Remove deprecations in ClientAuthenticationMethod

Closes gh-11516
This commit is contained in:
Joe Grandja 2022-07-15 07:01:24 -04:00
parent 8c12c3dad0
commit be58e2ac49
10 changed files with 22 additions and 54 deletions

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -116,8 +116,7 @@ public abstract class AbstractWebClientReactiveOAuth2AccessTokenResponseClient<T
ClientRegistration clientRegistration = clientRegistration(grantRequest); ClientRegistration clientRegistration = clientRegistration(grantRequest);
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON)); headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) {
String clientId = encodeClientCredential(clientRegistration.getClientId()); String clientId = encodeClientCredential(clientRegistration.getClientId());
String clientSecret = encodeClientCredential(clientRegistration.getClientSecret()); String clientSecret = encodeClientCredential(clientRegistration.getClientSecret());
headers.setBasicAuth(clientId, clientSecret); headers.setBasicAuth(clientId, clientSecret);
@ -178,12 +177,11 @@ public abstract class AbstractWebClientReactiveOAuth2AccessTokenResponseClient<T
BodyInserters.FormInserter<String> populateTokenRequestBody(T grantRequest, BodyInserters.FormInserter<String> populateTokenRequestBody(T grantRequest,
BodyInserters.FormInserter<String> body) { BodyInserters.FormInserter<String> body) {
ClientRegistration clientRegistration = clientRegistration(grantRequest); ClientRegistration clientRegistration = clientRegistration(grantRequest);
if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC
&& !ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) { .equals(clientRegistration.getClientAuthenticationMethod())) {
body.with(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); body.with(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
body.with(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); body.with(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
} }
Set<String> scopes = scopes(grantRequest); Set<String> scopes = scopes(grantRequest);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -51,8 +51,7 @@ public class JwtBearerGrantRequestEntityConverter
parameters.add(OAuth2ParameterNames.SCOPE, parameters.add(OAuth2ParameterNames.SCOPE,
StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " ")); StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " "));
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -54,12 +54,11 @@ public class OAuth2AuthorizationCodeGrantRequestEntityConverter
if (redirectUri != null) { if (redirectUri != null) {
parameters.add(OAuth2ParameterNames.REDIRECT_URI, redirectUri); parameters.add(OAuth2ParameterNames.REDIRECT_URI, redirectUri);
} }
if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC
&& !ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) { .equals(clientRegistration.getClientAuthenticationMethod())) {
parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
} }
if (codeVerifier != null) { if (codeVerifier != null) {

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -49,8 +49,7 @@ final class OAuth2AuthorizationGrantRequestEntityUtils {
static HttpHeaders getTokenRequestHeaders(ClientRegistration clientRegistration) { static HttpHeaders getTokenRequestHeaders(ClientRegistration clientRegistration) {
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
headers.addAll(DEFAULT_TOKEN_REQUEST_HEADERS); headers.addAll(DEFAULT_TOKEN_REQUEST_HEADERS);
if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) {
String clientId = encodeClientCredential(clientRegistration.getClientId()); String clientId = encodeClientCredential(clientRegistration.getClientId());
String clientSecret = encodeClientCredential(clientRegistration.getClientSecret()); String clientSecret = encodeClientCredential(clientRegistration.getClientSecret());
headers.setBasicAuth(clientId, clientSecret); headers.setBasicAuth(clientId, clientSecret);

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -50,8 +50,7 @@ public class OAuth2ClientCredentialsGrantRequestEntityConverter
parameters.add(OAuth2ParameterNames.SCOPE, parameters.add(OAuth2ParameterNames.SCOPE,
StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " ")); StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " "));
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -51,8 +51,7 @@ public class OAuth2PasswordGrantRequestEntityConverter
parameters.add(OAuth2ParameterNames.SCOPE, parameters.add(OAuth2ParameterNames.SCOPE,
StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " ")); StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " "));
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
} }

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -50,8 +50,7 @@ public class OAuth2RefreshTokenGrantRequestEntityConverter
parameters.add(OAuth2ParameterNames.SCOPE, parameters.add(OAuth2ParameterNames.SCOPE,
StringUtils.collectionToDelimitedString(refreshTokenGrantRequest.getScopes(), " ")); StringUtils.collectionToDelimitedString(refreshTokenGrantRequest.getScopes(), " "));
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) {
|| ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
} }

View File

@ -50,12 +50,10 @@ abstract class StdConverters {
@Override @Override
public ClientAuthenticationMethod convert(JsonNode jsonNode) { public ClientAuthenticationMethod convert(JsonNode jsonNode) {
String value = JsonNodeUtils.findStringValue(jsonNode, "value"); String value = JsonNodeUtils.findStringValue(jsonNode, "value");
if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue().equalsIgnoreCase(value) if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue().equalsIgnoreCase(value)) {
|| ClientAuthenticationMethod.BASIC.getValue().equalsIgnoreCase(value)) {
return ClientAuthenticationMethod.CLIENT_SECRET_BASIC; return ClientAuthenticationMethod.CLIENT_SECRET_BASIC;
} }
if (ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue().equalsIgnoreCase(value) if (ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue().equalsIgnoreCase(value)) {
|| ClientAuthenticationMethod.POST.getValue().equalsIgnoreCase(value)) {
return ClientAuthenticationMethod.CLIENT_SECRET_POST; return ClientAuthenticationMethod.CLIENT_SECRET_POST;
} }
if (ClientAuthenticationMethod.NONE.getValue().equalsIgnoreCase(value)) { if (ClientAuthenticationMethod.NONE.getValue().equalsIgnoreCase(value)) {

View File

@ -34,24 +34,12 @@ public final class ClientAuthenticationMethod implements Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
/**
* @deprecated Use {@link #CLIENT_SECRET_BASIC}
*/
@Deprecated
public static final ClientAuthenticationMethod BASIC = new ClientAuthenticationMethod("basic");
/** /**
* @since 5.5 * @since 5.5
*/ */
public static final ClientAuthenticationMethod CLIENT_SECRET_BASIC = new ClientAuthenticationMethod( public static final ClientAuthenticationMethod CLIENT_SECRET_BASIC = new ClientAuthenticationMethod(
"client_secret_basic"); "client_secret_basic");
/**
* @deprecated Use {@link #CLIENT_SECRET_POST}
*/
@Deprecated
public static final ClientAuthenticationMethod POST = new ClientAuthenticationMethod("post");
/** /**
* @since 5.5 * @since 5.5
*/ */

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -33,21 +33,11 @@ public class ClientAuthenticationMethodTests {
assertThatIllegalArgumentException().isThrownBy(() -> new ClientAuthenticationMethod(null)); assertThatIllegalArgumentException().isThrownBy(() -> new ClientAuthenticationMethod(null));
} }
@Test
public void getValueWhenAuthenticationMethodBasicThenReturnBasic() {
assertThat(ClientAuthenticationMethod.BASIC.getValue()).isEqualTo("basic");
}
@Test @Test
public void getValueWhenAuthenticationMethodClientSecretBasicThenReturnClientSecretBasic() { public void getValueWhenAuthenticationMethodClientSecretBasicThenReturnClientSecretBasic() {
assertThat(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()).isEqualTo("client_secret_basic"); assertThat(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()).isEqualTo("client_secret_basic");
} }
@Test
public void getValueWhenAuthenticationMethodPostThenReturnPost() {
assertThat(ClientAuthenticationMethod.POST.getValue()).isEqualTo("post");
}
@Test @Test
public void getValueWhenAuthenticationMethodClientSecretPostThenReturnClientSecretPost() { public void getValueWhenAuthenticationMethodClientSecretPostThenReturnClientSecretPost() {
assertThat(ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue()).isEqualTo("client_secret_post"); assertThat(ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue()).isEqualTo("client_secret_post");