Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ServletOAuth2AuthorizedClientExchangeFilterFunction handles null authorized client 

Issue: gh-5545
This commit is contained in:
Rob Winch 2018-07-22 12:01:42 -07:00
parent 67dd3f16e9
commit 88975dad41
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
View File

@ -23,6 +23,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.ReactiveSecurityContextHolder; import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.ClientAuthorizationRequiredException;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration;
@ -150,7 +151,13 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
* @return the {@link Consumer} to populate the attributes * @return the {@link Consumer} to populate the attributes
*/ */
public static Consumer<Map<String, Object>> oauth2AuthorizedClient(OAuth2AuthorizedClient authorizedClient) { public static Consumer<Map<String, Object>> oauth2AuthorizedClient(OAuth2AuthorizedClient authorizedClient) {
return attributes -> attributes.put(OAUTH2_AUTHORIZED_CLIENT_ATTR_NAME, authorizedClient); return attributes -> {
if (authorizedClient == null) {
attributes.remove(OAUTH2_AUTHORIZED_CLIENT_ATTR_NAME);
} else {
attributes.put(OAUTH2_AUTHORIZED_CLIENT_ATTR_NAME, authorizedClient);
}
};
} }
/** /**
@ -262,6 +269,9 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
OAuth2AuthorizedClient authorizedClient = this.authorizedClientRepository OAuth2AuthorizedClient authorizedClient = this.authorizedClientRepository
.loadAuthorizedClient(clientRegistrationId, authentication, .loadAuthorizedClient(clientRegistrationId, authentication,
request); request);
if (authorizedClient == null) {
throw new ClientAuthorizationRequiredException(clientRegistrationId);
}
oauth2AuthorizedClient(authorizedClient).accept(attrs); oauth2AuthorizedClient(authorizedClient).accept(attrs);
} }
} }