diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6e01f799a4..3ad21265f6 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -20,8 +20,8 @@ ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.28" com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.21.0" com-google-inject-guice = "com.google.inject:guice:3.0" com-netflix-nebula-nebula-project-plugin = "com.netflix.nebula:nebula-project-plugin:8.2.0" -com-nimbusds-nimbus-jose-jwt = "com.nimbusds:nimbus-jose-jwt:10.4" -com-nimbusds-oauth2-oidc-sdk = "com.nimbusds:oauth2-oidc-sdk:11.26.1" +com-nimbusds-nimbus-jose-jwt = "com.nimbusds:nimbus-jose-jwt:10.6" +com-nimbusds-oauth2-oidc-sdk = "com.nimbusds:oauth2-oidc-sdk:11.33" com-squareup-okhttp3-mockwebserver = { module = "com.squareup.okhttp3:mockwebserver", version.ref = "com-squareup-okhttp3" } com-squareup-okhttp3-okhttp = { module = "com.squareup.okhttp3:okhttp", version.ref = "com-squareup-okhttp3" } com-unboundid-unboundid-ldapsdk = "com.unboundid:unboundid-ldapsdk:7.0.4" diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java index a64ec66627..5e45b1858a 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrations.java @@ -105,7 +105,7 @@ public final class ClientRegistrations { * @return the {@link ClientRegistration} built from the configuration */ public static ClientRegistration.Builder fromOidcConfiguration(Map configuration) { - OIDCProviderMetadata metadata = parse(configuration, OIDCProviderMetadata::parse); + OIDCProviderMetadata metadata = parseInput(configuration, OIDCProviderMetadata::parse); ClientRegistration.Builder builder = withProviderConfiguration(metadata, metadata.getIssuer().getValue()); builder.jwkSetUri(metadata.getJWKSetURI().toASCIIString()); if (metadata.getUserInfoEndpointURI() != null) { @@ -292,6 +292,15 @@ public final class ClientRegistrations { throw new IllegalArgumentException(errorMessage); } + private static T parseInput(Map body, ThrowingFunction parser) { + try { + return parse(body, parser); + } + catch (RuntimeException ex) { + throw new IllegalArgumentException(ex); + } + } + private static T parse(Map body, ThrowingFunction parser) { try { return parser.apply(new JSONObject(body)); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTests.java index 0cf1002d56..053743129b 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTests.java @@ -40,7 +40,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; import static org.assertj.core.api.Assertions.assertThatIllegalStateException; -import static org.assertj.core.api.Assertions.assertThatNullPointerException; /** * @author Rob Winch @@ -475,7 +474,7 @@ public class ClientRegistrationsTests { @Test public void issuerWhenOidcConfigurationResponseMissingJwksUriThenThrowsIllegalArgumentException() throws Exception { this.response.remove("jwks_uri"); - assertThatNullPointerException().isThrownBy(() -> registration(this.response).build()); + assertThatIllegalArgumentException().isThrownBy(() -> registration(this.response).build()); } @Test