Add temporary OAuth2ParameterNames2

Issue https://github.com/spring-projects/spring-security/issues/9183
This commit is contained in:
Joe Grandja 2020-11-09 12:13:12 -05:00
parent 58ad2d2c6c
commit d76d209124
4 changed files with 51 additions and 19 deletions

View File

@ -0,0 +1,32 @@
/*
* Copyright 2020 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.oauth2.core.endpoint;
/**
* TODO
* This class is temporary and will be removed after upgrading to Spring Security 5.5.0 GA.
*
* @author Joe Grandja
* @since 0.0.3
* @see <a target="_blank" href="https://github.com/spring-projects/spring-security/issues/9183">Issue gh-9183</a>
*/
public interface OAuth2ParameterNames2 extends OAuth2ParameterNames {
String TOKEN = "token";
String TOKEN_TYPE_HINT = "token_type_hint";
}

View File

@ -26,7 +26,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException; import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.OAuth2ErrorCodes; import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames2;
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter; import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationProvider; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2TokenRevocationAuthenticationToken;
@ -131,17 +131,17 @@ public class OAuth2TokenRevocationEndpointFilter extends OncePerRequestFilter {
MultiValueMap<String, String> parameters = OAuth2EndpointUtils.getParameters(request); MultiValueMap<String, String> parameters = OAuth2EndpointUtils.getParameters(request);
// token (REQUIRED) // token (REQUIRED)
String token = parameters.getFirst(OAuth2ParameterNames.TOKEN); String token = parameters.getFirst(OAuth2ParameterNames2.TOKEN);
if (!StringUtils.hasText(token) || if (!StringUtils.hasText(token) ||
parameters.get(OAuth2ParameterNames.TOKEN).size() != 1) { parameters.get(OAuth2ParameterNames2.TOKEN).size() != 1) {
throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.TOKEN); throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames2.TOKEN);
} }
// token_type_hint (OPTIONAL) // token_type_hint (OPTIONAL)
String tokenTypeHint = parameters.getFirst(OAuth2ParameterNames.TOKEN_TYPE_HINT); String tokenTypeHint = parameters.getFirst(OAuth2ParameterNames2.TOKEN_TYPE_HINT);
if (StringUtils.hasText(tokenTypeHint) && if (StringUtils.hasText(tokenTypeHint) &&
parameters.get(OAuth2ParameterNames.TOKEN_TYPE_HINT).size() != 1) { parameters.get(OAuth2ParameterNames2.TOKEN_TYPE_HINT).size() != 1) {
throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.TOKEN_TYPE_HINT); throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames2.TOKEN_TYPE_HINT);
} }
return new OAuth2TokenRevocationAuthenticationToken(token, clientPrincipal, tokenTypeHint); return new OAuth2TokenRevocationAuthenticationToken(token, clientPrincipal, tokenTypeHint);

View File

@ -32,7 +32,7 @@ import org.springframework.security.crypto.keys.StaticKeyGeneratingKeyManager;
import org.springframework.security.oauth2.core.AbstractOAuth2Token; import org.springframework.security.oauth2.core.AbstractOAuth2Token;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken; import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames2;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService; import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations; import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
@ -153,8 +153,8 @@ public class OAuth2TokenRevocationTests {
private static MultiValueMap<String, String> getTokenRevocationRequestParameters(AbstractOAuth2Token token, TokenType tokenType) { private static MultiValueMap<String, String> getTokenRevocationRequestParameters(AbstractOAuth2Token token, TokenType tokenType) {
MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>(); MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
parameters.set(OAuth2ParameterNames.TOKEN, token.getTokenValue()); parameters.set(OAuth2ParameterNames2.TOKEN, token.getTokenValue());
parameters.set(OAuth2ParameterNames.TOKEN_TYPE_HINT, tokenType.getValue()); parameters.set(OAuth2ParameterNames2.TOKEN_TYPE_HINT, tokenType.getValue());
return parameters; return parameters;
} }

View File

@ -30,7 +30,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.OAuth2ErrorCodes; import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames; import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames2;
import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter; import org.springframework.security.oauth2.core.http.converter.OAuth2ErrorHttpMessageConverter;
import org.springframework.security.oauth2.server.authorization.TokenType; import org.springframework.security.oauth2.server.authorization.TokenType;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken; import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
@ -121,25 +121,25 @@ public class OAuth2TokenRevocationEndpointFilterTests {
@Test @Test
public void doFilterWhenTokenRevocationRequestMissingTokenThenInvalidRequestError() throws Exception { public void doFilterWhenTokenRevocationRequestMissingTokenThenInvalidRequestError() throws Exception {
doFilterWhenTokenRevocationRequestInvalidParameterThenError( doFilterWhenTokenRevocationRequestInvalidParameterThenError(
OAuth2ParameterNames.TOKEN, OAuth2ParameterNames2.TOKEN,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
request -> request.removeParameter(OAuth2ParameterNames.TOKEN)); request -> request.removeParameter(OAuth2ParameterNames2.TOKEN));
} }
@Test @Test
public void doFilterWhenTokenRevocationRequestMultipleTokenThenInvalidRequestError() throws Exception { public void doFilterWhenTokenRevocationRequestMultipleTokenThenInvalidRequestError() throws Exception {
doFilterWhenTokenRevocationRequestInvalidParameterThenError( doFilterWhenTokenRevocationRequestInvalidParameterThenError(
OAuth2ParameterNames.TOKEN, OAuth2ParameterNames2.TOKEN,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
request -> request.addParameter(OAuth2ParameterNames.TOKEN, "token-2")); request -> request.addParameter(OAuth2ParameterNames2.TOKEN, "token-2"));
} }
@Test @Test
public void doFilterWhenTokenRevocationRequestMultipleTokenTypeHintThenInvalidRequestError() throws Exception { public void doFilterWhenTokenRevocationRequestMultipleTokenTypeHintThenInvalidRequestError() throws Exception {
doFilterWhenTokenRevocationRequestInvalidParameterThenError( doFilterWhenTokenRevocationRequestInvalidParameterThenError(
OAuth2ParameterNames.TOKEN_TYPE_HINT, OAuth2ParameterNames2.TOKEN_TYPE_HINT,
OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ErrorCodes.INVALID_REQUEST,
request -> request.addParameter(OAuth2ParameterNames.TOKEN_TYPE_HINT, TokenType.ACCESS_TOKEN.getValue())); request -> request.addParameter(OAuth2ParameterNames2.TOKEN_TYPE_HINT, TokenType.ACCESS_TOKEN.getValue()));
} }
@Test @Test
@ -201,8 +201,8 @@ public class OAuth2TokenRevocationEndpointFilterTests {
MockHttpServletRequest request = new MockHttpServletRequest("POST", requestUri); MockHttpServletRequest request = new MockHttpServletRequest("POST", requestUri);
request.setServletPath(requestUri); request.setServletPath(requestUri);
request.addParameter(OAuth2ParameterNames.TOKEN, "token"); request.addParameter(OAuth2ParameterNames2.TOKEN, "token");
request.addParameter(OAuth2ParameterNames.TOKEN_TYPE_HINT, TokenType.ACCESS_TOKEN.getValue()); request.addParameter(OAuth2ParameterNames2.TOKEN_TYPE_HINT, TokenType.ACCESS_TOKEN.getValue());
return request; return request;
} }