Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-25 21:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '5.8.x'

Browse Source 
Closes gh-12234
This commit is contained in:
Steve Riesenberg 2022-11-17 14:27:41 -06:00
commit a3d35ecf3c
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
View File

@ -24,9 +24,14 @@ import java.util.HashMap;
import java.util.HashSet; import java.util.HashSet;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.LinkedHashSet; import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.log.LogMessage;
import org.springframework.security.core.SpringSecurityCoreVersion; import org.springframework.security.core.SpringSecurityCoreVersion;
import org.springframework.security.oauth2.core.AuthenticationMethod; import org.springframework.security.oauth2.core.AuthenticationMethod;
import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.AuthorizationGrantType;
@ -39,6 +44,7 @@ import org.springframework.util.StringUtils;
* Provider. * Provider.
* *
* @author Joe Grandja * @author Joe Grandja
* @author Michael Sosa
* @since 5.0 * @since 5.0
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-2">Section 2 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-2">Section 2
* Client Registration</a> * Client Registration</a>
@ -323,6 +329,12 @@ public final class ClientRegistration implements Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
private static final Log logger = LogFactory.getLog(Builder.class);
private static final List<AuthorizationGrantType> AUTHORIZATION_GRANT_TYPES = Arrays.asList(
AuthorizationGrantType.AUTHORIZATION_CODE, AuthorizationGrantType.CLIENT_CREDENTIALS,
AuthorizationGrantType.REFRESH_TOKEN, AuthorizationGrantType.IMPLICIT, AuthorizationGrantType.PASSWORD);
private String registrationId; private String registrationId;
private String clientId; private String clientId;
@ -597,6 +609,7 @@ public final class ClientRegistration implements Serializable {
else if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType)) { else if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType)) {
this.validateAuthorizationCodeGrantType(); this.validateAuthorizationCodeGrantType();
} }
this.validateAuthorizationGrantTypes();
this.validateScopes(); this.validateScopes();
return this.create(); return this.create();
} }
@ -664,6 +677,17 @@ public final class ClientRegistration implements Serializable {
Assert.hasText(this.tokenUri, "tokenUri cannot be empty"); Assert.hasText(this.tokenUri, "tokenUri cannot be empty");
} }
private void validateAuthorizationGrantTypes() {
for (AuthorizationGrantType authorizationGrantType : AUTHORIZATION_GRANT_TYPES) {
if (authorizationGrantType.getValue().equalsIgnoreCase(this.authorizationGrantType.getValue())
&& !authorizationGrantType.equals(this.authorizationGrantType)) {
logger.warn(LogMessage.format(
"AuthorizationGrantType: %s does not match the pre-defined constant %s and won't match a valid OAuth2AuthorizedClientProvider",
this.authorizationGrantType, authorizationGrantType));
}
}
}
private void validateScopes() { private void validateScopes() {
if (this.scopes == null) { if (this.scopes == null) {
return; return;