Polish gh-15237
This commit is contained in:
Steve Riesenberg
parent
4e52eda0f5
commit
7eaab95639
|
|
@ -58,7 +58,7 @@ import org.springframework.util.Assert;
|
||||||
* {@link ClientRegistrationRepository} {@code @Bean} may be registered instead.
|
* {@link ClientRegistrationRepository} {@code @Bean} may be registered instead.
|
||||||
*
|
*
|
||||||
* <h2>Security Filters</h2>
|
* <h2>Security Filters</h2>
|
||||||
* <p>
|
*
|
||||||
* The following {@code Filter}'s are populated for {@link #authorizationCodeGrant()}:
|
* The following {@code Filter}'s are populated for {@link #authorizationCodeGrant()}:
|
||||||
*
|
*
|
||||||
* <ul>
|
* <ul>
|
||||||
|
|
@ -67,7 +67,7 @@ import org.springframework.util.Assert;
|
||||||
* </ul>
|
* </ul>
|
||||||
*
|
*
|
||||||
* <h2>Shared Objects Created</h2>
|
* <h2>Shared Objects Created</h2>
|
||||||
* <p>
|
*
|
||||||
* The following shared objects are populated:
|
* The following shared objects are populated:
|
||||||
*
|
*
|
||||||
* <ul>
|
* <ul>
|
||||||
|
|
@ -76,7 +76,7 @@ import org.springframework.util.Assert;
|
||||||
* </ul>
|
* </ul>
|
||||||
*
|
*
|
||||||
* <h2>Shared Objects Used</h2>
|
* <h2>Shared Objects Used</h2>
|
||||||
* <p>
|
*
|
||||||
* The following shared objects are used:
|
* The following shared objects are used:
|
||||||
*
|
*
|
||||||
* <ul>
|
* <ul>
|
||||||
|
|
@ -283,11 +283,11 @@ public final class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
|
||||||
if (this.authorizationRequestResolver != null) {
|
if (this.authorizationRequestResolver != null) {
|
||||||
return this.authorizationRequestResolver;
|
return this.authorizationRequestResolver;
|
||||||
}
|
}
|
||||||
|
ClientRegistrationRepository clientRegistrationRepository = OAuth2ClientConfigurerUtils
|
||||||
|
.getClientRegistrationRepository(getBuilder());
|
||||||
ResolvableType resolvableType = ResolvableType.forClass(OAuth2AuthorizationRequestResolver.class);
|
ResolvableType resolvableType = ResolvableType.forClass(OAuth2AuthorizationRequestResolver.class);
|
||||||
OAuth2AuthorizationRequestResolver bean = getBeanOrNull(resolvableType);
|
OAuth2AuthorizationRequestResolver bean = getBeanOrNull(resolvableType);
|
||||||
return (bean != null) ? bean
|
return (bean != null) ? bean : new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository,
|
||||||
: new DefaultOAuth2AuthorizationRequestResolver(
|
|
||||||
OAuth2ClientConfigurerUtils.getClientRegistrationRepository(getBuilder()),
|
|
||||||
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
|
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -4532,12 +4532,12 @@ public class ServerHttpSecurity {
|
||||||
}
|
}
|
||||||
|
|
||||||
private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
|
private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
|
||||||
ServerOAuth2AuthorizationRequestResolver result = this.authorizationRequestResolver;
|
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = this.authorizationRequestResolver;
|
||||||
if (result == null) {
|
if (authorizationRequestResolver == null) {
|
||||||
result = getBeanOrNull(ServerOAuth2AuthorizationRequestResolver.class);
|
authorizationRequestResolver = getBeanOrNull(ServerOAuth2AuthorizationRequestResolver.class);
|
||||||
}
|
}
|
||||||
if (result != null) {
|
if (authorizationRequestResolver != null) {
|
||||||
return new OAuth2AuthorizationRequestRedirectWebFilter(result);
|
return new OAuth2AuthorizationRequestRedirectWebFilter(authorizationRequestResolver);
|
||||||
}
|
}
|
||||||
return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository());
|
return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository());
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -286,9 +286,13 @@ public class OAuth2ClientConfigurerTests {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void configureWhenCustomAuthorizationRequestResolverBeanPresentThenAuthorizationRequestIncludesCustomParameters()
|
public void configureWhenCustomAuthorizationRequestResolverBeanPresentThenAuthorizationRequestResolverUsed()
|
||||||
throws Exception {
|
throws Exception {
|
||||||
this.spring.register(OAuth2ClientBeanConfig.class).autowire();
|
OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = authorizationRequestResolver;
|
||||||
|
authorizationRequestResolver = mock(OAuth2AuthorizationRequestResolver.class);
|
||||||
|
given(authorizationRequestResolver.resolve(any()))
|
||||||
|
.willAnswer((invocation) -> defaultAuthorizationRequestResolver.resolve(invocation.getArgument(0)));
|
||||||
|
this.spring.register(OAuth2ClientInLambdaConfig.class, AuthorizationRequestResolverConfig.class).autowire();
|
||||||
// @formatter:off
|
// @formatter:off
|
||||||
this.mockMvc.perform(get("/oauth2/authorization/registration-1"))
|
this.mockMvc.perform(get("/oauth2/authorization/registration-1"))
|
||||||
.andExpect(status().is3xxRedirection())
|
.andExpect(status().is3xxRedirection())
|
||||||
|
|
@ -374,59 +378,14 @@ public class OAuth2ClientConfigurerTests {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@EnableWebSecurity
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebMvc
|
static class AuthorizationRequestResolverConfig {
|
||||||
static class OAuth2ClientBeanConfig {
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
|
|
||||||
// @formatter:off
|
|
||||||
http
|
|
||||||
.authorizeRequests()
|
|
||||||
.anyRequest().authenticated()
|
|
||||||
.and()
|
|
||||||
.requestCache()
|
|
||||||
.requestCache(requestCache)
|
|
||||||
.and()
|
|
||||||
.oauth2Client()
|
|
||||||
.authorizationCodeGrant()
|
|
||||||
.authorizationRedirectStrategy(authorizationRedirectStrategy)
|
|
||||||
.accessTokenResponseClient(accessTokenResponseClient);
|
|
||||||
return http.build();
|
|
||||||
// @formatter:on
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
ClientRegistrationRepository clientRegistrationRepository() {
|
|
||||||
return clientRegistrationRepository;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
|
||||||
OAuth2AuthorizedClientRepository authorizedClientRepository() {
|
|
||||||
return authorizedClientRepository;
|
|
||||||
}
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
OAuth2AuthorizationRequestResolver authorizationRequestResolver() {
|
OAuth2AuthorizationRequestResolver authorizationRequestResolver() {
|
||||||
OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver = authorizationRequestResolver;
|
|
||||||
authorizationRequestResolver = mock(OAuth2AuthorizationRequestResolver.class);
|
|
||||||
given(authorizationRequestResolver.resolve(any()))
|
|
||||||
.willAnswer((invocation) -> defaultAuthorizationRequestResolver.resolve(invocation.getArgument(0)));
|
|
||||||
return authorizationRequestResolver;
|
return authorizationRequestResolver;
|
||||||
}
|
}
|
||||||
|
|
||||||
@RestController
|
|
||||||
class ResourceController {
|
|
||||||
|
|
||||||
@GetMapping("/resource1")
|
|
||||||
String resource1(
|
|
||||||
@RegisteredOAuth2AuthorizedClient("registration-1") OAuth2AuthorizedClient authorizedClient) {
|
|
||||||
return "resource1";
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -458,7 +458,7 @@ public class OAuth2LoginTests {
|
||||||
OidcUser user = TestOidcUsers.create();
|
OidcUser user = TestOidcUsers.create();
|
||||||
ReactiveOAuth2UserService<OidcUserRequest, OidcUser> userService = config.userService;
|
ReactiveOAuth2UserService<OidcUserRequest, OidcUser> userService = config.userService;
|
||||||
given(userService.loadUser(any())).willReturn(Mono.just(user));
|
given(userService.loadUser(any())).willReturn(Mono.just(user));
|
||||||
ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
|
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = config.authorizationRequestResolver;
|
||||||
// @formatter:off
|
// @formatter:off
|
||||||
webTestClient.get()
|
webTestClient.get()
|
||||||
.uri("/login/oauth2/code/google")
|
.uri("/login/oauth2/code/google")
|
||||||
|
|
@ -468,7 +468,7 @@ public class OAuth2LoginTests {
|
||||||
verify(config.jwtDecoderFactory).createDecoder(any());
|
verify(config.jwtDecoderFactory).createDecoder(any());
|
||||||
verify(tokenResponseClient).getTokenResponse(any());
|
verify(tokenResponseClient).getTokenResponse(any());
|
||||||
verify(securityContextRepository).save(any(), any());
|
verify(securityContextRepository).save(any(), any());
|
||||||
verify(resolver).resolve(any());
|
verify(authorizationRequestResolver).resolve(any());
|
||||||
}
|
}
|
||||||
|
|
||||||
// gh-5562
|
// gh-5562
|
||||||
|
|
@ -840,7 +840,7 @@ public class OAuth2LoginTests {
|
||||||
|
|
||||||
ServerSecurityContextRepository securityContextRepository = mock(ServerSecurityContextRepository.class);
|
ServerSecurityContextRepository securityContextRepository = mock(ServerSecurityContextRepository.class);
|
||||||
|
|
||||||
ServerOAuth2AuthorizationRequestResolver resolver = spy(
|
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver = spy(
|
||||||
new DefaultServerOAuth2AuthorizationRequestResolver(new InMemoryReactiveClientRegistrationRepository(
|
new DefaultServerOAuth2AuthorizationRequestResolver(new InMemoryReactiveClientRegistrationRepository(
|
||||||
TestClientRegistrations.clientRegistration().build())));
|
TestClientRegistrations.clientRegistration().build())));
|
||||||
|
|
||||||
|
|
@ -872,8 +872,8 @@ public class OAuth2LoginTests {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
ServerOAuth2AuthorizationRequestResolver resolver() {
|
ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver() {
|
||||||
return this.resolver;
|
return this.authorizationRequestResolver;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue