Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-04-23 15:44:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow for custom ClientRegistration.clientAuthenticationMethod

Browse Source 
Closes gh-8903
This commit is contained in:
Joe Grandja 2020-08-04 08:16:38 -04:00
parent 11cc94afd8
commit a0c10f2df6
4 changed files with 29 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
View File

@ -47,7 +47,7 @@ public final class ClientRegistration implements Serializable {
private String registrationId; private String registrationId;
private String clientId; private String clientId;
private String clientSecret; private String clientSecret;
private ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC; private ClientAuthenticationMethod clientAuthenticationMethod;
private AuthorizationGrantType authorizationGrantType; private AuthorizationGrantType authorizationGrantType;
private String redirectUriTemplate; private String redirectUriTemplate;
private Set<String> scopes = Collections.emptySet(); private Set<String> scopes = Collections.emptySet();
@ -298,7 +298,7 @@ public final class ClientRegistration implements Serializable {
private String registrationId; private String registrationId;
private String clientId; private String clientId;
private String clientSecret; private String clientSecret;
private ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC; private ClientAuthenticationMethod clientAuthenticationMethod;
private AuthorizationGrantType authorizationGrantType; private AuthorizationGrantType authorizationGrantType;
private String redirectUriTemplate; private String redirectUriTemplate;
private Set<String> scopes; private Set<String> scopes;
@ -564,12 +564,16 @@ public final class ClientRegistration implements Serializable {
clientRegistration.registrationId = this.registrationId; clientRegistration.registrationId = this.registrationId;
clientRegistration.clientId = this.clientId; clientRegistration.clientId = this.clientId;
clientRegistration.clientSecret = StringUtils.hasText(this.clientSecret) ? this.clientSecret : ""; clientRegistration.clientSecret = StringUtils.hasText(this.clientSecret) ? this.clientSecret : "";
if (this.clientAuthenticationMethod != null) {
clientRegistration.clientAuthenticationMethod = this.clientAuthenticationMethod; clientRegistration.clientAuthenticationMethod = this.clientAuthenticationMethod;
} else {
if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType) && if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType) &&
!StringUtils.hasText(this.clientSecret)) { !StringUtils.hasText(this.clientSecret)) {
clientRegistration.clientAuthenticationMethod = ClientAuthenticationMethod.NONE; clientRegistration.clientAuthenticationMethod = ClientAuthenticationMethod.NONE;
} else {
clientRegistration.clientAuthenticationMethod = ClientAuthenticationMethod.BASIC;
}
} }
clientRegistration.authorizationGrantType = this.authorizationGrantType; clientRegistration.authorizationGrantType = this.authorizationGrantType;
clientRegistration.redirectUriTemplate = this.redirectUriTemplate; clientRegistration.redirectUriTemplate = this.redirectUriTemplate;
clientRegistration.scopes = this.scopes; clientRegistration.scopes = this.scopes;

3
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestEntityConverterTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2019 the original author or authors. * Copyright 2002-2020 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -106,6 +106,7 @@ public class OAuth2AuthorizationCodeGrantRequestEntityConverterTests {
@Test @Test
public void convertWhenPkceGrantRequestValidThenConverts() { public void convertWhenPkceGrantRequestValidThenConverts() {
ClientRegistration clientRegistration = clientRegistrationBuilder ClientRegistration clientRegistration = clientRegistrationBuilder
.clientAuthenticationMethod(null)
.clientSecret(null) .clientSecret(null)
.build(); .build();

1
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java
View File

@ -315,6 +315,7 @@ public class WebClientReactiveAuthorizationCodeTokenResponseClientTests {
private OAuth2AuthorizationCodeGrantRequest pkceAuthorizationCodeGrantRequest() { private OAuth2AuthorizationCodeGrantRequest pkceAuthorizationCodeGrantRequest() {
ClientRegistration registration = this.clientRegistration ClientRegistration registration = this.clientRegistration
.clientAuthenticationMethod(null)
.clientSecret(null) .clientSecret(null)
.build(); .build();

15
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java
View File

@ -771,4 +771,19 @@ public class ClientRegistrationTests {
assertThat(updated.getProviderDetails().getConfigurationMetadata()) assertThat(updated.getProviderDetails().getConfigurationMetadata())
.containsOnlyKeys("a-new-config").containsValue("a-new-value"); .containsOnlyKeys("a-new-config").containsValue("a-new-value");
} }
// gh-8903
@Test
public void buildWhenCustomClientAuthenticationMethodProvidedThenSet() {
ClientAuthenticationMethod clientAuthenticationMethod = new ClientAuthenticationMethod("tls_client_auth");
ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(REGISTRATION_ID)
.clientId(CLIENT_ID)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.clientAuthenticationMethod(clientAuthenticationMethod)
.redirectUriTemplate(REDIRECT_URI)
.authorizationUri(AUTHORIZATION_URI)
.tokenUri(TOKEN_URI)
.build();
assertThat(clientRegistration.getClientAuthenticationMethod()).isEqualTo(clientAuthenticationMethod);
}
} }