Polish gh-117

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/RegisteredClient.java

@@ -182,8 +182,8 @@ public class RegisteredClient implements Serializable {
 		private Set<AuthorizationGrantType> authorizationGrantTypes = new LinkedHashSet<>();
 		private Set<String> redirectUris = new LinkedHashSet<>();
 		private Set<String> scopes = new LinkedHashSet<>();
-		private ClientSettings clientSettings;
-		private TokenSettings tokenSettings;
+		private ClientSettings clientSettings = new ClientSettings();
+		private TokenSettings tokenSettings = new TokenSettings();
 
 		protected Builder(String id) {
 			this.id = id;
@@ -337,24 +337,26 @@ public class RegisteredClient implements Serializable {
 		}
 
 		/**
-		 * Sets the {@link ClientSettings client configuration settings}.
+		 * A {@link Consumer} of the client configuration settings,
+		 * allowing the ability to add, replace, or remove.
 		 *
-		 * @param clientSettings the client configuration settings
+		 * @param clientSettingsConsumer a {@link Consumer} of the client configuration settings
 		 * @return the {@link Builder}
 		 */
-		public Builder clientSettings(ClientSettings clientSettings) {
-			this.clientSettings = clientSettings;
+		public Builder clientSettings(Consumer<ClientSettings> clientSettingsConsumer) {
+			clientSettingsConsumer.accept(this.clientSettings);
 			return this;
 		}
 
 		/**
-		 * Sets the {@link TokenSettings token configuration settings}.
+		 * A {@link Consumer} of the token configuration settings,
+		 * allowing the ability to add, replace, or remove.
 		 *
-		 * @param tokenSettings the token configuration settings
+		 * @param tokenSettingsConsumer a {@link Consumer} of the token configuration settings
 		 * @return the {@link Builder}
 		 */
-		public Builder tokenSettings(TokenSettings tokenSettings) {
-			this.tokenSettings = tokenSettings;
+		public Builder tokenSettings(Consumer<TokenSettings> tokenSettingsConsumer) {
+			tokenSettingsConsumer.accept(this.tokenSettings);
 			return this;
 		}
 
@@ -388,8 +390,8 @@ public class RegisteredClient implements Serializable {
 			registeredClient.authorizationGrantTypes = Collections.unmodifiableSet(this.authorizationGrantTypes);
 			registeredClient.redirectUris = Collections.unmodifiableSet(this.redirectUris);
 			registeredClient.scopes = Collections.unmodifiableSet(this.scopes);
-			registeredClient.clientSettings = this.clientSettings != null ? this.clientSettings : new ClientSettings();
-			registeredClient.tokenSettings = this.tokenSettings != null ? this.tokenSettings : new TokenSettings();
+			registeredClient.clientSettings = this.clientSettings;
+			registeredClient.tokenSettings = this.tokenSettings;
 
 			return registeredClient;
 		}

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java

@@ -41,7 +41,6 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
-import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
 import org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter;
 import org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter;
 import org.springframework.test.web.servlet.MockMvc;
@@ -179,7 +178,7 @@ public class OAuth2AuthorizationCodeGrantTests {
 
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
 				.clientSecret(null)
-				.clientSettings(new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 				.thenReturn(registeredClient);

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientAuthenticationProviderTests.java

@@ -29,7 +29,6 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
-import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -179,8 +178,7 @@ public class OAuth2ClientAuthenticationProviderTests {
 	@Test
 	public void authenticateWhenPkceAndRequireProofKeyAndMissingCodeChallengeThenThrowOAuth2AuthenticationException() {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(
-						new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 				.thenReturn(registeredClient);

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilterTests.java

@@ -40,7 +40,6 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
-import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
 import org.springframework.util.StringUtils;
 
 import javax.servlet.FilterChain;
@@ -269,7 +268,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
 	@Test
 	public void doFilterWhenPkceRequiredAndMissingCodeChallengeThenInvalidRequestError() throws Exception {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
 				.thenReturn(registeredClient);
@@ -288,7 +287,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
 	@Test
 	public void doFilterWhenPkceRequiredAndMultipleCodeChallengeThenInvalidRequestError() throws Exception {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
 				.thenReturn(registeredClient);
@@ -324,7 +323,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
 	@Test
 	public void doFilterWhenPkceRequiredAndMultipleCodeChallengeMethodThenInvalidRequestError() throws Exception {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
 				.thenReturn(registeredClient);
@@ -360,7 +359,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
 	@Test
 	public void doFilterWhenPkceRequiredAndUnsupportedCodeChallengeMethodThenInvalidRequestError() throws Exception {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
 				.thenReturn(registeredClient);
@@ -457,7 +456,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
 	@Test
 	public void doFilterWhenPkceRequiredAndAuthorizationRequestValidThenAuthorizationResponse() throws Exception {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(new ClientSettings().requireProofKey(true))
+				.clientSettings(clientSettings -> clientSettings.requireProofKey(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
 				.thenReturn(registeredClient);
@@ -503,7 +502,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
 	@Test
 	public void doFilterWhenUserConsentRequiredAndAuthorizationRequestValidThenUserConsentResponse() throws Exception {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(new ClientSettings().requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
 				.thenReturn(registeredClient);

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java

@@ -29,7 +29,6 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
-import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 
 import java.util.UUID;
@@ -54,7 +53,7 @@ public class AuthorizationServerConfig {
 				.redirectUri("http://localhost:8080/authorized")
 				.scope("message.read")
 				.scope("message.write")
-				.clientSettings(new ClientSettings().requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
 				.build();
 		return new InMemoryRegisteredClientRepository(registeredClient);
 	}