Polish gh-15237

This commit is contained in:
Steve Riesenberg 2024-06-13 14:29:09 -05:00
parent 4e52eda0f5
commit 7eaab95639
No known key found for this signature in database
GPG Key ID: 3D0169B18AB8F0A9
4 changed files with 24 additions and 65 deletions

View File

@ -58,7 +58,7 @@ import org.springframework.util.Assert;
* {@link ClientRegistrationRepository} {@code @Bean} may be registered instead.
*
* <h2>Security Filters</h2>
* <p>
*
* The following {@code Filter}'s are populated for {@link #authorizationCodeGrant()}:
*
* <ul>
@ -67,7 +67,7 @@ import org.springframework.util.Assert;
* </ul>
*
* <h2>Shared Objects Created</h2>
* <p>
*
* The following shared objects are populated:
*
* <ul>
@ -76,7 +76,7 @@ import org.springframework.util.Assert;
* </ul>
*
* <h2>Shared Objects Used</h2>
* <p>
*
* The following shared objects are used:
*
* <ul>
@ -283,12 +283,12 @@ public final class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
if (this.authorizationRequestResolver != null) {
return this.authorizationRequestResolver;
}
ClientRegistrationRepository clientRegistrationRepository = OAuth2ClientConfigurerUtils
.getClientRegistrationRepository(getBuilder());
ResolvableType resolvableType = ResolvableType.forClass(OAuth2AuthorizationRequestResolver.class);
OAuth2AuthorizationRequestResolver bean = getBeanOrNull(resolvableType);
return (bean != null) ? bean
: new DefaultOAuth2AuthorizationRequestResolver(
OAuth2ClientConfigurerUtils.getClientRegistrationRepository(getBuilder()),
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
return (bean != null) ? bean : new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository,
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
}
private OAuth2AuthorizationCodeGrantFilter createAuthorizationCodeGrantFilter(B builder) {

View File

@ -4532,12 +4532,12 @@ public class ServerHttpSecurity {
}
private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
ServerOAuth2AuthorizationRequestResolver result = this.authorizationRequestResolver;
if (result == null) {
result = getBeanOrNull(ServerOAuth2AuthorizationRequestResolver.class);
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = this.authorizationRequestResolver;
if (authorizationRequestResolver == null) {
authorizationRequestResolver = getBeanOrNull(ServerOAuth2AuthorizationRequestResolver.class);
}
if (result != null) {
return new OAuth2AuthorizationRequestRedirectWebFilter(result);
if (authorizationRequestResolver != null) {
return new OAuth2AuthorizationRequestRedirectWebFilter(authorizationRequestResolver);
}
return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository());
}

View File

@ -286,9 +286,13 @@ public class OAuth2ClientConfigurerTests {
}
@Test
public void configureWhenCustomAuthorizationRequestResolverBeanPresentThenAuthorizationRequestIncludesCustomParameters()
public void configureWhenCustomAuthorizationRequestResolverBeanPresentThenAuthorizationRequestResolverUsed()
throws Exception {
this.spring.register(OAuth2ClientBeanConfig.class).autowire();
OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = authorizationRequestResolver;
authorizationRequestResolver = mock(OAuth2AuthorizationRequestResolver.class);
given(authorizationRequestResolver.resolve(any()))
.willAnswer((invocation) -> defaultAuthorizationRequestResolver.resolve(invocation.getArgument(0)));
this.spring.register(OAuth2ClientInLambdaConfig.class, AuthorizationRequestResolverConfig.class).autowire();
// @formatter:off
this.mockMvc.perform(get("/oauth2/authorization/registration-1"))
.andExpect(status().is3xxRedirection())
@ -374,59 +378,14 @@ public class OAuth2ClientConfigurerTests {
}
@EnableWebSecurity
@Configuration
@EnableWebMvc
static class OAuth2ClientBeanConfig {
@Bean
SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.requestCache()
.requestCache(requestCache)
.and()
.oauth2Client()
.authorizationCodeGrant()
.authorizationRedirectStrategy(authorizationRedirectStrategy)
.accessTokenResponseClient(accessTokenResponseClient);
return http.build();
// @formatter:on
}
@Bean
ClientRegistrationRepository clientRegistrationRepository() {
return clientRegistrationRepository;
}
@Bean
OAuth2AuthorizedClientRepository authorizedClientRepository() {
return authorizedClientRepository;
}
static class AuthorizationRequestResolverConfig {
@Bean
OAuth2AuthorizationRequestResolver authorizationRequestResolver() {
OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = authorizationRequestResolver;
authorizationRequestResolver = mock(OAuth2AuthorizationRequestResolver.class);
given(authorizationRequestResolver.resolve(any()))
.willAnswer((invocation) -> defaultAuthorizationRequestResolver.resolve(invocation.getArgument(0)));
return authorizationRequestResolver;
}
@RestController
class ResourceController {
@GetMapping("/resource1")
String resource1(
@RegisteredOAuth2AuthorizedClient("registration-1") OAuth2AuthorizedClient authorizedClient) {
return "resource1";
}
}
}
}

View File

@ -458,7 +458,7 @@ public class OAuth2LoginTests {
OidcUser user = TestOidcUsers.create();
ReactiveOAuth2UserService<OidcUserRequest, OidcUser> userService = config.userService;
given(userService.loadUser(any())).willReturn(Mono.just(user));
ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = config.authorizationRequestResolver;
// @formatter:off
webTestClient.get()
.uri("/login/oauth2/code/google")
@ -468,7 +468,7 @@ public class OAuth2LoginTests {
verify(config.jwtDecoderFactory).createDecoder(any());
verify(tokenResponseClient).getTokenResponse(any());
verify(securityContextRepository).save(any(), any());
verify(resolver).resolve(any());
verify(authorizationRequestResolver).resolve(any());
}
// gh-5562
@ -840,7 +840,7 @@ public class OAuth2LoginTests {
ServerSecurityContextRepository securityContextRepository = mock(ServerSecurityContextRepository.class);
ServerOAuth2AuthorizationRequestResolver resolver = spy(
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = spy(
new DefaultServerOAuth2AuthorizationRequestResolver(new InMemoryReactiveClientRegistrationRepository(
TestClientRegistrations.clientRegistration().build())));
@ -872,8 +872,8 @@ public class OAuth2LoginTests {
}
@Bean
ServerOAuth2AuthorizationRequestResolver resolver() {
return this.resolver;
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver() {
return this.authorizationRequestResolver;
}
@Bean