Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move AuthorizationResponseConverter logic to AuthorizationCodeAuthenticationFilter

This commit is contained in:
Joe Grandja 2017-10-11 16:08:21 -04:00
parent 364de19048
commit ca5b62abb5
3 changed files with 29 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
View File

@ -27,7 +27,6 @@ import org.springframework.security.oauth2.client.authentication.OAuth2UserAuthe
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationIdentifierStrategy;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.converter.AuthorizationResponseConverter;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
@ -82,9 +81,8 @@ import java.io.IOException;
public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
public static final String DEFAULT_AUTHORIZATION_RESPONSE_BASE_URI = "/oauth2/authorize/code";
private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
private final AuthorizationResponseConverter authorizationResponseConverter = new AuthorizationResponseConverter();
private final ClientRegistrationIdentifierStrategy<String> providerIdentifierStrategy = new ProviderIdentifierStrategy();
private RequestMatcher authorizationResponseMatcher;
private AuthorizationResponseMatcher authorizationResponseMatcher;
private ClientRegistrationRepository clientRegistrationRepository;
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
@ -114,7 +112,7 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
}
this.authorizationRequestRepository.removeAuthorizationRequest(request);
AuthorizationResponse authorizationResponse = this.authorizationResponseConverter.apply(request);
AuthorizationResponse authorizationResponse = this.authorizationResponseMatcher.convert(request);
String registrationId = (String)authorizationRequest.getAdditionalParameters().get(OAuth2Parameter.REGISTRATION_ID);
ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
@ -240,6 +238,33 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
return StringUtils.hasText(request.getParameter(OAuth2Parameter.ERROR)) &&
StringUtils.hasText(request.getParameter(OAuth2Parameter.STATE));
}
private AuthorizationResponse convert(HttpServletRequest request) {
if (!this.matches(request)) {
return null;
}
String code = request.getParameter(OAuth2Parameter.CODE);
String errorCode = request.getParameter(OAuth2Parameter.ERROR);
String state = request.getParameter(OAuth2Parameter.STATE);
String redirectUri = request.getRequestURL().toString();
if (StringUtils.hasText(code)) {
return AuthorizationResponse.success(code)
.redirectUri(redirectUri)
.state(state)
.build();
} else {
String description = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
String uri = request.getParameter(OAuth2Parameter.ERROR_URI);
return AuthorizationResponse.error(errorCode)
.redirectUri(redirectUri)
.errorDescription(description)
.errorUri(uri)
.state(state)
.build();
}
}
}
private static class ProviderIdentifierStrategy implements ClientRegistrationIdentifierStrategy<String> {

61
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java
View File

@ -1,61 +0,0 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.client.web.converter;
import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
import org.springframework.util.StringUtils;
import javax.servlet.http.HttpServletRequest;
import java.util.function.Function;
/**
* A <code>Function</code> that converts an <i>OAuth 2.0 Authorization Code Grant Response</i>
* (in the form of a {@link HttpServletRequest}) to a {@link AuthorizationResponse}.
*
* @author Joe Grandja
* @since 5.0
* @see AuthorizationResponse
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Code Grant Response</a>
*/
public final class AuthorizationResponseConverter implements Function<HttpServletRequest, AuthorizationResponse> {
@Override
public AuthorizationResponse apply(HttpServletRequest request) {
String code = request.getParameter(OAuth2Parameter.CODE);
String errorCode = request.getParameter(OAuth2Parameter.ERROR);
String state = request.getParameter(OAuth2Parameter.STATE);
String redirectUri = request.getRequestURL().toString();
if (StringUtils.hasText(code)) {
return AuthorizationResponse.success(code)
.redirectUri(redirectUri)
.state(state)
.build();
} else if (StringUtils.hasText(errorCode)) {
String description = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
String uri = request.getParameter(OAuth2Parameter.ERROR_URI);
return AuthorizationResponse.error(errorCode)
.redirectUri(redirectUri)
.errorDescription(description)
.errorUri(uri)
.state(state)
.build();
}
return null;
}
}

19
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/package-info.java
View File

@ -1,19 +0,0 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Support classes for converting <i>OAuth 2.0 Protocol Endpoint Messages</i>.
*/
package org.springframework.security.oauth2.client.web.converter;