Add OAuth2AuthorizationAttributeNames
Issue gh-43
This commit is contained in:
parent
fbc98d511c
commit
cf70ddbf98
@ -15,7 +15,6 @@
|
|||||||
*/
|
*/
|
||||||
package org.springframework.security.oauth2.server.authorization;
|
package org.springframework.security.oauth2.server.authorization;
|
||||||
|
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@ -66,7 +65,7 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
|
|||||||
|
|
||||||
private boolean hasToken(OAuth2Authorization authorization, String token, TokenType tokenType) {
|
private boolean hasToken(OAuth2Authorization authorization, String token, TokenType tokenType) {
|
||||||
if (TokenType.AUTHORIZATION_CODE.equals(tokenType)) {
|
if (TokenType.AUTHORIZATION_CODE.equals(tokenType)) {
|
||||||
return token.equals(authorization.getAttributes().get(OAuth2ParameterNames.class.getName().concat(".CODE")));
|
return token.equals(authorization.getAttribute(OAuth2AuthorizationAttributeNames.CODE));
|
||||||
} else if (TokenType.ACCESS_TOKEN.equals(tokenType)) {
|
} else if (TokenType.ACCESS_TOKEN.equals(tokenType)) {
|
||||||
return authorization.getAccessToken() != null &&
|
return authorization.getAccessToken() != null &&
|
||||||
authorization.getAccessToken().getTokenValue().equals(token);
|
authorization.getAccessToken().getTokenValue().equals(token);
|
||||||
|
@ -16,7 +16,6 @@
|
|||||||
package org.springframework.security.oauth2.server.authorization;
|
package org.springframework.security.oauth2.server.authorization;
|
||||||
|
|
||||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
@ -197,7 +196,7 @@ public class OAuth2Authorization implements Serializable {
|
|||||||
*/
|
*/
|
||||||
public OAuth2Authorization build() {
|
public OAuth2Authorization build() {
|
||||||
Assert.hasText(this.principalName, "principalName cannot be empty");
|
Assert.hasText(this.principalName, "principalName cannot be empty");
|
||||||
Assert.notNull(this.attributes.get(OAuth2ParameterNames.class.getName().concat(".CODE")), "authorization code cannot be null");
|
Assert.notNull(this.attributes.get(OAuth2AuthorizationAttributeNames.CODE), "authorization code cannot be null");
|
||||||
|
|
||||||
OAuth2Authorization authorization = new OAuth2Authorization();
|
OAuth2Authorization authorization = new OAuth2Authorization();
|
||||||
authorization.registeredClientId = this.registeredClientId;
|
authorization.registeredClientId = this.registeredClientId;
|
||||||
|
@ -0,0 +1,42 @@
|
|||||||
|
/*
|
||||||
|
* Copyright 2020 the original author or authors.
|
||||||
|
*
|
||||||
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
* you may not use this file except in compliance with the License.
|
||||||
|
* You may obtain a copy of the License at
|
||||||
|
*
|
||||||
|
* https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
*
|
||||||
|
* Unless required by applicable law or agreed to in writing, software
|
||||||
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
* See the License for the specific language governing permissions and
|
||||||
|
* limitations under the License.
|
||||||
|
*/
|
||||||
|
package org.springframework.security.oauth2.server.authorization;
|
||||||
|
|
||||||
|
|
||||||
|
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
|
||||||
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The name of the attributes that may be contained in the
|
||||||
|
* {@link OAuth2Authorization#getAttributes()} {@code Map}.
|
||||||
|
*
|
||||||
|
* @author Joe Grandja
|
||||||
|
* @since 0.0.1
|
||||||
|
* @see OAuth2Authorization#getAttributes()
|
||||||
|
*/
|
||||||
|
public interface OAuth2AuthorizationAttributeNames {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The name of the attribute used for the {@link OAuth2ParameterNames#CODE} parameter.
|
||||||
|
*/
|
||||||
|
String CODE = OAuth2Authorization.class.getName().concat(".CODE");
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The name of the attribute used for the {@link OAuth2AuthorizationRequest}.
|
||||||
|
*/
|
||||||
|
String AUTHORIZATION_REQUEST = OAuth2Authorization.class.getName().concat(".AUTHORIZATION_REQUEST");
|
||||||
|
|
||||||
|
}
|
@ -29,6 +29,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
|
|||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
||||||
@ -184,8 +185,8 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
|
|||||||
|
|
||||||
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(registeredClient)
|
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(registeredClient)
|
||||||
.principalName(principal.getName())
|
.principalName(principal.getName())
|
||||||
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), code)
|
.attribute(OAuth2AuthorizationAttributeNames.CODE, code)
|
||||||
.attribute(OAuth2AuthorizationRequest.class.getName(), authorizationRequest)
|
.attribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST, authorizationRequest)
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
this.authorizationService.save(authorization);
|
this.authorizationService.save(authorization);
|
||||||
|
@ -18,7 +18,6 @@ package org.springframework.security.oauth2.server.authorization;
|
|||||||
import org.junit.Before;
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
|
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
|
||||||
|
|
||||||
@ -62,7 +61,7 @@ public class InMemoryOAuth2AuthorizationServiceTests {
|
|||||||
public void saveWhenAuthorizationProvidedThenSaved() {
|
public void saveWhenAuthorizationProvidedThenSaved() {
|
||||||
OAuth2Authorization expectedAuthorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
OAuth2Authorization expectedAuthorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
||||||
.principalName(PRINCIPAL_NAME)
|
.principalName(PRINCIPAL_NAME)
|
||||||
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE)
|
.attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
|
||||||
.build();
|
.build();
|
||||||
this.authorizationService.save(expectedAuthorization);
|
this.authorizationService.save(expectedAuthorization);
|
||||||
|
|
||||||
@ -89,7 +88,7 @@ public class InMemoryOAuth2AuthorizationServiceTests {
|
|||||||
public void findByTokenAndTokenTypeWhenTokenTypeAuthorizationCodeThenFound() {
|
public void findByTokenAndTokenTypeWhenTokenTypeAuthorizationCodeThenFound() {
|
||||||
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
||||||
.principalName(PRINCIPAL_NAME)
|
.principalName(PRINCIPAL_NAME)
|
||||||
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE)
|
.attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
|
||||||
.build();
|
.build();
|
||||||
this.authorizationService = new InMemoryOAuth2AuthorizationService(Collections.singletonList(authorization));
|
this.authorizationService = new InMemoryOAuth2AuthorizationService(Collections.singletonList(authorization));
|
||||||
|
|
||||||
@ -104,7 +103,7 @@ public class InMemoryOAuth2AuthorizationServiceTests {
|
|||||||
"access-token", Instant.now().minusSeconds(60), Instant.now());
|
"access-token", Instant.now().minusSeconds(60), Instant.now());
|
||||||
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
||||||
.principalName(PRINCIPAL_NAME)
|
.principalName(PRINCIPAL_NAME)
|
||||||
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE)
|
.attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
|
||||||
.accessToken(accessToken)
|
.accessToken(accessToken)
|
||||||
.build();
|
.build();
|
||||||
this.authorizationService.save(authorization);
|
this.authorizationService.save(authorization);
|
||||||
|
@ -17,7 +17,6 @@ package org.springframework.security.oauth2.server.authorization;
|
|||||||
|
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
|
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
|
||||||
|
|
||||||
@ -85,13 +84,13 @@ public class OAuth2AuthorizationTests {
|
|||||||
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
|
||||||
.principalName(PRINCIPAL_NAME)
|
.principalName(PRINCIPAL_NAME)
|
||||||
.accessToken(ACCESS_TOKEN)
|
.accessToken(ACCESS_TOKEN)
|
||||||
.attribute(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE)
|
.attribute(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE)
|
||||||
.build();
|
.build();
|
||||||
|
|
||||||
assertThat(authorization.getRegisteredClientId()).isEqualTo(REGISTERED_CLIENT.getId());
|
assertThat(authorization.getRegisteredClientId()).isEqualTo(REGISTERED_CLIENT.getId());
|
||||||
assertThat(authorization.getPrincipalName()).isEqualTo(PRINCIPAL_NAME);
|
assertThat(authorization.getPrincipalName()).isEqualTo(PRINCIPAL_NAME);
|
||||||
assertThat(authorization.getAccessToken()).isEqualTo(ACCESS_TOKEN);
|
assertThat(authorization.getAccessToken()).isEqualTo(ACCESS_TOKEN);
|
||||||
assertThat(authorization.getAttributes()).containsExactly(
|
assertThat(authorization.getAttributes()).containsExactly(
|
||||||
entry(OAuth2ParameterNames.class.getName().concat(".CODE"), AUTHORIZATION_CODE));
|
entry(OAuth2AuthorizationAttributeNames.CODE, AUTHORIZATION_CODE));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -30,6 +30,7 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
|
|||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
||||||
@ -365,10 +366,10 @@ public class OAuth2AuthorizationEndpointFilterTests {
|
|||||||
assertThat(authorization.getRegisteredClientId()).isEqualTo(registeredClient.getId());
|
assertThat(authorization.getRegisteredClientId()).isEqualTo(registeredClient.getId());
|
||||||
assertThat(authorization.getPrincipalName()).isEqualTo(this.authentication.getPrincipal().toString());
|
assertThat(authorization.getPrincipalName()).isEqualTo(this.authentication.getPrincipal().toString());
|
||||||
|
|
||||||
String code = authorization.getAttribute(OAuth2ParameterNames.class.getName().concat(".CODE"));
|
String code = authorization.getAttribute(OAuth2AuthorizationAttributeNames.CODE);
|
||||||
assertThat(code).isNotNull();
|
assertThat(code).isNotNull();
|
||||||
|
|
||||||
OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName());
|
OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
|
||||||
assertThat(authorizationRequest).isNotNull();
|
assertThat(authorizationRequest).isNotNull();
|
||||||
assertThat(authorizationRequest.getAuthorizationUri()).isEqualTo("http://localhost/oauth2/authorize");
|
assertThat(authorizationRequest.getAuthorizationUri()).isEqualTo("http://localhost/oauth2/authorize");
|
||||||
assertThat(authorizationRequest.getGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
|
assertThat(authorizationRequest.getGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
|
||||||
|
Loading…
Reference in New Issue
Block a user