From 7eaab95639cb107cf3fdf02f533d505a3ef5e86f Mon Sep 17 00:00:00 2001
From: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com>
Date: Thu, 13 Jun 2024 14:29:09 -0500
Subject: [PATCH] Polish gh-15237

---
 .../oauth2/client/OAuth2ClientConfigurer.java | 14 ++---
 .../config/web/server/ServerHttpSecurity.java | 10 ++--
 .../client/OAuth2ClientConfigurerTests.java   | 55 +++----------------
 .../config/web/server/OAuth2LoginTests.java   | 10 ++--
 4 files changed, 24 insertions(+), 65 deletions(-)

diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java
index e5aba72060..ba334bd383 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java
@@ -58,7 +58,7 @@ import org.springframework.util.Assert;
  * {@link ClientRegistrationRepository} {@code @Bean} may be registered instead.
  *
  * <h2>Security Filters</h2>
- * <p>
+ *
  * The following {@code Filter}'s are populated for {@link #authorizationCodeGrant()}:
  *
  * <ul>
@@ -67,7 +67,7 @@ import org.springframework.util.Assert;
  * </ul>
  *
  * <h2>Shared Objects Created</h2>
- * <p>
+ *
  * The following shared objects are populated:
  *
  * <ul>
@@ -76,7 +76,7 @@ import org.springframework.util.Assert;
  * </ul>
  *
  * <h2>Shared Objects Used</h2>
- * <p>
+ *
  * The following shared objects are used:
  *
  * <ul>
@@ -283,12 +283,12 @@ public final class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
 			if (this.authorizationRequestResolver != null) {
 				return this.authorizationRequestResolver;
 			}
+			ClientRegistrationRepository clientRegistrationRepository = OAuth2ClientConfigurerUtils
+				.getClientRegistrationRepository(getBuilder());
 			ResolvableType resolvableType = ResolvableType.forClass(OAuth2AuthorizationRequestResolver.class);
 			OAuth2AuthorizationRequestResolver bean = getBeanOrNull(resolvableType);
-			return (bean != null) ? bean
-					: new DefaultOAuth2AuthorizationRequestResolver(
-							OAuth2ClientConfigurerUtils.getClientRegistrationRepository(getBuilder()),
-							OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
+			return (bean != null) ? bean : new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository,
+					OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
 		}
 
 		private OAuth2AuthorizationCodeGrantFilter createAuthorizationCodeGrantFilter(B builder) {
diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
index a257820e85..2a7f38e8a1 100644
--- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -4532,12 +4532,12 @@ public class ServerHttpSecurity {
 		}
 
 		private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
-			ServerOAuth2AuthorizationRequestResolver result = this.authorizationRequestResolver;
-			if (result == null) {
-				result = getBeanOrNull(ServerOAuth2AuthorizationRequestResolver.class);
+			ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = this.authorizationRequestResolver;
+			if (authorizationRequestResolver == null) {
+				authorizationRequestResolver = getBeanOrNull(ServerOAuth2AuthorizationRequestResolver.class);
 			}
-			if (result != null) {
-				return new OAuth2AuthorizationRequestRedirectWebFilter(result);
+			if (authorizationRequestResolver != null) {
+				return new OAuth2AuthorizationRequestRedirectWebFilter(authorizationRequestResolver);
 			}
 			return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository());
 		}
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java
index 24bff4ea9a..0074139f7d 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java
@@ -286,9 +286,13 @@ public class OAuth2ClientConfigurerTests {
 	}
 
 	@Test
-	public void configureWhenCustomAuthorizationRequestResolverBeanPresentThenAuthorizationRequestIncludesCustomParameters()
+	public void configureWhenCustomAuthorizationRequestResolverBeanPresentThenAuthorizationRequestResolverUsed()
 			throws Exception {
-		this.spring.register(OAuth2ClientBeanConfig.class).autowire();
+		OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = authorizationRequestResolver;
+		authorizationRequestResolver = mock(OAuth2AuthorizationRequestResolver.class);
+		given(authorizationRequestResolver.resolve(any()))
+			.willAnswer((invocation) -> defaultAuthorizationRequestResolver.resolve(invocation.getArgument(0)));
+		this.spring.register(OAuth2ClientInLambdaConfig.class, AuthorizationRequestResolverConfig.class).autowire();
 		// @formatter:off
 		this.mockMvc.perform(get("/oauth2/authorization/registration-1"))
 				.andExpect(status().is3xxRedirection())
@@ -374,59 +378,14 @@ public class OAuth2ClientConfigurerTests {
 
 	}
 
-	@EnableWebSecurity
 	@Configuration
-	@EnableWebMvc
-	static class OAuth2ClientBeanConfig {
-
-		@Bean
-		SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
-			// @formatter:off
-			http
-					.authorizeRequests()
-					.anyRequest().authenticated()
-					.and()
-					.requestCache()
-					.requestCache(requestCache)
-					.and()
-					.oauth2Client()
-					.authorizationCodeGrant()
-					.authorizationRedirectStrategy(authorizationRedirectStrategy)
-					.accessTokenResponseClient(accessTokenResponseClient);
-			return http.build();
-			// @formatter:on
-		}
-
-		@Bean
-		ClientRegistrationRepository clientRegistrationRepository() {
-			return clientRegistrationRepository;
-		}
-
-		@Bean
-		OAuth2AuthorizedClientRepository authorizedClientRepository() {
-			return authorizedClientRepository;
-		}
+	static class AuthorizationRequestResolverConfig {
 
 		@Bean
 		OAuth2AuthorizationRequestResolver authorizationRequestResolver() {
-			OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = authorizationRequestResolver;
-			authorizationRequestResolver = mock(OAuth2AuthorizationRequestResolver.class);
-			given(authorizationRequestResolver.resolve(any()))
-				.willAnswer((invocation) -> defaultAuthorizationRequestResolver.resolve(invocation.getArgument(0)));
 			return authorizationRequestResolver;
 		}
 
-		@RestController
-		class ResourceController {
-
-			@GetMapping("/resource1")
-			String resource1(
-					@RegisteredOAuth2AuthorizedClient("registration-1") OAuth2AuthorizedClient authorizedClient) {
-				return "resource1";
-			}
-
-		}
-
 	}
 
 }
diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
index fb0b1d396d..c21e42a3ed 100644
--- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
+++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
@@ -458,7 +458,7 @@ public class OAuth2LoginTests {
 		OidcUser user = TestOidcUsers.create();
 		ReactiveOAuth2UserService<OidcUserRequest, OidcUser> userService = config.userService;
 		given(userService.loadUser(any())).willReturn(Mono.just(user));
-		ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
+		ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = config.authorizationRequestResolver;
 		// @formatter:off
 		webTestClient.get()
 				.uri("/login/oauth2/code/google")
@@ -468,7 +468,7 @@ public class OAuth2LoginTests {
 		verify(config.jwtDecoderFactory).createDecoder(any());
 		verify(tokenResponseClient).getTokenResponse(any());
 		verify(securityContextRepository).save(any(), any());
-		verify(resolver).resolve(any());
+		verify(authorizationRequestResolver).resolve(any());
 	}
 
 	// gh-5562
@@ -840,7 +840,7 @@ public class OAuth2LoginTests {
 
 		ServerSecurityContextRepository securityContextRepository = mock(ServerSecurityContextRepository.class);
 
-		ServerOAuth2AuthorizationRequestResolver resolver = spy(
+		ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = spy(
 				new DefaultServerOAuth2AuthorizationRequestResolver(new InMemoryReactiveClientRegistrationRepository(
 						TestClientRegistrations.clientRegistration().build())));
 
@@ -872,8 +872,8 @@ public class OAuth2LoginTests {
 		}
 
 		@Bean
-		ServerOAuth2AuthorizationRequestResolver resolver() {
-			return this.resolver;
+		ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver() {
+			return this.authorizationRequestResolver;
 		}
 
 		@Bean