Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Map CustomUserTypesOAuth2UserService using clientRegistrationId 

Fixes gh-4692
This commit is contained in:
Joe Grandja 2017-10-28 18:11:39 -04:00
parent ddf87b54f7
commit 83dc902ff7
2 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -206,10 +206,10 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
return this;
}
public UserInfoEndpointConfig customUserType(Class<? extends OAuth2User> customUserType, String userInfoUri) {
public UserInfoEndpointConfig customUserType(Class<? extends OAuth2User> customUserType, String clientRegistrationId) {
Assert.notNull(customUserType, "customUserType cannot be null");
Assert.hasText(userInfoUri, "userInfoUri cannot be empty");
this.customUserTypes.put(userInfoUri, customUserType);
Assert.hasText(clientRegistrationId, "clientRegistrationId cannot be empty");
this.customUserTypes.put(clientRegistrationId, customUserType);
return this;
}

8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/CustomUserTypesOAuth2UserService.java
View File

@ -15,6 +15,7 @@
*/
package org.springframework.security.oauth2.client.userinfo;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.util.Assert;
@ -28,7 +29,7 @@ import java.util.Map;
* <p>
* The custom user type(s) is supplied via the constructor,
* using a <code>Map</code> of {@link OAuth2User} type <i>keyed</i> by <code>String</code>,
* representing the <i>UserInfo Endpoint</i> address.
* which represents the {@link ClientRegistration#getRegistrationId() Registration Id} of the Client.
* <p>
* This implementation uses a {@link UserInfoRetriever} to obtain the user attributes
* of the <i>End-User</i> (Resource Owner) from the <i>UserInfo Endpoint</i>.
@ -39,6 +40,7 @@ import java.util.Map;
* @see OAuth2UserRequest
* @see OAuth2User
* @see UserInfoRetriever
* @see ClientRegistration
*/
public class CustomUserTypesOAuth2UserService implements OAuth2UserService<OAuth2UserRequest, OAuth2User> {
private final Map<String, Class<? extends OAuth2User>> customUserTypes;
@ -51,9 +53,9 @@ public class CustomUserTypesOAuth2UserService implements OAuth2UserService<OAuth
@Override
public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException {
String userInfoUri = userRequest.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri();
String registrationId = userRequest.getClientRegistration().getRegistrationId();
Class<? extends OAuth2User> customUserType;
if ((customUserType = this.customUserTypes.get(userInfoUri)) == null) {
if ((customUserType = this.customUserTypes.get(registrationId)) == null) {
return null;
}