Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-06 10:42:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use PathPatternRequestMatcher in oauth2

Browse Source 
Issue gh-16887
This commit is contained in:
Josh Cummings 2025-07-02 17:48:11 -06:00
parent 7da352129c
commit 919ae1d636
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
11 changed files with 8 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -38,7 +38,6 @@ import org.springframework.core.ResolvableType;
import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.config.Customizer; import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder; import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.RequestMatcherFactory;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@ -297,7 +296,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
public void init(B http) throws Exception { public void init(B http) throws Exception {
OAuth2LoginAuthenticationFilter authenticationFilter = new OAuth2LoginAuthenticationFilter( OAuth2LoginAuthenticationFilter authenticationFilter = new OAuth2LoginAuthenticationFilter(
this.getClientRegistrationRepository(), this.getAuthorizedClientRepository(), this.loginProcessingUrl); this.getClientRegistrationRepository(), this.getAuthorizedClientRepository(), this.loginProcessingUrl);
RequestMatcher processUri = RequestMatcherFactory.matcher(this.loginProcessingUrl); RequestMatcher processUri = getRequestMatcherBuilder().matcher(this.loginProcessingUrl);
authenticationFilter.setRequiresAuthenticationRequestMatcher(processUri); authenticationFilter.setRequiresAuthenticationRequestMatcher(processUri);
authenticationFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy()); authenticationFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());
this.setAuthenticationFilter(authenticationFilter); this.setAuthenticationFilter(authenticationFilter);
@ -381,7 +380,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
OAuth2LoginAuthenticationFilter authenticationFilter = this.getAuthenticationFilter(); OAuth2LoginAuthenticationFilter authenticationFilter = this.getAuthenticationFilter();
if (this.redirectionEndpointConfig.authorizationResponseBaseUri != null) { if (this.redirectionEndpointConfig.authorizationResponseBaseUri != null) {
authenticationFilter.setRequiresAuthenticationRequestMatcher( authenticationFilter.setRequiresAuthenticationRequestMatcher(
RequestMatcherFactory.matcher(this.redirectionEndpointConfig.authorizationResponseBaseUri)); getRequestMatcherBuilder().matcher(this.redirectionEndpointConfig.authorizationResponseBaseUri));
} }
if (this.authorizationEndpointConfig.authorizationRequestRepository != null) { if (this.authorizationEndpointConfig.authorizationRequestRepository != null) {
authenticationFilter authenticationFilter
@ -393,7 +392,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
@Override @Override
protected RequestMatcher createLoginProcessingUrlMatcher(String loginProcessingUrl) { protected RequestMatcher createLoginProcessingUrlMatcher(String loginProcessingUrl) {
return RequestMatcherFactory.matcher(loginProcessingUrl); return getRequestMatcherBuilder().matcher(loginProcessingUrl);
} }
private OAuth2AuthorizationRequestResolver getAuthorizationRequestResolver() { private OAuth2AuthorizationRequestResolver getAuthorizationRequestResolver() {
@ -531,8 +530,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
} }
private AuthenticationEntryPoint getLoginEntryPoint(B http, String providerLoginPage) { private AuthenticationEntryPoint getLoginEntryPoint(B http, String providerLoginPage) {
RequestMatcher loginPageMatcher = RequestMatcherFactory.matcher(this.getLoginPage()); RequestMatcher loginPageMatcher = getRequestMatcherBuilder().matcher(this.getLoginPage());
RequestMatcher faviconMatcher = RequestMatcherFactory.matcher("/favicon.ico"); RequestMatcher faviconMatcher = getRequestMatcherBuilder().matcher("/favicon.ico");
RequestMatcher defaultEntryPointMatcher = this.getAuthenticationEntryPointMatcher(http); RequestMatcher defaultEntryPointMatcher = this.getAuthenticationEntryPointMatcher(http);
RequestMatcher defaultLoginPageMatcher = new AndRequestMatcher( RequestMatcher defaultLoginPageMatcher = new AndRequestMatcher(
new OrRequestMatcher(loginPageMatcher, faviconMatcher), defaultEntryPointMatcher); new OrRequestMatcher(loginPageMatcher, faviconMatcher), defaultEntryPointMatcher);

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-AuthenticationManagerResolver.xml
View File

@ -32,5 +32,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-BasicAndResourceServer.xml
View File

@ -33,5 +33,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-FormAndResourceServer.xml
View File

@ -33,5 +33,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-JwkSetUri.xml
View File

@ -39,5 +39,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-Jwt.xml
View File

@ -32,5 +32,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-JwtCustomSecurityContextHolderStrategy.xml
View File

@ -38,5 +38,4 @@
</b:bean> </b:bean>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-MultipleIssuers.xml
View File

@ -39,5 +39,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-OpaqueToken.xml
View File

@ -30,5 +30,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

1
config/src/test/resources/org/springframework/security/config/http/OAuth2ResourceServerBeanDefinitionParserTests-OpaqueTokenAndAuthenticationConverter.xml
View File

@ -34,5 +34,4 @@
</http> </http>
<b:import resource="userservice.xml"/> <b:import resource="userservice.xml"/>
<b:import resource="handlermappingintrospector.xml"/>
</b:beans> </b:beans>

5
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
View File

@ -39,13 +39,14 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResp
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.context.SecurityContextRepository; import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
import org.springframework.security.web.util.UrlUtils; import org.springframework.security.web.util.UrlUtils;
import org.springframework.security.web.util.matcher.RequestMatcher; import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder; import org.springframework.web.util.UriComponentsBuilder;
import static org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher.pathPattern;
/** /**
* An implementation of an {@link AbstractAuthenticationProcessingFilter} for OAuth 2.0 * An implementation of an {@link AbstractAuthenticationProcessingFilter} for OAuth 2.0
* Login. * Login.
@ -125,7 +126,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientService authorizedClientService) { OAuth2AuthorizedClientService authorizedClientService) {
this(clientRegistrationRepository, authorizedClientService, DEFAULT_FILTER_PROCESSES_URI); this(clientRegistrationRepository, authorizedClientService, DEFAULT_FILTER_PROCESSES_URI);
RequestMatcher processUri = PathPatternRequestMatcher.withDefaults().matcher(DEFAULT_FILTER_PROCESSES_URI); RequestMatcher processUri = pathPattern(DEFAULT_FILTER_PROCESSES_URI);
setRequiresAuthenticationRequestMatcher(processUri); setRequiresAuthenticationRequestMatcher(processUri);
} }