Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 13:02:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

OAuth2LoginSpec discovers ReactiveOAuth2AccessTokenResponseClient @Bean

Browse Source 
Fixes: gh-6477
This commit is contained in:
Aanuoluwapo Otitoola 2019-03-03 16:06:56 +01:00 committed by Joe Grandja
parent 6bf45e53cc
commit ad9dc49d55
2 changed files with 23 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
View File

@ -31,6 +31,8 @@ import java.util.Optional;
import java.util.UUID; import java.util.UUID;
import java.util.function.Function; import java.util.function.Function;
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
import org.springframework.security.oauth2.client.endpoint.ReactiveOAuth2AccessTokenResponseClient;
import reactor.core.publisher.Mono; import reactor.core.publisher.Mono;
import reactor.util.context.Context; import reactor.util.context.Context;
@ -621,7 +623,7 @@ public class ServerHttpSecurity {
} }
private ReactiveAuthenticationManager createDefault() { private ReactiveAuthenticationManager createDefault() {
WebClientReactiveAuthorizationCodeTokenResponseClient client = new WebClientReactiveAuthorizationCodeTokenResponseClient(); ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> client = getAccessTokenResponseClient();
ReactiveAuthenticationManager result = new OAuth2LoginReactiveAuthenticationManager(client, getOauth2UserService()); ReactiveAuthenticationManager result = new OAuth2LoginReactiveAuthenticationManager(client, getOauth2UserService());
boolean oidcAuthenticationProviderEnabled = ClassUtils.isPresent( boolean oidcAuthenticationProviderEnabled = ClassUtils.isPresent(
@ -788,6 +790,15 @@ public class ServerHttpSecurity {
return result; return result;
} }
private ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> getAccessTokenResponseClient() {
ResolvableType type = ResolvableType.forClassWithGenerics(ReactiveOAuth2AccessTokenResponseClient.class, OAuth2AuthorizationCodeGrantRequest.class);
ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> bean = getBeanOrNull(type);
if (bean == null) {
return new WebClientReactiveAuthorizationCodeTokenResponseClient();
}
return bean;
}
private ReactiveClientRegistrationRepository getClientRegistrationRepository() { private ReactiveClientRegistrationRepository getClientRegistrationRepository() {
if (this.clientRegistrationRepository == null) { if (this.clientRegistrationRepository == null) {
this.clientRegistrationRepository = getBeanOrNull(ReactiveClientRegistrationRepository.class); this.clientRegistrationRepository = getBeanOrNull(ReactiveClientRegistrationRepository.class);

16
config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
View File

@ -218,16 +218,16 @@ public class OAuth2LoginTests {
} }
@Test @Test
public void oauth2LoginWhenCustomJwtDecoderFactoryThenUsed() { public void oauth2LoginWhenCustomBeansThenUsed() {
this.spring.register(OAuth2LoginWithMultipleClientRegistrations.class, this.spring.register(OAuth2LoginWithMultipleClientRegistrations.class,
OAuth2LoginWithJwtDecoderFactoryBeanConfig.class).autowire(); OAuth2LoginWithCustomBeansConfig.class).autowire();
WebTestClient webTestClient = WebTestClientBuilder WebTestClient webTestClient = WebTestClientBuilder
.bindToWebFilters(this.springSecurity) .bindToWebFilters(this.springSecurity)
.build(); .build();
OAuth2LoginWithJwtDecoderFactoryBeanConfig config = this.spring.getContext() OAuth2LoginWithCustomBeansConfig config = this.spring.getContext()
.getBean(OAuth2LoginWithJwtDecoderFactoryBeanConfig.class); .getBean(OAuth2LoginWithCustomBeansConfig.class);
OAuth2AuthorizationRequest request = TestOAuth2AuthorizationRequests.request().scope("openid").build(); OAuth2AuthorizationRequest request = TestOAuth2AuthorizationRequests.request().scope("openid").build();
OAuth2AuthorizationResponse response = TestOAuth2AuthorizationResponses.success().build(); OAuth2AuthorizationResponse response = TestOAuth2AuthorizationResponses.success().build();
@ -258,10 +258,11 @@ public class OAuth2LoginTests {
.expectStatus().is3xxRedirection(); .expectStatus().is3xxRedirection();
verify(config.jwtDecoderFactory).createDecoder(any()); verify(config.jwtDecoderFactory).createDecoder(any());
verify(tokenResponseClient).getTokenResponse(any());
} }
@Configuration @Configuration
static class OAuth2LoginWithJwtDecoderFactoryBeanConfig { static class OAuth2LoginWithCustomBeansConfig {
ServerAuthenticationConverter authenticationConverter = mock(ServerAuthenticationConverter.class); ServerAuthenticationConverter authenticationConverter = mock(ServerAuthenticationConverter.class);
@ -298,6 +299,11 @@ public class OAuth2LoginTests {
return jwtDecoderFactory; return jwtDecoderFactory;
} }
@Bean
public ReactiveOAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient() {
return tokenResponseClient;
}
private static class JwtDecoderFactory implements ReactiveJwtDecoderFactory<ClientRegistration> { private static class JwtDecoderFactory implements ReactiveJwtDecoderFactory<ClientRegistration> {
@Override @Override