Remove AuthorizationCodeRequestRedirectFilter. setAuthorizationRequestMatcher
This commit is contained in:
Joe Grandja
parent
6b16fa0d8c
commit
efa4bf409c
|
|
@ -65,7 +65,7 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
|
|||
|
||||
// ***** Authorization Request members
|
||||
private AuthorizationCodeRequestRedirectFilter authorizationRequestFilter;
|
||||
private RequestMatcher authorizationRequestMatcher;
|
||||
private String authorizationRequestBaseUri = AuthorizationCodeRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
|
||||
private AuthorizationRequestUriBuilder authorizationRequestBuilder;
|
||||
private AuthorizationRequestRepository authorizationRequestRepository;
|
||||
|
||||
|
|
@ -80,9 +80,9 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
|
|||
private Map<URI, Class<? extends OAuth2User>> customUserTypes = new HashMap<>();
|
||||
private GrantedAuthoritiesMapper userAuthoritiesMapper;
|
||||
|
||||
public AuthorizationCodeGrantConfigurer<B> authorizationRequestMatcher(RequestMatcher authorizationRequestMatcher) {
|
||||
Assert.notNull(authorizationRequestMatcher, "authorizationRequestMatcher cannot be null");
|
||||
this.authorizationRequestMatcher = authorizationRequestMatcher;
|
||||
public AuthorizationCodeGrantConfigurer<B> authorizationRequestBaseUri(String authorizationRequestBaseUri) {
|
||||
Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");
|
||||
this.authorizationRequestBaseUri = authorizationRequestBaseUri;
|
||||
return this;
|
||||
}
|
||||
|
||||
|
|
@ -183,10 +183,7 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
|
|||
//
|
||||
// -> AuthorizationCodeRequestRedirectFilter
|
||||
this.authorizationRequestFilter = new AuthorizationCodeRequestRedirectFilter(
|
||||
this.getClientRegistrationRepository());
|
||||
if (this.authorizationRequestMatcher != null) {
|
||||
this.authorizationRequestFilter.setAuthorizationRequestMatcher(this.authorizationRequestMatcher);
|
||||
}
|
||||
this.authorizationRequestBaseUri, this.getClientRegistrationRepository());
|
||||
if (this.authorizationRequestBuilder != null) {
|
||||
this.authorizationRequestFilter.setAuthorizationUriBuilder(this.authorizationRequestBuilder);
|
||||
}
|
||||
|
|
@ -221,8 +218,8 @@ public class AuthorizationCodeGrantConfigurer<B extends HttpSecurityBuilder<B>>
|
|||
return this.authorizationRequestFilter;
|
||||
}
|
||||
|
||||
RequestMatcher getAuthorizationRequestMatcher() {
|
||||
return this.authorizationRequestMatcher;
|
||||
String getAuthorizationRequestBaseUri() {
|
||||
return this.authorizationRequestBaseUri;
|
||||
}
|
||||
|
||||
AuthorizationCodeAuthenticationFilter getAuthorizationResponseFilter() {
|
||||
|
|
|
|||
|
|
@ -28,14 +28,12 @@ import org.springframework.security.oauth2.client.registration.InMemoryClientReg
|
|||
import org.springframework.security.oauth2.client.token.SecurityTokenRepository;
|
||||
import org.springframework.security.oauth2.client.user.OAuth2UserService;
|
||||
import org.springframework.security.oauth2.client.web.AuthorizationCodeAuthenticationFilter;
|
||||
import org.springframework.security.oauth2.client.web.AuthorizationCodeRequestRedirectFilter;
|
||||
import org.springframework.security.oauth2.client.web.AuthorizationGrantTokenExchanger;
|
||||
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
|
||||
import org.springframework.security.oauth2.client.web.AuthorizationRequestUriBuilder;
|
||||
import org.springframework.security.oauth2.core.AccessToken;
|
||||
import org.springframework.security.oauth2.core.user.OAuth2User;
|
||||
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
|
@ -44,8 +42,6 @@ import java.util.Arrays;
|
|||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.springframework.security.oauth2.client.web.AuthorizationCodeRequestRedirectFilter.REGISTRATION_ID_URI_VARIABLE_NAME;
|
||||
|
||||
/**
|
||||
* A security configurer for OAuth 2.0 / OpenID Connect 1.0 login.
|
||||
*
|
||||
|
|
@ -85,9 +81,9 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
|
|||
private AuthorizationEndpointConfig() {
|
||||
}
|
||||
|
||||
public AuthorizationEndpointConfig requestMatcher(RequestMatcher authorizationRequestMatcher) {
|
||||
Assert.notNull(authorizationRequestMatcher, "authorizationRequestMatcher cannot be null");
|
||||
authorizationCodeGrantConfigurer.authorizationRequestMatcher(authorizationRequestMatcher);
|
||||
public AuthorizationEndpointConfig baseUri(String authorizationRequestBaseUri) {
|
||||
Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");
|
||||
authorizationCodeGrantConfigurer.authorizationRequestBaseUri(authorizationRequestBaseUri);
|
||||
return this;
|
||||
}
|
||||
|
||||
|
|
@ -247,24 +243,10 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
|
|||
return;
|
||||
}
|
||||
|
||||
String authorizationRequestBaseUri;
|
||||
RequestMatcher authorizationRequestMatcher = authorizationCodeGrantConfigurer.getAuthorizationRequestMatcher();
|
||||
if (authorizationRequestMatcher != null && AntPathRequestMatcher.class.isAssignableFrom(authorizationRequestMatcher.getClass())) {
|
||||
String authorizationRequestPattern = ((AntPathRequestMatcher)authorizationRequestMatcher).getPattern();
|
||||
String registrationIdTemplateVariable = "{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}";
|
||||
if (authorizationRequestPattern.endsWith(registrationIdTemplateVariable)) {
|
||||
authorizationRequestBaseUri = authorizationRequestPattern.substring(
|
||||
0, authorizationRequestPattern.length() - registrationIdTemplateVariable.length() - 1);
|
||||
} else {
|
||||
authorizationRequestBaseUri = authorizationRequestPattern;
|
||||
}
|
||||
} else {
|
||||
authorizationRequestBaseUri = AuthorizationCodeRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
|
||||
}
|
||||
|
||||
Map<String, String> authenticationUrlToClientName = new HashMap<>();
|
||||
clientRegistrations.forEach(registration -> authenticationUrlToClientName.put(
|
||||
authorizationRequestBaseUri + "/" + registration.getRegistrationId(), registration.getClientName()));
|
||||
authorizationCodeGrantConfigurer.getAuthorizationRequestBaseUri() + "/" + registration.getRegistrationId(),
|
||||
registration.getClientName()));
|
||||
loginPageGeneratingFilter.setOauth2LoginEnabled(true);
|
||||
loginPageGeneratingFilter.setOauth2AuthenticationUrlToClientName(authenticationUrlToClientName);
|
||||
loginPageGeneratingFilter.setLoginPageUrl(this.getLoginPage());
|
||||
|
|
|
|||
|
|
@ -64,8 +64,7 @@ import java.util.Map;
|
|||
public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter {
|
||||
public static final String DEFAULT_AUTHORIZATION_REQUEST_BASE_URI = "/oauth2/authorization/code";
|
||||
public static final String REGISTRATION_ID_URI_VARIABLE_NAME = "registrationId";
|
||||
public static final String DEFAULT_AUTHORIZATION_REQUEST_URI = DEFAULT_AUTHORIZATION_REQUEST_BASE_URI + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}";
|
||||
private RequestMatcher authorizationRequestMatcher = new AntPathRequestMatcher(DEFAULT_AUTHORIZATION_REQUEST_URI);
|
||||
private final RequestMatcher authorizationRequestMatcher;
|
||||
private final ClientRegistrationRepository clientRegistrationRepository;
|
||||
private AuthorizationRequestUriBuilder authorizationUriBuilder = new DefaultAuthorizationRequestUriBuilder();
|
||||
private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();
|
||||
|
|
@ -73,15 +72,17 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
|
|||
private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
|
||||
|
||||
public AuthorizationCodeRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) {
|
||||
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
|
||||
this.clientRegistrationRepository = clientRegistrationRepository;
|
||||
this(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI, clientRegistrationRepository);
|
||||
}
|
||||
|
||||
public final void setAuthorizationRequestMatcher(RequestMatcher authorizationRequestMatcher) {
|
||||
Assert.notNull(authorizationRequestMatcher, "authorizationRequestMatcher cannot be null");
|
||||
Assert.isInstanceOf(RequestVariablesExtractor.class, authorizationRequestMatcher,
|
||||
"authorizationRequestMatcher must also be a " + RequestVariablesExtractor.class.getName());
|
||||
this.authorizationRequestMatcher = authorizationRequestMatcher;
|
||||
public AuthorizationCodeRequestRedirectFilter(
|
||||
String authorizationRequestBaseUri, ClientRegistrationRepository clientRegistrationRepository) {
|
||||
|
||||
Assert.hasText(authorizationRequestBaseUri, "authorizationRequestBaseUri cannot be empty");
|
||||
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
|
||||
this.authorizationRequestMatcher = new AntPathRequestMatcher(
|
||||
authorizationRequestBaseUri + "/{" + REGISTRATION_ID_URI_VARIABLE_NAME + "}");
|
||||
this.clientRegistrationRepository = clientRegistrationRepository;
|
||||
}
|
||||
|
||||
public final void setAuthorizationUriBuilder(AuthorizationRequestUriBuilder authorizationUriBuilder) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue