Minor renames to oauth2 client properties

Fixes gh-4296

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeRequestRedirectFilter.java

@@ -127,7 +127,7 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
 				.clientId(clientRegistration.getClientId())
 				.authorizeUri(clientRegistration.getProviderDetails().getAuthorizationUri())
 				.redirectUri(redirectUriStr)
-				.scopes(clientRegistration.getScopes())
+				.scope(clientRegistration.getScope())
 				.state(this.stateGenerator.generateKey())
 				.build();
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/DefaultAuthorizationRequestUriBuilder.java

@@ -45,7 +45,7 @@ public class DefaultAuthorizationRequestUriBuilder implements AuthorizationReque
 		uriBuilder
 				.queryParam(OAuth2Parameter.CLIENT_ID, authorizationRequestAttributes.getClientId())
 				.queryParam(OAuth2Parameter.SCOPE,
-						authorizationRequestAttributes.getScopes().stream().collect(Collectors.joining(" ")))
+						authorizationRequestAttributes.getScope().stream().collect(Collectors.joining(" ")))
 				.queryParam(OAuth2Parameter.STATE, authorizationRequestAttributes.getState());
 
 		return uriBuilder.build().encode().toUri();

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java

@@ -36,9 +36,9 @@ public class ClientRegistration {
 	private String clientId;
 	private String clientSecret;
 	private ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC;
-	private AuthorizationGrantType authorizedGrantType;
+	private AuthorizationGrantType authorizationGrantType;
 	private String redirectUri;
-	private Set<String> scopes = Collections.emptySet();
+	private Set<String> scope = Collections.emptySet();
 	private ProviderDetails providerDetails = new ProviderDetails();
 	private String clientName;
 	private String clientAlias;
@@ -70,12 +70,12 @@ public class ClientRegistration {
 		this.clientAuthenticationMethod = clientAuthenticationMethod;
 	}
 
-	public AuthorizationGrantType getAuthorizedGrantType() {
-		return this.authorizedGrantType;
+	public AuthorizationGrantType getAuthorizationGrantType() {
+		return this.authorizationGrantType;
 	}
 
-	protected void setAuthorizedGrantType(AuthorizationGrantType authorizedGrantType) {
-		this.authorizedGrantType = authorizedGrantType;
+	protected void setAuthorizationGrantType(AuthorizationGrantType authorizationGrantType) {
+		this.authorizationGrantType = authorizationGrantType;
 	}
 
 	public String getRedirectUri() {
@@ -86,12 +86,12 @@ public class ClientRegistration {
 		this.redirectUri = redirectUri;
 	}
 
-	public Set<String> getScopes() {
-		return this.scopes;
+	public Set<String> getScope() {
+		return this.scope;
 	}
 
-	protected void setScopes(Set<String> scopes) {
-		this.scopes = scopes;
+	protected void setScope(Set<String> scope) {
+		this.scope = scope;
 	}
 
 	public ProviderDetails getProviderDetails() {
@@ -164,9 +164,9 @@ public class ClientRegistration {
 		protected String clientId;
 		protected String clientSecret;
 		protected ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC;
-		protected AuthorizationGrantType authorizedGrantType;
+		protected AuthorizationGrantType authorizationGrantType;
 		protected String redirectUri;
-		protected Set<String> scopes;
+		protected Set<String> scope;
 		protected String authorizationUri;
 		protected String tokenUri;
 		protected String userInfoUri;
@@ -182,10 +182,10 @@ public class ClientRegistration {
 			this(clientRegistrationProperties.getClientId());
 			this.clientSecret(clientRegistrationProperties.getClientSecret());
 			this.clientAuthenticationMethod(clientRegistrationProperties.getClientAuthenticationMethod());
-			this.authorizedGrantType(clientRegistrationProperties.getAuthorizedGrantType());
+			this.authorizationGrantType(clientRegistrationProperties.getAuthorizationGrantType());
 			this.redirectUri(clientRegistrationProperties.getRedirectUri());
-			if (!CollectionUtils.isEmpty(clientRegistrationProperties.getScopes())) {
-				this.scopes(clientRegistrationProperties.getScopes().stream().toArray(String[]::new));
+			if (!CollectionUtils.isEmpty(clientRegistrationProperties.getScope())) {
+				this.scope(clientRegistrationProperties.getScope().stream().toArray(String[]::new));
 			}
 			this.authorizationUri(clientRegistrationProperties.getAuthorizationUri());
 			this.tokenUri(clientRegistrationProperties.getTokenUri());
@@ -199,10 +199,10 @@ public class ClientRegistration {
 			this(clientRegistration.getClientId());
 			this.clientSecret(clientRegistration.getClientSecret());
 			this.clientAuthenticationMethod(clientRegistration.getClientAuthenticationMethod());
-			this.authorizedGrantType(clientRegistration.getAuthorizedGrantType());
+			this.authorizationGrantType(clientRegistration.getAuthorizationGrantType());
 			this.redirectUri(clientRegistration.getRedirectUri());
-			if (!CollectionUtils.isEmpty(clientRegistration.getScopes())) {
-				this.scopes(clientRegistration.getScopes().stream().toArray(String[]::new));
+			if (!CollectionUtils.isEmpty(clientRegistration.getScope())) {
+				this.scope(clientRegistration.getScope().stream().toArray(String[]::new));
 			}
 			this.authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri());
 			this.tokenUri(clientRegistration.getProviderDetails().getTokenUri());
@@ -222,8 +222,8 @@ public class ClientRegistration {
 			return this;
 		}
 
-		public Builder authorizedGrantType(AuthorizationGrantType authorizedGrantType) {
-			this.authorizedGrantType = authorizedGrantType;
+		public Builder authorizationGrantType(AuthorizationGrantType authorizationGrantType) {
+			this.authorizationGrantType = authorizationGrantType;
 			return this;
 		}
 
@@ -232,10 +232,10 @@ public class ClientRegistration {
 			return this;
 		}
 
-		public Builder scopes(String... scopes) {
-			if (scopes != null && scopes.length > 0) {
-				this.scopes = Collections.unmodifiableSet(
-						new LinkedHashSet<>(Arrays.asList(scopes)));
+		public Builder scope(String... scope) {
+			if (scope != null && scope.length > 0) {
+				this.scope = Collections.unmodifiableSet(
+						new LinkedHashSet<>(Arrays.asList(scope)));
 			}
 			return this;
 		}
@@ -281,9 +281,9 @@ public class ClientRegistration {
 			clientRegistration.setClientId(this.clientId);
 			clientRegistration.setClientSecret(this.clientSecret);
 			clientRegistration.setClientAuthenticationMethod(this.clientAuthenticationMethod);
-			clientRegistration.setAuthorizedGrantType(this.authorizedGrantType);
+			clientRegistration.setAuthorizationGrantType(this.authorizationGrantType);
 			clientRegistration.setRedirectUri(this.redirectUri);
-			clientRegistration.setScopes(this.scopes);
+			clientRegistration.setScope(this.scope);
 
 			ProviderDetails providerDetails = clientRegistration.new ProviderDetails();
 			providerDetails.setAuthorizationUri(this.authorizationUri);
@@ -297,13 +297,13 @@ public class ClientRegistration {
 		}
 
 		protected void validateClientWithAuthorizationCodeGrantType() {
-			Assert.isTrue(AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizedGrantType),
-				"authorizedGrantType must be " + AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
+			Assert.isTrue(AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType),
+				"authorizationGrantType must be " + AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
 			Assert.hasText(this.clientId, "clientId cannot be empty");
 			Assert.hasText(this.clientSecret, "clientSecret cannot be empty");
 			Assert.notNull(this.clientAuthenticationMethod, "clientAuthenticationMethod cannot be null");
 			Assert.hasText(this.redirectUri, "redirectUri cannot be empty");
-			Assert.notEmpty(this.scopes, "scopes cannot be empty");
+			Assert.notEmpty(this.scope, "scope cannot be empty");
 			Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty");
 			Assert.hasText(this.tokenUri, "tokenUri cannot be empty");
 			Assert.hasText(this.userInfoUri, "userInfoUri cannot be empty");

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrationProperties.java

@@ -36,9 +36,9 @@ public class ClientRegistrationProperties {
 	private String clientId;
 	private String clientSecret;
 	private ClientAuthenticationMethod clientAuthenticationMethod = ClientAuthenticationMethod.BASIC;
-	private AuthorizationGrantType authorizedGrantType;
+	private AuthorizationGrantType authorizationGrantType;
 	private String redirectUri;
-	private Set<String> scopes;
+	private Set<String> scope;
 	private String authorizationUri;
 	private String tokenUri;
 	private String userInfoUri;
@@ -71,12 +71,12 @@ public class ClientRegistrationProperties {
 		this.clientAuthenticationMethod = clientAuthenticationMethod;
 	}
 
-	public AuthorizationGrantType getAuthorizedGrantType() {
-		return this.authorizedGrantType;
+	public AuthorizationGrantType getAuthorizationGrantType() {
+		return this.authorizationGrantType;
 	}
 
-	public void setAuthorizedGrantType(AuthorizationGrantType authorizedGrantType) {
-		this.authorizedGrantType = authorizedGrantType;
+	public void setAuthorizationGrantType(AuthorizationGrantType authorizationGrantType) {
+		this.authorizationGrantType = authorizationGrantType;
 	}
 
 	public String getRedirectUri() {
@@ -87,12 +87,12 @@ public class ClientRegistrationProperties {
 		this.redirectUri = redirectUri;
 	}
 
-	public Set<String> getScopes() {
-		return this.scopes;
+	public Set<String> getScope() {
+		return this.scope;
 	}
 
-	public void setScopes(Set<String> scopes) {
-		this.scopes = scopes;
+	public void setScope(Set<String> scope) {
+		this.scope = scope;
 	}
 
 	public String getAuthorizationUri() {

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationProcessingFilterTests.java

@@ -236,7 +236,7 @@ public class AuthorizationCodeAuthenticationProcessingFilterTests {
 				.clientId(clientRegistration.getClientId())
 				.authorizeUri(clientRegistration.getProviderDetails().getAuthorizationUri())
 				.redirectUri(clientRegistration.getRedirectUri())
-				.scopes(clientRegistration.getScopes())
+				.scope(clientRegistration.getScope())
 				.state(state)
 				.build();
 

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeRequestRedirectFilterTests.java

@@ -115,7 +115,7 @@ public class AuthorizationCodeRequestRedirectFilterTests {
 		assertThat(authorizationRequestAttributes.getResponseType()).isNotNull();
 		assertThat(authorizationRequestAttributes.getClientId()).isNotNull();
 		assertThat(authorizationRequestAttributes.getRedirectUri()).isNotNull();
-		assertThat(authorizationRequestAttributes.getScopes()).isNotNull();
+		assertThat(authorizationRequestAttributes.getScope()).isNotNull();
 		assertThat(authorizationRequestAttributes.getState()).isNotNull();
 	}
 

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/TestUtil.java

@@ -49,14 +49,14 @@ class TestUtil {
 		ClientRegistrationProperties clientRegistrationProperties = new ClientRegistrationProperties();
 		clientRegistrationProperties.setClientId("google-client-id");
 		clientRegistrationProperties.setClientSecret("secret");
-		clientRegistrationProperties.setAuthorizedGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
+		clientRegistrationProperties.setAuthorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
 		clientRegistrationProperties.setClientName("Google Client");
 		clientRegistrationProperties.setClientAlias(GOOGLE_CLIENT_ALIAS);
 		clientRegistrationProperties.setAuthorizationUri("https://accounts.google.com/o/oauth2/auth");
 		clientRegistrationProperties.setTokenUri("https://accounts.google.com/o/oauth2/token");
 		clientRegistrationProperties.setUserInfoUri("https://www.googleapis.com/oauth2/v3/userinfo");
 		clientRegistrationProperties.setRedirectUri(redirectUri);
-		clientRegistrationProperties.setScopes(Arrays.stream(new String[] {"openid", "email", "profile"}).collect(Collectors.toSet()));
+		clientRegistrationProperties.setScope(Arrays.stream(new String[] {"openid", "email", "profile"}).collect(Collectors.toSet()));
 		return new ClientRegistration.Builder(clientRegistrationProperties).build();
 	}
 
@@ -68,14 +68,14 @@ class TestUtil {
 		ClientRegistrationProperties clientRegistrationProperties = new ClientRegistrationProperties();
 		clientRegistrationProperties.setClientId("github-client-id");
 		clientRegistrationProperties.setClientSecret("secret");
-		clientRegistrationProperties.setAuthorizedGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
+		clientRegistrationProperties.setAuthorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
 		clientRegistrationProperties.setClientName("GitHub Client");
 		clientRegistrationProperties.setClientAlias(GITHUB_CLIENT_ALIAS);
 		clientRegistrationProperties.setAuthorizationUri("https://github.com/login/oauth/authorize");
 		clientRegistrationProperties.setTokenUri("https://github.com/login/oauth/access_token");
 		clientRegistrationProperties.setUserInfoUri("https://api.github.com/user");
 		clientRegistrationProperties.setRedirectUri(redirectUri);
-		clientRegistrationProperties.setScopes(Arrays.stream(new String[] {"user"}).collect(Collectors.toSet()));
+		clientRegistrationProperties.setScope(Arrays.stream(new String[] {"user"}).collect(Collectors.toSet()));
 		return new ClientRegistration.Builder(clientRegistrationProperties).build();
 	}
 }

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributes.java

@@ -41,7 +41,7 @@ public final class AuthorizationRequestAttributes implements Serializable {
 	private ResponseType responseType;
 	private String clientId;
 	private String redirectUri;
-	private Set<String> scopes;
+	private Set<String> scope;
 	private String state;
 
 	private AuthorizationRequestAttributes() {
@@ -67,8 +67,8 @@ public final class AuthorizationRequestAttributes implements Serializable {
 		return this.redirectUri;
 	}
 
-	public Set<String> getScopes() {
-		return this.scopes;
+	public Set<String> getScope() {
+		return this.scope;
 	}
 
 	public String getState() {
@@ -106,9 +106,9 @@ public final class AuthorizationRequestAttributes implements Serializable {
 			return this;
 		}
 
-		public Builder scopes(Set<String> scopes) {
-			this.authorizationRequest.scopes = Collections.unmodifiableSet(
-				CollectionUtils.isEmpty(scopes) ? Collections.emptySet() : new LinkedHashSet<>(scopes));
+		public Builder scope(Set<String> scope) {
+			this.authorizationRequest.scope = Collections.unmodifiableSet(
+				CollectionUtils.isEmpty(scope) ? Collections.emptySet() : new LinkedHashSet<>(scope));
 			return this;
 		}
 

oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestAttributesTest.java

@@ -32,7 +32,7 @@ public class AuthorizationRequestAttributesTest {
 	private static final String AUTHORIZE_URI = "http://authorize.uri/";
 	private static final String CLIENT_ID = "client id";
 	private static final String REDIRECT_URI = "http://redirect.uri/";
-	private static final Set<String> SCOPES = Collections.singleton("scope");
+	private static final Set<String> SCOPE = Collections.singleton("scope");
 	private static final String STATE = "xyz";
 
 	@Test(expected = IllegalArgumentException.class)
@@ -41,7 +41,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(null)
 			.clientId(CLIENT_ID)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build();
 	}
@@ -51,7 +51,7 @@ public class AuthorizationRequestAttributesTest {
 		AuthorizationRequestAttributes.withAuthorizationCode()
 			.clientId(CLIENT_ID)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build();
 	}
@@ -62,7 +62,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(null)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build();
 	}
@@ -72,7 +72,7 @@ public class AuthorizationRequestAttributesTest {
 		AuthorizationRequestAttributes.withAuthorizationCode()
 			.authorizeUri(AUTHORIZE_URI)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build();
 	}
@@ -84,7 +84,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(CLIENT_ID)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build();
 
@@ -97,7 +97,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(CLIENT_ID)
 			.redirectUri(null)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build()).doesNotThrowAnyException();
 	}
@@ -107,7 +107,7 @@ public class AuthorizationRequestAttributesTest {
 		assertThatCode(() -> AuthorizationRequestAttributes.withAuthorizationCode()
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(CLIENT_ID)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(STATE)
 			.build()).doesNotThrowAnyException();
 	}
@@ -118,7 +118,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(CLIENT_ID)
 			.redirectUri(REDIRECT_URI)
-			.scopes(null)
+			.scope(null)
 			.state(STATE)
 			.build()).doesNotThrowAnyException();
 	}
@@ -139,7 +139,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(CLIENT_ID)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.state(null)
 			.build()).doesNotThrowAnyException();
 	}
@@ -150,7 +150,7 @@ public class AuthorizationRequestAttributesTest {
 			.authorizeUri(AUTHORIZE_URI)
 			.clientId(CLIENT_ID)
 			.redirectUri(REDIRECT_URI)
-			.scopes(SCOPES)
+			.scope(SCOPE)
 			.build()).doesNotThrowAnyException();
 	}
 }

samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java

@@ -137,7 +137,7 @@ public class OAuth2LoginApplicationTests {
 		String redirectUri = AUTHORIZE_BASE_URL + "/" + this.githubClientRegistration.getClientAlias();
 		assertThat(URLDecoder.decode(params.get(OAuth2Parameter.REDIRECT_URI), "UTF-8")).isEqualTo(redirectUri);
 		assertThat(URLDecoder.decode(params.get(OAuth2Parameter.SCOPE), "UTF-8"))
-				.isEqualTo(this.githubClientRegistration.getScopes().stream().collect(Collectors.joining(" ")));
+				.isEqualTo(this.githubClientRegistration.getScope().stream().collect(Collectors.joining(" ")));
 		assertThat(params.get(OAuth2Parameter.STATE)).isNotNull();
 	}
 

samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml

@@ -3,9 +3,9 @@ security:
     client:
       google:
         client-authentication-method: basic
-        authorized-grant-type: authorization_code
+        authorization-grant-type: authorization_code
         redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{clientAlias}"
-        scopes: openid, profile, email, address, phone
+        scope: openid, profile, email, address, phone
         authorization-uri: "https://accounts.google.com/o/oauth2/auth"
         token-uri: "https://accounts.google.com/o/oauth2/token"
         user-info-uri: "https://www.googleapis.com/oauth2/v3/userinfo"
@@ -14,9 +14,9 @@ security:
         client-alias: google
       github:
         client-authentication-method: basic
-        authorized-grant-type: authorization_code
+        authorization-grant-type: authorization_code
         redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{clientAlias}"
-        scopes: user
+        scope: user
         authorization-uri: "https://github.com/login/oauth/authorize"
         token-uri: "https://github.com/login/oauth/access_token"
         user-info-uri: "https://api.github.com/user"
@@ -25,9 +25,9 @@ security:
         client-alias: github
       facebook:
         client-authentication-method: post
-        authorized-grant-type: authorization_code
+        authorization-grant-type: authorization_code
         redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{clientAlias}"
-        scopes: public_profile, email
+        scope: public_profile, email
         authorization-uri: "https://www.facebook.com/v2.8/dialog/oauth"
         token-uri: "https://graph.facebook.com/v2.8/oauth/access_token"
         user-info-uri: "https://graph.facebook.com/me"
@@ -36,8 +36,8 @@ security:
         client-alias: facebook
       okta:
         client-authentication-method: basic
-        authorized-grant-type: authorization_code
+        authorization-grant-type: authorization_code
         redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{clientAlias}"
-        scopes: openid, profile, email, address, phone
+        scope: openid, profile, email, address, phone
         client-name: Okta
         client-alias: okta