From dab69502316637241ae69d00b91e7278b1a4190e Mon Sep 17 00:00:00 2001 From: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com> Date: Thu, 17 Oct 2024 11:51:32 -0500 Subject: [PATCH] Move parametersCustomizer The parametersCustomizer was introduced in 6.4.0-M4 with DefaultOAuth2TokenRequestParametersConverter. However, it cannot be applied to all parameters and so does not fully solve gh-11298. This commit moves the customizer to the abstract class so it can be applied to all parameters. Closes gh-15939 --- ...stClientOAuth2AccessTokenResponseClient.java | 16 ++++++++++++++++ ...ReactiveOAuth2AccessTokenResponseClient.java | 16 ++++++++++++++++ ...ltOAuth2TokenRequestParametersConverter.java | 17 ----------------- ...thorizationCodeTokenResponseClientTests.java | 16 ++++++++++------ ...ientCredentialsTokenResponseClientTests.java | 16 ++++++++++------ ...ClientJwtBearerTokenResponseClientTests.java | 16 ++++++++++------ ...entRefreshTokenTokenResponseClientTests.java | 16 ++++++++++------ ...ntTokenExchangeTokenResponseClientTests.java | 16 ++++++++++------ ...thorizationCodeTokenResponseClientTests.java | 11 +++++++++++ ...ientCredentialsTokenResponseClientTests.java | 12 ++++++++++++ ...activeJwtBearerTokenResponseClientTests.java | 12 ++++++++++++ ...eactivePasswordTokenResponseClientTests.java | 12 ++++++++++++ ...iveRefreshTokenTokenResponseClientTests.java | 12 ++++++++++++ ...veTokenExchangeTokenResponseClientTests.java | 12 ++++++++++++ 14 files changed, 153 insertions(+), 47 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractRestClientOAuth2AccessTokenResponseClient.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractRestClientOAuth2AccessTokenResponseClient.java index 597b05200d..af5d79d69a 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractRestClientOAuth2AccessTokenResponseClient.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractRestClientOAuth2AccessTokenResponseClient.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.client.endpoint; +import java.util.function.Consumer; + import org.springframework.core.convert.converter.Converter; import org.springframework.http.HttpHeaders; import org.springframework.http.converter.FormHttpMessageConverter; @@ -76,6 +78,9 @@ public abstract class AbstractRestClientOAuth2AccessTokenResponseClient> parametersConverter = new DefaultOAuth2TokenRequestParametersConverter<>(); + private Consumer> parametersCustomizer = (parameters) -> { + }; + AbstractRestClientOAuth2AccessTokenResponseClient() { } @@ -127,6 +132,7 @@ public abstract class AbstractRestClientOAuth2AccessTokenResponseClient(); } + this.parametersCustomizer.accept(parameters); return this.restClient.post() .uri(grantRequest.getClientRegistration().getProviderDetails().getTokenUri()) @@ -243,4 +249,14 @@ public abstract class AbstractRestClientOAuth2AccessTokenResponseClient> parametersCustomizer) { + Assert.notNull(parametersCustomizer, "parametersCustomizer cannot be null"); + this.parametersCustomizer = parametersCustomizer; + } + } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java index 24241aabec..5bee19372f 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.client.endpoint; +import java.util.function.Consumer; + import reactor.core.publisher.Mono; import org.springframework.core.convert.converter.Converter; @@ -68,6 +70,9 @@ public abstract class AbstractWebClientReactiveOAuth2AccessTokenResponseClient> parametersConverter = new DefaultOAuth2TokenRequestParametersConverter<>(); + private Consumer> parametersCustomizer = (parameters) -> { + }; + private BodyExtractor, ReactiveHttpInputMessage> bodyExtractor = OAuth2BodyExtractors .oauth2AccessTokenResponse(); @@ -108,6 +113,7 @@ public abstract class AbstractWebClientReactiveOAuth2AccessTokenResponseClient(); } + this.parametersCustomizer.accept(parameters); return this.webClient.post() .uri(grantRequest.getClientRegistration().getProviderDetails().getTokenUri()) @@ -228,6 +234,16 @@ public abstract class AbstractWebClientReactiveOAuth2AccessTokenResponseClient> parametersCustomizer) { + Assert.notNull(parametersCustomizer, "parametersCustomizer cannot be null"); + this.parametersCustomizer = parametersCustomizer; + } + /** * Sets the {@link BodyExtractor} that will be used to decode the * {@link OAuth2AccessTokenResponse} diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultOAuth2TokenRequestParametersConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultOAuth2TokenRequestParametersConverter.java index 07677a8f39..70a396f7c3 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultOAuth2TokenRequestParametersConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultOAuth2TokenRequestParametersConverter.java @@ -16,13 +16,10 @@ package org.springframework.security.oauth2.client.endpoint; -import java.util.function.Consumer; - import org.springframework.core.convert.converter.Converter; import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.core.ClientAuthenticationMethod; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; -import org.springframework.util.Assert; import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.MultiValueMap; @@ -64,19 +61,6 @@ public final class DefaultOAuth2TokenRequestParametersConverter> defaultParametersConverter = createDefaultParametersConverter(); - private Consumer> parametersCustomizer = (parameters) -> { - }; - - /** - * Sets the {@link Consumer} used for customizing the OAuth 2.0 Access Token - * parameters, which allows for parameters to be added, overwritten or removed. - * @param parametersCustomizer the {@link Consumer} to customize the parameters - */ - public void setParametersCustomizer(Consumer> parametersCustomizer) { - Assert.notNull(parametersCustomizer, "parametersCustomizer cannot be null"); - this.parametersCustomizer = parametersCustomizer; - } - @Override public MultiValueMap convert(T grantRequest) { ClientRegistration clientRegistration = grantRequest.getClientRegistration(); @@ -95,7 +79,6 @@ public final class DefaultOAuth2TokenRequestParametersConverter this.tokenResponseClient.setParametersCustomizer(null)) + .withMessage("parametersCustomizer cannot be null"); + // @formatter:on + } + @Test public void getTokenResponseWhenGrantRequestIsNullThenThrowIllegalArgumentException() { // @formatter:off @@ -439,12 +448,7 @@ public class RestClientAuthorizationCodeTokenResponseClientTests { OAuth2AuthorizationCodeGrantRequest grantRequest = new OAuth2AuthorizationCodeGrantRequest(clientRegistration, this.authorizationExchange); Consumer> parametersCustomizer = mock(); - // @formatter:off - DefaultOAuth2TokenRequestParametersConverter parametersConverter = - new DefaultOAuth2TokenRequestParametersConverter<>(); - // @formatter:on - parametersConverter.setParametersCustomizer(parametersCustomizer); - this.tokenResponseClient.setParametersConverter(parametersConverter); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); this.tokenResponseClient.getTokenResponse(grantRequest); verify(parametersCustomizer).accept(any()); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientClientCredentialsTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientClientCredentialsTokenResponseClientTests.java index f1936fcce6..05791d4c27 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientClientCredentialsTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientClientCredentialsTokenResponseClientTests.java @@ -138,6 +138,15 @@ public class RestClientClientCredentialsTokenResponseClientTests { // @formatter:on } + @Test + public void setParametersCustomizerWhenNullThenThrowIllegalArgumentException() { + // @formatter:off + assertThatIllegalArgumentException() + .isThrownBy(() -> this.tokenResponseClient.setParametersCustomizer(null)) + .withMessage("parametersCustomizer cannot be null"); + // @formatter:on + } + @Test public void getTokenResponseWhenGrantRequestIsNullThenThrowIllegalArgumentException() { // @formatter:off @@ -438,12 +447,7 @@ public class RestClientClientCredentialsTokenResponseClientTests { ClientRegistration clientRegistration = this.clientRegistration.build(); OAuth2ClientCredentialsGrantRequest grantRequest = new OAuth2ClientCredentialsGrantRequest(clientRegistration); Consumer> parametersCustomizer = mock(); - // @formatter:off - DefaultOAuth2TokenRequestParametersConverter parametersConverter = - new DefaultOAuth2TokenRequestParametersConverter<>(); - // @formatter:on - parametersConverter.setParametersCustomizer(parametersCustomizer); - this.tokenResponseClient.setParametersConverter(parametersConverter); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); this.tokenResponseClient.getTokenResponse(grantRequest); verify(parametersCustomizer).accept(any()); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientJwtBearerTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientJwtBearerTokenResponseClientTests.java index 77a00712e0..4342856343 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientJwtBearerTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientJwtBearerTokenResponseClientTests.java @@ -140,6 +140,15 @@ public class RestClientJwtBearerTokenResponseClientTests { // @formatter:on } + @Test + public void setParametersCustomizerWhenNullThenThrowIllegalArgumentException() { + // @formatter:off + assertThatIllegalArgumentException() + .isThrownBy(() -> this.tokenResponseClient.setParametersCustomizer(null)) + .withMessage("parametersCustomizer cannot be null"); + // @formatter:on + } + @Test public void getTokenResponseWhenGrantRequestIsNullThenThrowIllegalArgumentException() { // @formatter:off @@ -414,12 +423,7 @@ public class RestClientJwtBearerTokenResponseClientTests { ClientRegistration clientRegistration = this.clientRegistration.build(); JwtBearerGrantRequest grantRequest = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion); Consumer> parametersCustomizer = mock(); - // @formatter:off - DefaultOAuth2TokenRequestParametersConverter parametersConverter = - new DefaultOAuth2TokenRequestParametersConverter<>(); - // @formatter:on - parametersConverter.setParametersCustomizer(parametersCustomizer); - this.tokenResponseClient.setParametersConverter(parametersConverter); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); this.tokenResponseClient.getTokenResponse(grantRequest); verify(parametersCustomizer).accept(any()); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientRefreshTokenTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientRefreshTokenTokenResponseClientTests.java index 5d55f5160d..4b4302ef91 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientRefreshTokenTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientRefreshTokenTokenResponseClientTests.java @@ -147,6 +147,15 @@ public class RestClientRefreshTokenTokenResponseClientTests { // @formatter:on } + @Test + public void setParametersCustomizerWhenNullThenThrowIllegalArgumentException() { + // @formatter:off + assertThatIllegalArgumentException() + .isThrownBy(() -> this.tokenResponseClient.setParametersCustomizer(null)) + .withMessage("parametersCustomizer cannot be null"); + // @formatter:on + } + @Test public void getTokenResponseWhenGrantRequestIsNullThenThrowIllegalArgumentException() { // @formatter:off @@ -461,12 +470,7 @@ public class RestClientRefreshTokenTokenResponseClientTests { OAuth2RefreshTokenGrantRequest grantRequest = new OAuth2RefreshTokenGrantRequest(clientRegistration, this.accessToken, this.refreshToken); Consumer> parametersCustomizer = mock(); - // @formatter:off - DefaultOAuth2TokenRequestParametersConverter parametersConverter = - new DefaultOAuth2TokenRequestParametersConverter<>(); - // @formatter:on - parametersConverter.setParametersCustomizer(parametersCustomizer); - this.tokenResponseClient.setParametersConverter(parametersConverter); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); this.tokenResponseClient.getTokenResponse(grantRequest); verify(parametersCustomizer).accept(any()); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientTokenExchangeTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientTokenExchangeTokenResponseClientTests.java index 23fe4828a7..e906e90ada 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientTokenExchangeTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/RestClientTokenExchangeTokenResponseClientTests.java @@ -148,6 +148,15 @@ public class RestClientTokenExchangeTokenResponseClientTests { // @formatter:on } + @Test + public void setParametersCustomizerWhenNullThenThrowIllegalArgumentException() { + // @formatter:off + assertThatIllegalArgumentException() + .isThrownBy(() -> this.tokenResponseClient.setParametersCustomizer(null)) + .withMessage("parametersCustomizer cannot be null"); + // @formatter:on + } + @Test public void getTokenResponseWhenGrantRequestIsNullThenThrowIllegalArgumentException() { // @formatter:off @@ -545,12 +554,7 @@ public class RestClientTokenExchangeTokenResponseClientTests { TokenExchangeGrantRequest grantRequest = new TokenExchangeGrantRequest(clientRegistration, this.subjectToken, this.actorToken); Consumer> parametersCustomizer = mock(); - // @formatter:off - DefaultOAuth2TokenRequestParametersConverter parametersConverter = - new DefaultOAuth2TokenRequestParametersConverter<>(); - // @formatter:on - parametersConverter.setParametersCustomizer(parametersCustomizer); - this.tokenResponseClient.setParametersConverter(parametersConverter); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); this.tokenResponseClient.getTokenResponse(grantRequest); verify(parametersCustomizer).accept(any()); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java index 5da4552bdf..3cd560eb1c 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveAuthorizationCodeTokenResponseClientTests.java @@ -22,6 +22,7 @@ import java.time.Instant; import java.util.Collections; import java.util.HashMap; import java.util.Map; +import java.util.function.Consumer; import java.util.function.Function; import javax.crypto.spec.SecretKeySpec; @@ -406,6 +407,16 @@ public class WebClientReactiveAuthorizationCodeTokenResponseClientTests { // @formatter:on } + @Test + public void getTokenResponseWhenParametersCustomizerSetThenCalled() throws Exception { + this.server.enqueue(MockResponses.json("access-token-response.json")); + OAuth2AuthorizationCodeGrantRequest request = authorizationCodeGrantRequest(); + Consumer> parametersCustomizer = mock(); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); + this.tokenResponseClient.getTokenResponse(request).block(); + verify(parametersCustomizer).accept(any()); + } + // gh-10260 @Test public void getTokenResponseWhenSuccessCustomResponseThenReturnAccessTokenResponse() { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java index 994a375f56..42b6865b07 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveClientCredentialsTokenResponseClientTests.java @@ -20,6 +20,7 @@ import java.net.URLEncoder; import java.nio.charset.StandardCharsets; import java.util.Base64; import java.util.Collections; +import java.util.function.Consumer; import java.util.function.Function; import javax.crypto.spec.SecretKeySpec; @@ -365,6 +366,17 @@ public class WebClientReactiveClientCredentialsTokenResponseClientTests { // @formatter:on } + @Test + public void getTokenResponseWhenParametersCustomizerSetThenCalled() throws Exception { + this.server.enqueue(MockResponses.json("access-token-response.json")); + OAuth2ClientCredentialsGrantRequest request = new OAuth2ClientCredentialsGrantRequest( + this.clientRegistration.build()); + Consumer> parametersCustomizer = mock(); + this.client.setParametersCustomizer(parametersCustomizer); + this.client.getTokenResponse(request).block(); + verify(parametersCustomizer).accept(any()); + } + // gh-10260 @Test public void getTokenResponseWhenSuccessCustomResponseThenReturnAccessTokenResponse() { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveJwtBearerTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveJwtBearerTokenResponseClientTests.java index 21b7d2154e..ceddd44413 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveJwtBearerTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveJwtBearerTokenResponseClientTests.java @@ -19,6 +19,7 @@ package org.springframework.security.oauth2.client.endpoint; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; import java.util.Collections; +import java.util.function.Consumer; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -289,6 +290,17 @@ public class WebClientReactiveJwtBearerTokenResponseClientTests { // @formatter:on } + @Test + public void getTokenResponseWhenParametersCustomizerSetThenCalled() throws Exception { + this.server.enqueue(MockResponses.json("access-token-response.json")); + ClientRegistration clientRegistration = this.clientRegistration.build(); + JwtBearerGrantRequest request = new JwtBearerGrantRequest(clientRegistration, this.jwtAssertion); + Consumer> parametersCustomizer = mock(); + this.client.setParametersCustomizer(parametersCustomizer); + this.client.getTokenResponse(request).block(); + verify(parametersCustomizer).accept(any()); + } + @Test public void getTokenResponseWhenBodyExtractorSetThenCalled() { BodyExtractor, ReactiveHttpInputMessage> bodyExtractor = mock(); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java index e4a970f8e5..10696143a1 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactivePasswordTokenResponseClientTests.java @@ -20,6 +20,7 @@ import java.net.URLEncoder; import java.nio.charset.StandardCharsets; import java.time.Instant; import java.util.Collections; +import java.util.function.Consumer; import java.util.function.Function; import javax.crypto.spec.SecretKeySpec; @@ -408,6 +409,17 @@ public class WebClientReactivePasswordTokenResponseClientTests { // @formatter:on } + @Test + public void getTokenResponseWhenParametersCustomizerSetThenCalled() throws Exception { + this.server.enqueue(MockResponses.json("access-token-response.json")); + OAuth2PasswordGrantRequest request = new OAuth2PasswordGrantRequest(this.clientRegistrationBuilder.build(), + this.username, this.password); + Consumer> parametersCustomizer = mock(); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); + this.tokenResponseClient.getTokenResponse(request).block(); + verify(parametersCustomizer).accept(any()); + } + // gh-10260 @Test public void getTokenResponseWhenSuccessCustomResponseThenReturnAccessTokenResponse() { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java index 068a27d6e1..1063f57ade 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveRefreshTokenTokenResponseClientTests.java @@ -20,6 +20,7 @@ import java.net.URLEncoder; import java.nio.charset.StandardCharsets; import java.time.Instant; import java.util.Collections; +import java.util.function.Consumer; import java.util.function.Function; import javax.crypto.spec.SecretKeySpec; @@ -378,6 +379,17 @@ public class WebClientReactiveRefreshTokenTokenResponseClientTests { // @formatter:on } + @Test + public void getTokenResponseWhenParametersCustomizerSetThenCalled() throws Exception { + this.server.enqueue(MockResponses.json("access-token-response.json")); + OAuth2RefreshTokenGrantRequest request = new OAuth2RefreshTokenGrantRequest( + this.clientRegistrationBuilder.build(), this.accessToken, this.refreshToken); + Consumer> parametersCustomizer = mock(); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); + this.tokenResponseClient.getTokenResponse(request).block(); + verify(parametersCustomizer).accept(any()); + } + // gh-10260 @Test public void getTokenResponseWhenSuccessCustomResponseThenReturnAccessTokenResponse() { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java index 59e9e94df4..c36d750dde 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/WebClientReactiveTokenExchangeTokenResponseClientTests.java @@ -21,6 +21,7 @@ import java.net.URLEncoder; import java.nio.charset.StandardCharsets; import java.time.Instant; import java.util.Collections; +import java.util.function.Consumer; import okhttp3.mockwebserver.MockResponse; import okhttp3.mockwebserver.MockWebServer; @@ -529,6 +530,17 @@ public class WebClientReactiveTokenExchangeTokenResponseClientTests { // @formatter:on } + @Test + public void getTokenResponseWhenParametersCustomizerSetThenCalled() throws Exception { + this.server.enqueue(MockResponses.json("access-token-response.json")); + TokenExchangeGrantRequest request = new TokenExchangeGrantRequest(this.clientRegistration.build(), + this.subjectToken, this.actorToken); + Consumer> parametersCustomizer = mock(); + this.tokenResponseClient.setParametersCustomizer(parametersCustomizer); + this.tokenResponseClient.getTokenResponse(request).block(); + verify(parametersCustomizer).accept(any()); + } + @Test public void getTokenResponseWhenBodyExtractorSetThenCalled() { this.server.enqueue(MockResponses.json("access-token-response.json"));