diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java index 89bb0d9e26..4a85b6a2a1 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java @@ -70,9 +70,7 @@ public final class OAuth2LoginConfigurer> exten private final UserInfoEndpointConfig userInfoEndpointConfig = new UserInfoEndpointConfig(); public OAuth2LoginConfigurer() { - super(new OAuth2LoginAuthenticationFilter( - OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI), - OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI); + super(); } public OAuth2LoginConfigurer clients(ClientRegistrationRepository clientRegistrationRepository) { @@ -217,6 +215,14 @@ public final class OAuth2LoginConfigurer> exten @Override public void init(B http) throws Exception { + OAuth2LoginAuthenticationFilter authenticationFilter = + new OAuth2LoginAuthenticationFilter( + OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI, + this.getClientRegistrationRepository(), + this.getAuthorizedClientService()); + this.setAuthenticationFilter(authenticationFilter); + this.loginProcessingUrl(OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI); + super.init(http); AuthorizationGrantTokenExchanger authorizationCodeTokenExchanger = @@ -282,16 +288,14 @@ public final class OAuth2LoginConfigurer> exten } http.addFilter(this.postProcess(authorizationRequestFilter)); - OAuth2LoginAuthenticationFilter authorizationResponseFilter = this.getAuthenticationFilter(); + OAuth2LoginAuthenticationFilter authenticationFilter = this.getAuthenticationFilter(); if (this.redirectionEndpointConfig.authorizationResponseBaseUri != null) { - authorizationResponseFilter.setFilterProcessesUrl(this.redirectionEndpointConfig.authorizationResponseBaseUri); + authenticationFilter.setFilterProcessesUrl(this.redirectionEndpointConfig.authorizationResponseBaseUri); } - authorizationResponseFilter.setClientRegistrationRepository(this.getClientRegistrationRepository()); if (this.authorizationEndpointConfig.authorizationRequestRepository != null) { - authorizationResponseFilter.setAuthorizationRequestRepository( + authenticationFilter.setAuthorizationRequestRepository( this.authorizationEndpointConfig.authorizationRequestRepository); } - authorizationResponseFilter.setAuthorizedClientService(this.getAuthorizedClientService()); super.configure(http); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java index 5b6f15b8b8..7922b302cf 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java @@ -85,19 +85,19 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository(); - public OAuth2LoginAuthenticationFilter() { - this(DEFAULT_FILTER_PROCESSES_URI); + public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, + OAuth2AuthorizedClientService authorizedClientService) { + this(DEFAULT_FILTER_PROCESSES_URI, clientRegistrationRepository, authorizedClientService); } - public OAuth2LoginAuthenticationFilter(String filterProcessesUrl) { + public OAuth2LoginAuthenticationFilter(String filterProcessesUrl, + ClientRegistrationRepository clientRegistrationRepository, + OAuth2AuthorizedClientService authorizedClientService) { super(filterProcessesUrl); - } - - @Override - public void afterPropertiesSet() { - super.afterPropertiesSet(); - Assert.notNull(this.clientRegistrationRepository, "clientRegistrationRepository cannot be null"); - Assert.notNull(this.authorizedClientService, "authorizedClientService cannot be null"); + Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); + Assert.notNull(authorizedClientService, "authorizedClientService cannot be null"); + this.clientRegistrationRepository = clientRegistrationRepository; + this.authorizedClientService = authorizedClientService; } @Override @@ -143,16 +143,6 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce return oauth2Authentication; } - public final void setClientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) { - Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); - this.clientRegistrationRepository = clientRegistrationRepository; - } - - public final void setAuthorizedClientService(OAuth2AuthorizedClientService authorizedClientService) { - Assert.notNull(authorizedClientService, "authorizedClientService cannot be null"); - this.authorizedClientService = authorizedClientService; - } - public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) { Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null"); this.authorizationRequestRepository = authorizationRequestRepository; diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java index b6ca644d6c..b5c31cfb9b 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java @@ -188,10 +188,9 @@ public class OAuth2LoginAuthenticationFilterTests { ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations); - OAuth2LoginAuthenticationFilter filter = new OAuth2LoginAuthenticationFilter(); - filter.setClientRegistrationRepository(clientRegistrationRepository); + OAuth2LoginAuthenticationFilter filter = new OAuth2LoginAuthenticationFilter( + clientRegistrationRepository, mock(OAuth2AuthorizedClientService.class)); filter.setAuthenticationManager(authenticationManager); - filter.setAuthorizedClientService(mock(OAuth2AuthorizedClientService.class)); return filter; }