Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Make AuthorizationRequestUriBuilder optional 

Fixes gh-4577
This commit is contained in:
Joe Grandja 2017-09-28 16:43:11 -04:00
parent bfb77a7804
commit b9258aa6ee
3 changed files with 15 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeRequestRedirectFilterConfigurer.java
View File

@ -59,10 +59,13 @@ final class AuthorizationCodeRequestRedirectFilterConfigurer<H extends HttpSecur
@Override
public void configure(H http) throws Exception {
AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter(
OAuth2LoginConfigurer.getClientRegistrationRepository(this.getBuilder()), this.getAuthorizationRequestBuilder());
OAuth2LoginConfigurer.getClientRegistrationRepository(this.getBuilder()));
if (this.authorizationRequestMatcher != null) {
filter.setAuthorizationRequestMatcher(this.authorizationRequestMatcher);
}
if (this.authorizationRequestBuilder != null) {
filter.setAuthorizationUriBuilder(this.authorizationRequestBuilder);
}
http.addFilter(this.postProcess(filter));
}

16
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java
View File

@ -64,21 +64,16 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization/code";
public static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
public static final String DEFAULT_AUTHORIZATION_REQUEST_URI = DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}";
private RequestMatcher authorizationRequestMatcher;
private RequestMatcher authorizationRequestMatcher = new AntPathRequestMatcher(DEFAULT_AUTHORIZATION_REQUEST_URI);
private final ClientRegistrationRepository clientRegistrationRepository;
private final AuthorizationRequestUriBuilder authorizationUriBuilder;
private AuthorizationRequestUriBuilder authorizationUriBuilder = new DefaultAuthorizationRequestUriBuilder();
private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();
private final StringKeyGenerator stateGenerator = new DefaultStateGenerator();
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository,
AuthorizationRequestUriBuilder authorizationUriBuilder) {
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) {
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
Assert.notNull(authorizationUriBuilder, "authorizationUriBuilder cannot be null");
this.authorizationRequestMatcher = new AntPathRequestMatcher(DEFAULT_AUTHORIZATION_REQUEST_URI);
this.clientRegistrationRepository = clientRegistrationRepository;
this.authorizationUriBuilder = authorizationUriBuilder;
}
public final <T extends RequestMatcher & RequestVariablesExtractor> void setAuthorizationRequestMatcher(T authorizationRequestMatcher) {
@ -86,6 +81,11 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
this.authorizationRequestMatcher = authorizationRequestMatcher;
}
public final void setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder) {
Assert.notNull(authorizationUriBuilder, "authorizationUriBuilder cannot be null");
this.authorizationUriBuilder = authorizationUriBuilder;
}
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) {
Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
this.authorizationRequestRepository = authorizationRequestRepository;

14
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilterTests.java
View File

@ -30,8 +30,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.net.URI;
import static org.assertj.core.api.Assertions.assertThat;
/**
* Tests {@link AuthorizationCodeRequestRedirectFilter}.
*
@ -41,12 +39,7 @@ public class AuthorizationCodeRequestRedirectFilterTests {
@Test(expected = IllegalArgumentException.class)
public void constructorWhenClientRegistrationRepositoryIsNullThenThrowIllegalArgumentException() {
new AuthorizationCodeRequestRedirectFilter(null, Mockito.mock(AuthorizationRequestUriBuilder.class));
}
@Test(expected = IllegalArgumentException.class)
public void constructorWhenAuthorizationRequestUriBuilderIsNullThenThrowIllegalArgumentException() {
new AuthorizationCodeRequestRedirectFilter(Mockito.mock(ClientRegistrationRepository.class), null);
new AuthorizationCodeRequestRedirectFilter(null);
}
@Test
@ -134,9 +127,8 @@ public class AuthorizationCodeRequestRedirectFilterTests {
ClientRegistration... clientRegistrations) throws Exception {
ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations);
AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter(
clientRegistrationRepository, authorizationUriBuilder);
AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter(clientRegistrationRepository);
filter.setAuthorizationUriBuilder(authorizationUriBuilder);
return filter;
}