From e139f1c2baa095836dd9256ee45ebc09b1d1e7d2 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Thu, 22 Dec 2022 10:28:49 -0500 Subject: [PATCH] Polish gh-12438 --- .../config/web/server/ServerHttpSecurity.java | 45 +++++++++---------- .../web/server/OAuth2ClientSpecTests.java | 10 ++--- .../pages/reactive/oauth2/client/index.adoc | 2 + 3 files changed, 29 insertions(+), 28 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index 572acf5878..11e7a716a6 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -3829,33 +3829,13 @@ public class ServerHttpSecurity { private ServerAuthorizationRequestRepository authorizationRequestRepository; - private ServerRedirectStrategy authorizationRedirectStrategy; - private ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver; + private ServerRedirectStrategy authorizationRedirectStrategy; + private OAuth2ClientSpec() { } - /** - * Sets the resolver used for resolving {@link OAuth2AuthorizationRequest}'s. - * @param authorizationRequestResolver the resolver used for resolving - * {@link OAuth2AuthorizationRequest}'s - * @return the {@link OAuth2ClientSpec} for further configuration - * @since 6.1 - */ - public OAuth2ClientSpec authorizationRequestResolver( - ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) { - this.authorizationRequestResolver = authorizationRequestResolver; - return this; - } - - private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() { - if (this.authorizationRequestResolver != null) { - return new OAuth2AuthorizationRequestRedirectWebFilter(this.authorizationRequestResolver); - } - return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository()); - } - /** * Sets the converter to use * @param authenticationConverter the converter to use @@ -3945,6 +3925,26 @@ public class ServerHttpSecurity { return this.authorizationRequestRepository; } + /** + * Sets the resolver used for resolving {@link OAuth2AuthorizationRequest}'s. + * @param authorizationRequestResolver the resolver used for resolving + * {@link OAuth2AuthorizationRequest}'s + * @return the {@link OAuth2ClientSpec} to customize + * @since 6.1 + */ + public OAuth2ClientSpec authorizationRequestResolver( + ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) { + this.authorizationRequestResolver = authorizationRequestResolver; + return this; + } + + private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() { + if (this.authorizationRequestResolver != null) { + return new OAuth2AuthorizationRequestRedirectWebFilter(this.authorizationRequestResolver); + } + return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository()); + } + /** * Sets the redirect strategy for Authorization Endpoint redirect URI. * @param authorizationRedirectStrategy the redirect strategy @@ -3971,7 +3971,6 @@ public class ServerHttpSecurity { } protected void configure(ServerHttpSecurity http) { - ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository(); ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository(); ServerAuthenticationConverter authenticationConverter = getAuthenticationConverter(); ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java index 967c7a18ae..6457989d3f 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -39,8 +39,8 @@ import org.springframework.security.oauth2.client.registration.InMemoryReactiveC import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.TestClientRegistrations; import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository; -import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver; +import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.TestOAuth2AccessTokens; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange; @@ -134,8 +134,8 @@ public class OAuth2ClientSpecTests { ServerAuthenticationConverter converter = config.authenticationConverter; ReactiveAuthenticationManager manager = config.manager; ServerAuthorizationRequestRepository authorizationRequestRepository = config.authorizationRequestRepository; - ServerRequestCache requestCache = config.requestCache; ServerOAuth2AuthorizationRequestResolver resolver = config.resolver; + ServerRequestCache requestCache = config.requestCache; OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request() .redirectUri("/authorize/oauth2/code/registration-id").build(); OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success() @@ -268,10 +268,10 @@ public class OAuth2ClientSpecTests { ServerAuthorizationRequestRepository authorizationRequestRepository = mock( ServerAuthorizationRequestRepository.class); - ServerRequestCache requestCache = mock(ServerRequestCache.class); - ServerOAuth2AuthorizationRequestResolver resolver = mock(ServerOAuth2AuthorizationRequestResolver.class); + ServerRequestCache requestCache = mock(ServerRequestCache.class); + @Bean SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) { // @formatter:off diff --git a/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc b/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc index efc697dde9..f080390dfe 100644 --- a/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc +++ b/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc @@ -39,6 +39,7 @@ public class OAuth2ClientSecurityConfig { .clientRegistrationRepository(this.clientRegistrationRepository()) .authorizedClientRepository(this.authorizedClientRepository()) .authorizationRequestRepository(this.authorizationRequestRepository()) + .authorizationRequestResolver(this.authorizationRequestResolver()) .authenticationConverter(this.authenticationConverter()) .authenticationManager(this.authenticationManager()) ); @@ -62,6 +63,7 @@ class OAuth2ClientSecurityConfig { clientRegistrationRepository = clientRegistrationRepository() authorizedClientRepository = authorizedClientRepository() authorizationRequestRepository = authorizedRequestRepository() + authorizationRequestResolver = authorizationRequestResolver() authenticationConverter = authenticationConverter() authenticationManager = authenticationManager() }