Startseite Erkunden Hilfe
Registrieren Anmelden
github
/
spring-security
Mirror von https://github.com/spring-projects/spring-security
2
0
Fork 0
Dateien Issues 0 Wiki
Quellcode durchsuchen

Make ClientRegistration.clientSecret optional

Fixes gh-5652
Joe Grandja vor 7 Jahren
Ursprung
8a0c6868cd
Commit
010d99a7d0
2 geänderte Dateien mit 27 neuen und 28 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 2 3
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
  2. 25 25
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java

+ 2 - 3
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
Datei anzeigen 

@@ -20,6 +20,7 @@ import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 
 import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
 import org.springframework.util.Assert;
 
+import org.springframework.util.StringUtils;
 
 
 import java.util.Arrays;
 
 import java.util.Collection;
 
@@ -463,7 +464,7 @@ public final class ClientRegistration {
 
 
 			clientRegistration.registrationId = this.registrationId;
 
 			clientRegistration.clientId = this.clientId;
 
-			clientRegistration.clientSecret = this.clientSecret;
 
+			clientRegistration.clientSecret = StringUtils.hasText(this.clientSecret) ? this.clientSecret : "";
 
 			clientRegistration.clientAuthenticationMethod = this.clientAuthenticationMethod;
 
 			clientRegistration.authorizationGrantType = this.authorizationGrantType;
 
 			clientRegistration.redirectUriTemplate = this.redirectUriTemplate;
 
@@ -488,7 +489,6 @@ public final class ClientRegistration {
 
 					() -> "authorizationGrantType must be " + AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
 
 			Assert.hasText(this.registrationId, "registrationId cannot be empty");
 
 			Assert.hasText(this.clientId, "clientId cannot be empty");
 
-			Assert.hasText(this.clientSecret, "clientSecret cannot be empty");
 
 			Assert.notNull(this.clientAuthenticationMethod, "clientAuthenticationMethod cannot be null");
 
 			Assert.hasText(this.redirectUriTemplate, "redirectUriTemplate cannot be empty");
 
 			Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty");
 
@@ -515,7 +515,6 @@ public final class ClientRegistration {
 
 					() -> "authorizationGrantType must be " + AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
 
 			Assert.hasText(this.registrationId, "registrationId cannot be empty");
 
 			Assert.hasText(this.clientId, "clientId cannot be empty");
 
-			Assert.hasText(this.clientSecret, "clientSecret cannot be empty");
 
 			Assert.notNull(this.clientAuthenticationMethod, "clientAuthenticationMethod cannot be null");
 
 			Assert.hasText(this.tokenUri, "tokenUri cannot be empty");
 
 		}

+ 25 - 25
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationTests.java
Datei anzeigen 

@@ -124,21 +124,22 @@ public class ClientRegistrationTests {
 
 			.build();
 
 	}
 
 
-	@Test(expected = IllegalArgumentException.class)
 
-	public void buildWhenAuthorizationCodeGrantClientSecretIsNullThenThrowIllegalArgumentException() {
 
-		ClientRegistration.withRegistrationId(REGISTRATION_ID)
 
-			.clientId(CLIENT_ID)
 
-			.clientSecret(null)
 
-			.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 
-			.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
 
-			.redirectUriTemplate(REDIRECT_URI)
 
-			.scope(SCOPES.toArray(new String[0]))
 
-			.authorizationUri(AUTHORIZATION_URI)
 
-			.tokenUri(TOKEN_URI)
 
-			.userInfoAuthenticationMethod(AuthenticationMethod.FORM)
 
-			.jwkSetUri(JWK_SET_URI)
 
-			.clientName(CLIENT_NAME)
 
-			.build();
 
+	@Test
 
+	public void buildWhenAuthorizationCodeGrantClientSecretIsNullThenDefaultToEmpty() {
 
+		ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(REGISTRATION_ID)
 
+				.clientId(CLIENT_ID)
 
+				.clientSecret(null)
 
+				.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 
+				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
 
+				.redirectUriTemplate(REDIRECT_URI)
 
+				.scope(SCOPES.toArray(new String[0]))
 
+				.authorizationUri(AUTHORIZATION_URI)
 
+				.tokenUri(TOKEN_URI)
 
+				.userInfoAuthenticationMethod(AuthenticationMethod.FORM)
 
+				.jwkSetUri(JWK_SET_URI)
 
+				.clientName(CLIENT_NAME)
 
+				.build();
 
+		assertThat(clientRegistration.getClientSecret()).isEqualTo("");
 
 	}
 
 
 	@Test(expected = IllegalArgumentException.class)
 
@@ -462,16 +463,15 @@ public class ClientRegistrationTests {
 
 	}
 
 
 	@Test
 
-	public void buildWhenClientCredentialsGrantClientSecretIsNullThenThrowIllegalArgumentException() {
 
-		assertThatThrownBy(() ->
 
-				ClientRegistration.withRegistrationId(REGISTRATION_ID)
 
-						.clientId(CLIENT_ID)
 
-						.clientSecret(null)
 
-						.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 
-						.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
 
-						.tokenUri(TOKEN_URI)
 
-						.build()
 
-		).isInstanceOf(IllegalArgumentException.class);
 
+	public void buildWhenClientCredentialsGrantClientSecretIsNullThenDefaultToEmpty() {
 
+		ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(REGISTRATION_ID)
 
+				.clientId(CLIENT_ID)
 
+				.clientSecret(null)
 
+				.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
 
+				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
 
+				.tokenUri(TOKEN_URI)
 
+				.build();
 
+		assertThat(clientRegistration.getClientSecret()).isEqualTo("");
 
 	}
 
 
 	@Test