Extract Converter from AuthorizationResponseMatcher

Fixes gh-4653
This commit is contained in:
Joe Grandja 2017-10-20 04:56:07 -04:00
parent a49047dec5
commit 84a1c417a3
1 changed files with 28 additions and 28 deletions

View File

@ -105,7 +105,7 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
}
this.authorizationRequestRepository.removeAuthorizationRequest(request);
AuthorizationResponse authorizationResponse = this.authorizationResponseMatcher.convert(request);
AuthorizationResponse authorizationResponse = this.convert(request);
String registrationId = (String)authorizationRequest.getAdditionalParameters().get(OAuth2Parameter.REGISTRATION_ID);
ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
@ -151,6 +151,33 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
this.authorizationRequestRepository = authorizationRequestRepository;
}
private AuthorizationResponse convert(HttpServletRequest request) {
if (!this.getAuthorizationResponseMatcher().matches(request)) {
return null;
}
String code = request.getParameter(OAuth2Parameter.CODE);
String errorCode = request.getParameter(OAuth2Parameter.ERROR);
String state = request.getParameter(OAuth2Parameter.STATE);
String redirectUri = request.getRequestURL().toString();
if (StringUtils.hasText(code)) {
return AuthorizationResponse.success(code)
.redirectUri(redirectUri)
.state(state)
.build();
} else {
String errorDescription = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
String errorUri = request.getParameter(OAuth2Parameter.ERROR_URI);
return AuthorizationResponse.error(errorCode)
.redirectUri(redirectUri)
.errorDescription(errorDescription)
.errorUri(errorUri)
.state(state)
.build();
}
}
private static class AuthorizationResponseMatcher implements RequestMatcher {
private final String baseUri;
@ -174,32 +201,5 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
return StringUtils.hasText(request.getParameter(OAuth2Parameter.ERROR)) &&
StringUtils.hasText(request.getParameter(OAuth2Parameter.STATE));
}
private AuthorizationResponse convert(HttpServletRequest request) {
if (!this.matches(request)) {
return null;
}
String code = request.getParameter(OAuth2Parameter.CODE);
String errorCode = request.getParameter(OAuth2Parameter.ERROR);
String state = request.getParameter(OAuth2Parameter.STATE);
String redirectUri = request.getRequestURL().toString();
if (StringUtils.hasText(code)) {
return AuthorizationResponse.success(code)
.redirectUri(redirectUri)
.state(state)
.build();
} else {
String errorDescription = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
String errorUri = request.getParameter(OAuth2Parameter.ERROR_URI);
return AuthorizationResponse.error(errorCode)
.redirectUri(redirectUri)
.errorDescription(errorDescription)
.errorUri(errorUri)
.state(state)
.build();
}
}
}
}