Add OAuth2AuthorizationAttributeNames

Issue gh-43
This commit is contained in:
Joe Grandja 2020-05-21 05:46:59 -04:00
parent fbc98d511c
commit cf70ddbf98
7 changed files with 55 additions and 15 deletions

View File

@ -15,7 +15,6 @@
*/ */
package org.springframework.security.oauth2.server.authorization; package org.springframework.security.oauth2.server.authorization;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import java.util.List; import java.util.List;
@ -66,7 +65,7 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
private boolean hasToken(OAuth2Authorization authorization, String token, TokenType tokenType) { private boolean hasToken(OAuth2Authorization authorization, String token, TokenType tokenType) {
if (TokenType.AUTHORIZATION_CODE.equals(tokenType)) { if (TokenType.AUTHORIZATION_CODE.equals(tokenType)) {
return token.equals(authorization.getAttributes().get(OAuth2ParameterNames.class.getName().concat(".CODE"))); return token.equals(authorization.getAttribute(OAuth2AuthorizationAttributeNames.CODE));
} else if (TokenType.ACCESS_TOKEN.equals(tokenType)) { } else if (TokenType.ACCESS_TOKEN.equals(tokenType)) {
return authorization.getAccessToken() != null && return authorization.getAccessToken() != null &&
authorization.getAccessToken().getTokenValue().equals(token); authorization.getAccessToken().getTokenValue().equals(token);

View File

@ -16,7 +16,6 @@
package org.springframework.security.oauth2.server.authorization; package org.springframework.security.oauth2.server.authorization;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.util.Assert; import org.springframework.util.Assert;
@ -197,7 +196,7 @@ public class OAuth2Authorization implements Serializable {
*/ */
public OAuth2Authorization build() { public OAuth2Authorization build() {
Assert.hasText(this.principalName, "principalName cannot be empty"); Assert.hasText(this.principalName, "principalName cannot be empty");
Assert.notNull(this.attributes.get(OAuth2ParameterNames.class.getName().concat(".CODE")), "authorization code cannot be null"); Assert.notNull(this.attributes.get(OAuth2AuthorizationAttributeNames.CODE), "authorization code cannot be null");
OAuth2Authorization authorization = new OAuth2Authorization(); OAuth2Authorization authorization = new OAuth2Authorization();
authorization.registeredClientId = this.registeredClientId; authorization.registeredClientId = this.registeredClientId;

View File

@ -0,0 +1,42 @@
/*
* Copyright 2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.server.authorization;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
/**
* The name of the attributes that may be contained in the
* {@link OAuth2Authorization#getAttributes()} {@code Map}.
*
* @author Joe Grandja
* @since 0.0.1
* @see OAuth2Authorization#getAttributes()
*/
public interface OAuth2AuthorizationAttributeNames {
/**
* The name of the attribute used for the {@link OAuth2ParameterNames#CODE} parameter.
*/
String CODE = OAuth2Authorization.class.getName().concat(".CODE");
/**
* The name of the attribute used for the {@link OAuth2AuthorizationRequest}.
*/
String AUTHORIZATION_REQUEST = OAuth2Authorization.class.getName().concat(".AUTHORIZATION_REQUEST");
}

View File

@ -29,6 +29,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
@ -184,8 +185,8 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(registeredClient) OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(registeredClient)
.principalName(principal.getName()) .principalName(principal.getName())
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), code) .attribute(OAuth2AuthorizationAttributeNames.CODE, code)
.attribute(OAuth2AuthorizationRequest.class.getName(), authorizationRequest) .attribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST, authorizationRequest)
.build(); .build();
this.authorizationService.save(authorization); this.authorizationService.save(authorization);

View File

@ -18,7 +18,6 @@ package org.springframework.security.oauth2.server.authorization;
import org.junit.Before; import org.junit.Before;
import org.junit.Test; import org.junit.Test;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
@ -62,7 +61,7 @@ public class InMemoryOAuth2AuthorizationServiceTests {
public void saveWhenAuthorizationProvidedThenSaved() { public void saveWhenAuthorizationProvidedThenSaved() {
OAuth2Authorization expectedAuthorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT) OAuth2Authorization expectedAuthorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
.principalName(PRINCIPAL_NAME) .principalName(PRINCIPAL_NAME)
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE) .attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
.build(); .build();
this.authorizationService.save(expectedAuthorization); this.authorizationService.save(expectedAuthorization);
@ -89,7 +88,7 @@ public class InMemoryOAuth2AuthorizationServiceTests {
public void findByTokenAndTokenTypeWhenTokenTypeAuthorizationCodeThenFound() { public void findByTokenAndTokenTypeWhenTokenTypeAuthorizationCodeThenFound() {
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT) OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
.principalName(PRINCIPAL_NAME) .principalName(PRINCIPAL_NAME)
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE) .attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
.build(); .build();
this.authorizationService = new InMemoryOAuth2AuthorizationService(Collections.singletonList(authorization)); this.authorizationService = new InMemoryOAuth2AuthorizationService(Collections.singletonList(authorization));
@ -104,7 +103,7 @@ public class InMemoryOAuth2AuthorizationServiceTests {
"access-token", Instant.now().minusSeconds(60), Instant.now()); "access-token", Instant.now().minusSeconds(60), Instant.now());
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT) OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
.principalName(PRINCIPAL_NAME) .principalName(PRINCIPAL_NAME)
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE) .attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
.accessToken(accessToken) .accessToken(accessToken)
.build(); .build();
this.authorizationService.save(authorization); this.authorizationService.save(authorization);

View File

@ -17,7 +17,6 @@ package org.springframework.security.oauth2.server.authorization;
import org.junit.Test; import org.junit.Test;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients; import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
@ -85,13 +84,13 @@ public class OAuth2AuthorizationTests {
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT) OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
.principalName(PRINCIPAL_NAME) .principalName(PRINCIPAL_NAME)
.accessToken(ACCESS_TOKEN) .accessToken(ACCESS_TOKEN)
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE) .attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
.build(); .build();
assertThat(authorization.getRegisteredClientId()).isEqualTo(REGISTERED_CLIENT.getId()); assertThat(authorization.getRegisteredClientId()).isEqualTo(REGISTERED_CLIENT.getId());
assertThat(authorization.getPrincipalName()).isEqualTo(PRINCIPAL_NAME); assertThat(authorization.getPrincipalName()).isEqualTo(PRINCIPAL_NAME);
assertThat(authorization.getAccessToken()).isEqualTo(ACCESS_TOKEN); assertThat(authorization.getAccessToken()).isEqualTo(ACCESS_TOKEN);
assertThat(authorization.getAttributes()).containsExactly( assertThat(authorization.getAttributes()).containsExactly(
entry(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE)); entry(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE));
} }
} }

View File

@ -30,6 +30,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType; import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient; import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository; import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
@ -365,10 +366,10 @@ public class OAuth2AuthorizationEndpointFilterTests {
assertThat(authorization.getRegisteredClientId()).isEqualTo(registeredClient.getId()); assertThat(authorization.getRegisteredClientId()).isEqualTo(registeredClient.getId());
assertThat(authorization.getPrincipalName()).isEqualTo(this.authentication.getPrincipal().toString()); assertThat(authorization.getPrincipalName()).isEqualTo(this.authentication.getPrincipal().toString());
String code = authorization.getAttribute(OAuth2ParameterNames.class.getName().concat(".CODE")); String code = authorization.getAttribute(OAuth2AuthorizationAttributeNames.CODE);
assertThat(code).isNotNull(); assertThat(code).isNotNull();
OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName()); OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
assertThat(authorizationRequest).isNotNull(); assertThat(authorizationRequest).isNotNull();
assertThat(authorizationRequest.getAuthorizationUri()).isEqualTo("http://localhost/oauth2/authorize"); assertThat(authorizationRequest.getAuthorizationUri()).isEqualTo("http://localhost/oauth2/authorize");
assertThat(authorizationRequest.getGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE); assertThat(authorizationRequest.getGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);