From ca5b62abb567de33fe7413491189ae831d8aea2c Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Wed, 11 Oct 2017 16:08:21 -0400
Subject: [PATCH] Move AuthorizationResponseConverter logic to
 AuthorizationCodeAuthenticationFilter

---
 ...AuthorizationCodeAuthenticationFilter.java | 33 ++++++++--
 .../AuthorizationResponseConverter.java       | 61 -------------------
 .../client/web/converter/package-info.java    | 19 ------
 3 files changed, 29 insertions(+), 84 deletions(-)
 delete mode 100644 oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java
 delete mode 100644 oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/package-info.java

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
index c6728d94db..46a7fe1d10 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
@@ -27,7 +27,6 @@ import org.springframework.security.oauth2.client.authentication.OAuth2UserAuthe
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationIdentifierStrategy;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
-import org.springframework.security.oauth2.client.web.converter.AuthorizationResponseConverter;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
@@ -82,9 +81,8 @@ import java.io.IOException;
 public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 	public static final String DEFAULT_AUTHORIZATION_RESPONSE_BASE_URI = "/oauth2/authorize/code";
 	private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
-	private final AuthorizationResponseConverter authorizationResponseConverter = new AuthorizationResponseConverter();
 	private final ClientRegistrationIdentifierStrategy<String> providerIdentifierStrategy = new ProviderIdentifierStrategy();
-	private RequestMatcher authorizationResponseMatcher;
+	private AuthorizationResponseMatcher authorizationResponseMatcher;
 	private ClientRegistrationRepository clientRegistrationRepository;
 	private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
 
@@ -114,7 +112,7 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
 		}
 		this.authorizationRequestRepository.removeAuthorizationRequest(request);
 
-		AuthorizationResponse authorizationResponse = this.authorizationResponseConverter.apply(request);
+		AuthorizationResponse authorizationResponse = this.authorizationResponseMatcher.convert(request);
 
 		String registrationId = (String)authorizationRequest.getAdditionalParameters().get(OAuth2Parameter.REGISTRATION_ID);
 		ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
@@ -240,6 +238,33 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
 			return StringUtils.hasText(request.getParameter(OAuth2Parameter.ERROR)) &&
 				StringUtils.hasText(request.getParameter(OAuth2Parameter.STATE));
 		}
+
+		private AuthorizationResponse convert(HttpServletRequest request) {
+			if (!this.matches(request)) {
+				return null;
+			}
+
+			String code = request.getParameter(OAuth2Parameter.CODE);
+			String errorCode = request.getParameter(OAuth2Parameter.ERROR);
+			String state = request.getParameter(OAuth2Parameter.STATE);
+			String redirectUri = request.getRequestURL().toString();
+
+			if (StringUtils.hasText(code)) {
+				return AuthorizationResponse.success(code)
+					.redirectUri(redirectUri)
+					.state(state)
+					.build();
+			} else {
+				String description = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
+				String uri = request.getParameter(OAuth2Parameter.ERROR_URI);
+				return AuthorizationResponse.error(errorCode)
+					.redirectUri(redirectUri)
+					.errorDescription(description)
+					.errorUri(uri)
+					.state(state)
+					.build();
+			}
+		}
 	}
 
 	private static class ProviderIdentifierStrategy implements ClientRegistrationIdentifierStrategy<String> {
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java
deleted file mode 100644
index 8205c72107..0000000000
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*
- * Copyright 2012-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.oauth2.client.web.converter;
-
-import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
-import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
-import org.springframework.util.StringUtils;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.function.Function;
-
-/**
- * A <code>Function</code> that converts an <i>OAuth 2.0 Authorization Code Grant Response</i>
- * (in the form of a {@link HttpServletRequest}) to a {@link AuthorizationResponse}.
- *
- * @author Joe Grandja
- * @since 5.0
- * @see AuthorizationResponse
- * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Code Grant Response</a>
- */
-public final class AuthorizationResponseConverter implements Function<HttpServletRequest, AuthorizationResponse> {
-
-	@Override
-	public AuthorizationResponse apply(HttpServletRequest request) {
-		String code = request.getParameter(OAuth2Parameter.CODE);
-		String errorCode = request.getParameter(OAuth2Parameter.ERROR);
-		String state = request.getParameter(OAuth2Parameter.STATE);
-		String redirectUri = request.getRequestURL().toString();
-
-		if (StringUtils.hasText(code)) {
-			return AuthorizationResponse.success(code)
-				.redirectUri(redirectUri)
-				.state(state)
-				.build();
-		} else if (StringUtils.hasText(errorCode)) {
-			String description = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
-			String uri = request.getParameter(OAuth2Parameter.ERROR_URI);
-			return AuthorizationResponse.error(errorCode)
-				.redirectUri(redirectUri)
-				.errorDescription(description)
-				.errorUri(uri)
-				.state(state)
-				.build();
-		}
-
-		return null;
-	}
-}
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/package-info.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/package-info.java
deleted file mode 100644
index 4c9b2584c2..0000000000
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/package-info.java
+++ /dev/null
@@ -1,19 +0,0 @@
-/*
- * Copyright 2012-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/**
- * Support classes for converting <i>OAuth 2.0 Protocol Endpoint Messages</i>.
- */
-package org.springframework.security.oauth2.client.web.converter;