Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
github
/
spring-authorization-server
-ын хуулбар https://github.com/spring-projects/spring-authorization-server
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Эх сурвалжийг харах

Fix registration access token cannot be deserialized

Change the authorized scopes Set from SingletonSet to UnmodifiableSet as there is no mixin registered for SingletonSet

Closes gh-495
Ovidiu Popa 3 жил өмнө
parent
82e4f3a345
commit
2e2c9ea286
2 өөрчлөгдсөн 11 нэмэгдсэн , 1 устгасан
Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах
  1. 4 1
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java
  2. 7 0
      oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OidcClientRegistrationTests.java

+ 4 - 1
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java
Файл харах 

@@ -21,6 +21,7 @@ import java.time.Instant;
 
 import java.util.Base64;
 
 import java.util.Collection;
 
 import java.util.Collections;
 
+import java.util.HashSet;
 
 import java.util.List;
 
 import java.util.Set;
 
 import java.util.UUID;
 
@@ -218,7 +219,9 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe
 
 	private OAuth2Authorization registerAccessToken(RegisteredClient registeredClient) {
 
 		JoseHeader headers = JwtUtils.headers().build();
 
 
-		Set<String> authorizedScopes = Collections.singleton(DEFAULT_CLIENT_CONFIGURATION_AUTHORIZED_SCOPE);
 
+		Set<String> authorizedScopes = new HashSet<>();
 
+		authorizedScopes.add(DEFAULT_CLIENT_CONFIGURATION_AUTHORIZED_SCOPE);
 
+		authorizedScopes = Collections.unmodifiableSet(authorizedScopes);
 
 
 		JwtClaimsSet claims = JwtUtils.accessTokenClaims(
 
 				registeredClient, this.providerSettings.getIssuer(), registeredClient.getClientId(), authorizedScopes)

+ 7 - 0
oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OidcClientRegistrationTests.java
Файл харах 

@@ -62,6 +62,8 @@ import org.springframework.security.oauth2.core.oidc.http.converter.OidcClientRe
 
 import org.springframework.security.oauth2.jose.TestJwks;
 
 import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
 
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 
+import org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService;
 
+import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
 
 import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository;
 
 import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository.RegisteredClientParametersMapper;
 
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 
@@ -323,6 +325,11 @@ public class OidcClientRegistrationTests {
 
 			return registeredClientRepository;
 
 		}
 
 
+		@Bean
 
+		OAuth2AuthorizationService authorizationService(JdbcOperations jdbcOperations, RegisteredClientRepository registeredClientRepository) {
 
+			return new JdbcOAuth2AuthorizationService(jdbcOperations, registeredClientRepository);
 
+		}
 
+
 
 		@Bean
 
 		JdbcOperations jdbcOperations() {
 
 			return new JdbcTemplate(db);