Add @transient to OAuth2IntrospectionAuthenticationToken
fixes gh-6829
This commit is contained in:
parent
e15922322e
commit
9fe8949883
|
@ -564,6 +564,22 @@ public class OAuth2ResourceServerConfigurerTests {
|
|||
assertThat(result.getRequest().getSession(false)).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestWhenIntrospectionConfiguredThenSessionIsNotCreated()
|
||||
throws Exception {
|
||||
|
||||
this.spring.register(RestOperationsConfig.class, OpaqueTokenConfig.class, BasicController.class).autowire();
|
||||
mockRestOperations(json("Active"));
|
||||
|
||||
MvcResult result = this.mvc.perform(get("/authenticated")
|
||||
.with(bearerToken("token")))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(content().string("test-subject"))
|
||||
.andReturn();
|
||||
|
||||
assertThat(result.getRequest().getSession(false)).isNull();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestWhenUsingDefaultsAndNoBearerTokenThenSessionIsCreated()
|
||||
throws Exception {
|
||||
|
|
|
@ -22,6 +22,7 @@ import java.util.Map;
|
|||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.SpringSecurityCoreVersion;
|
||||
import org.springframework.security.core.Transient;
|
||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
@ -36,6 +37,7 @@ import static org.springframework.security.oauth2.server.resource.introspection.
|
|||
* @author Josh Cummings
|
||||
* @since 5.2
|
||||
*/
|
||||
@Transient
|
||||
public class OAuth2IntrospectionAuthenticationToken
|
||||
extends AbstractOAuth2TokenAuthenticationToken<OAuth2AccessToken> {
|
||||
|
||||
|
|
Loading…
Reference in New Issue