesTest.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseTest.java @@ -21,11 +21,11 @@ import org.springframework.security.oauth2.core.AccessToken; import java.util.Collections; /** - * Tests {@link TokenResponseAttributes} + * Tests {@link TokenResponse} * * @author Luander Ribeiro */ -public class TokenResponseAttributesTest { +public class TokenResponseTest { private static final String TOKEN = "token"; private static final long INVALID_EXPIRES_IN = -1L; @@ -33,7 +33,7 @@ public class TokenResponseAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenTokenValueIsNullThenThrowIllegalArgumentException() { - TokenResponseAttributes.withToken(null) + TokenResponse.withToken(null) .expiresIn(EXPIRES_IN) .additionalParameters(Collections.emptyMap()) .scope(Collections.emptySet()) @@ -43,7 +43,7 @@ public class TokenResponseAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenExpiresInIsNegativeThenThrowIllegalArgumentException() { - TokenResponseAttributes.withToken(TOKEN) + TokenResponse.withToken(TOKEN) .expiresIn(INVALID_EXPIRES_IN) .additionalParameters(Collections.emptyMap()) .scope(Collections.emptySet()) @@ -53,7 +53,7 @@ public class TokenResponseAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenTokenTypeIsInvalidThenThrowIllegalArgumentException() { - TokenResponseAttributes.withToken(TOKEN) + TokenResponse.withToken(TOKEN) .expiresIn(EXPIRES_IN) .additionalParameters(Collections.emptyMap()) .tokenType(null) @@ -62,7 +62,7 @@ public class TokenResponseAttributesTest { @Test(expected = IllegalArgumentException.class) public void buildWhenTokenTypeNotSetThenThrowIllegalArgumentException() { - TokenResponseAttributes.withToken(TOKEN) + TokenResponse.withToken(TOKEN) .expiresIn(EXPIRES_IN) .additionalParameters(Collections.emptyMap()) .build(); diff --git a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java index 236a356185..8bbc5428f2 100644 --- a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java +++ b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java @@ -47,7 +47,7 @@ import org.springframework.security.oauth2.core.AccessToken; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter; import org.springframework.security.oauth2.core.endpoint.ResponseType; -import org.springframework.security.oauth2.core.endpoint.TokenResponseAttributes; +import org.springframework.security.oauth2.core.endpoint.TokenResponse; import org.springframework.security.oauth2.core.user.DefaultOAuth2User; import org.springframework.security.oauth2.core.user.OAuth2UserAuthority; import org.springframework.test.context.junit4.SpringRunner; @@ -381,7 +381,7 @@ public class OAuth2LoginApplicationTests { // @formatter:on private AuthorizationGrantTokenExchanger mockAuthorizationCodeTokenExchanger() { - TokenResponseAttributes tokenResponse = TokenResponseAttributes.withToken("access-token-1234") + TokenResponse tokenResponse = TokenResponse.withToken("access-token-1234") .tokenType(AccessToken.TokenType.BEARER) .expiresIn(60 * 1000) .scope(Collections.singleton("openid"))