Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-30 00:32:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rename AuthorizationCodeAuthorizationResponseAttributes -> AuthorizationResponse

Browse Source 
Fixes gh-4593
This commit is contained in:
Joe Grandja 2017-10-06 16:14:56 -04:00
parent 9833f0090d
commit ce142e50b6
5 changed files with 130 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationCodeAuthenticationFilter.java
View File

@ -27,11 +27,11 @@ import org.springframework.security.oauth2.client.authentication.OAuth2UserAuthe
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationIdentifierStrategy;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.converter.AuthorizationCodeAuthorizationResponseAttributesConverter;
import org.springframework.security.oauth2.client.web.converter.AuthorizationResponseConverter;
import org.springframework.security.oauth2.client.web.converter.ErrorResponseAttributesConverter;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.AuthorizationCodeAuthorizationResponseAttributes;
import org.springframework.security.oauth2.core.endpoint.AuthorizationRequestAttributes;
import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
import org.springframework.security.oauth2.core.endpoint.ErrorResponseAttributes;
import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
import org.springframework.security.oauth2.core.user.OAuth2User;
@ -87,8 +87,7 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
private static final String INVALID_STATE_PARAMETER_ERROR_CODE = "invalid_state_parameter";
private static final String INVALID_REDIRECT_URI_PARAMETER_ERROR_CODE = "invalid_redirect_uri_parameter";
private final ErrorResponseAttributesConverter errorResponseConverter = new ErrorResponseAttributesConverter();
private final AuthorizationCodeAuthorizationResponseAttributesConverter authorizationCodeResponseConverter =
new AuthorizationCodeAuthorizationResponseAttributesConverter();
private final AuthorizationResponseConverter authorizationResponseConverter = new AuthorizationResponseConverter();
private ClientRegistrationRepository clientRegistrationRepository;
private RequestMatcher authorizationResponseMatcher = new AuthorizationResponseMatcher();
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
@ -125,11 +124,10 @@ public class AuthorizationCodeAuthenticationFilter extends AbstractAuthenticatio
.redirectUri(matchingAuthorizationRequest.getRedirectUri())
.build();
AuthorizationCodeAuthorizationResponseAttributes authorizationCodeResponseAttributes =
this.authorizationCodeResponseConverter.apply(request);
AuthorizationResponse authorizationResponse = this.authorizationResponseConverter.apply(request);
AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = new AuthorizationCodeAuthenticationToken(
authorizationCodeResponseAttributes.getCode(), clientRegistration, matchingAuthorizationRequest);
authorizationResponse.getCode(), clientRegistration, matchingAuthorizationRequest);
authorizationCodeAuthentication.setDetails(this.authenticationDetailsSource.buildDetails(request));
OAuth2ClientAuthenticationToken oauth2ClientAuthentication =

18
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationCodeAuthorizationResponseAttributesConverter.java → oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/converter/AuthorizationResponseConverter.java
View File

@ -15,7 +15,7 @@
*/
package org.springframework.security.oauth2.client.web.converter;
import org.springframework.security.oauth2.core.endpoint.AuthorizationCodeAuthorizationResponseAttributes;
import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
import org.springframework.util.Assert;
@ -24,26 +24,24 @@ import java.util.function.Function;
/**
* A <code>Function</code> that converts an <i>OAuth 2.0 Authorization Code Grant Response</i>
* (in the form of a {@link HttpServletRequest}) to a {@link AuthorizationCodeAuthorizationResponseAttributes}.
* (in the form of a {@link HttpServletRequest}) to a {@link AuthorizationResponse}.
*
* @author Joe Grandja
* @since 5.0
* @see AuthorizationCodeAuthorizationResponseAttributes
* @see AuthorizationResponse
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Code Grant Response</a>
*/
public final class AuthorizationCodeAuthorizationResponseAttributesConverter implements Function<HttpServletRequest, AuthorizationCodeAuthorizationResponseAttributes> {
public final class AuthorizationResponseConverter implements Function<HttpServletRequest, AuthorizationResponse> {
@Override
public AuthorizationCodeAuthorizationResponseAttributes apply(HttpServletRequest request) {
AuthorizationCodeAuthorizationResponseAttributes response;
public AuthorizationResponse apply(HttpServletRequest request) {
String code = request.getParameter(OAuth2Parameter.CODE);
Assert.hasText(code, OAuth2Parameter.CODE + " attribute is required");
String state = request.getParameter(OAuth2Parameter.STATE);
response = new AuthorizationCodeAuthorizationResponseAttributes(code, state);
return response;
return AuthorizationResponse.success(code)
.state(state)
.build();
}
}

44
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeAuthorizationResponseAttributes.java
View File

@ -1,44 +0,0 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.core.endpoint;
import org.springframework.util.Assert;
/**
* A representation of an <i>OAuth 2.0 Authorization Response</i> for the authorization code grant type.
*
* @author Joe Grandja
* @since 5.0
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Response</a>
*/
public final class AuthorizationCodeAuthorizationResponseAttributes {
private final String code;
private final String state;
public AuthorizationCodeAuthorizationResponseAttributes(String code, String state) {
Assert.notNull(code, "code cannot be null");
this.code = code;
this.state = state;
}
public String getCode() {
return this.code;
}
public String getState() {
return this.state;
}
}

117
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationResponse.java Normal file
View File

@ -0,0 +1,117 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.core.endpoint;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
/**
* A representation of an <i>OAuth 2.0 Authorization Response</i> for the authorization code grant type.
*
* @author Joe Grandja
* @since 5.0
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Response</a>
*/
public final class AuthorizationResponse {
private String code;
private String state;
private OAuth2Error error;
private AuthorizationResponse() {
}
public String getCode() {
return this.code;
}
public String getState() {
return this.state;
}
public OAuth2Error getError() {
return this.error;
}
public boolean statusOk() {
return !this.statusError();
}
public boolean statusError() {
return this.error != null && this.error.getErrorCode() != null;
}
public static Builder success(String code) {
Assert.hasText(code, "code cannot be empty");
return new Builder().code(code);
}
public static Builder error(String errorCode) {
Assert.hasText(errorCode, "errorCode cannot be empty");
return new Builder().errorCode(errorCode);
}
public static class Builder {
private String code;
private String state;
private String errorCode;
private String errorDescription;
private String errorUri;
private Builder() {
}
public Builder code(String code) {
this.code = code;
return this;
}
public Builder state(String state) {
this.state = state;
return this;
}
public Builder errorCode(String errorCode) {
this.errorCode = errorCode;
return this;
}
public Builder errorDescription(String errorDescription) {
this.errorDescription = errorDescription;
return this;
}
public Builder errorUri(String errorUri) {
this.errorUri = errorUri;
return this;
}
public AuthorizationResponse build() {
if (StringUtils.hasText(this.code) && StringUtils.hasText(this.errorCode)) {
throw new IllegalArgumentException("code and errorCode cannot both be set");
}
AuthorizationResponse authorizationResponse = new AuthorizationResponse();
if (StringUtils.hasText(this.code)) {
authorizationResponse.code = this.code;
} else {
authorizationResponse.error = new OAuth2Error(
this.errorCode, this.errorDescription, this.errorUri);
}
authorizationResponse.state = this.state;
return authorizationResponse;
}
}
}

31
oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationCodeAuthorizationResponseAttributesTest.java
View File

@ -1,31 +0,0 @@
/*
* Copyright 2012-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.core.endpoint;
import org.junit.Test;
/**
* Tests {@link AuthorizationCodeAuthorizationResponseAttributes}
*
* @author Luander Ribeiro
*/
public class AuthorizationCodeAuthorizationResponseAttributesTest {
@Test(expected = IllegalArgumentException.class)
public void constructorWhenCodeIsNullThenThrowIllegalArgumentException() {
new AuthorizationCodeAuthorizationResponseAttributes(null, "xyz");
}
}