Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish oauth2 client ExchangeFilterFunction's 

Fixes gh-6355
This commit is contained in:
Joe Grandja 2019-01-07 14:35:41 -05:00
parent d8d9abed2a
commit 673a2adf26
2 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
View File

@ -253,9 +253,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) { if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
return createRequest(request) return createRequest(request)
.flatMap(r -> authorizeWithClientCredentials(clientRegistration, r)); .flatMap(r -> authorizeWithClientCredentials(clientRegistration, r));
} else if (shouldRefresh(authorizedClient)) { } else if (shouldRefreshToken(authorizedClient)) {
return createRequest(request) return createRequest(request)
.flatMap(r -> refreshAuthorizedClient(next, authorizedClient, r)); .flatMap(r -> authorizeWithRefreshToken(next, authorizedClient, r));
} }
return Mono.just(authorizedClient); return Mono.just(authorizedClient);
} }
@ -273,8 +273,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
.thenReturn(result)); .thenReturn(result));
} }
private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ExchangeFunction next, private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ExchangeFunction next,
OAuth2AuthorizedClient authorizedClient, OAuth2AuthorizedClientResolver.Request r) { OAuth2AuthorizedClient authorizedClient,
OAuth2AuthorizedClientResolver.Request r) {
ServerWebExchange exchange = r.getExchange(); ServerWebExchange exchange = r.getExchange();
Authentication authentication = r.getAuthentication(); Authentication authentication = r.getAuthentication();
ClientRegistration clientRegistration = authorizedClient ClientRegistration clientRegistration = authorizedClient
@ -293,7 +294,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
.thenReturn(result)); .thenReturn(result));
} }
private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) { private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
if (this.authorizedClientRepository == null) { if (this.authorizedClientRepository == null) {
return false; return false;
} }

22
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
View File

@ -333,7 +333,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
throw new IllegalArgumentException("Could not find ClientRegistration with id " + clientRegistrationId); throw new IllegalArgumentException("Could not find ClientRegistration with id " + clientRegistrationId);
} }
if (isClientCredentialsGrantType(clientRegistration)) { if (isClientCredentialsGrantType(clientRegistration)) {
return getAuthorizedClient(clientRegistration, attrs); return authorizeWithClientCredentials(clientRegistration, attrs);
} }
throw new ClientAuthorizationRequiredException(clientRegistrationId); throw new ClientAuthorizationRequiredException(clientRegistrationId);
} }
@ -342,10 +342,8 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType()); return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType());
} }
private OAuth2AuthorizedClient authorizeWithClientCredentials(
private OAuth2AuthorizedClient getAuthorizedClient(ClientRegistration clientRegistration, ClientRegistration clientRegistration, Map<String, Object> attrs) {
Map<String, Object> attrs) {
HttpServletRequest request = getRequest(attrs); HttpServletRequest request = getRequest(attrs);
HttpServletResponse response = getResponse(attrs); HttpServletResponse response = getResponse(attrs);
OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest = OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest =
@ -372,16 +370,16 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
private Mono<OAuth2AuthorizedClient> authorizedClient(ClientRequest request, ExchangeFunction next, OAuth2AuthorizedClient authorizedClient) { private Mono<OAuth2AuthorizedClient> authorizedClient(ClientRequest request, ExchangeFunction next, OAuth2AuthorizedClient authorizedClient) {
ClientRegistration clientRegistration = authorizedClient.getClientRegistration(); ClientRegistration clientRegistration = authorizedClient.getClientRegistration();
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) { if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
//Client credentials grant do not have refresh tokens but can expire so we need to get another one // Client credentials grant do not have refresh tokens but can expire so we need to get another one
return Mono.fromSupplier(() -> getAuthorizedClient(clientRegistration, request.attributes())); return Mono.fromSupplier(() -> authorizeWithClientCredentials(clientRegistration, request.attributes()));
} else if (shouldRefresh(authorizedClient)) { } else if (shouldRefreshToken(authorizedClient)) {
return refreshAuthorizedClient(request, next, authorizedClient); return authorizeWithRefreshToken(request, next, authorizedClient);
} }
return Mono.just(authorizedClient); return Mono.just(authorizedClient);
} }
private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ClientRequest request, ExchangeFunction next, private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ClientRequest request, ExchangeFunction next,
OAuth2AuthorizedClient authorizedClient) { OAuth2AuthorizedClient authorizedClient) {
ClientRegistration clientRegistration = authorizedClient ClientRegistration clientRegistration = authorizedClient
.getClientRegistration(); .getClientRegistration();
String tokenUri = clientRegistration String tokenUri = clientRegistration
@ -407,7 +405,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
.publishOn(Schedulers.elastic()); .publishOn(Schedulers.elastic());
} }
private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) { private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
if (this.authorizedClientRepository == null) { if (this.authorizedClientRepository == null) {
return false; return false;
} }