Remove unused OAuth2AuthorizationService from OAuth2TokenEndpointFilter

This commit is contained in:
Joe Grandja 2020-12-11 11:48:59 -05:00
parent 259b55f682
commit 42a89d15b1
3 changed files with 7 additions and 27 deletions

View File

@ -243,7 +243,6 @@ public final class OAuth2AuthorizationServerConfigurer<B extends HttpSecurityBui
OAuth2TokenEndpointFilter tokenEndpointFilter =
new OAuth2TokenEndpointFilter(
authenticationManager,
getAuthorizationService(builder),
providerSettings.tokenEndpoint());
builder.addFilterAfter(postProcess(tokenEndpointFilter), FilterSecurityInterceptor.class);

View File

@ -33,7 +33,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenRespon
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
@ -79,7 +78,7 @@ import java.util.stream.Collectors;
*
* <p>
* The default endpoint {@code URI} {@code /oauth2/token} may be overridden
* via the constructor {@link #OAuth2TokenEndpointFilter(AuthenticationManager, OAuth2AuthorizationService, String)}.
* via the constructor {@link #OAuth2TokenEndpointFilter(AuthenticationManager, String)}.
*
* @author Joe Grandja
* @author Madhu Bhat
@ -89,7 +88,6 @@ import java.util.stream.Collectors;
* @see OAuth2AuthorizationCodeAuthenticationProvider
* @see OAuth2RefreshTokenAuthenticationProvider
* @see OAuth2ClientCredentialsAuthenticationProvider
* @see OAuth2AuthorizationService
* @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-3.2">Section 3.2 Token Endpoint</a>
*/
public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
@ -99,7 +97,6 @@ public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
public static final String DEFAULT_TOKEN_ENDPOINT_URI = "/oauth2/token";
private final AuthenticationManager authenticationManager;
private final OAuth2AuthorizationService authorizationService;
private final RequestMatcher tokenEndpointMatcher;
private final Converter<HttpServletRequest, Authentication> authorizationGrantAuthenticationConverter;
private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
@ -111,27 +108,21 @@ public class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
* Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
*
* @param authenticationManager the authentication manager
* @param authorizationService the authorization service
*/
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager,
OAuth2AuthorizationService authorizationService) {
this(authenticationManager, authorizationService, DEFAULT_TOKEN_ENDPOINT_URI);
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager) {
this(authenticationManager, DEFAULT_TOKEN_ENDPOINT_URI);
}
/**
* Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
*
* @param authenticationManager the authentication manager
* @param authorizationService the authorization service
* @param tokenEndpointUri the endpoint {@code URI} for access token requests
*/
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager,
OAuth2AuthorizationService authorizationService, String tokenEndpointUri) {
public OAuth2TokenEndpointFilter(AuthenticationManager authenticationManager, String tokenEndpointUri) {
Assert.notNull(authenticationManager, "authenticationManager cannot be null");
Assert.notNull(authorizationService, "authorizationService cannot be null");
Assert.hasText(tokenEndpointUri, "tokenEndpointUri cannot be empty");
this.authenticationManager = authenticationManager;
this.authorizationService = authorizationService;
this.tokenEndpointMatcher = new AntPathRequestMatcher(tokenEndpointUri, HttpMethod.POST.name());
Map<AuthorizationGrantType, Converter<HttpServletRequest, Authentication>> converters = new HashMap<>();
converters.put(AuthorizationGrantType.AUTHORIZATION_CODE, new AuthorizationCodeAuthenticationConverter());

View File

@ -38,7 +38,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenRespon
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
@ -76,7 +75,6 @@ import static org.mockito.Mockito.when;
*/
public class OAuth2TokenEndpointFilterTests {
private AuthenticationManager authenticationManager;
private OAuth2AuthorizationService authorizationService;
private OAuth2TokenEndpointFilter filter;
private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
new OAuth2ErrorHttpMessageConverter();
@ -86,8 +84,7 @@ public class OAuth2TokenEndpointFilterTests {
@Before
public void setUp() {
this.authenticationManager = mock(AuthenticationManager.class);
this.authorizationService = mock(OAuth2AuthorizationService.class);
this.filter = new OAuth2TokenEndpointFilter(this.authenticationManager, this.authorizationService);
this.filter = new OAuth2TokenEndpointFilter(this.authenticationManager);
}
@After
@ -97,21 +94,14 @@ public class OAuth2TokenEndpointFilterTests {
@Test
public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(null, this.authorizationService))
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(null, "tokenEndpointUri"))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authenticationManager cannot be null");
}
@Test
public void constructorWhenAuthorizationServiceNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("authorizationService cannot be null");
}
@Test
public void constructorWhenTokenEndpointUriNullThenThrowIllegalArgumentException() {
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, this.authorizationService, null))
assertThatThrownBy(() -> new OAuth2TokenEndpointFilter(this.authenticationManager, null))
.isInstanceOf(IllegalArgumentException.class)
.hasMessage("tokenEndpointUri cannot be empty");
}