首頁 探索 說明
註冊 登入
github
/
spring-authorization-server
镜像来自 https://github.com/spring-projects/spring-authorization-server
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

Polish gh-1105

Joe Grandja 2 年之前
父節點
0255a24849
當前提交
ad01779479
共有 5 個文件被更改,包括 16 次插入19 次删除
統一視圖 顯示文件統計
  1. 2 2
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java
  2. 4 7
      oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepository.java
  3. 3 4
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProviderTests.java
  4. 3 3
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepositoryTests.java
  5. 4 3
      oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java

+ 2 - 2
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2020-2022 the original author or authors.
 
+ * Copyright 2020-2023 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -126,7 +126,7 @@ public final class ClientSecretAuthenticationProvider implements AuthenticationP
 
 			registeredClient = RegisteredClient.from(registeredClient)
 
 			registeredClient = RegisteredClient.from(registeredClient)
 
 					.clientSecret(this.passwordEncoder.encode(clientSecret))
 
 					.clientSecret(this.passwordEncoder.encode(clientSecret))
 
 					.build();
 
 					.build();
 
-			registeredClientRepository.save(registeredClient);
 
+			this.registeredClientRepository.save(registeredClient);
 
 		}
 
 		}
 
 
 
 		if (this.logger.isTraceEnabled()) {
 
 		if (this.logger.isTraceEnabled()) {

+ 4 - 7
oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepository.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2020-2021 the original author or authors.
 
+ * Copyright 2020-2023 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -72,14 +72,11 @@ public final class InMemoryRegisteredClientRepository implements RegisteredClien
 
 	@Override
 
 	@Override
 
 	public void save(RegisteredClient registeredClient) {
 
 	public void save(RegisteredClient registeredClient) {
 
 		Assert.notNull(registeredClient, "registeredClient cannot be null");
 
 		Assert.notNull(registeredClient, "registeredClient cannot be null");
 
-		if (this.idRegistrationMap.containsKey(registeredClient.getId())) {
 
-			this.idRegistrationMap.put(registeredClient.getId(), registeredClient);
 
-			this.clientIdRegistrationMap.put(registeredClient.getClientId(), registeredClient);
 
-		} else {
 
+		if (!this.idRegistrationMap.containsKey(registeredClient.getId())) {
 
 			assertUniqueIdentifiers(registeredClient, this.idRegistrationMap);
 
 			assertUniqueIdentifiers(registeredClient, this.idRegistrationMap);
 
-			this.idRegistrationMap.put(registeredClient.getId(), registeredClient);
 
-			this.clientIdRegistrationMap.put(registeredClient.getClientId(), registeredClient);
 
 		}
 
 		}
 
+		this.idRegistrationMap.put(registeredClient.getId(), registeredClient);
 
+		this.clientIdRegistrationMap.put(registeredClient.getClientId(), registeredClient);
 
 	}
 
 	}
 
 
 
 	@Nullable
 
 	@Nullable

+ 3 - 4
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProviderTests.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2020-2022 the original author or authors.
 
+ * Copyright 2020-2023 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -228,7 +228,7 @@ public class ClientSecretAuthenticationProviderTests {
 
 	}
 
 	}
 
 
 
 	@Test
 
 	@Test
 
-	public void authenticateWhenValidCredentialsAndNonExpiredThenPasswordUpgraded() {
 
+	public void authenticateWhenValidCredentialsAndRequiresUpgradingThenClientSecretUpgraded() {
 
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
 
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
 
 		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 
 		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 
 				.thenReturn(registeredClient);
 
 				.thenReturn(registeredClient);
 
@@ -243,10 +243,9 @@ public class ClientSecretAuthenticationProviderTests {
 
 		verify(this.passwordEncoder).encode(any());
 
 		verify(this.passwordEncoder).encode(any());
 
 		verify(this.registeredClientRepository).save(any());
 
 		verify(this.registeredClientRepository).save(any());
 
 		assertThat(authenticationResult.isAuthenticated()).isTrue();
 
 		assertThat(authenticationResult.isAuthenticated()).isTrue();
 
-		assertThat(registeredClient).isNotSameAs(authenticationResult.getPrincipal());
 
 		assertThat(authenticationResult.getPrincipal().toString()).isEqualTo(registeredClient.getClientId());
 
 		assertThat(authenticationResult.getPrincipal().toString()).isEqualTo(registeredClient.getClientId());
 
 		assertThat(authenticationResult.getCredentials().toString()).isEqualTo(registeredClient.getClientSecret());
 
 		assertThat(authenticationResult.getCredentials().toString()).isEqualTo(registeredClient.getClientSecret());
 
-		assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient);
 
+		assertThat(authenticationResult.getRegisteredClient()).isNotSameAs(registeredClient);
 
 	}
 
 	}
 
 
 
 	@Test
 
 	@Test

+ 3 - 3
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepositoryTests.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2020-2022 the original author or authors.
 
+ * Copyright 2020-2023 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -155,10 +155,10 @@ public class InMemoryRegisteredClientRepositoryTests {
 
 	@Test
 
 	@Test
 
 	public void saveWhenExistingIdThenUpdate() {
 
 	public void saveWhenExistingIdThenUpdate() {
 
 		RegisteredClient registeredClient = createRegisteredClient(
 
 		RegisteredClient registeredClient = createRegisteredClient(
 
-				this.registration.getId(), "client-id", "client-secret-2");
 
+				this.registration.getId(), "client-id-2", "client-secret-2");
 
 		this.clients.save(registeredClient);
 
 		this.clients.save(registeredClient);
 
 		RegisteredClient savedClient = this.clients.findByClientId(registeredClient.getClientId());
 
 		RegisteredClient savedClient = this.clients.findByClientId(registeredClient.getClientId());
 
-		assertThat(savedClient.getClientSecret()).isEqualTo("client-secret-2");
 
+		assertThat(savedClient).isEqualTo(registeredClient);
 
 	}
 
 	}
 
 
 
 	@Test
 
 	@Test

+ 4 - 3
oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java
查看文件 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2020-2022 the original author or authors.
 
+ * Copyright 2020-2023 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -233,7 +233,7 @@ public class OAuth2ClientCredentialsGrantTests {
 
 	}
 
 	}
 
 
 
 	@Test
 
 	@Test
 
-	public void requestWhenTokenRequestPostsClientCredentialsThenTokenResponseAndSecretUpgraded() throws Exception {
 
+	public void requestWhenTokenRequestPostsClientCredentialsAndRequiresUpgradingThenClientSecretUpgraded() throws Exception {
 
 		this.spring.register(AuthorizationServerConfigurationCustomPasswordEncoder.class).autowire();
 
 		this.spring.register(AuthorizationServerConfigurationCustomPasswordEncoder.class).autowire();
 
 
 
 		String clientSecret = "secret-2";
 
 		String clientSecret = "secret-2";
 
@@ -250,7 +250,8 @@ public class OAuth2ClientCredentialsGrantTests {
 
 				.andExpect(jsonPath("$.scope").value("scope1 scope2"));
 
 				.andExpect(jsonPath("$.scope").value("scope1 scope2"));
 
 
 
 		verify(jwtCustomizer).customize(any());
 
 		verify(jwtCustomizer).customize(any());
 
-		assertThat(this.registeredClientRepository.findByClientId(registeredClient.getClientId()).getClientSecret()).startsWith("{bcrypt}");
 
+		RegisteredClient updatedRegisteredClient = this.registeredClientRepository.findByClientId(registeredClient.getClientId());
 
+		assertThat(updatedRegisteredClient.getClientSecret()).startsWith("{bcrypt}");
 
 	}
 
 	}
 
 
 
 	@Test
 
 	@Test