首頁 探索 說明
註冊 登入
github
/
spring-authorization-server
镜像来自 https://github.com/spring-projects/spring-authorization-server
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

Remove OAuth2AuthorizationAttributeNames

Issue gh-213
Joe Grandja 4 年之前
父節點
ee1b46b9a6
當前提交
2cdb7ef0fc
共有 12 個文件被更改,包括 47 次插入89 次删除
分割檢視 顯示文件統計
  1. 8 0
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2Authorization.java
  2. 0 41
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationAttributeNames.java
  3. 3 4
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtEncodingContextUtils.java
  4. 1 2
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java
  5. 8 9
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientAuthenticationProvider.java
  6. 1 2
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java
  7. 5 6
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java
  8. 2 2
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/TestOAuth2Authorizations.java
  9. 7 8
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java
  10. 2 3
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java
  11. 1 2
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java
  12. 9 10
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilterTests.java

+ 8 - 0
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2Authorization.java
查看文件 

@@ -47,6 +47,14 @@ import org.springframework.util.Assert;
 
  */
 
 public class OAuth2Authorization implements Serializable {
 
 	private static final long serialVersionUID = Version.SERIAL_VERSION_UID;
 
+
 
+	/**
 
+	 * The name of the {@link #getAttribute(String) attribute} used for the authorized scope(s).
 
+	 * The value of the attribute is of type {@code Set<String>}.
 
+	 */
 
+	public static final String AUTHORIZED_SCOPE_ATTRIBUTE_NAME =
 
+			OAuth2Authorization.class.getName().concat(".AUTHORIZED_SCOPE");
 
+
 
 	private String registeredClientId;
 
 	private String principalName;
 
 	private AuthorizationGrantType authorizationGrantType;

+ 0 - 41
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationAttributeNames.java
查看文件 

@@ -1,41 +0,0 @@
 
-/*
 
- * Copyright 2020-2021 the original author or authors.
 
- *
 
- * Licensed under the Apache License, Version 2.0 (the "License");
 
- * you may not use this file except in compliance with the License.
 
- * You may obtain a copy of the License at
 
- *
 
- *      https://www.apache.org/licenses/LICENSE-2.0
 
- *
 
- * Unless required by applicable law or agreed to in writing, software
 
- * distributed under the License is distributed on an "AS IS" BASIS,
 
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
- * See the License for the specific language governing permissions and
 
- * limitations under the License.
 
- */
 
-package org.springframework.security.oauth2.server.authorization;
 
-
 
-
 
-import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
-
 
-/**
 
- * The name of the attributes that may be contained in the
 
- * {@link OAuth2Authorization#getAttributes()} {@code Map}.
 
- *
 
- * @author Joe Grandja
 
- * @since 0.0.1
 
- * @see OAuth2Authorization#getAttributes()
 
- */
 
-public interface OAuth2AuthorizationAttributeNames {
 
-
 
-	/**
 
-	 * The name of the attribute used for the {@link OAuth2AuthorizationRequest}.
 
-	 */
 
-	String AUTHORIZATION_REQUEST = OAuth2Authorization.class.getName().concat(".AUTHORIZATION_REQUEST");
 
-
 
-	/**
 
-	 * The name of the attribute used for the authorized scope(s).
 
-	 */
 
-	String AUTHORIZED_SCOPES = OAuth2Authorization.class.getName().concat(".AUTHORIZED_SCOPES");
 
-
 
-}

+ 3 - 4
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtEncodingContextUtils.java
查看文件 

@@ -27,11 +27,10 @@ import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames
 
 import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
 
 import org.springframework.security.oauth2.jwt.JoseHeader;
 
 import org.springframework.security.oauth2.jwt.JwtClaimsSet;
 
-import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
+import org.springframework.security.oauth2.server.authorization.token.JwtEncodingContext;
 
 import org.springframework.util.CollectionUtils;
 
 import org.springframework.util.StringUtils;
 
 
@@ -47,7 +46,7 @@ final class JwtEncodingContextUtils {
 
 	static JwtEncodingContext.Builder accessTokenContext(RegisteredClient registeredClient, OAuth2Authorization authorization) {
 
 		// @formatter:off
 
 		return accessTokenContext(registeredClient, authorization,
 
-				authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES));
 
+				authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
 
 		// @formatter:on
 
 	}
 
 
@@ -95,7 +94,7 @@ final class JwtEncodingContextUtils {
 
 		Instant issuedAt = Instant.now();
 
 		Instant expiresAt = issuedAt.plus(30, ChronoUnit.MINUTES);		// TODO Allow configuration for id token time-to-live
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		String nonce = (String) authorizationRequest.getAdditionalParameters().get(OidcParameterNames.NONCE);
 
 
 		// @formatter:off

+ 1 - 2
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java
查看文件 

@@ -39,7 +39,6 @@ import org.springframework.security.oauth2.jwt.Jwt;
 
 import org.springframework.security.oauth2.jwt.JwtClaimsSet;
 
 import org.springframework.security.oauth2.jwt.JwtEncoder;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
@@ -107,7 +106,7 @@ public class OAuth2AuthorizationCodeAuthenticationProvider implements Authentica
 
 				authorization.getToken(OAuth2AuthorizationCode.class);
 
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 
 		if (!registeredClient.getClientId().equals(authorizationRequest.getClientId())) {
 
 			if (!authorizationCode.isInvalidated()) {

+ 8 - 9
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientAuthenticationProvider.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2020 the original author or authors.
 
+ * Copyright 2020-2021 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -15,6 +15,12 @@
 
  */
 
 package org.springframework.security.oauth2.server.authorization.authentication;
 
 
+import java.nio.charset.StandardCharsets;
 
+import java.security.MessageDigest;
 
+import java.security.NoSuchAlgorithmException;
 
+import java.util.Base64;
 
+import java.util.Map;
 
+
 
 import org.springframework.security.authentication.AuthenticationProvider;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.AuthenticationException;
 
@@ -26,7 +32,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequ
 
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
@@ -35,12 +40,6 @@ import org.springframework.util.Assert;
 
 import org.springframework.util.CollectionUtils;
 
 import org.springframework.util.StringUtils;
 
 
-import java.nio.charset.StandardCharsets;
 
-import java.security.MessageDigest;
 
-import java.security.NoSuchAlgorithmException;
 
-import java.util.Base64;
 
-import java.util.Map;
 
-
 
 /**
 
  * An {@link AuthenticationProvider} implementation used for authenticating an OAuth 2.0 Client.
 
  *
 
@@ -128,7 +127,7 @@ public class OAuth2ClientAuthenticationProvider implements AuthenticationProvide
 
 		}
 
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 
 		String codeChallenge = (String) authorizationRequest.getAdditionalParameters()
 
 				.get(PkceParameterNames.CODE_CHALLENGE);

+ 1 - 2
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java
查看文件 

@@ -39,7 +39,6 @@ import org.springframework.security.oauth2.jwt.Jwt;
 
 import org.springframework.security.oauth2.jwt.JwtClaimsSet;
 
 import org.springframework.security.oauth2.jwt.JwtEncoder;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
@@ -126,7 +125,7 @@ public class OAuth2RefreshTokenAuthenticationProvider implements AuthenticationP
 
 		// The requested scope MUST NOT include any scope not originally granted by the resource owner,
 
 		// and if omitted is treated as equal to the scope originally granted by the resource owner.
 
 		Set<String> scopes = refreshTokenAuthentication.getScopes();
 
-		Set<String> authorizedScopes = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES);
 
+		Set<String> authorizedScopes = authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME);
 
 		if (!authorizedScopes.containsAll(scopes)) {
 
 			throw new OAuth2AuthenticationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_SCOPE));
 
 		}

+ 5 - 6
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java
查看文件 

@@ -49,7 +49,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
 
 import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
@@ -196,7 +195,7 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
 
 				.principalName(principal.getName())
 
 				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
 
 				.attribute(Principal.class.getName(), principal)
 
-				.attribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST, authorizationRequest);
 
+				.attribute(OAuth2AuthorizationRequest.class.getName(), authorizationRequest);
 
 
 		if (registeredClient.getClientSettings().requireUserConsent()) {
 
 			String state = this.stateGenerator.generateKey();
 
@@ -215,7 +214,7 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
 
 					this.codeGenerator.generateKey(), issuedAt, expiresAt);
 
 			OAuth2Authorization authorization = builder
 
 					.token(authorizationCode)
 
-					.attribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES, authorizationRequest.getScopes())
 
+					.attribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME, authorizationRequest.getScopes())
 
 					.build();
 
 			this.authorizationService.save(authorization);
 
 
@@ -268,7 +267,7 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
 
 				.token(authorizationCode)
 
 				.attributes(attrs -> {
 
 					attrs.remove(OAuth2ParameterNames.STATE);
 
-					attrs.put(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES, userConsentRequestContext.getScopes());
 
+					attrs.put(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME, userConsentRequestContext.getScopes());
 
 				})
 
 				.build();
 
 		this.authorizationService.save(authorization);
 
@@ -559,7 +558,7 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
 
 		}
 
 
 		private OAuth2AuthorizationRequest getAuthorizationRequest() {
 
-			return getAuthorization().getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+			return getAuthorization().getAttribute(OAuth2AuthorizationRequest.class.getName());
 
 		}
 
 	}
 
 
@@ -660,7 +659,7 @@ public class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilter {
 
 				RegisteredClient registeredClient, OAuth2Authorization authorization) {
 
 
 			OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-					OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+					OAuth2AuthorizationRequest.class.getName());
 
 			String state = authorization.getAttribute(
 
 					OAuth2ParameterNames.STATE);

+ 2 - 2
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/TestOAuth2Authorizations.java
查看文件 

@@ -67,9 +67,9 @@ public class TestOAuth2Authorizations {
 
 				.token(authorizationCode)
 
 				.accessToken(accessToken)
 
 				.refreshToken(refreshToken)
 
-				.attribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST, authorizationRequest)
 
+				.attribute(OAuth2AuthorizationRequest.class.getName(), authorizationRequest)
 
 				.attribute(Principal.class.getName(),
 
 						new TestingAuthenticationToken("principal", null, "ROLE_A", "ROLE_B"))
 
-				.attribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES, authorizationRequest.getScopes());
 
+				.attribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME, authorizationRequest.getScopes());
 
 	}
 
 }

+ 7 - 8
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java
查看文件 

@@ -42,7 +42,6 @@ import org.springframework.security.oauth2.jwt.Jwt;
 
 import org.springframework.security.oauth2.jwt.JwtClaimsSet;
 
 import org.springframework.security.oauth2.jwt.JwtEncoder;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
@@ -185,7 +184,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authentication =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri() + "-invalid", null);
 
 		assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication))
 
@@ -208,7 +207,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authentication =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
 
 
@@ -228,7 +227,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authentication =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
 
 
@@ -254,7 +253,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 		JwtClaimsSet jwtClaimsSet = jwtClaimsSetCaptor.getValue();
 
 
 		Set<String> scopes = jwtClaimsSet.getClaim(OAuth2ParameterNames.SCOPE);
 
-		assertThat(scopes).isEqualTo(authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES));
 
+		assertThat(scopes).isEqualTo(authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME));
 
 		assertThat(jwtClaimsSet.getSubject()).isEqualTo(authorization.getPrincipalName());
 
 
 		ArgumentCaptor<OAuth2Authorization> authorizationCaptor = ArgumentCaptor.forClass(OAuth2Authorization.class);
 
@@ -279,7 +278,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authentication =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
 
 
@@ -345,7 +344,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authentication =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);
 
 
@@ -383,7 +382,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests {
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authentication =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(AUTHORIZATION_CODE, clientPrincipal, authorizationRequest.getRedirectUri(), null);

+ 2 - 3
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java
查看文件 

@@ -40,7 +40,6 @@ import org.springframework.security.oauth2.jwt.JoseHeaderNames;
 
 import org.springframework.security.oauth2.jwt.Jwt;
 
 import org.springframework.security.oauth2.jwt.JwtEncoder;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
@@ -191,7 +190,7 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
 
 				.thenReturn(authorization);
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
-		Set<String> authorizedScopes = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES);
 
+		Set<String> authorizedScopes = authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME);
 
 		Set<String> requestedScopes = new HashSet<>(authorizedScopes);
 
 		requestedScopes.remove("email");
 
 		OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(
 
@@ -213,7 +212,7 @@ public class OAuth2RefreshTokenAuthenticationProviderTests {
 
 				.thenReturn(authorization);
 
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
-		Set<String> authorizedScopes = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES);
 
+		Set<String> authorizedScopes = authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME);
 
 		Set<String> requestedScopes = new HashSet<>(authorizedScopes);
 
 		requestedScopes.add("unauthorized");
 
 		OAuth2RefreshTokenAuthenticationToken authentication = new OAuth2RefreshTokenAuthenticationToken(

+ 1 - 2
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java
查看文件 

@@ -26,7 +26,6 @@ import org.springframework.security.oauth2.jwt.JwtClaimsSet;
 
 import org.springframework.security.oauth2.jwt.TestJoseHeaders;
 
 import org.springframework.security.oauth2.jwt.TestJwtClaimsSets;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
 import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationToken;
 
@@ -88,7 +87,7 @@ public class JwtEncodingContextTests {
 
 		OAuth2Authorization authorization = TestOAuth2Authorizations.authorization().build();
 
 		OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(registeredClient);
 
 		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(
 
-				OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+				OAuth2AuthorizationRequest.class.getName());
 
 		OAuth2AuthorizationCodeAuthenticationToken authorizationGrant =
 
 				new OAuth2AuthorizationCodeAuthenticationToken(
 
 						"code", clientPrincipal, authorizationRequest.getRedirectUri(), null);

+ 9 - 10
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilterTests.java
查看文件 

@@ -45,7 +45,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
 
 import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
 
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationAttributeNames;
 
 import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.TestOAuth2Authorizations;
 
 import org.springframework.security.oauth2.server.authorization.TokenType;
 
@@ -475,10 +474,10 @@ public class OAuth2AuthorizationEndpointFilterTests {
 
 		OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = authorization.getToken(OAuth2AuthorizationCode.class);
 
 		assertThat(authorizationCode).isNotNull();
 
 
-		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName());
 
 		assertThat(authorizationRequest).isNotNull();
 
 
-		Set<String> authorizedScopes = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES);
 
+		Set<String> authorizedScopes = authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME);
 
 		assertThat(authorizedScopes).isEqualTo(authorizationRequest.getScopes());
 
 
 		assertThat(authorizationRequest.getAuthorizationUri()).isEqualTo("http://localhost/oauth2/authorize");
 
@@ -525,10 +524,10 @@ public class OAuth2AuthorizationEndpointFilterTests {
 
 		OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = authorization.getToken(OAuth2AuthorizationCode.class);
 
 		assertThat(authorizationCode).isNotNull();
 
 
-		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName());
 
 		assertThat(authorizationRequest).isNotNull();
 
 
-		Set<String> authorizedScopes = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES);
 
+		Set<String> authorizedScopes = authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME);
 
 		assertThat(authorizedScopes).isEqualTo(authorizationRequest.getScopes());
 
 
 		assertThat(authorizationRequest.getClientId()).isEqualTo(registeredClient.getClientId());
 
@@ -573,10 +572,10 @@ public class OAuth2AuthorizationEndpointFilterTests {
 
 		String state = authorization.getAttribute(OAuth2ParameterNames.STATE);
 
 		assertThat(state).isNotNull();
 
 
-		Set<String> authorizedScopes = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES);
 
+		Set<String> authorizedScopes = authorization.getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME);
 
 		assertThat(authorizedScopes).isNull();
 
 
-		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST);
 
+		OAuth2AuthorizationRequest authorizationRequest = authorization.getAttribute(OAuth2AuthorizationRequest.class.getName());
 
 		assertThat(authorizationRequest).isNotNull();
 
 		assertThat(authorizationRequest.getAuthorizationUri()).isEqualTo("http://localhost/oauth2/authorize");
 
 		assertThat(authorizationRequest.getGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
 
@@ -802,9 +801,9 @@ public class OAuth2AuthorizationEndpointFilterTests {
 
 		assertThat(updatedAuthorization.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE);
 
 		assertThat(updatedAuthorization.getToken(OAuth2AuthorizationCode.class)).isNotNull();
 
 		assertThat(updatedAuthorization.<String>getAttribute(OAuth2ParameterNames.STATE)).isNull();
 
-		assertThat(updatedAuthorization.<OAuth2AuthorizationRequest>getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST))
 
-				.isEqualTo(authorization.<OAuth2AuthorizationRequest>getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZATION_REQUEST));
 
-		assertThat(updatedAuthorization.<Set<String>>getAttribute(OAuth2AuthorizationAttributeNames.AUTHORIZED_SCOPES))
 
+		assertThat(updatedAuthorization.<OAuth2AuthorizationRequest>getAttribute(OAuth2AuthorizationRequest.class.getName()))
 
+				.isEqualTo(authorization.<OAuth2AuthorizationRequest>getAttribute(OAuth2AuthorizationRequest.class.getName()));
 
+		assertThat(updatedAuthorization.<Set<String>>getAttribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME))
 
 				.isEqualTo(registeredClient.getScopes());
 
 	}