Remove unused OAuth2AuthorizationService from OAuth2TokenEndpointFilter
This commit is contained in:
parent
259b55f682
commit
42a89d15b1
@ -243,7 +243,6 @@ public final class OAuth2AuthorizationServerConfigurer<B extends HttpSecurityBui
|
|||||||
OAuth2TokenEndpointFilter tokenEndpointFilter =
|
OAuth2TokenEndpointFilter tokenEndpointFilter =
|
||||||
new OAuth2TokenEndpointFilter(
|
new OAuth2TokenEndpointFilter(
|
||||||
authenticationManager,
|
authenticationManager,
|
||||||
getAuthorizationService(builder),
|
|
||||||
providerSettings.tokenEndpoint());
|
providerSettings.tokenEndpoint());
|
||||||
builder.addFilterAfter(postProcess(tokenEndpointFilter), FilterSecurityInterceptor.class);
|
builder.addFilterAfter(postProcess(tokenEndpointFilter), FilterSecurityInterceptor.class);
|
||||||
|
|
||||||
|
@ -33,7 +33,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenRespon
|
|||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
||||||
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
|
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider;
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
|
||||||
@ -79,7 +78,7 @@ import java.util.stream.Collectors;
|
|||||||
*
|
*
|
||||||
* <p>
|
* <p>
|
||||||
* The default endpoint {@code URI} {@code /oauth2/token} may be overridden
|
* The default endpoint {@code URI} {@code /oauth2/token} may be overridden
|
||||||
* via the constructor {@link #OAuth2TokenEndpointFilter(AuthenticationManager, OAuth2AuthorizationService, String)}.
|
* via the constructor {@link #OAuth2TokenEndpointFilter(AuthenticationManager, String)}.
|
||||||
*
|
*
|
||||||
* @author Joe Grandja
|
* @author Joe Grandja
|
||||||
* @author Madhu Bhat
|
* @author Madhu Bhat
|
||||||
@ -89,7 +88,6 @@ import java.util.stream.Collectors;
|
|||||||
* @see OAuth2AuthorizationCodeAuthenticationProvider
|
* @see OAuth2AuthorizationCodeAuthenticationProvider
|
||||||
* @see OAuth2RefreshTokenAuthenticationProvider
|
* @see OAuth2RefreshTokenAuthenticationProvider
|
||||||
* @see OAuth2ClientCredentialsAuthenticationProvider
|
* @see OAuth2ClientCredentialsAuthenticationProvider
|
||||||
* @see OAuth2AuthorizationService
|
|
||||||
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-3.2">Section 3.2 Token Endpoint</a>
|
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-3.2">Section 3.2 Token Endpoint</a>
|
||||||
*/
|
*/
|
||||||
public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
|
public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
|
||||||
@ -99,7 +97,6 @@ public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
|
|||||||
public static final String DEFAULT_TOKEN_ENDPOINT_URI = "/oauth2/token";
|
public static final String DEFAULT_TOKEN_ENDPOINT_URI = "/oauth2/token";
|
||||||
|
|
||||||
private final AuthenticationManager authenticationManager;
|
private final AuthenticationManager authenticationManager;
|
||||||
private final OAuth2AuthorizationService authorizationService;
|
|
||||||
private final RequestMatcher tokenEndpointMatcher;
|
private final RequestMatcher tokenEndpointMatcher;
|
||||||
private final Converter<HttpServletRequest, Authentication> authorizationGrantAuthenticationConverter;
|
private final Converter<HttpServletRequest, Authentication> authorizationGrantAuthenticationConverter;
|
||||||
private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
|
private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
|
||||||
@ -111,27 +108,21 @@ public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
|
|||||||
* Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
|
* Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
|
||||||
*
|
*
|
||||||
* @param authenticationManager the authentication manager
|
* @param authenticationManager the authentication manager
|
||||||
* @param authorizationService the authorization service
|
|
||||||
*/
|
*/
|
||||||
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager,
|
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager) {
|
||||||
OAuth2AuthorizationService authorizationService) {
|
this(authenticationManager, DEFAULT_TOKEN_ENDPOINT_URI);
|
||||||
this(authenticationManager, authorizationService, DEFAULT_TOKEN_ENDPOINT_URI);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
|
* Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
|
||||||
*
|
*
|
||||||
* @param authenticationManager the authentication manager
|
* @param authenticationManager the authentication manager
|
||||||
* @param authorizationService the authorization service
|
|
||||||
* @param tokenEndpointUri the endpoint {@code URI} for access token requests
|
* @param tokenEndpointUri the endpoint {@code URI} for access token requests
|
||||||
*/
|
*/
|
||||||
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager,
|
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager, String tokenEndpointUri) {
|
||||||
OAuth2AuthorizationService authorizationService, String tokenEndpointUri) {
|
|
||||||
Assert.notNull(authenticationManager, "authenticationManager cannot be null");
|
Assert.notNull(authenticationManager, "authenticationManager cannot be null");
|
||||||
Assert.notNull(authorizationService, "authorizationService cannot be null");
|
|
||||||
Assert.hasText(tokenEndpointUri, "tokenEndpointUri cannot be empty");
|
Assert.hasText(tokenEndpointUri, "tokenEndpointUri cannot be empty");
|
||||||
this.authenticationManager = authenticationManager;
|
this.authenticationManager = authenticationManager;
|
||||||
this.authorizationService = authorizationService;
|
|
||||||
this.tokenEndpointMatcher = new AntPathRequestMatcher(tokenEndpointUri, HttpMethod.POST.name());
|
this.tokenEndpointMatcher = new AntPathRequestMatcher(tokenEndpointUri, HttpMethod.POST.name());
|
||||||
Map<AuthorizationGrantType, Converter<HttpServletRequest, Authentication>> converters = new HashMap<>();
|
Map<AuthorizationGrantType, Converter<HttpServletRequest, Authentication>> converters = new HashMap<>();
|
||||||
converters.put(AuthorizationGrantType.AUTHORIZATION_CODE, new AuthorizationCodeAuthenticationConverter());
|
converters.put(AuthorizationGrantType.AUTHORIZATION_CODE, new AuthorizationCodeAuthenticationConverter());
|
||||||
|
@ -38,7 +38,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenRespon
|
|||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
||||||
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
|
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
|
||||||
@ -76,7 +75,6 @@ import static org.mockito.Mockito.when;
|
|||||||
*/
|
*/
|
||||||
public class OAuth2TokenEndpointFilterTests {
|
public class OAuth2TokenEndpointFilterTests {
|
||||||
private AuthenticationManager authenticationManager;
|
private AuthenticationManager authenticationManager;
|
||||||
private OAuth2AuthorizationService authorizationService;
|
|
||||||
private OAuth2TokenEndpointFilter filter;
|
private OAuth2TokenEndpointFilter filter;
|
||||||
private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
|
private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
|
||||||
new OAuth2ErrorHttpMessageConverter();
|
new OAuth2ErrorHttpMessageConverter();
|
||||||
@ -86,8 +84,7 @@ public class OAuth2TokenEndpointFilterTests {
|
|||||||
@Before
|
@Before
|
||||||
public void setUp() {
|
public void setUp() {
|
||||||
this.authenticationManager = mock(AuthenticationManager.class);
|
this.authenticationManager = mock(AuthenticationManager.class);
|
||||||
this.authorizationService = mock(OAuth2AuthorizationService.class);
|
this.filter = new OAuth2TokenEndpointFilter(this.authenticationManager);
|
||||||
this.filter = new OAuth2TokenEndpointFilter(this.authenticationManager, this.authorizationService);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@After
|
@After
|
||||||
@ -97,21 +94,14 @@ public class OAuth2TokenEndpointFilterTests {
|
|||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
|
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
|
||||||
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(null, this.authorizationService))
|
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(null, "tokenEndpointUri"))
|
||||||
.isInstanceOf(IllegalArgumentException.class)
|
.isInstanceOf(IllegalArgumentException.class)
|
||||||
.hasMessage("authenticationManager cannot be null");
|
.hasMessage("authenticationManager cannot be null");
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
|
||||||
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
|
|
||||||
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, null))
|
|
||||||
.isInstanceOf(IllegalArgumentException.class)
|
|
||||||
.hasMessage("authorizationService cannot be null");
|
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void constructorWhenTokenEndpointUriNullThenThrowIllegalArgumentException() {
|
public void constructorWhenTokenEndpointUriNullThenThrowIllegalArgumentException() {
|
||||||
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, this.authorizationService, null))
|
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, null))
|
||||||
.isInstanceOf(IllegalArgumentException.class)
|
.isInstanceOf(IllegalArgumentException.class)
|
||||||
.hasMessage("tokenEndpointUri cannot be empty");
|
.hasMessage("tokenEndpointUri cannot be empty");
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user