Polish oauth2 client ExchangeFilterFunction's
Fixes gh-6355
This commit is contained in:
parent
d8d9abed2a
commit
673a2adf26
|
@ -253,9 +253,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
|
||||||
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
|
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
|
||||||
return createRequest(request)
|
return createRequest(request)
|
||||||
.flatMap(r -> authorizeWithClientCredentials(clientRegistration, r));
|
.flatMap(r -> authorizeWithClientCredentials(clientRegistration, r));
|
||||||
} else if (shouldRefresh(authorizedClient)) {
|
} else if (shouldRefreshToken(authorizedClient)) {
|
||||||
return createRequest(request)
|
return createRequest(request)
|
||||||
.flatMap(r -> refreshAuthorizedClient(next, authorizedClient, r));
|
.flatMap(r -> authorizeWithRefreshToken(next, authorizedClient, r));
|
||||||
}
|
}
|
||||||
return Mono.just(authorizedClient);
|
return Mono.just(authorizedClient);
|
||||||
}
|
}
|
||||||
|
@ -273,8 +273,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
|
||||||
.thenReturn(result));
|
.thenReturn(result));
|
||||||
}
|
}
|
||||||
|
|
||||||
private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ExchangeFunction next,
|
private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ExchangeFunction next,
|
||||||
OAuth2AuthorizedClient authorizedClient, OAuth2AuthorizedClientResolver.Request r) {
|
OAuth2AuthorizedClient authorizedClient,
|
||||||
|
OAuth2AuthorizedClientResolver.Request r) {
|
||||||
ServerWebExchange exchange = r.getExchange();
|
ServerWebExchange exchange = r.getExchange();
|
||||||
Authentication authentication = r.getAuthentication();
|
Authentication authentication = r.getAuthentication();
|
||||||
ClientRegistration clientRegistration = authorizedClient
|
ClientRegistration clientRegistration = authorizedClient
|
||||||
|
@ -293,7 +294,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
|
||||||
.thenReturn(result));
|
.thenReturn(result));
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) {
|
private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
|
||||||
if (this.authorizedClientRepository == null) {
|
if (this.authorizedClientRepository == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -333,7 +333,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
|
||||||
throw new IllegalArgumentException("Could not find ClientRegistration with id " + clientRegistrationId);
|
throw new IllegalArgumentException("Could not find ClientRegistration with id " + clientRegistrationId);
|
||||||
}
|
}
|
||||||
if (isClientCredentialsGrantType(clientRegistration)) {
|
if (isClientCredentialsGrantType(clientRegistration)) {
|
||||||
return getAuthorizedClient(clientRegistration, attrs);
|
return authorizeWithClientCredentials(clientRegistration, attrs);
|
||||||
}
|
}
|
||||||
throw new ClientAuthorizationRequiredException(clientRegistrationId);
|
throw new ClientAuthorizationRequiredException(clientRegistrationId);
|
||||||
}
|
}
|
||||||
|
@ -342,10 +342,8 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
|
||||||
return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType());
|
return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private OAuth2AuthorizedClient authorizeWithClientCredentials(
|
||||||
private OAuth2AuthorizedClient getAuthorizedClient(ClientRegistration clientRegistration,
|
ClientRegistration clientRegistration, Map<String, Object> attrs) {
|
||||||
Map<String, Object> attrs) {
|
|
||||||
|
|
||||||
HttpServletRequest request = getRequest(attrs);
|
HttpServletRequest request = getRequest(attrs);
|
||||||
HttpServletResponse response = getResponse(attrs);
|
HttpServletResponse response = getResponse(attrs);
|
||||||
OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest =
|
OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest =
|
||||||
|
@ -373,14 +371,14 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
|
||||||
ClientRegistration clientRegistration = authorizedClient.getClientRegistration();
|
ClientRegistration clientRegistration = authorizedClient.getClientRegistration();
|
||||||
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
|
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
|
||||||
// Client credentials grant do not have refresh tokens but can expire so we need to get another one
|
// Client credentials grant do not have refresh tokens but can expire so we need to get another one
|
||||||
return Mono.fromSupplier(() -> getAuthorizedClient(clientRegistration, request.attributes()));
|
return Mono.fromSupplier(() -> authorizeWithClientCredentials(clientRegistration, request.attributes()));
|
||||||
} else if (shouldRefresh(authorizedClient)) {
|
} else if (shouldRefreshToken(authorizedClient)) {
|
||||||
return refreshAuthorizedClient(request, next, authorizedClient);
|
return authorizeWithRefreshToken(request, next, authorizedClient);
|
||||||
}
|
}
|
||||||
return Mono.just(authorizedClient);
|
return Mono.just(authorizedClient);
|
||||||
}
|
}
|
||||||
|
|
||||||
private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ClientRequest request, ExchangeFunction next,
|
private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ClientRequest request, ExchangeFunction next,
|
||||||
OAuth2AuthorizedClient authorizedClient) {
|
OAuth2AuthorizedClient authorizedClient) {
|
||||||
ClientRegistration clientRegistration = authorizedClient
|
ClientRegistration clientRegistration = authorizedClient
|
||||||
.getClientRegistration();
|
.getClientRegistration();
|
||||||
|
@ -407,7 +405,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
|
||||||
.publishOn(Schedulers.elastic());
|
.publishOn(Schedulers.elastic());
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) {
|
private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
|
||||||
if (this.authorizedClientRepository == null) {
|
if (this.authorizedClientRepository == null) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue