Change interface that only contain constants to final class

Closes gh-728

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2021 the original author or authors.
+ * Copyright 2020-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,71 +24,74 @@ package org.springframework.security.oauth2.core;
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc8414#section-2">2. Authorization Server Metadata</a>
  * @see <a target="_blank" href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata">3. OpenID Provider Metadata</a>
  */
-public interface OAuth2AuthorizationServerMetadataClaimNames {
+public class OAuth2AuthorizationServerMetadataClaimNames {
 
 	/**
 	 * {@code issuer} - the {@code URL} the Authorization Server asserts as its Issuer Identifier
 	 */
-	String ISSUER = "issuer";
+	public static final String ISSUER = "issuer";
 
 	/**
 	 * {@code authorization_endpoint} - the {@code URL} of the OAuth 2.0 Authorization Endpoint
 	 */
-	String AUTHORIZATION_ENDPOINT = "authorization_endpoint";
+	public static final String AUTHORIZATION_ENDPOINT = "authorization_endpoint";
 
 	/**
 	 * {@code token_endpoint} - the {@code URL} of the OAuth 2.0 Token Endpoint
 	 */
-	String TOKEN_ENDPOINT = "token_endpoint";
+	public static final String TOKEN_ENDPOINT = "token_endpoint";
 
 	/**
 	 * {@code token_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Endpoint
 	 */
-	String TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED = "token_endpoint_auth_methods_supported";
+	public static final String TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED = "token_endpoint_auth_methods_supported";
 
 	/**
 	 * {@code jwks_uri} - the {@code URL} of the JSON Web Key Set
 	 */
-	String JWKS_URI = "jwks_uri";
+	public static final String JWKS_URI = "jwks_uri";
 
 	/**
 	 * {@code scopes_supported} - the OAuth 2.0 {@code scope} values supported
 	 */
-	String SCOPES_SUPPORTED = "scopes_supported";
+	public static final String SCOPES_SUPPORTED = "scopes_supported";
 
 	/**
 	 * {@code response_types_supported} - the OAuth 2.0 {@code response_type} values supported
 	 */
-	String RESPONSE_TYPES_SUPPORTED = "response_types_supported";
+	public static final String RESPONSE_TYPES_SUPPORTED = "response_types_supported";
 
 	/**
 	 * {@code grant_types_supported} - the OAuth 2.0 {@code grant_type} values supported
 	 */
-	String GRANT_TYPES_SUPPORTED = "grant_types_supported";
+	public static final String GRANT_TYPES_SUPPORTED = "grant_types_supported";
 
 	/**
 	 * {@code revocation_endpoint} - the {@code URL} of the OAuth 2.0 Token Revocation Endpoint
 	 */
-	String REVOCATION_ENDPOINT = "revocation_endpoint";
+	public static final String REVOCATION_ENDPOINT = "revocation_endpoint";
 
 	/**
 	 * {@code revocation_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Revocation Endpoint
 	 */
-	String REVOCATION_ENDPOINT_AUTH_METHODS_SUPPORTED = "revocation_endpoint_auth_methods_supported";
+	public static final String REVOCATION_ENDPOINT_AUTH_METHODS_SUPPORTED = "revocation_endpoint_auth_methods_supported";
 
 	/**
 	 * {@code introspection_endpoint} - the {@code URL} of the OAuth 2.0 Token Introspection Endpoint
 	 */
-	String INTROSPECTION_ENDPOINT = "introspection_endpoint";
+	public static final String INTROSPECTION_ENDPOINT = "introspection_endpoint";
 
 	/**
 	 * {@code introspection_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Introspection Endpoint
 	 */
-	String INTROSPECTION_ENDPOINT_AUTH_METHODS_SUPPORTED = "introspection_endpoint_auth_methods_supported";
+	public static final String INTROSPECTION_ENDPOINT_AUTH_METHODS_SUPPORTED = "introspection_endpoint_auth_methods_supported";
 
 	/**
 	 * {@code code_challenge_methods_supported} - the Proof Key for Code Exchange (PKCE) {@code code_challenge_method} values supported
 	 */
-	String CODE_CHALLENGE_METHODS_SUPPORTED = "code_challenge_methods_supported";
+	public static final String CODE_CHALLENGE_METHODS_SUPPORTED = "code_challenge_methods_supported";
+
+	protected OAuth2AuthorizationServerMetadataClaimNames() {
+	}
 
 }

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcClientMetadataClaimNames.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2021 the original author or authors.
+ * Copyright 2020-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -28,42 +28,42 @@ import org.springframework.security.oauth2.jwt.Jwt;
  * @since 0.1.1
  * @see <a target="_blank" href="https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata">2. Client Metadata</a>
  */
-public interface OidcClientMetadataClaimNames {
+public final class OidcClientMetadataClaimNames {
 
 	/**
 	 * {@code client_id} - the Client Identifier
 	 */
-	String CLIENT_ID = "client_id";
+	public static final String CLIENT_ID = "client_id";
 
 	/**
 	 * {@code client_id_issued_at} - the time at which the Client Identifier was issued
 	 */
-	String CLIENT_ID_ISSUED_AT = "client_id_issued_at";
+	public static final String CLIENT_ID_ISSUED_AT = "client_id_issued_at";
 
 	/**
 	 * {@code client_secret} - the Client Secret
 	 */
-	String CLIENT_SECRET = "client_secret";
+	public static final String CLIENT_SECRET = "client_secret";
 
 	/**
 	 * {@code client_secret_expires_at} - the time at which the {@code client_secret} will expire or 0 if it will not expire
 	 */
-	String CLIENT_SECRET_EXPIRES_AT = "client_secret_expires_at";
+	public static final String CLIENT_SECRET_EXPIRES_AT = "client_secret_expires_at";
 
 	/**
 	 * {@code client_name} - the name of the Client to be presented to the End-User
 	 */
-	String CLIENT_NAME = "client_name";
+	public static final String CLIENT_NAME = "client_name";
 
 	/**
 	 * {@code redirect_uris} - the redirection {@code URI} values used by the Client
 	 */
-	String REDIRECT_URIS = "redirect_uris";
+	public static final String REDIRECT_URIS = "redirect_uris";
 
 	/**
 	 * {@code token_endpoint_auth_method} - the authentication method used by the Client for the Token Endpoint
 	 */
-	String TOKEN_ENDPOINT_AUTH_METHOD = "token_endpoint_auth_method";
+	public static final String TOKEN_ENDPOINT_AUTH_METHOD = "token_endpoint_auth_method";
 
 	/**
 	 * {@code token_endpoint_auth_signing_alg} - the {@link JwsAlgorithm JWS} algorithm that must be used for signing the {@link Jwt JWT}
@@ -71,44 +71,47 @@ public interface OidcClientMetadataClaimNames {
 	 * {@link ClientAuthenticationMethod#CLIENT_SECRET_JWT client_secret_jwt} authentication methods
 	 * @since 0.2.2
 	 */
-	String TOKEN_ENDPOINT_AUTH_SIGNING_ALG = "token_endpoint_auth_signing_alg";
+	public static final String TOKEN_ENDPOINT_AUTH_SIGNING_ALG = "token_endpoint_auth_signing_alg";
 
 	/**
 	 * {@code grant_types} - the OAuth 2.0 {@code grant_type} values that the Client will restrict itself to using
 	 */
-	String GRANT_TYPES = "grant_types";
+	public static final String GRANT_TYPES = "grant_types";
 
 	/**
 	 * {@code response_types} - the OAuth 2.0 {@code response_type} values that the Client will restrict itself to using
 	 */
-	String RESPONSE_TYPES = "response_types";
+	public static final String RESPONSE_TYPES = "response_types";
 
 	/**
 	 * {@code scope} - a space-separated list of OAuth 2.0 {@code scope} values that the Client will restrict itself to using
 	 */
-	String SCOPE = "scope";
+	public static final String SCOPE = "scope";
 
 	/**
 	 * {@code jwks_uri} - the {@code URL} for the Client's JSON Web Key Set
 	 * @since 0.2.2
 	 */
-	String JWKS_URI = "jwks_uri";
+	public static final String JWKS_URI = "jwks_uri";
 
 	/**
 	 * {@code id_token_signed_response_alg} - the {@link JwsAlgorithm JWS} algorithm required for signing the {@link OidcIdToken ID Token} issued to the Client
 	 */
-	String ID_TOKEN_SIGNED_RESPONSE_ALG = "id_token_signed_response_alg";
+	public static final String ID_TOKEN_SIGNED_RESPONSE_ALG = "id_token_signed_response_alg";
 
 	/**
 	 * {@code registration_access_token} - the Registration Access Token that can be used at the Client Configuration Endpoint
 	 * @since 0.2.1
 	 */
-	String REGISTRATION_ACCESS_TOKEN = "registration_access_token";
+	public static final String REGISTRATION_ACCESS_TOKEN = "registration_access_token";
 
 	/**
 	 * {@code registration_client_uri} - the {@code URL} of the Client Configuration Endpoint where the Registration Access Token can be used
 	 * @since 0.2.1
 	 */
-	String REGISTRATION_CLIENT_URI = "registration_client_uri";
+	public static final String REGISTRATION_CLIENT_URI = "registration_client_uri";
+
+	private OidcClientMetadataClaimNames() {
+	}
 
 }

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java

@@ -27,22 +27,25 @@ import org.springframework.security.oauth2.jose.jws.JwsAlgorithm;
  * @see OAuth2AuthorizationServerMetadataClaimNames
  * @see <a target="_blank" href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata">3. OpenID Provider Metadata</a>
  */
-public interface OidcProviderMetadataClaimNames extends OAuth2AuthorizationServerMetadataClaimNames {
+public final class OidcProviderMetadataClaimNames extends OAuth2AuthorizationServerMetadataClaimNames {
 
 	/**
 	 * {@code subject_types_supported} - the Subject Identifier types supported
 	 */
-	String SUBJECT_TYPES_SUPPORTED = "subject_types_supported";
+	public static final String SUBJECT_TYPES_SUPPORTED = "subject_types_supported";
 
 	/**
 	 * {@code id_token_signing_alg_values_supported} - the {@link JwsAlgorithm JWS} signing algorithms supported for the {@link OidcIdToken ID Token}
 	 */
-	String ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = "id_token_signing_alg_values_supported";
+	public static final String ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = "id_token_signing_alg_values_supported";
 
 	/**
 	 * {@code userinfo_endpoint} - the {@code URL} of the OpenID Connect 1.0 UserInfo Endpoint
 	 * @since 0.2.2
 	 */
-	String USER_INFO_ENDPOINT = "userinfo_endpoint";
+	public static final String USER_INFO_ENDPOINT = "userinfo_endpoint";
+
+	private OidcProviderMetadataClaimNames() {
+	}
 
 }

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/OAuth2TokenClaimNames.java

@@ -27,43 +27,46 @@ import org.springframework.security.oauth2.core.OAuth2Token;
  * @see OAuth2TokenClaimsSet
  * @see OAuth2Token
  */
-public interface OAuth2TokenClaimNames {
+public final class OAuth2TokenClaimNames {
 
 	/**
 	 * {@code iss} - the Issuer claim identifies the principal that issued the OAuth 2.0 Token
 	 */
-	String ISS = "iss";
+	public static final String ISS = "iss";
 
 	/**
 	 * {@code sub} - the Subject claim identifies the principal that is the subject of the OAuth 2.0 Token
 	 */
-	String SUB = "sub";
+	public static final String SUB = "sub";
 
 	/**
 	 * {@code aud} - the Audience claim identifies the recipient(s) that the OAuth 2.0 Token is intended for
 	 */
-	String AUD = "aud";
+	public static final String AUD = "aud";
 
 	/**
 	 * {@code exp} - the Expiration time claim identifies the expiration time on or after
 	 * which the OAuth 2.0 Token MUST NOT be accepted for processing
 	 */
-	String EXP = "exp";
+	public static final String EXP = "exp";
 
 	/**
 	 * {@code nbf} - the Not Before claim identifies the time before which the OAuth 2.0 Token
 	 * MUST NOT be accepted for processing
 	 */
-	String NBF = "nbf";
+	public static final String NBF = "nbf";
 
 	/**
 	 * {@code iat} - The Issued at claim identifies the time at which the OAuth 2.0 Token was issued
 	 */
-	String IAT = "iat";
+	public static final String IAT = "iat";
 
 	/**
 	 * {@code jti} - The ID claim provides a unique identifier for the OAuth 2.0 Token
 	 */
-	String JTI = "jti";
+	public static final String JTI = "jti";
+
+	private OAuth2TokenClaimNames() {
+	}
 
 }