Startsida Utforska Hjälp
Registrera dig Logga in
github
/
spring-authorization-server
spegling av https://github.com/spring-projects/spring-authorization-server
2
0
Fork 0
Filer Ärenden 0 Wiki
Bläddra i källkod

OpenID Provider Configuration response returns introspection_endpoint

Closes gh-779
Joe Grandja 3 år sedan
förälder
d6ff0f3fc7
incheckning
0cae3c693e
2 ändrade filer med 6 tillägg och 0 borttagningar
Delad Vy Visa Diff Statistik
  1. 2 0
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
  2. 4 0
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilterTests.java

+ 2 - 0
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
Visa fil 

@@ -95,6 +95,8 @@ public final class OidcProviderConfigurationEndpointFilter extends OncePerReques
 
 				.grantType(AuthorizationGrantType.REFRESH_TOKEN.getValue())
 
 				.tokenRevocationEndpoint(asUrl(issuer, this.providerSettings.getTokenRevocationEndpoint()))
 
 				.tokenRevocationEndpointAuthenticationMethods(clientAuthenticationMethods())
 
+				.tokenIntrospectionEndpoint(asUrl(issuer, this.providerSettings.getTokenIntrospectionEndpoint()))
 
+				.tokenIntrospectionEndpointAuthenticationMethods(clientAuthenticationMethods())
 
 				.subjectType("public")
 
 				.idTokenSigningAlgorithm(SignatureAlgorithm.RS256.getName())
 
 				.scope(OidcScopes.OPENID)

+ 4 - 0
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilterTests.java
Visa fil 

@@ -96,6 +96,7 @@ public class OidcProviderConfigurationEndpointFilterTests {
 
 		String jwkSetEndpoint = "/oauth2/v1/jwks";
 
 		String userInfoEndpoint = "/userinfo";
 
 		String tokenRevocationEndpoint = "/oauth2/v1/revoke";
 
+		String tokenIntrospectionEndpoint = "/oauth2/v1/introspect";
 
 
 		ProviderSettings providerSettings = ProviderSettings.builder()
 
 				.issuer(issuer)
 
@@ -104,6 +105,7 @@ public class OidcProviderConfigurationEndpointFilterTests {
 
 				.jwkSetEndpoint(jwkSetEndpoint)
 
 				.oidcUserInfoEndpoint(userInfoEndpoint)
 
 				.tokenRevocationEndpoint(tokenRevocationEndpoint)
 
+				.tokenIntrospectionEndpoint(tokenIntrospectionEndpoint)
 
 				.build();
 
 		ProviderContextHolder.setProviderContext(new ProviderContext(providerSettings, null));
 
 		OidcProviderConfigurationEndpointFilter filter =
 
@@ -130,6 +132,8 @@ public class OidcProviderConfigurationEndpointFilterTests {
 
 		assertThat(providerConfigurationResponse).contains("\"grant_types_supported\":[\"authorization_code\",\"client_credentials\",\"refresh_token\"]");
 
 		assertThat(providerConfigurationResponse).contains("\"revocation_endpoint\":\"https://example.com/issuer1/oauth2/v1/revoke\"");
 
 		assertThat(providerConfigurationResponse).contains("\"revocation_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
 
+		assertThat(providerConfigurationResponse).contains("\"introspection_endpoint\":\"https://example.com/issuer1/oauth2/v1/introspect\"");
 
+		assertThat(providerConfigurationResponse).contains("\"introspection_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"client_secret_post\",\"client_secret_jwt\",\"private_key_jwt\"]");
 
 		assertThat(providerConfigurationResponse).contains("\"subject_types_supported\":[\"public\"]");
 
 		assertThat(providerConfigurationResponse).contains("\"id_token_signing_alg_values_supported\":[\"RS256\"]");
 
 		assertThat(providerConfigurationResponse).contains("\"userinfo_endpoint\":\"https://example.com/issuer1/userinfo\"");