diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java index 57d10aaadc..c6cbaebf55 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java @@ -146,9 +146,12 @@ public final class ClientRegistrations { RequestEntity request = RequestEntity.get(uri).build(); Map configuration = rest.exchange(request, typeReference).getBody(); OIDCProviderMetadata metadata = parse(configuration, OIDCProviderMetadata::parse); - return withProviderConfiguration(metadata, issuer.toASCIIString()) - .jwkSetUri(metadata.getJWKSetURI().toASCIIString()) - .userInfoUri(metadata.getUserInfoEndpointURI().toASCIIString()); + ClientRegistration.Builder builder = withProviderConfiguration(metadata, issuer.toASCIIString()) + .jwkSetUri(metadata.getJWKSetURI().toASCIIString()); + if (metadata.getUserInfoEndpointURI() != null) { + builder.userInfoUri(metadata.getUserInfoEndpointURI().toASCIIString()); + } + return builder; }; } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTest.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTest.java index 3897870e70..f0bc773773 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTest.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTest.java @@ -195,6 +195,14 @@ public class ClientRegistrationsTest { assertThat(provider.getJwkSetUri()).isNull(); } + // gh-8187 + @Test + public void issuerWhenResponseMissingUserInfoUriThenSuccess() throws Exception { + this.response.remove("userinfo_endpoint"); + ClientRegistration registration = registration("").build(); + assertThat(registration.getProviderDetails().getUserInfoEndpoint().getUri()).isNull(); + } + @Test public void issuerWhenContainsTrailingSlashThenSuccess() throws Exception { assertThat(registration("")).isNotNull();