cubetiq/spring-authorization-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Polish gh-117

Browse Source
This commit is contained in:
Joe Grandja 2020-10-09 16:01:25 -04:00
parent f0013fc062
commit 628c8bece3
5 changed files with 23 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/RegisteredClient.java
View File

@ -182,8 +182,8 @@ public class RegisteredClient implements Serializable {
private Set<AuthorizationGrantType> authorizationGrantTypes = new LinkedHashSet<>(); private Set<AuthorizationGrantType> authorizationGrantTypes = new LinkedHashSet<>();
private Set<String> redirectUris = new LinkedHashSet<>(); private Set<String> redirectUris = new LinkedHashSet<>();
private Set<String> scopes = new LinkedHashSet<>(); private Set<String> scopes = new LinkedHashSet<>();
private ClientSettings clientSettings; private ClientSettings clientSettings = new ClientSettings();
private TokenSettings tokenSettings; private TokenSettings tokenSettings = new TokenSettings();
protected Builder(String id) { protected Builder(String id) {
this.id = id; this.id = id;
@ -337,24 +337,26 @@ public class RegisteredClient implements Serializable {
} }
/** /**
* Sets the {@link ClientSettings client configuration settings}. * A {@link Consumer} of the client configuration settings,
* allowing the ability to add, replace, or remove.
* *
* @param clientSettings the client configuration settings * @param clientSettingsConsumer a {@link Consumer} of the client configuration settings
* @return the {@link Builder} * @return the {@link Builder}
*/ */
public Builder clientSettings(ClientSettings clientSettings) { public Builder clientSettings(Consumer<ClientSettings> clientSettingsConsumer) {
this.clientSettings = clientSettings; clientSettingsConsumer.accept(this.clientSettings);
return this; return this;
} }
/** /**
* Sets the {@link TokenSettings token configuration settings}. * A {@link Consumer} of the token configuration settings,
* allowing the ability to add, replace, or remove.
* *
* @param tokenSettings the token configuration settings * @param tokenSettingsConsumer a {@link Consumer} of the token configuration settings
* @return the {@link Builder} * @return the {@link Builder}
*/ */
public Builder tokenSettings(TokenSettings tokenSettings) { public Builder tokenSettings(Consumer<TokenSettings> tokenSettingsConsumer) {
this.tokenSettings = tokenSettings; tokenSettingsConsumer.accept(this.tokenSettings);
return this; return this;
} }
@ -388,8 +390,8 @@ public class RegisteredClient implements Serializable {
registeredClient.authorizationGrantTypes = Collections.unmodifiableSet(this.authorizationGrantTypes); registeredClient.authorizationGrantTypes = Collections.unmodifiableSet(this.authorizationGrantTypes);
registeredClient.redirectUris = Collections.unmodifiableSet(this.redirectUris); registeredClient.redirectUris = Collections.unmodifiableSet(this.redirectUris);
registeredClient.scopes = Collections.unmodifiableSet(this.scopes); registeredClient.scopes = Collections.unmodifiableSet(this.scopes);
registeredClient.clientSettings = this.clientSettings != null ? this.clientSettings : new ClientSettings(); registeredClient.clientSettings = this.clientSettings;
registeredClient.tokenSettings = this.tokenSettings != null ? this.tokenSettings : new TokenSettings(); registeredClient.tokenSettings = this.tokenSettings;
return registeredClient; return registeredClient;
} }

3
oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java
View File

@ -41,7 +41,6 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
import org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter; import org.springframework.security.oauth2.server.authorization.web.OAuth2AuthorizationEndpointFilter;
import org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter; import org.springframework.security.oauth2.server.authorization.web.OAuth2TokenEndpointFilter;
import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.MockMvc;
@ -179,7 +178,7 @@ public class OAuth2AuthorizationCodeGrantTests {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSecret(null) .clientSecret(null)
.clientSettings(new ClientSettings().requireProofKey(true)) .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
.build(); .build();
when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) when(registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
.thenReturn(registeredClient); .thenReturn(registeredClient);

4
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientAuthenticationProviderTests.java
View File

@ -29,7 +29,6 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -179,8 +178,7 @@ public class OAuth2ClientAuthenticationProviderTests {
@Test @Test
public void authenticateWhenPkceAndRequireProofKeyAndMissingCodeChallengeThenThrowOAuth2AuthenticationException() { public void authenticateWhenPkceAndRequireProofKeyAndMissingCodeChallengeThenThrowOAuth2AuthenticationException() {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings( .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
new ClientSettings().requireProofKey(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))) when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
.thenReturn(registeredClient); .thenReturn(registeredClient);

13
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilterTests.java
View File

@ -40,7 +40,6 @@ import org.springframework.security.oauth2.server.authorization.TokenType;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import javax.servlet.FilterChain; import javax.servlet.FilterChain;
@ -269,7 +268,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test @Test
public void doFilterWhenPkceRequiredAndMissingCodeChallengeThenInvalidRequestError() throws Exception { public void doFilterWhenPkceRequiredAndMissingCodeChallengeThenInvalidRequestError() throws Exception {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings(new ClientSettings().requireProofKey(true)) .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId())))) when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
.thenReturn(registeredClient); .thenReturn(registeredClient);
@ -288,7 +287,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test @Test
public void doFilterWhenPkceRequiredAndMultipleCodeChallengeThenInvalidRequestError() throws Exception { public void doFilterWhenPkceRequiredAndMultipleCodeChallengeThenInvalidRequestError() throws Exception {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings(new ClientSettings().requireProofKey(true)) .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId())))) when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
.thenReturn(registeredClient); .thenReturn(registeredClient);
@ -324,7 +323,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test @Test
public void doFilterWhenPkceRequiredAndMultipleCodeChallengeMethodThenInvalidRequestError() throws Exception { public void doFilterWhenPkceRequiredAndMultipleCodeChallengeMethodThenInvalidRequestError() throws Exception {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings(new ClientSettings().requireProofKey(true)) .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId())))) when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
.thenReturn(registeredClient); .thenReturn(registeredClient);
@ -360,7 +359,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test @Test
public void doFilterWhenPkceRequiredAndUnsupportedCodeChallengeMethodThenInvalidRequestError() throws Exception { public void doFilterWhenPkceRequiredAndUnsupportedCodeChallengeMethodThenInvalidRequestError() throws Exception {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings(new ClientSettings().requireProofKey(true)) .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId())))) when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
.thenReturn(registeredClient); .thenReturn(registeredClient);
@ -457,7 +456,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test @Test
public void doFilterWhenPkceRequiredAndAuthorizationRequestValidThenAuthorizationResponse() throws Exception { public void doFilterWhenPkceRequiredAndAuthorizationRequestValidThenAuthorizationResponse() throws Exception {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings(new ClientSettings().requireProofKey(true)) .clientSettings(clientSettings -> clientSettings.requireProofKey(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId())))) when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
.thenReturn(registeredClient); .thenReturn(registeredClient);
@ -503,7 +502,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
@Test @Test
public void doFilterWhenUserConsentRequiredAndAuthorizationRequestValidThenUserConsentResponse() throws Exception { public void doFilterWhenUserConsentRequiredAndAuthorizationRequestValidThenUserConsentResponse() throws Exception {
RegisteredClient registeredClient = TestRegisteredClients.registeredClient() RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
.clientSettings(new ClientSettings().requireUserConsent(true)) .clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
.build(); .build();
when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId())))) when(this.registeredClientRepository.findByClientId((eq(registeredClient.getClientId()))))
.thenReturn(registeredClient); .thenReturn(registeredClient);

3
samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
View File

@ -29,7 +29,6 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
import org.springframework.security.provisioning.InMemoryUserDetailsManager; import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import java.util.UUID; import java.util.UUID;
@ -54,7 +53,7 @@ public class AuthorizationServerConfig {
.redirectUri("http://localhost:8080/authorized") .redirectUri("http://localhost:8080/authorized")
.scope("message.read") .scope("message.read")
.scope("message.write") .scope("message.write")
.clientSettings(new ClientSettings().requireUserConsent(true)) .clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
.build(); .build();
return new InMemoryRegisteredClientRepository(registeredClient); return new InMemoryRegisteredClientRepository(registeredClient);
} }