Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 05:13:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make AuthorizationRequestUriBuilder optional

Browse Source 
Fixes gh-4577
This commit is contained in:
Joe Grandja 2017-09-28 16:43:11 -04:00
parent bfb77a7804
commit b9258aa6ee
3 changed files with 15 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeRequestRedirectFilterConfigurer.java
View File

@ -59,10 +59,13 @@ final class AuthorizationCodeRequestRedirectFilterConfigurer<H extends HttpSecur
@Override @Override
public void configure(H http) throws Exception { public void configure(H http) throws Exception {
AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter( AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter(
OAuth2LoginConfigurer.getClientRegistrationRepository(this.getBuilder()), this.getAuthorizationRequestBuilder()); OAuth2LoginConfigurer.getClientRegistrationRepository(this.getBuilder()));
if (this.authorizationRequestMatcher != null) { if (this.authorizationRequestMatcher != null) {
filter.setAuthorizationRequestMatcher(this.authorizationRequestMatcher); filter.setAuthorizationRequestMatcher(this.authorizationRequestMatcher);
} }
if (this.authorizationRequestBuilder != null) {
filter.setAuthorizationUriBuilder(this.authorizationRequestBuilder);
}
http.addFilter(this.postProcess(filter)); http.addFilter(this.postProcess(filter));
} }

16
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilter.java
View File

@ -64,21 +64,16 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization/code"; public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization/code";
public static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId"; public static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
public static final String DEFAULT_AUTHORIZATION_REQUEST_URI = DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}"; public static final String DEFAULT_AUTHORIZATION_REQUEST_URI = DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}";
private RequestMatcher authorizationRequestMatcher; private RequestMatcher authorizationRequestMatcher = new AntPathRequestMatcher(DEFAULT_AUTHORIZATION_REQUEST_URI);
private final ClientRegistrationRepository clientRegistrationRepository; private final ClientRegistrationRepository clientRegistrationRepository;
private final AuthorizationRequestUriBuilder authorizationUriBuilder; private AuthorizationRequestUriBuilder authorizationUriBuilder = new DefaultAuthorizationRequestUriBuilder();
private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy(); private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();
private final StringKeyGenerator stateGenerator = new DefaultStateGenerator(); private final StringKeyGenerator stateGenerator = new DefaultStateGenerator();
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository(); private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository, public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) {
AuthorizationRequestUriBuilder authorizationUriBuilder) {
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null"); Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
Assert.notNull(authorizationUriBuilder, "authorizationUriBuilder cannot be null");
this.authorizationRequestMatcher = new AntPathRequestMatcher(DEFAULT_AUTHORIZATION_REQUEST_URI);
this.clientRegistrationRepository = clientRegistrationRepository; this.clientRegistrationRepository = clientRegistrationRepository;
this.authorizationUriBuilder = authorizationUriBuilder;
} }
public final <T extends RequestMatcher & RequestVariablesExtractor> void setAuthorizationRequestMatcher(T authorizationRequestMatcher) { public final <T extends RequestMatcher & RequestVariablesExtractor> void setAuthorizationRequestMatcher(T authorizationRequestMatcher) {
@ -86,6 +81,11 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
this.authorizationRequestMatcher = authorizationRequestMatcher; this.authorizationRequestMatcher = authorizationRequestMatcher;
} }
public final void setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder) {
Assert.notNull(authorizationUriBuilder, "authorizationUriBuilder cannot be null");
this.authorizationUriBuilder = authorizationUriBuilder;
}
public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) { public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) {
Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null"); Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
this.authorizationRequestRepository = authorizationRequestRepository; this.authorizationRequestRepository = authorizationRequestRepository;

14
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationCodeRequestRedirectFilterTests.java
View File

@ -30,8 +30,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.net.URI; import java.net.URI;
import static org.assertj.core.api.Assertions.assertThat;
/** /**
* Tests {@link AuthorizationCodeRequestRedirectFilter}. * Tests {@link AuthorizationCodeRequestRedirectFilter}.
* *
@ -41,12 +39,7 @@ public class AuthorizationCodeRequestRedirectFilterTests {
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void constructorWhenClientRegistrationRepositoryIsNullThenThrowIllegalArgumentException() { public void constructorWhenClientRegistrationRepositoryIsNullThenThrowIllegalArgumentException() {
new AuthorizationCodeRequestRedirectFilter(null, Mockito.mock(AuthorizationRequestUriBuilder.class)); new AuthorizationCodeRequestRedirectFilter(null);
}
@Test(expected = IllegalArgumentException.class)
public void constructorWhenAuthorizationRequestUriBuilderIsNullThenThrowIllegalArgumentException() {
new AuthorizationCodeRequestRedirectFilter(Mockito.mock(ClientRegistrationRepository.class), null);
} }
@Test @Test
@ -134,9 +127,8 @@ public class AuthorizationCodeRequestRedirectFilterTests {
ClientRegistration... clientRegistrations) throws Exception { ClientRegistration... clientRegistrations) throws Exception {
ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations); ClientRegistrationRepository clientRegistrationRepository = TestUtil.clientRegistrationRepository(clientRegistrations);
AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter(clientRegistrationRepository);
AuthorizationCodeRequestRedirectFilter filter = new AuthorizationCodeRequestRedirectFilter( filter.setAuthorizationUriBuilder(authorizationUriBuilder);
clientRegistrationRepository, authorizationUriBuilder);
return filter; return filter;
} }