탐색 도움말
가입하기 로그인
github
/
spring-security
의 미러 https://github.com/spring-projects/spring-security
2
0
포크 0
파일 이슈 0 위키
소스 검색

Polish class names in oauth2-core

Fixes gh-4720
Joe Grandja 7 년 전
부모
2060125ebd
커밋
34668e05af
47개의 변경된 파일377개의 추가작업 그리고 379개의 파일을 삭제
분할 보기 변경상태 보기
  1. 3 3
      config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
  2. 3 3
      config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java
  3. 3 3
      config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java
  4. 5 5
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClient.java
  5. 8 8
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java
  6. 3 3
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationGrantTokenExchanger.java
  7. 8 8
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/NimbusAuthorizationCodeTokenExchanger.java
  8. 10 10
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProvider.java
  9. 3 3
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AuthorizationRequestUriBuilder.java
  10. 9 9
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationRequestUriBuilder.java
  11. 6 6
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/OidcAuthorizedClient.java
  12. 18 18
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
  13. 7 7
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java
  14. 2 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
  15. 8 8
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/InMemoryAccessTokenRepository.java
  16. 8 8
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilter.java
  17. 6 6
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
  18. 8 8
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java
  19. 30 30
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
  20. 2 2
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationRequestUriBuilderTests.java
  21. 3 3
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilterTests.java
  22. 15 15
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java
  23. 3 3
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java
  24. 1 1
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2ErrorCodes.java
  25. 13 13
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java
  26. 9 9
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchange.java
  27. 10 10
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
  28. 4 4
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java
  29. 5 5
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseType.java
  30. 2 2
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2ParameterNames.java
  31. 1 1
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/AddressStandardClaim.java
  32. 6 6
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java
  33. 15 15
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimAccessor.java
  34. 3 3
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimNames.java
  35. 3 3
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcIdToken.java
  36. 5 5
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcScopes.java
  37. 4 4
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcUserInfo.java
  38. 25 25
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimAccessor.java
  39. 2 2
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimNames.java
  40. 2 2
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/endpoint/OidcParameterNames.java
  41. 17 18
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUser.java
  42. 6 6
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUser.java
  43. 9 10
      oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java
  44. 9 9
      oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponseTests.java
  45. 15 15
      oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequestTests.java
  46. 16 16
      oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUserTests.java
  47. 24 24
      samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java

+ 3 - 3
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
파일 보기 

@@ -42,7 +42,7 @@ import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
 
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter;
 
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
 
 import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
 import org.springframework.security.oauth2.core.user.OAuth2User;
 
 import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
 
@@ -134,7 +134,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 
 
 	public class TokenEndpointConfig {
 
 		private AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> authorizationCodeTokenExchanger;
 
-		private OAuth2TokenRepository<AccessToken> accessTokenRepository;
 
+		private OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository;
 
 		private JwtDecoderRegistry jwtDecoderRegistry;
 
 
 		private TokenEndpointConfig() {
 
@@ -148,7 +148,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 
 			return this;
 
 		}
 
 
-		public TokenEndpointConfig accessTokenRepository(OAuth2TokenRepository<AccessToken> accessTokenRepository) {
 
+		public TokenEndpointConfig accessTokenRepository(OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository) {
 
 			Assert.notNull(accessTokenRepository, "accessTokenRepository cannot be null");
 
 			this.accessTokenRepository = accessTokenRepository;
 
 			return this;

+ 3 - 3
config/src/main/java/org/springframework/security/config/oauth2/client/CommonOAuth2Provider.java
파일 보기 

@@ -19,7 +19,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration.Builder;
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 
-import org.springframework.security.oauth2.core.oidc.IdTokenClaim;
 
+import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
 
 
 /**
 
  * Common OAuth2 Providers that can be used to create
 
@@ -42,7 +42,7 @@ public enum CommonOAuth2Provider {
 
 			builder.tokenUri("https://www.googleapis.com/oauth2/v4/token");
 
 			builder.jwkSetUri("https://www.googleapis.com/oauth2/v3/certs");
 
 			builder.userInfoUri("https://www.googleapis.com/oauth2/v3/userinfo");
 
-			builder.userNameAttributeName(IdTokenClaim.SUB);
 
+			builder.userNameAttributeName(IdTokenClaimNames.SUB);
 
 			builder.clientName("Google");
 
 			return builder;
 
 		}
 
@@ -87,7 +87,7 @@ public enum CommonOAuth2Provider {
 
 			ClientRegistration.Builder builder = getBuilder(registrationId,
 
 					ClientAuthenticationMethod.BASIC, DEFAULT_LOGIN_REDIRECT_URL);
 
 			builder.scope("openid", "profile", "email", "address", "phone");
 
-			builder.userNameAttributeName(IdTokenClaim.SUB);
 
+			builder.userNameAttributeName(IdTokenClaimNames.SUB);
 
 			builder.clientName("Okta");
 
 			return builder;
 
 		}

+ 3 - 3
config/src/test/java/org/springframework/security/config/oauth2/client/CommonOAuth2ProviderTests.java
파일 보기 

@@ -20,7 +20,7 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails;
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 
-import org.springframework.security.oauth2.core.oidc.IdTokenClaim;
 
+import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
 
 
 import static org.assertj.core.api.Assertions.assertThat;
 
 
@@ -44,7 +44,7 @@ public class CommonOAuth2ProviderTests {
 
 		assertThat(providerDetails.getUserInfoEndpoint().getUri())
 
 			.isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo");
 
 		assertThat(providerDetails.getUserInfoEndpoint().getUserNameAttributeName())
 
-			.isEqualTo(IdTokenClaim.SUB);
 
+			.isEqualTo(IdTokenClaimNames.SUB);
 
 		assertThat(providerDetails.getJwkSetUri())
 
 			.isEqualTo("https://www.googleapis.com/oauth2/v3/certs");
 
 		assertThat(registration.getClientAuthenticationMethod())
 
@@ -117,7 +117,7 @@ public class CommonOAuth2ProviderTests {
 
 		assertThat(providerDetails.getTokenUri()).isEqualTo("http://example.com/token");
 
 		assertThat(providerDetails.getUserInfoEndpoint().getUri()).isEqualTo("http://example.com/info");
 
 		assertThat(providerDetails.getUserInfoEndpoint().getUserNameAttributeName())
 
-			.isEqualTo(IdTokenClaim.SUB);
 
+			.isEqualTo(IdTokenClaimNames.SUB);
 
 		assertThat(providerDetails.getJwkSetUri()).isEqualTo("http://example.com/jwkset");
 
 		assertThat(registration.getClientAuthenticationMethod())
 
 			.isEqualTo(ClientAuthenticationMethod.BASIC);

+ 5 - 5
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClient.java
파일 보기 

@@ -16,7 +16,7 @@
 
 package org.springframework.security.oauth2.client;
 
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.util.Assert;
 
 
 /**
 
@@ -32,15 +32,15 @@ import org.springframework.util.Assert;
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see ClientRegistration
 
- * @see AccessToken
 
+ * @see OAuth2AccessToken
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-5.1">Section 5.1 Access Token Response</a>
 
  */
 
 public class OAuth2AuthorizedClient {
 
 	private final ClientRegistration clientRegistration;
 
 	private final String principalName;
 
-	private final AccessToken accessToken;
 
+	private final OAuth2AccessToken accessToken;
 
 
-	public OAuth2AuthorizedClient(ClientRegistration clientRegistration, String principalName, AccessToken accessToken) {
 
+	public OAuth2AuthorizedClient(ClientRegistration clientRegistration, String principalName, OAuth2AccessToken accessToken) {
 
 		Assert.notNull(clientRegistration, "clientRegistration cannot be null");
 
 		Assert.hasText(principalName, "principalName cannot be empty");
 
 		Assert.notNull(accessToken, "accessToken cannot be null");
 
@@ -57,7 +57,7 @@ public class OAuth2AuthorizedClient {
 
 		return this.principalName;
 
 	}
 
 
-	public AccessToken getAccessToken() {
 
+	public OAuth2AccessToken getAccessToken() {
 
 		return this.accessToken;
 
 	}
 
 }

+ 8 - 8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationToken.java
파일 보기 

@@ -17,9 +17,9 @@ package org.springframework.security.oauth2.client.authentication;
 
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationExchange;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
 
 import org.springframework.util.Assert;
 
 
 /**
 
@@ -30,16 +30,16 @@ import org.springframework.util.Assert;
 
  * @since 5.0
 
  * @see AuthorizationGrantAuthenticationToken
 
  * @see ClientRegistration
 
- * @see AuthorizationRequest
 
- * @see AuthorizationResponse
 
+ * @see OAuth2AuthorizationRequest
 
+ * @see OAuth2AuthorizationResponse
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3.1">Section 1.3.1 Authorization Code Grant</a>
 
  */
 
 public class AuthorizationCodeAuthenticationToken extends AuthorizationGrantAuthenticationToken {
 
 	private final ClientRegistration clientRegistration;
 
-	private final AuthorizationExchange authorizationExchange;
 
+	private final OAuth2AuthorizationExchange authorizationExchange;
 
 
 	public AuthorizationCodeAuthenticationToken(ClientRegistration clientRegistration,
 
-												AuthorizationExchange authorizationExchange) {
 
+												OAuth2AuthorizationExchange authorizationExchange) {
 
 
 		super(AuthorizationGrantType.AUTHORIZATION_CODE);
 
 		Assert.notNull(clientRegistration, "clientRegistration cannot be null");
 
@@ -63,7 +63,7 @@ public class AuthorizationCodeAuthenticationToken extends AuthorizationGrantAuth
 
 		return this.clientRegistration;
 
 	}
 
 
-	public AuthorizationExchange getAuthorizationExchange() {
 
+	public OAuth2AuthorizationExchange getAuthorizationExchange() {
 
 		return this.authorizationExchange;
 
 	}
 
 }

+ 3 - 3
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationGrantTokenExchanger.java
파일 보기 

@@ -18,7 +18,7 @@ package org.springframework.security.oauth2.client.authentication;
 
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
-import org.springframework.security.oauth2.core.endpoint.TokenResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 
 
 /**
 
  * Implementations of this interface are responsible for <i>&quot;exchanging&quot;</i>
 
@@ -29,13 +29,13 @@ import org.springframework.security.oauth2.core.endpoint.TokenResponse;
 
  * @since 5.0
 
  * @see AuthorizationGrantType
 
  * @see AuthorizationGrantAuthenticationToken
 
- * @see TokenResponse
 
+ * @see OAuth2AccessTokenResponse
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.3">Section 1.3 Authorization Grant</a>
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request (Authorization Code Grant)</a>
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response (Authorization Code Grant)</a>
 
  */
 
 public interface AuthorizationGrantTokenExchanger<T extends AuthorizationGrantAuthenticationToken>  {
 
 
-	TokenResponse exchange(T authorizationGrantAuthentication) throws OAuth2AuthenticationException;
 
+	OAuth2AccessTokenResponse exchange(T authorizationGrantAuthentication) throws OAuth2AuthenticationException;
 
 
 }

+ 8 - 8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/NimbusAuthorizationCodeTokenExchanger.java
파일 보기 

@@ -33,11 +33,11 @@ import com.nimbusds.oauth2.sdk.id.ClientID;
 
 import org.springframework.http.MediaType;
 
 import org.springframework.security.authentication.AuthenticationServiceException;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
 import org.springframework.security.oauth2.core.OAuth2Error;
 
-import org.springframework.security.oauth2.core.endpoint.TokenResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 
 import org.springframework.util.CollectionUtils;
 
 
 import java.io.IOException;
 
@@ -59,7 +59,7 @@ import java.util.Set;
 
  * @since 5.0
 
  * @see AuthorizationGrantTokenExchanger
 
  * @see AuthorizationCodeAuthenticationToken
 
- * @see TokenResponse
 
+ * @see OAuth2AccessTokenResponse
 
  * @see <a target="_blank" href="https://connect2id.com/products/nimbus-oauth-openid-connect-sdk">Nimbus OAuth 2.0 SDK</a>
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request (Authorization Code Grant)</a>
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.4">Section 4.1.4 Access Token Response (Authorization Code Grant)</a>
 
@@ -68,7 +68,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant
 
 	private static final String INVALID_TOKEN_RESPONSE_ERROR_CODE = "invalid_token_response";
 
 
 	@Override
 
-	public TokenResponse exchange(AuthorizationCodeAuthenticationToken authorizationCodeAuthentication)
 
+	public OAuth2AccessTokenResponse exchange(AuthorizationCodeAuthenticationToken authorizationCodeAuthentication)
 
 			throws OAuth2AuthenticationException {
 
 
 		ClientRegistration clientRegistration = authorizationCodeAuthentication.getClientRegistration();
 
@@ -117,9 +117,9 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant
 
 		AccessTokenResponse accessTokenResponse = (AccessTokenResponse) tokenResponse;
 
 
 		String accessToken = accessTokenResponse.getTokens().getAccessToken().getValue();
 
-		AccessToken.TokenType accessTokenType = null;
 
-		if (AccessToken.TokenType.BEARER.getValue().equalsIgnoreCase(accessTokenResponse.getTokens().getAccessToken().getType().getValue())) {
 
-			accessTokenType = AccessToken.TokenType.BEARER;
 
+		OAuth2AccessToken.TokenType accessTokenType = null;
 
+		if (OAuth2AccessToken.TokenType.BEARER.getValue().equalsIgnoreCase(accessTokenResponse.getTokens().getAccessToken().getType().getValue())) {
 
+			accessTokenType = OAuth2AccessToken.TokenType.BEARER;
 
 		}
 
 		long expiresIn = accessTokenResponse.getTokens().getAccessToken().getLifetime();
 
 
@@ -138,7 +138,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant
 
 
 		Map<String, Object> additionalParameters = new LinkedHashMap<>(accessTokenResponse.getCustomParameters());
 
 
-		return TokenResponse.withToken(accessToken)
 
+		return OAuth2AccessTokenResponse.withToken(accessToken)
 
 			.tokenType(accessTokenType)
 
 			.expiresIn(expiresIn)
 
 			.scopes(scopes)

+ 10 - 10
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProvider.java
파일 보기 

@@ -22,12 +22,12 @@ import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
 import org.springframework.security.oauth2.core.OAuth2Error;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
 
-import org.springframework.security.oauth2.core.endpoint.TokenResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 
 import org.springframework.security.oauth2.core.user.OAuth2User;
 
 import org.springframework.util.Assert;
 
 
@@ -88,9 +88,9 @@ public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider
 
 			return null;
 
 		}
 
 
-		AuthorizationRequest authorizationRequest = authorizationCodeAuthentication
 
+		OAuth2AuthorizationRequest authorizationRequest = authorizationCodeAuthentication
 
 			.getAuthorizationExchange().getAuthorizationRequest();
 
-		AuthorizationResponse authorizationResponse = authorizationCodeAuthentication
 
+		OAuth2AuthorizationResponse authorizationResponse = authorizationCodeAuthentication
 
 			.getAuthorizationExchange().getAuthorizationResponse();
 
 
 		if (authorizationResponse.statusError()) {
 
@@ -108,12 +108,12 @@ public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider
 
 			throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
 
 		}
 
 
-		TokenResponse tokenResponse =
 
+		OAuth2AccessTokenResponse accessTokenResponse =
 
 			this.authorizationCodeTokenExchanger.exchange(authorizationCodeAuthentication);
 
 
-		AccessToken accessToken = new AccessToken(tokenResponse.getTokenType(),
 
-			tokenResponse.getTokenValue(), tokenResponse.getIssuedAt(),
 
-			tokenResponse.getExpiresAt(), tokenResponse.getScopes());
 
+		OAuth2AccessToken accessToken = new OAuth2AccessToken(accessTokenResponse.getTokenType(),
 
+			accessTokenResponse.getTokenValue(), accessTokenResponse.getIssuedAt(),
 
+			accessTokenResponse.getExpiresAt(), accessTokenResponse.getScopes());
 
 
 		OAuth2AuthorizedClient oauth2AuthorizedClient = new OAuth2AuthorizedClient(
 
 			authorizationCodeAuthentication.getClientRegistration(), "unknown", accessToken);

+ 3 - 3
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AuthorizationRequestUriBuilder.java
파일 보기 

@@ -16,7 +16,7 @@
 
 package org.springframework.security.oauth2.client.endpoint;
 
 
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
 
 import java.net.URI;
 
 
@@ -37,10 +37,10 @@ import java.net.URI;
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see AuthorizationRequest
 
+ * @see OAuth2AuthorizationRequest
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.1">Section 4.1.1 Authorization Request</a>
 
  */
 
 public interface AuthorizationRequestUriBuilder {
 
 
-	URI build(AuthorizationRequest authorizationRequest);
 
+	URI build(OAuth2AuthorizationRequest authorizationRequest);
 
 }

+ 9 - 9
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationRequestUriBuilder.java
파일 보기 

@@ -15,8 +15,8 @@
 
  */
 
 package org.springframework.security.oauth2.client.endpoint;
 
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
-import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.util.StringUtils;
 
 import org.springframework.web.util.UriComponentsBuilder;
 
 
@@ -30,23 +30,23 @@ import java.util.Set;
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see AuthorizationRequestUriBuilder
 
- * @see AuthorizationRequest
 
+ * @see OAuth2AuthorizationRequest
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.1">Section 4.1.1 Authorization Code Grant Request</a>
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2.1">Section 4.2.1 Implicit Grant Request</a>
 
  */
 
 public class DefaultAuthorizationRequestUriBuilder implements AuthorizationRequestUriBuilder {
 
 
 	@Override
 
-	public URI build(AuthorizationRequest authorizationRequest) {
 
+	public URI build(OAuth2AuthorizationRequest authorizationRequest) {
 
 		Set<String> scopes = authorizationRequest.getScopes();
 
 		UriComponentsBuilder uriBuilder = UriComponentsBuilder
 
 			.fromUriString(authorizationRequest.getAuthorizationUri())
 
-			.queryParam(OAuth2Parameter.RESPONSE_TYPE, authorizationRequest.getResponseType().getValue())
 
-			.queryParam(OAuth2Parameter.CLIENT_ID, authorizationRequest.getClientId())
 
-			.queryParam(OAuth2Parameter.SCOPE, StringUtils.collectionToDelimitedString(scopes, " "))
 
-			.queryParam(OAuth2Parameter.STATE, authorizationRequest.getState());
 
+			.queryParam(OAuth2ParameterNames.RESPONSE_TYPE, authorizationRequest.getResponseType().getValue())
 
+			.queryParam(OAuth2ParameterNames.CLIENT_ID, authorizationRequest.getClientId())
 
+			.queryParam(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(scopes, " "))
 
+			.queryParam(OAuth2ParameterNames.STATE, authorizationRequest.getState());
 
 		if (authorizationRequest.getRedirectUri() != null) {
 
-			uriBuilder.queryParam(OAuth2Parameter.REDIRECT_URI, authorizationRequest.getRedirectUri());
 
+			uriBuilder.queryParam(OAuth2ParameterNames.REDIRECT_URI, authorizationRequest.getRedirectUri());
 
 		}
 
 
 		return uriBuilder.build().encode().toUri();

+ 6 - 6
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/OidcAuthorizedClient.java
파일 보기 

@@ -17,8 +17,8 @@ package org.springframework.security.oauth2.client.oidc;
 
 
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
-import org.springframework.security.oauth2.core.oidc.IdToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 
 import org.springframework.util.Assert;
 
 
 /**
 
@@ -35,21 +35,21 @@ import org.springframework.util.Assert;
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see OAuth2AuthorizedClient
 
- * @see IdToken
 
+ * @see OidcIdToken
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#TokenResponse">3.1.3.3 Successful Token Response</a>
 
  */
 
 public class OidcAuthorizedClient extends OAuth2AuthorizedClient {
 
-	private final IdToken idToken;
 
+	private final OidcIdToken idToken;
 
 
 	public OidcAuthorizedClient(ClientRegistration clientRegistration, String principalName,
 
-								AccessToken accessToken, IdToken idToken) {
 
+								OAuth2AccessToken accessToken, OidcIdToken idToken) {
 
 
 		super(clientRegistration, principalName, accessToken);
 
 		Assert.notNull(idToken, "idToken cannot be null");
 
 		this.idToken = idToken;
 
 	}
 
 
-	public IdToken getIdToken() {
 
+	public OidcIdToken getIdToken() {
 
 		return this.idToken;
 
 	}
 
 }

+ 18 - 18
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java
파일 보기 

@@ -28,15 +28,15 @@ import org.springframework.security.oauth2.client.oidc.OidcAuthorizedClient;
 
 import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
 import org.springframework.security.oauth2.core.OAuth2Error;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
 
-import org.springframework.security.oauth2.core.endpoint.TokenResponse;
 
-import org.springframework.security.oauth2.core.oidc.IdToken;
 
-import org.springframework.security.oauth2.core.oidc.OidcScope;
 
-import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameter;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
+import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames;
 
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
 import org.springframework.security.oauth2.jwt.Jwt;
 
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 
@@ -102,15 +102,15 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
 
 		// scope
 
 		// 		REQUIRED. OpenID Connect requests MUST contain the "openid" scope value.
 
 		if (!authorizationCodeAuthentication.getAuthorizationExchange()
 
-			.getAuthorizationRequest().getScopes().contains(OidcScope.OPENID)) {
 
+			.getAuthorizationRequest().getScopes().contains(OidcScopes.OPENID)) {
 
 			// This is NOT an OpenID Connect Authentication Request so return null
 
 			// and let OAuth2LoginAuthenticationProvider handle it instead
 
 			return null;
 
 		}
 
 
-		AuthorizationRequest authorizationRequest = authorizationCodeAuthentication
 
+		OAuth2AuthorizationRequest authorizationRequest = authorizationCodeAuthentication
 
 			.getAuthorizationExchange().getAuthorizationRequest();
 
-		AuthorizationResponse authorizationResponse = authorizationCodeAuthentication
 
+		OAuth2AuthorizationResponse authorizationResponse = authorizationCodeAuthentication
 
 			.getAuthorizationExchange().getAuthorizationResponse();
 
 
 		if (authorizationResponse.statusError()) {
 
@@ -128,16 +128,16 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
 
 			throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
 
 		}
 
 
-		TokenResponse tokenResponse =
 
+		OAuth2AccessTokenResponse accessTokenResponse =
 
 			this.authorizationCodeTokenExchanger.exchange(authorizationCodeAuthentication);
 
 
-		AccessToken accessToken = new AccessToken(tokenResponse.getTokenType(),
 
-			tokenResponse.getTokenValue(), tokenResponse.getIssuedAt(),
 
-			tokenResponse.getExpiresAt(), tokenResponse.getScopes());
 
+		OAuth2AccessToken accessToken = new OAuth2AccessToken(accessTokenResponse.getTokenType(),
 
+			accessTokenResponse.getTokenValue(), accessTokenResponse.getIssuedAt(),
 
+			accessTokenResponse.getExpiresAt(), accessTokenResponse.getScopes());
 
 
 		ClientRegistration clientRegistration = authorizationCodeAuthentication.getClientRegistration();
 
 
-		if (!tokenResponse.getAdditionalParameters().containsKey(OidcParameter.ID_TOKEN)) {
 
+		if (!accessTokenResponse.getAdditionalParameters().containsKey(OidcParameterNames.ID_TOKEN)) {
 
 			throw new IllegalArgumentException(
 
 				"Missing (required) ID Token in Token Response for Client Registration: " + clientRegistration.getRegistrationId());
 
 		}
 
@@ -147,8 +147,8 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
 
 			throw new IllegalArgumentException("Failed to find a registered JwtDecoder for Client Registration: '" +
 
 				clientRegistration.getRegistrationId() + "'. Check to ensure you have configured the JwkSet URI.");
 
 		}
 
-		Jwt jwt = jwtDecoder.decode((String)tokenResponse.getAdditionalParameters().get(OidcParameter.ID_TOKEN));
 
-		IdToken idToken = new IdToken(jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt(), jwt.getClaims());
 
+		Jwt jwt = jwtDecoder.decode((String) accessTokenResponse.getAdditionalParameters().get(OidcParameterNames.ID_TOKEN));
 
+		OidcIdToken idToken = new OidcIdToken(jwt.getTokenValue(), jwt.getIssuedAt(), jwt.getExpiresAt(), jwt.getClaims());
 
 
 		this.validateIdToken(idToken, clientRegistration);
 
 
@@ -182,7 +182,7 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
 
 		return AuthorizationCodeAuthenticationToken.class.isAssignableFrom(authentication);
 
 	}
 
 
-	private void validateIdToken(IdToken idToken, ClientRegistration clientRegistration) {
 
+	private void validateIdToken(OidcIdToken idToken, ClientRegistration clientRegistration) {
 
 		// 3.1.3.7  ID Token Validation
 
 		// http://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation

+ 7 - 7
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java
파일 보기 

@@ -23,8 +23,8 @@ import org.springframework.security.oauth2.client.userinfo.UserInfoRetriever;
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
 import org.springframework.security.oauth2.core.OAuth2Error;
 
-import org.springframework.security.oauth2.core.oidc.OidcScope;
 
-import org.springframework.security.oauth2.core.oidc.UserInfo;
 
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
 import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
 
@@ -41,7 +41,7 @@ import java.util.Set;
 
  * <p>
 
  * This implementation uses a {@link UserInfoRetriever} to obtain the user attributes
 
  * of the <i>End-User</i> (resource owner) from the <i>UserInfo Endpoint</i>
 
- * and constructs a {@link UserInfo} instance.
 
+ * and constructs a {@link OidcUserInfo} instance.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
@@ -49,21 +49,21 @@ import java.util.Set;
 
  * @see OidcAuthorizedClient
 
  * @see OidcUser
 
  * @see DefaultOidcUser
 
- * @see UserInfo
 
+ * @see OidcUserInfo
 
  * @see UserInfoRetriever
 
  */
 
 public class OidcUserService implements OAuth2UserService<OidcAuthorizedClient, OidcUser> {
 
 	private static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response";
 
 	private UserInfoRetriever userInfoRetriever = new NimbusUserInfoRetriever();
 
 	private final Set<String> userInfoScopes = new HashSet<>(
 
-		Arrays.asList(OidcScope.PROFILE, OidcScope.EMAIL, OidcScope.ADDRESS, OidcScope.PHONE));
 
+		Arrays.asList(OidcScopes.PROFILE, OidcScopes.EMAIL, OidcScopes.ADDRESS, OidcScopes.PHONE));
 
 
 	@Override
 
 	public OidcUser loadUser(OidcAuthorizedClient authorizedClient) throws OAuth2AuthenticationException {
 
-		UserInfo userInfo = null;
 
+		OidcUserInfo userInfo = null;
 
 		if (this.shouldRetrieveUserInfo(authorizedClient)) {
 
 			Map<String, Object> userAttributes = this.userInfoRetriever.retrieve(authorizedClient, Map.class);
 
-			userInfo = new UserInfo(userAttributes);
 
+			userInfo = new OidcUserInfo(userAttributes);
 
 
 			// http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
 
 			// Due to the possibility of token substitution attacks (see Section 16.11),

+ 2 - 2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
파일 보기 

@@ -17,7 +17,7 @@ package org.springframework.security.oauth2.client.registration;
 
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 
-import org.springframework.security.oauth2.core.oidc.OidcScope;
 
+import org.springframework.security.oauth2.core.oidc.OidcScopes;
 
 import org.springframework.util.Assert;
 
 import org.springframework.util.CollectionUtils;
 
 
@@ -280,7 +280,7 @@ public final class ClientRegistration {
 
 			Assert.notEmpty(this.scopes, "scopes cannot be empty");
 
 			Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty");
 
 			Assert.hasText(this.tokenUri, "tokenUri cannot be empty");
 
-			if (this.scopes.contains(OidcScope.OPENID)) {
 
+			if (this.scopes.contains(OidcScopes.OPENID)) {
 
 				// OIDC Clients need to verify/validate the ID Token
 
 				Assert.hasText(this.jwkSetUri, "jwkSetUri cannot be empty");
 
 			}

+ 8 - 8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/InMemoryAccessTokenRepository.java
파일 보기 

@@ -17,7 +17,7 @@ package org.springframework.security.oauth2.client.token;
 
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.util.Assert;
 
 
 import java.util.Base64;
 
@@ -25,27 +25,27 @@ import java.util.Map;
 
 import java.util.concurrent.ConcurrentHashMap;
 
 
 /**
 
- * An <i>in-memory</i> {@link OAuth2TokenRepository} for {@link AccessToken}'s.
 
+ * An <i>in-memory</i> {@link OAuth2TokenRepository} for {@link OAuth2AccessToken}'s.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see OAuth2TokenRepository
 
- * @see AccessToken
 
+ * @see OAuth2AccessToken
 
  * @see ClientRegistration
 
  * @see Authentication
 
  */
 
-public final class InMemoryAccessTokenRepository implements OAuth2TokenRepository<AccessToken> {
 
-	private final Map<String, AccessToken> accessTokens = new ConcurrentHashMap<>();
 
+public final class InMemoryAccessTokenRepository implements OAuth2TokenRepository<OAuth2AccessToken> {
 
+	private final Map<String, OAuth2AccessToken> accessTokens = new ConcurrentHashMap<>();
 
 
 	@Override
 
-	public AccessToken loadToken(ClientRegistration registration, Authentication principal) {
 
+	public OAuth2AccessToken loadToken(ClientRegistration registration, Authentication principal) {
 
 		Assert.notNull(registration, "registration cannot be null");
 
 		Assert.notNull(principal, "principal cannot be null");
 
 		return this.accessTokens.get(this.getIdentifier(registration, principal));
 
 	}
 
 
 	@Override
 
-	public void saveToken(AccessToken accessToken, ClientRegistration registration, Authentication principal) {
 
+	public void saveToken(OAuth2AccessToken accessToken, ClientRegistration registration, Authentication principal) {
 
 		Assert.notNull(accessToken, "accessToken cannot be null");
 
 		Assert.notNull(registration, "registration cannot be null");
 
 		Assert.notNull(principal, "principal cannot be null");
 
@@ -53,7 +53,7 @@ public final class InMemoryAccessTokenRepository implements OAuth2TokenRepositor
 
 	}
 
 
 	@Override
 
-	public AccessToken removeToken(ClientRegistration registration, Authentication principal) {
 
+	public OAuth2AccessToken removeToken(ClientRegistration registration, Authentication principal) {
 
 		Assert.notNull(registration, "registration cannot be null");
 
 		Assert.notNull(principal, "principal cannot be null");
 
 		return this.accessTokens.remove(this.getIdentifier(registration, principal));

+ 8 - 8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilter.java
파일 보기 

@@ -22,9 +22,9 @@ import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationR
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
 import org.springframework.security.oauth2.client.endpoint.AuthorizationRequestUriBuilder;
 
-import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.security.web.DefaultRedirectStrategy;
 
 import org.springframework.security.web.RedirectStrategy;
 
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
@@ -55,7 +55,7 @@ import java.util.Map;
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see AuthorizationRequest
 
+ * @see OAuth2AuthorizationRequest
 
  * @see AuthorizationRequestRepository
 
  * @see AuthorizationRequestUriBuilder
 
  * @see ClientRegistration
 
@@ -132,18 +132,18 @@ public class AuthorizationRequestRedirectFilter extends OncePerRequestFilter {
 
 		String redirectUriStr = this.expandRedirectUri(request, clientRegistration);
 
 
 		Map<String,Object> additionalParameters = new HashMap<>();
 
-		additionalParameters.put(OAuth2Parameter.REGISTRATION_ID, clientRegistration.getRegistrationId());
 
+		additionalParameters.put(OAuth2ParameterNames.REGISTRATION_ID, clientRegistration.getRegistrationId());
 
 
-		AuthorizationRequest.Builder builder;
 
+		OAuth2AuthorizationRequest.Builder builder;
 
 		if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(clientRegistration.getAuthorizationGrantType())) {
 
-			builder = AuthorizationRequest.authorizationCode();
 
+			builder = OAuth2AuthorizationRequest.authorizationCode();
 
 		} else if (AuthorizationGrantType.IMPLICIT.equals(clientRegistration.getAuthorizationGrantType())) {
 
-			builder = AuthorizationRequest.implicit();
 
+			builder = OAuth2AuthorizationRequest.implicit();
 
 		} else {
 
 			throw new IllegalArgumentException("Invalid Authorization Grant Type for Client Registration (" +
 
 				clientRegistration.getRegistrationId() + "): " + clientRegistration.getAuthorizationGrantType());
 
 		}
 
-		AuthorizationRequest authorizationRequest = builder
 
+		OAuth2AuthorizationRequest authorizationRequest = builder
 
 				.clientId(clientRegistration.getClientId())
 
 				.authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri())
 
 				.redirectUri(redirectUriStr)

+ 6 - 6
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java
파일 보기 

@@ -15,14 +15,14 @@
 
  */
 
 package org.springframework.security.oauth2.client.web;
 
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
 
 import javax.servlet.http.HttpServletRequest;
 
 import javax.servlet.http.HttpServletResponse;
 
 
 /**
 
  * Implementations of this interface are responsible for the persistence
 
- * of {@link AuthorizationRequest} between requests.
 
+ * of {@link OAuth2AuthorizationRequest} between requests.
 
  *
 
  * <p>
 
  * Used by the {@link AuthorizationRequestRedirectFilter} for persisting the <i>Authorization Request</i>
 
@@ -32,16 +32,16 @@ import javax.servlet.http.HttpServletResponse;
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see AuthorizationRequest
 
+ * @see OAuth2AuthorizationRequest
 
  * @see HttpSessionAuthorizationRequestRepository
 
  */
 
 public interface AuthorizationRequestRepository {
 
 
-	AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request);
 
+	OAuth2AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request);
 
 
-	void saveAuthorizationRequest(AuthorizationRequest authorizationRequest, HttpServletRequest request,
 
+	void saveAuthorizationRequest(OAuth2AuthorizationRequest authorizationRequest, HttpServletRequest request,
 
 									HttpServletResponse response);
 
 
-	AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request);
 
+	OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request);
 
 
 }

+ 8 - 8
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java
파일 보기 

@@ -15,7 +15,7 @@
 
  */
 
 package org.springframework.security.oauth2.client.web;
 
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
 
 import javax.servlet.http.HttpServletRequest;
 
 import javax.servlet.http.HttpServletResponse;
 
@@ -23,11 +23,11 @@ import javax.servlet.http.HttpSession;
 
 
 /**
 
  * An implementation of an {@link AuthorizationRequestRepository} that stores
 
- * {@link AuthorizationRequest} in the {@link HttpSession}.
 
+ * {@link OAuth2AuthorizationRequest} in the {@link HttpSession}.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see AuthorizationRequest
 
+ * @see OAuth2AuthorizationRequest
 
  */
 
 public final class HttpSessionAuthorizationRequestRepository implements AuthorizationRequestRepository {
 
 	private static final String DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME =
 
@@ -35,16 +35,16 @@ public final class HttpSessionAuthorizationRequestRepository implements Authoriz
 
 	private final String sessionAttributeName = DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME;
 
 
 	@Override
 
-	public AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request) {
 
+	public OAuth2AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request) {
 
 		HttpSession session = request.getSession(false);
 
 		if (session != null) {
 
-			return (AuthorizationRequest) session.getAttribute(this.sessionAttributeName);
 
+			return (OAuth2AuthorizationRequest) session.getAttribute(this.sessionAttributeName);
 
 		}
 
 		return null;
 
 	}
 
 
 	@Override
 
-	public void saveAuthorizationRequest(AuthorizationRequest authorizationRequest, HttpServletRequest request,
 
+	public void saveAuthorizationRequest(OAuth2AuthorizationRequest authorizationRequest, HttpServletRequest request,
 
 											HttpServletResponse response) {
 
 		if (authorizationRequest == null) {
 
 			this.removeAuthorizationRequest(request);
 
@@ -54,8 +54,8 @@ public final class HttpSessionAuthorizationRequestRepository implements Authoriz
 
 	}
 
 
 	@Override
 
-	public AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request) {
 
-		AuthorizationRequest authorizationRequest = this.loadAuthorizationRequest(request);
 
+	public OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request) {
 
+		OAuth2AuthorizationRequest authorizationRequest = this.loadAuthorizationRequest(request);
 
 		if (authorizationRequest != null) {
 
 			request.getSession().removeAttribute(this.sessionAttributeName);
 
 		}

+ 30 - 30
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java
파일 보기 

@@ -26,14 +26,14 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 
 import org.springframework.security.oauth2.client.token.InMemoryAccessTokenRepository;
 
 import org.springframework.security.oauth2.client.token.OAuth2TokenRepository;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
 import org.springframework.security.oauth2.core.OAuth2Error;
 
-import org.springframework.security.oauth2.core.OAuth2ErrorCode;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationExchange;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationResponse;
 
-import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
 
+import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.security.oauth2.core.user.OAuth2User;
 
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 
 import org.springframework.util.Assert;
 
@@ -54,13 +54,13 @@ import java.io.IOException;
 
  * <ul>
 
  * <li>
 
  *	Assuming the resource owner (end-user) has granted access to the client, the authorization server will append the
 
- *	{@link OAuth2Parameter#CODE} and {@link OAuth2Parameter#STATE} (if provided in the <i>Authorization Request</i>) parameters
 
- *	to the {@link OAuth2Parameter#REDIRECT_URI} (provided in the <i>Authorization Request</i>)
 
+ *	{@link OAuth2ParameterNames#CODE} and {@link OAuth2ParameterNames#STATE} (if provided in the <i>Authorization Request</i>) parameters
 
+ *	to the {@link OAuth2ParameterNames#REDIRECT_URI} (provided in the <i>Authorization Request</i>)
 
  *	and redirect the end-user's user-agent back to this <code>Filter</code> (the client).
 
  * </li>
 
  * <li>
 
  *  This <code>Filter</code> will then create an {@link AuthorizationCodeAuthenticationToken} with
 
- *  the {@link OAuth2Parameter#CODE} received in the previous step and delegate it to
 
+ *  the {@link OAuth2ParameterNames#CODE} received in the previous step and delegate it to
 
  *  {@link OAuth2LoginAuthenticationProvider#authenticate(Authentication)} (indirectly via {@link AuthenticationManager}).
 
  * </li>
 
  * </ul>
 
@@ -71,8 +71,8 @@ import java.io.IOException;
 
  * @see AuthorizationCodeAuthenticationToken
 
  * @see OAuth2AuthenticationToken
 
  * @see OAuth2LoginAuthenticationProvider
 
- * @see AuthorizationRequest
 
- * @see AuthorizationResponse
 
+ * @see OAuth2AuthorizationRequest
 
+ * @see OAuth2AuthorizationResponse
 
  * @see AuthorizationRequestRepository
 
  * @see AuthorizationRequestRedirectFilter
 
  * @see ClientRegistrationRepository
 
@@ -85,7 +85,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 
 	private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
 
 	private ClientRegistrationRepository clientRegistrationRepository;
 
 	private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
 
-	private OAuth2TokenRepository<AccessToken> accessTokenRepository = new InMemoryAccessTokenRepository();
 
+	private OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository = new InMemoryAccessTokenRepository();
 
 
 	public OAuth2LoginAuthenticationFilter() {
 
 		this(DEFAULT_FILTER_PROCESSES_URI);
 
@@ -106,19 +106,19 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 
 			throws AuthenticationException, IOException, ServletException {
 
 
 		if (!this.authorizationResponseSuccess(request) && !this.authorizationResponseError(request)) {
 
-			OAuth2Error oauth2Error = new OAuth2Error(OAuth2ErrorCode.INVALID_REQUEST);
 
+			OAuth2Error oauth2Error = new OAuth2Error(OAuth2ErrorCodes.INVALID_REQUEST);
 
 			throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
 
 		}
 
-		AuthorizationResponse authorizationResponse = this.convert(request);
 
+		OAuth2AuthorizationResponse authorizationResponse = this.convert(request);
 
 
-		AuthorizationRequest authorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request);
 
+		OAuth2AuthorizationRequest authorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(request);
 
 		if (authorizationRequest == null) {
 
 			OAuth2Error oauth2Error = new OAuth2Error(AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE);
 
 			throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString());
 
 		}
 
 		this.authorizationRequestRepository.removeAuthorizationRequest(request);
 
 
-		String registrationId = (String)authorizationRequest.getAdditionalParameters().get(OAuth2Parameter.REGISTRATION_ID);
 
+		String registrationId = (String)authorizationRequest.getAdditionalParameters().get(OAuth2ParameterNames.REGISTRATION_ID);
 
 		ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
 
 
 		// The clientRegistration.redirectUri may contain Uri template variables, whether it's configured by
 
@@ -133,7 +133,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 
 			.build();
 
 
 		AuthorizationCodeAuthenticationToken authorizationCodeAuthentication = new AuthorizationCodeAuthenticationToken(
 
-				clientRegistration, new AuthorizationExchange(authorizationRequest, authorizationResponse));
 
+				clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse));
 
 		authorizationCodeAuthentication.setDetails(this.authenticationDetailsSource.buildDetails(request));
 
 
 		OAuth2AuthenticationToken<OAuth2User, OAuth2AuthorizedClient> oauth2Authentication =
 
@@ -157,26 +157,26 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 
 		this.authorizationRequestRepository = authorizationRequestRepository;
 
 	}
 
 
-	public final void setAccessTokenRepository(OAuth2TokenRepository<AccessToken> accessTokenRepository) {
 
+	public final void setAccessTokenRepository(OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository) {
 
 		Assert.notNull(accessTokenRepository, "accessTokenRepository cannot be null");
 
 		this.accessTokenRepository = accessTokenRepository;
 
 	}
 
 
-	private AuthorizationResponse convert(HttpServletRequest request) {
 
-		String code = request.getParameter(OAuth2Parameter.CODE);
 
-		String errorCode = request.getParameter(OAuth2Parameter.ERROR);
 
-		String state = request.getParameter(OAuth2Parameter.STATE);
 
+	private OAuth2AuthorizationResponse convert(HttpServletRequest request) {
 
+		String code = request.getParameter(OAuth2ParameterNames.CODE);
 
+		String errorCode = request.getParameter(OAuth2ParameterNames.ERROR);
 
+		String state = request.getParameter(OAuth2ParameterNames.STATE);
 
 		String redirectUri = request.getRequestURL().toString();
 
 
 		if (StringUtils.hasText(code)) {
 
-			return AuthorizationResponse.success(code)
 
+			return OAuth2AuthorizationResponse.success(code)
 
 				.redirectUri(redirectUri)
 
 				.state(state)
 
 				.build();
 
 		} else {
 
-			String errorDescription = request.getParameter(OAuth2Parameter.ERROR_DESCRIPTION);
 
-			String errorUri = request.getParameter(OAuth2Parameter.ERROR_URI);
 
-			return AuthorizationResponse.error(errorCode)
 
+			String errorDescription = request.getParameter(OAuth2ParameterNames.ERROR_DESCRIPTION);
 
+			String errorUri = request.getParameter(OAuth2ParameterNames.ERROR_URI);
 
+			return OAuth2AuthorizationResponse.error(errorCode)
 
 				.redirectUri(redirectUri)
 
 				.errorDescription(errorDescription)
 
 				.errorUri(errorUri)
 
@@ -186,12 +186,12 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 
 	}
 
 
 	private boolean authorizationResponseSuccess(HttpServletRequest request) {
 
-		return StringUtils.hasText(request.getParameter(OAuth2Parameter.CODE)) &&
 
-			StringUtils.hasText(request.getParameter(OAuth2Parameter.STATE));
 
+		return StringUtils.hasText(request.getParameter(OAuth2ParameterNames.CODE)) &&
 
+			StringUtils.hasText(request.getParameter(OAuth2ParameterNames.STATE));
 
 	}
 
 
 	private boolean authorizationResponseError(HttpServletRequest request) {
 
-		return StringUtils.hasText(request.getParameter(OAuth2Parameter.ERROR)) &&
 
-			StringUtils.hasText(request.getParameter(OAuth2Parameter.STATE));
 
+		return StringUtils.hasText(request.getParameter(OAuth2ParameterNames.ERROR)) &&
 
+			StringUtils.hasText(request.getParameter(OAuth2ParameterNames.STATE));
 
 	}
 
 }

+ 2 - 2
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/DefaultAuthorizationRequestUriBuilderTests.java
파일 보기 

@@ -17,7 +17,7 @@
 
 package org.springframework.security.oauth2.client.endpoint;
 
 
 import org.junit.Test;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
 
 import java.net.URI;
 
 import java.util.Arrays;
 
@@ -35,7 +35,7 @@ public class DefaultAuthorizationRequestUriBuilderTests {
 
 
 	@Test
 
 	public void buildWhenScopeMultiThenSeparatedByEncodedSpace() {
 
-		AuthorizationRequest request = AuthorizationRequest.implicit()
 
+		OAuth2AuthorizationRequest request = OAuth2AuthorizationRequest.implicit()
 
 			.additionalParameters(Collections.singletonMap("foo","bar"))
 
 			.authorizationUri("https://idp.example.com/oauth2/v2/auth")
 
 			.clientId("client-id")

+ 3 - 3
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRedirectFilterTests.java
파일 보기 

@@ -23,7 +23,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
 
 import org.springframework.mock.web.MockHttpServletResponse;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
 import org.springframework.security.oauth2.client.endpoint.AuthorizationRequestUriBuilder;
 
 
 import javax.servlet.FilterChain;
 
@@ -101,7 +101,7 @@ public class AuthorizationRequestRedirectFilterTests {
 
 		Mockito.verifyZeroInteractions(filterChain);        // Request should not proceed up the chain
 
 
 		// The authorization request attributes are saved in the session before the redirect happens
 
-		AuthorizationRequest authorizationRequest =
 
+		OAuth2AuthorizationRequest authorizationRequest =
 
 				authorizationRequestRepository.loadAuthorizationRequest(request);
 
 		Assertions.assertThat(authorizationRequest).isNotNull();
 
 
@@ -119,7 +119,7 @@ public class AuthorizationRequestRedirectFilterTests {
 
 
 		AuthorizationRequestUriBuilder authorizationUriBuilder = Mockito.mock(AuthorizationRequestUriBuilder.class);
 
 		URI authorizationURI = new URI(authorizationUri);
 
-		Mockito.when(authorizationUriBuilder.build(Matchers.any(AuthorizationRequest.class))).thenReturn(authorizationURI);
 
+		Mockito.when(authorizationUriBuilder.build(Matchers.any(OAuth2AuthorizationRequest.class))).thenReturn(authorizationURI);
 
 
 		return setupFilter(authorizationUriBuilder, clientRegistrations);
 
 	}

+ 15 - 15
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java
파일 보기 

@@ -31,11 +31,11 @@ import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 
 import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 
-import org.springframework.security.oauth2.core.OAuth2ErrorCode;
 
-import org.springframework.security.oauth2.core.endpoint.AuthorizationRequest;
 
-import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
 
+import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
 import org.springframework.security.oauth2.core.user.OAuth2User;
 
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 
@@ -82,9 +82,9 @@ public class OAuth2LoginAuthenticationFilterTests {
 
 		filter.setAuthenticationFailureHandler(failureHandler);
 
 
 		MockHttpServletRequest request = this.setupRequest(clientRegistration);
 
-		String errorCode = OAuth2ErrorCode.INVALID_GRANT;
 
-		request.addParameter(OAuth2Parameter.ERROR, errorCode);
 
-		request.addParameter(OAuth2Parameter.STATE, "some state");
 
+		String errorCode = OAuth2ErrorCodes.INVALID_GRANT;
 
+		request.addParameter(OAuth2ParameterNames.ERROR, errorCode);
 
+		request.addParameter(OAuth2ParameterNames.STATE, "some state");
 
 		MockHttpServletResponse response = new MockHttpServletResponse();
 
 		FilterChain filterChain = mock(FilterChain.class);
 
 
@@ -99,7 +99,7 @@ public class OAuth2LoginAuthenticationFilterTests {
 
 	public void doFilterWhenAuthorizationCodeSuccessResponseThenAuthenticationSuccessHandlerIsCalled() throws Exception {
 
 		ClientRegistration clientRegistration = TestUtil.githubClientRegistration();
 
 		OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(
 
-			clientRegistration, "principal", mock(AccessToken.class));
 
+			clientRegistration, "principal", mock(OAuth2AccessToken.class));
 
 		OAuth2AuthenticationToken userAuthentication = new OAuth2AuthenticationToken(
 
 			mock(OAuth2User.class), AuthorityUtils.createAuthorityList("ROLE_USER"), authorizedClient);
 
 		SecurityContextHolder.getContext().setAuthentication(userAuthentication);
 
@@ -115,8 +115,8 @@ public class OAuth2LoginAuthenticationFilterTests {
 
 		MockHttpServletRequest request = this.setupRequest(clientRegistration);
 
 		String authCode = "some code";
 
 		String state = "some state";
 
-		request.addParameter(OAuth2Parameter.CODE, authCode);
 
-		request.addParameter(OAuth2Parameter.STATE, state);
 
+		request.addParameter(OAuth2ParameterNames.CODE, authCode);
 
+		request.addParameter(OAuth2ParameterNames.STATE, state);
 
 		MockHttpServletResponse response = new MockHttpServletResponse();
 
 		setupAuthorizationRequest(authorizationRequestRepository, request, response, clientRegistration, state);
 
 		FilterChain filterChain = mock(FilterChain.class);
 
@@ -142,8 +142,8 @@ public class OAuth2LoginAuthenticationFilterTests {
 
 		MockHttpServletRequest request = this.setupRequest(clientRegistration);
 
 		String authCode = "some code";
 
 		String state = "some state";
 
-		request.addParameter(OAuth2Parameter.CODE, authCode);
 
-		request.addParameter(OAuth2Parameter.STATE, state);
 
+		request.addParameter(OAuth2ParameterNames.CODE, authCode);
 
+		request.addParameter(OAuth2ParameterNames.STATE, state);
 
 		MockHttpServletResponse response = new MockHttpServletResponse();
 
 		FilterChain filterChain = mock(FilterChain.class);
 
 
@@ -194,10 +194,10 @@ public class OAuth2LoginAuthenticationFilterTests {
 
 											String state) {
 
 
 		Map<String,Object> additionalParameters = new HashMap<>();
 
-		additionalParameters.put(OAuth2Parameter.REGISTRATION_ID, clientRegistration.getRegistrationId());
 
+		additionalParameters.put(OAuth2ParameterNames.REGISTRATION_ID, clientRegistration.getRegistrationId());
 
 
-		AuthorizationRequest authorizationRequest =
 
-			AuthorizationRequest.authorizationCode()
 
+		OAuth2AuthorizationRequest authorizationRequest =
 
+			OAuth2AuthorizationRequest.authorizationCode()
 
 				.clientId(clientRegistration.getClientId())
 
 				.authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri())
 
 				.redirectUri(clientRegistration.getRedirectUri())

+ 3 - 3
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java
파일 보기 

@@ -34,15 +34,15 @@ import java.util.Set;
 
  * @since 5.0
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.4">Section 1.4 Access Token</a>
 
  */
 
-public class AccessToken extends AbstractOAuth2Token {
 
+public class OAuth2AccessToken extends AbstractOAuth2Token {
 
 	private final TokenType tokenType;
 
 	private final Set<String> scopes;
 
 
-	public AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt) {
 
+	public OAuth2AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt) {
 
 		this(tokenType, tokenValue, issuedAt, expiresAt, Collections.emptySet());
 
 	}
 
 
-	public AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt, Set<String> scopes) {
 
+	public OAuth2AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt, Set<String> scopes) {
 
 		super(tokenValue, issuedAt, expiresAt);
 
 		Assert.notNull(tokenType, "tokenType cannot be null");
 
 		this.tokenType = tokenType;

+ 1 - 1
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2ErrorCode.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2ErrorCodes.java
파일 보기 

@@ -21,7 +21,7 @@ package org.springframework.security.oauth2.core;
 
  * @author Joe Grandja
 
  * @since 5.0
 
  */
 
-public interface OAuth2ErrorCode {
 
+public interface OAuth2ErrorCodes {
 
 
 	String INVALID_REQUEST = "invalid_request";

+ 13 - 13
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/TokenResponse.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java
파일 보기 

@@ -15,7 +15,7 @@
 
  */
 
 package org.springframework.security.oauth2.core.endpoint;
 
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 import org.springframework.util.Assert;
 
 import org.springframework.util.CollectionUtils;
 
 
@@ -29,21 +29,21 @@ import java.util.Set;
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see AccessToken
 
+ * @see OAuth2AccessToken
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-5.1">Section 5.1 Access Token Response</a>
 
  */
 
-public final class TokenResponse {
 
-	private AccessToken accessToken;
 
+public final class OAuth2AccessTokenResponse {
 
+	private OAuth2AccessToken accessToken;
 
 	private Map<String,Object> additionalParameters;
 
 
-	private TokenResponse() {
 
+	private OAuth2AccessTokenResponse() {
 
 	}
 
 
 	public String getTokenValue() {
 
 		return this.accessToken.getTokenValue();
 
 	}
 
 
-	public AccessToken.TokenType getTokenType() {
 
+	public OAuth2AccessToken.TokenType getTokenType() {
 
 		return this.accessToken.getTokenType();
 
 	}
 
 
@@ -69,7 +69,7 @@ public final class TokenResponse {
 
 
 	public static class Builder {
 
 		private String tokenValue;
 
-		private AccessToken.TokenType tokenType;
 
+		private OAuth2AccessToken.TokenType tokenType;
 
 		private long expiresIn;
 
 		private Set<String> scopes;
 
 		private Map<String,Object> additionalParameters;
 
@@ -78,7 +78,7 @@ public final class TokenResponse {
 
 			this.tokenValue = tokenValue;
 
 		}
 
 
-		public Builder tokenType(AccessToken.TokenType tokenType) {
 
+		public Builder tokenType(OAuth2AccessToken.TokenType tokenType) {
 
 			this.tokenType = tokenType;
 
 			return this;
 
 		}
 
@@ -98,15 +98,15 @@ public final class TokenResponse {
 
 			return this;
 
 		}
 
 
-		public TokenResponse build() {
 
+		public OAuth2AccessTokenResponse build() {
 
 			Assert.isTrue(this.expiresIn >= 0, "expiresIn must be a positive number");
 
 			Instant issuedAt = Instant.now();
 
-			TokenResponse tokenResponse = new TokenResponse();
 
-			tokenResponse.accessToken = new AccessToken(this.tokenType, this.tokenValue, issuedAt,
 
+			OAuth2AccessTokenResponse accessTokenResponse = new OAuth2AccessTokenResponse();
 
+			accessTokenResponse.accessToken = new OAuth2AccessToken(this.tokenType, this.tokenValue, issuedAt,
 
 				issuedAt.plusSeconds(this.expiresIn), this.scopes);
 
-			tokenResponse.additionalParameters = Collections.unmodifiableMap(
 
+			accessTokenResponse.additionalParameters = Collections.unmodifiableMap(
 
 				CollectionUtils.isEmpty(this.additionalParameters) ? Collections.emptyMap() : this.additionalParameters);
 
-			return tokenResponse;
 
+			return accessTokenResponse;
 
 		}
 
 	}
 
 }

+ 9 - 9
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationExchange.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationExchange.java
파일 보기 

@@ -23,26 +23,26 @@ import org.springframework.util.Assert;
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see AuthorizationRequest
 
- * @see AuthorizationResponse
 
+ * @see OAuth2AuthorizationRequest
 
+ * @see OAuth2AuthorizationResponse
 
  */
 
-public final class AuthorizationExchange {
 
-	private final AuthorizationRequest authorizationRequest;
 
-	private final AuthorizationResponse authorizationResponse;
 
+public final class OAuth2AuthorizationExchange {
 
+	private final OAuth2AuthorizationRequest authorizationRequest;
 
+	private final OAuth2AuthorizationResponse authorizationResponse;
 
 
-	public AuthorizationExchange(AuthorizationRequest authorizationRequest,
 
-									AuthorizationResponse authorizationResponse) {
 
+	public OAuth2AuthorizationExchange(OAuth2AuthorizationRequest authorizationRequest,
 
+									   OAuth2AuthorizationResponse authorizationResponse) {
 
 		Assert.notNull(authorizationRequest, "authorizationRequest cannot be null");
 
 		Assert.notNull(authorizationResponse, "authorizationResponse cannot be null");
 
 		this.authorizationRequest = authorizationRequest;
 
 		this.authorizationResponse = authorizationResponse;
 
 	}
 
 
-	public AuthorizationRequest getAuthorizationRequest() {
 
+	public OAuth2AuthorizationRequest getAuthorizationRequest() {
 
 		return this.authorizationRequest;
 
 	}
 
 
-	public AuthorizationResponse getAuthorizationResponse() {
 
+	public OAuth2AuthorizationResponse getAuthorizationResponse() {
 
 		return this.authorizationResponse;
 
 	}
 
 }

+ 10 - 10
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequest.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
파일 보기 

@@ -36,22 +36,22 @@ import java.util.stream.Collectors;
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see AuthorizationGrantType
 
- * @see ResponseType
 
+ * @see OAuth2AuthorizationResponseType
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.1">Section 4.1.1 Authorization Code Grant Request</a>
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.2.1">Section 4.2.1 Implicit Grant Request</a>
 
  */
 
-public final class AuthorizationRequest implements Serializable {
 
+public final class OAuth2AuthorizationRequest implements Serializable {
 
 	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
 
 	private String authorizationUri;
 
 	private AuthorizationGrantType authorizationGrantType;
 
-	private ResponseType responseType;
 
+	private OAuth2AuthorizationResponseType responseType;
 
 	private String clientId;
 
 	private String redirectUri;
 
 	private Set<String> scopes;
 
 	private String state;
 
 	private Map<String,Object> additionalParameters;
 
 
-	private AuthorizationRequest() {
 
+	private OAuth2AuthorizationRequest() {
 
 	}
 
 
 	public String getAuthorizationUri() {
 
@@ -62,7 +62,7 @@ public final class AuthorizationRequest implements Serializable {
 
 		return this.authorizationGrantType;
 
 	}
 
 
-	public ResponseType getResponseType() {
 
+	public OAuth2AuthorizationResponseType getResponseType() {
 
 		return this.responseType;
 
 	}
 
 
@@ -97,7 +97,7 @@ public final class AuthorizationRequest implements Serializable {
 
 	public static class Builder {
 
 		private String authorizationUri;
 
 		private AuthorizationGrantType authorizationGrantType;
 
-		private ResponseType responseType;
 
+		private OAuth2AuthorizationResponseType responseType;
 
 		private String clientId;
 
 		private String redirectUri;
 
 		private Set<String> scopes;
 
@@ -108,9 +108,9 @@ public final class AuthorizationRequest implements Serializable {
 
 			Assert.notNull(authorizationGrantType, "authorizationGrantType cannot be null");
 
 			this.authorizationGrantType = authorizationGrantType;
 
 			if (AuthorizationGrantType.AUTHORIZATION_CODE.equals(authorizationGrantType)) {
 
-				this.responseType = ResponseType.CODE;
 
+				this.responseType = OAuth2AuthorizationResponseType.CODE;
 
 			} else if (AuthorizationGrantType.IMPLICIT.equals(authorizationGrantType)) {
 
-				this.responseType = ResponseType.TOKEN;
 
+				this.responseType = OAuth2AuthorizationResponseType.TOKEN;
 
 			}
 
 		}
 
 
@@ -152,14 +152,14 @@ public final class AuthorizationRequest implements Serializable {
 
 			return this;
 
 		}
 
 
-		public AuthorizationRequest build() {
 
+		public OAuth2AuthorizationRequest build() {
 
 			Assert.hasText(this.authorizationUri, "authorizationUri cannot be empty");
 
 			Assert.hasText(this.clientId, "clientId cannot be empty");
 
 			if (AuthorizationGrantType.IMPLICIT.equals(this.authorizationGrantType)) {
 
 				Assert.hasText(this.redirectUri, "redirectUri cannot be empty");
 
 			}
 
 
-			AuthorizationRequest authorizationRequest = new AuthorizationRequest();
 
+			OAuth2AuthorizationRequest authorizationRequest = new OAuth2AuthorizationRequest();
 
 			authorizationRequest.authorizationUri = this.authorizationUri;
 
 			authorizationRequest.authorizationGrantType = this.authorizationGrantType;
 
 			authorizationRequest.responseType = this.responseType;

+ 4 - 4
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/AuthorizationResponse.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java
파일 보기 

@@ -26,13 +26,13 @@ import org.springframework.util.StringUtils;
 
  * @since 5.0
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.2">Section 4.1.2 Authorization Response</a>
 
  */
 
-public final class AuthorizationResponse {
 
+public final class OAuth2AuthorizationResponse {
 
 	private String redirectUri;
 
 	private String state;
 
 	private String code;
 
 	private OAuth2Error error;
 
 
-	private AuthorizationResponse() {
 
+	private OAuth2AuthorizationResponse() {
 
 	}
 
 
 	public String getRedirectUri() {
 
@@ -110,13 +110,13 @@ public final class AuthorizationResponse {
 
 			return this;
 
 		}
 
 
-		public AuthorizationResponse build() {
 
+		public OAuth2AuthorizationResponse build() {
 
 			if (StringUtils.hasText(this.code) && StringUtils.hasText(this.errorCode)) {
 
 				throw new IllegalArgumentException("code and errorCode cannot both be set");
 
 			}
 
 			Assert.hasText(this.redirectUri, "redirectUri cannot be empty");
 
 
-			AuthorizationResponse authorizationResponse = new AuthorizationResponse();
 
+			OAuth2AuthorizationResponse authorizationResponse = new OAuth2AuthorizationResponse();
 
 			authorizationResponse.redirectUri = this.redirectUri;
 
 			authorizationResponse.state = this.state;
 
 			if (StringUtils.hasText(this.code)) {

+ 5 - 5
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/ResponseType.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponseType.java
파일 보기 

@@ -33,13 +33,13 @@ import java.io.Serializable;
 
  * @since 5.0
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-3.1.1">Section 3.1.1 Response Type</a>
 
  */
 
-public final class ResponseType implements Serializable {
 
+public final class OAuth2AuthorizationResponseType implements Serializable {
 
 	private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
 
-	public static final ResponseType CODE = new ResponseType("code");
 
-	public static final ResponseType TOKEN = new ResponseType("token");
 
+	public static final OAuth2AuthorizationResponseType CODE = new OAuth2AuthorizationResponseType("code");
 
+	public static final OAuth2AuthorizationResponseType TOKEN = new OAuth2AuthorizationResponseType("token");
 
 	private final String value;
 
 
-	private ResponseType(String value) {
 
+	private OAuth2AuthorizationResponseType(String value) {
 
 		Assert.hasText(value, "value cannot be empty");
 
 		this.value = value;
 
 	}
 
@@ -56,7 +56,7 @@ public final class ResponseType implements Serializable {
 
 		if (obj == null || this.getClass() != obj.getClass()) {
 
 			return false;
 
 		}
 
-		ResponseType that = (ResponseType) obj;
 
+		OAuth2AuthorizationResponseType that = (OAuth2AuthorizationResponseType) obj;
 
 		return this.getValue().equals(that.getValue());
 
 	}

+ 2 - 2
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2Parameter.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2ParameterNames.java
파일 보기 

@@ -16,14 +16,14 @@
 
 package org.springframework.security.oauth2.core.endpoint;
 
 
 /**
 
- * Standard and additional (custom) parameters defined in the OAuth Parameters Registry
 
+ * Standard and additional (custom) parameter names defined in the OAuth Parameters Registry
 
  * and used by the authorization endpoint and token endpoint.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-11.2">11.2 OAuth Parameters Registry</a>
 
  */
 
-public interface OAuth2Parameter {
 
+public interface OAuth2ParameterNames {
 
 
 	String RESPONSE_TYPE = "response_type";

+ 1 - 1
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/Address.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/AddressStandardClaim.java
파일 보기 

@@ -25,7 +25,7 @@ package org.springframework.security.oauth2.core.oidc;
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse">UserInfo Response</a>
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
 
  */
 
-public interface Address {
 
+public interface AddressStandardClaim {
 
 
 	String getFormatted();

+ 6 - 6
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddress.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java
파일 보기 

@@ -18,13 +18,13 @@ package org.springframework.security.oauth2.core.oidc;
 
 import java.util.Map;
 
 
 /**
 
- * The default implementation of an {@link Address}.
 
+ * The default implementation of an {@link AddressStandardClaim Address Claim}.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see Address
 
+ * @see AddressStandardClaim
 
  */
 
-public final class DefaultAddress implements Address {
 
+public final class DefaultAddressStandardClaim implements AddressStandardClaim {
 
 	private String formatted;
 
 	private String streetAddress;
 
 	private String locality;
 
@@ -32,7 +32,7 @@ public final class DefaultAddress implements Address {
 
 	private String postalCode;
 
 	private String country;
 
 
-	private DefaultAddress() {
 
+	private DefaultAddressStandardClaim() {
 
 	}
 
 
 	@Override
 
@@ -121,8 +121,8 @@ public final class DefaultAddress implements Address {
 
 			return this;
 
 		}
 
 
-		public Address build() {
 
-			DefaultAddress address = new DefaultAddress();
 
+		public AddressStandardClaim build() {
 
+			DefaultAddressStandardClaim address = new DefaultAddressStandardClaim();
 
 			address.formatted = this.formatted;
 
 			address.streetAddress = this.streetAddress;
 
 			address.locality = this.locality;

+ 15 - 15
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimAccessor.java
파일 보기 

@@ -27,9 +27,9 @@ import java.util.List;
 
  *
 
  * @see ClaimAccessor
 
  * @see StandardClaimAccessor
 
- * @see StandardClaim
 
- * @see IdTokenClaim
 
- * @see IdToken
 
+ * @see StandardClaimNames
 
+ * @see IdTokenClaimNames
 
+ * @see OidcIdToken
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard Claims</a>
 
  * @author Joe Grandja
 
@@ -38,50 +38,50 @@ import java.util.List;
 
 public interface IdTokenClaimAccessor extends StandardClaimAccessor {
 
 
 	default URL getIssuer() {
 
-		return this.getClaimAsURL(IdTokenClaim.ISS);
 
+		return this.getClaimAsURL(IdTokenClaimNames.ISS);
 
 	}
 
 
 	default String getSubject() {
 
-		return this.getClaimAsString(IdTokenClaim.SUB);
 
+		return this.getClaimAsString(IdTokenClaimNames.SUB);
 
 	}
 
 
 	default List<String> getAudience() {
 
-		return this.getClaimAsStringList(IdTokenClaim.AUD);
 
+		return this.getClaimAsStringList(IdTokenClaimNames.AUD);
 
 	}
 
 
 	default Instant getExpiresAt() {
 
-		return this.getClaimAsInstant(IdTokenClaim.EXP);
 
+		return this.getClaimAsInstant(IdTokenClaimNames.EXP);
 
 	}
 
 
 	default Instant getIssuedAt() {
 
-		return this.getClaimAsInstant(IdTokenClaim.IAT);
 
+		return this.getClaimAsInstant(IdTokenClaimNames.IAT);
 
 	}
 
 
 	default Instant getAuthenticatedAt() {
 
-		return this.getClaimAsInstant(IdTokenClaim.AUTH_TIME);
 
+		return this.getClaimAsInstant(IdTokenClaimNames.AUTH_TIME);
 
 	}
 
 
 	default String getNonce() {
 
-		return this.getClaimAsString(IdTokenClaim.NONCE);
 
+		return this.getClaimAsString(IdTokenClaimNames.NONCE);
 
 	}
 
 
 	default String getAuthenticationContextClass() {
 
-		return this.getClaimAsString(IdTokenClaim.ACR);
 
+		return this.getClaimAsString(IdTokenClaimNames.ACR);
 
 	}
 
 
 	default List<String> getAuthenticationMethods() {
 
-		return this.getClaimAsStringList(IdTokenClaim.AMR);
 
+		return this.getClaimAsStringList(IdTokenClaimNames.AMR);
 
 	}
 
 
 	default String getAuthorizedParty() {
 
-		return this.getClaimAsString(IdTokenClaim.AZP);
 
+		return this.getClaimAsString(IdTokenClaimNames.AZP);
 
 	}
 
 
 	default String getAccessTokenHash() {
 
-		return this.getClaimAsString(IdTokenClaim.AT_HASH);
 
+		return this.getClaimAsString(IdTokenClaimNames.AT_HASH);
 
 	}
 
 
 	default String getAuthorizationCodeHash() {
 
-		return this.getClaimAsString(IdTokenClaim.C_HASH);
 
+		return this.getClaimAsString(IdTokenClaimNames.C_HASH);
 
 	}
 
 }

+ 3 - 3
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaim.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdTokenClaimNames.java
파일 보기 

@@ -16,16 +16,16 @@
 
 package org.springframework.security.oauth2.core.oidc;
 
 
 /**
 
- * The &quot;Claims&quot; defined by the <i>OpenID Connect Core 1.0</i> specification
 
+ * The names of the &quot;Claims&quot; defined by the <i>OpenID Connect Core 1.0</i> specification
 
  * that can be returned in the <i>ID Token</i>.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see IdToken
 
+ * @see OidcIdToken
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
 
  */
 
 
-public interface IdTokenClaim {
 
+public interface IdTokenClaimNames {
 
 
 	String ISS = "iss";

+ 3 - 3
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/IdToken.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcIdToken.java
파일 보기 

@@ -27,7 +27,7 @@ import java.util.Map;
 
  * An implementation of an {@link AbstractOAuth2Token} representing an <i>OpenID Connect Core 1.0 ID Token</i>.
 
  *
 
  * <p>
 
- * The <code>IdToken</code> is a security token that contains &quot;Claims&quot;
 
+ * The <code>OidcIdToken</code> is a security token that contains &quot;Claims&quot;
 
  * about the authentication of an End-User by an Authorization Server.
 
  *
 
  * @author Joe Grandja
 
@@ -38,10 +38,10 @@ import java.util.Map;
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard Claims</a>
 
  */
 
-public class IdToken extends AbstractOAuth2Token implements IdTokenClaimAccessor {
 
+public class OidcIdToken extends AbstractOAuth2Token implements IdTokenClaimAccessor {
 
 	private final Map<String, Object> claims;
 
 
-	public IdToken(String tokenValue, Instant issuedAt, Instant expiresAt, Map<String, Object> claims) {
 
+	public OidcIdToken(String tokenValue, Instant issuedAt, Instant expiresAt, Map<String, Object> claims) {
 
 		super(tokenValue, issuedAt, expiresAt);
 
 		Assert.notEmpty(claims, "claims cannot be empty");
 
 		this.claims = Collections.unmodifiableMap(new LinkedHashMap<>(claims));

+ 5 - 5
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcScope.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcScopes.java
파일 보기 

@@ -15,22 +15,22 @@
 
  */
 
 package org.springframework.security.oauth2.core.oidc;
 
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 
 /**
 
  * The <i>scope</i> values defined by the <i>OpenID Connect Core 1.0</i> specification
 
- * that can be used to request {@link StandardClaim Claims}.
 
+ * that can be used to request {@link StandardClaimNames Claims}.
 
  * <p>
 
- * The scope(s) associated to an {@link AccessToken} determine what claims (resources)
 
+ * The scope(s) associated to an {@link OAuth2AccessToken} determine what claims (resources)
 
  * will be available when they are used to access <i>OAuth 2.0 Protected Endpoints</i>,
 
  * such as the <i>UserInfo Endpoint</i>.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
- * @see StandardClaim
 
+ * @see StandardClaimNames
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims">Requesting Claims using Scope Values</a>
 
  */
 
-public interface OidcScope {
 
+public interface OidcScopes {
 
 
 	String OPENID = "openid";

+ 4 - 4
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/UserInfo.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcUserInfo.java
파일 보기 

@@ -26,7 +26,7 @@ import java.util.Map;
 
  * from the OAuth 2.0 Protected Resource <i>UserInfo Endpoint</i>.
 
  *
 
  * <p>
 
- * The <code>UserInfo</code> contains a set of &quot;Standard Claims&quot; about the authentication of an End-User.
 
+ * The <code>OidcUserInfo</code> contains a set of &quot;Standard Claims&quot; about the authentication of an End-User.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
@@ -35,10 +35,10 @@ import java.util.Map;
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#UserInfo">UserInfo Endpoint</a>
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard Claims</a>
 
  */
 
-public class UserInfo implements StandardClaimAccessor {
 
+public class OidcUserInfo implements StandardClaimAccessor {
 
 	private final Map<String, Object> claims;
 
 
-	public UserInfo(Map<String, Object> claims) {
 
+	public OidcUserInfo(Map<String, Object> claims) {
 
 		Assert.notEmpty(claims, "claims cannot be empty");
 
 		this.claims = Collections.unmodifiableMap(new LinkedHashMap<>(claims));
 
 	}
 
@@ -57,7 +57,7 @@ public class UserInfo implements StandardClaimAccessor {
 
 			return false;
 
 		}
 
 
-		UserInfo that = (UserInfo) obj;
 
+		OidcUserInfo that = (OidcUserInfo) obj;
 
 
 		return this.getClaims().equals(that.getClaims());
 
 	}

+ 25 - 25
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimAccessor.java
파일 보기 

@@ -26,8 +26,8 @@ import java.util.Map;
 
  * either in the <i>UserInfo Response</i> or the <i>ID Token</i>.
 
  *
 
  * @see ClaimAccessor
 
- * @see StandardClaim
 
- * @see UserInfo
 
+ * @see StandardClaimNames
 
+ * @see OidcUserInfo
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse">UserInfo Response</a>
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims">Standard Claims</a>
 
  * @author Joe Grandja
 
@@ -36,85 +36,85 @@ import java.util.Map;
 
 public interface StandardClaimAccessor extends ClaimAccessor {
 
 
 	default String getSubject() {
 
-		return this.getClaimAsString(StandardClaim.SUB);
 
+		return this.getClaimAsString(StandardClaimNames.SUB);
 
 	}
 
 
 	default String getFullName() {
 
-		return this.getClaimAsString(StandardClaim.NAME);
 
+		return this.getClaimAsString(StandardClaimNames.NAME);
 
 	}
 
 
 	default String getGivenName() {
 
-		return this.getClaimAsString(StandardClaim.GIVEN_NAME);
 
+		return this.getClaimAsString(StandardClaimNames.GIVEN_NAME);
 
 	}
 
 
 	default String getFamilyName() {
 
-		return this.getClaimAsString(StandardClaim.FAMILY_NAME);
 
+		return this.getClaimAsString(StandardClaimNames.FAMILY_NAME);
 
 	}
 
 
 	default String getMiddleName() {
 
-		return this.getClaimAsString(StandardClaim.MIDDLE_NAME);
 
+		return this.getClaimAsString(StandardClaimNames.MIDDLE_NAME);
 
 	}
 
 
 	default String getNickName() {
 
-		return this.getClaimAsString(StandardClaim.NICKNAME);
 
+		return this.getClaimAsString(StandardClaimNames.NICKNAME);
 
 	}
 
 
 	default String getPreferredUsername() {
 
-		return this.getClaimAsString(StandardClaim.PREFERRED_USERNAME);
 
+		return this.getClaimAsString(StandardClaimNames.PREFERRED_USERNAME);
 
 	}
 
 
 	default String getProfile() {
 
-		return this.getClaimAsString(StandardClaim.PROFILE);
 
+		return this.getClaimAsString(StandardClaimNames.PROFILE);
 
 	}
 
 
 	default String getPicture() {
 
-		return this.getClaimAsString(StandardClaim.PICTURE);
 
+		return this.getClaimAsString(StandardClaimNames.PICTURE);
 
 	}
 
 
 	default String getWebsite() {
 
-		return this.getClaimAsString(StandardClaim.WEBSITE);
 
+		return this.getClaimAsString(StandardClaimNames.WEBSITE);
 
 	}
 
 
 	default String getEmail() {
 
-		return this.getClaimAsString(StandardClaim.EMAIL);
 
+		return this.getClaimAsString(StandardClaimNames.EMAIL);
 
 	}
 
 
 	default Boolean getEmailVerified() {
 
-		return this.getClaimAsBoolean(StandardClaim.EMAIL_VERIFIED);
 
+		return this.getClaimAsBoolean(StandardClaimNames.EMAIL_VERIFIED);
 
 	}
 
 
 	default String getGender() {
 
-		return this.getClaimAsString(StandardClaim.GENDER);
 
+		return this.getClaimAsString(StandardClaimNames.GENDER);
 
 	}
 
 
 	default String getBirthdate() {
 
-		return this.getClaimAsString(StandardClaim.BIRTHDATE);
 
+		return this.getClaimAsString(StandardClaimNames.BIRTHDATE);
 
 	}
 
 
 	default String getZoneInfo() {
 
-		return this.getClaimAsString(StandardClaim.ZONEINFO);
 
+		return this.getClaimAsString(StandardClaimNames.ZONEINFO);
 
 	}
 
 
 	default String getLocale() {
 
-		return this.getClaimAsString(StandardClaim.LOCALE);
 
+		return this.getClaimAsString(StandardClaimNames.LOCALE);
 
 	}
 
 
 	default String getPhoneNumber() {
 
-		return this.getClaimAsString(StandardClaim.PHONE_NUMBER);
 
+		return this.getClaimAsString(StandardClaimNames.PHONE_NUMBER);
 
 	}
 
 
 	default Boolean getPhoneNumberVerified() {
 
-		return this.getClaimAsBoolean(StandardClaim.PHONE_NUMBER_VERIFIED);
 
+		return this.getClaimAsBoolean(StandardClaimNames.PHONE_NUMBER_VERIFIED);
 
 	}
 
 
-	default Address getAddress() {
 
-		Map<String, Object> addressFields = this.getClaimAsMap(StandardClaim.ADDRESS);
 
+	default AddressStandardClaim getAddress() {
 
+		Map<String, Object> addressFields = this.getClaimAsMap(StandardClaimNames.ADDRESS);
 
 		return (!CollectionUtils.isEmpty(addressFields) ?
 
-			new DefaultAddress.Builder(addressFields).build() :
 
-			new DefaultAddress.Builder().build());
 
+			new DefaultAddressStandardClaim.Builder(addressFields).build() :
 
+			new DefaultAddressStandardClaim.Builder().build());
 
 	}
 
 
 	default Instant getUpdatedAt() {
 
-		return this.getClaimAsInstant(StandardClaim.UPDATED_AT);
 
+		return this.getClaimAsInstant(StandardClaimNames.UPDATED_AT);
 
 	}
 
 }

+ 2 - 2
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaim.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/StandardClaimNames.java
파일 보기 

@@ -16,7 +16,7 @@
 
 package org.springframework.security.oauth2.core.oidc;
 
 
 /**
 
- * The &quot;Standard Claims&quot; defined by the <i>OpenID Connect Core 1.0</i> specification
 
+ * The names of the &quot;Standard Claims&quot; defined by the <i>OpenID Connect Core 1.0</i> specification
 
  * that can be returned either in the <i>UserInfo Response</i> or the <i>ID Token</i>.
 
  *
 
  * @author Joe Grandja
 
@@ -25,7 +25,7 @@ package org.springframework.security.oauth2.core.oidc;
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse">UserInfo Response</a>
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
 
  */
 
-public interface StandardClaim {
 
+public interface StandardClaimNames {
 
 
 	String SUB = "sub";

+ 2 - 2
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/endpoint/OidcParameter.java → oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/endpoint/OidcParameterNames.java
파일 보기 

@@ -16,14 +16,14 @@
 
 package org.springframework.security.oauth2.core.oidc.endpoint;
 
 
 /**
 
- * Standard parameters defined in the OAuth Parameters Registry
 
+ * Standard parameter names defined in the OAuth Parameters Registry
 
  * and used by the authorization endpoint and token endpoint.
 
  *
 
  * @author Joe Grandja
 
  * @since 5.0
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#OAuthParametersRegistry">18.2 OAuth Parameters Registration</a>
 
  */
 
-public interface OidcParameter {
 
+public interface OidcParameterNames {
 
 
 	String ID_TOKEN = "id_token";

+ 17 - 18
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUser.java
파일 보기 

@@ -17,11 +17,10 @@
 
 package org.springframework.security.oauth2.core.oidc.user;
 
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 
 import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
 
-import org.springframework.security.oauth2.core.oidc.IdToken;
 
-import org.springframework.security.oauth2.core.oidc.IdTokenClaim;
 
-import org.springframework.security.oauth2.core.oidc.UserInfo;
 
+import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
 
 
 import java.util.Map;
 
 import java.util.Set;
 
@@ -32,34 +31,34 @@ import java.util.Set;
 
  * <p>
 
  * The claim used for accessing the &quot;name&quot; of the
 
  * user <code>Principal</code> via {@link #getClaims()}
 
- * is {@link IdTokenClaim#SUB}.
 
+ * is {@link IdTokenClaimNames#SUB}.
 
  *
 
  * @author Joe Grandja
 
  * @author Vedran Pavic
 
  * @since 5.0
 
  * @see OidcUser
 
  * @see DefaultOAuth2User
 
- * @see IdToken
 
- * @see UserInfo
 
+ * @see OidcIdToken
 
+ * @see OidcUserInfo
 
  */
 
 public class DefaultOidcUser extends DefaultOAuth2User implements OidcUser {
 
-	private final IdToken idToken;
 
-	private final UserInfo userInfo;
 
+	private final OidcIdToken idToken;
 
+	private final OidcUserInfo userInfo;
 
 
-	public DefaultOidcUser(Set<GrantedAuthority> authorities, IdToken idToken) {
 
-		this(authorities, idToken, IdTokenClaim.SUB);
 
+	public DefaultOidcUser(Set<GrantedAuthority> authorities, OidcIdToken idToken) {
 
+		this(authorities, idToken, IdTokenClaimNames.SUB);
 
 	}
 
 
-	public DefaultOidcUser(Set<GrantedAuthority> authorities, IdToken idToken, String nameAttributeKey) {
 
+	public DefaultOidcUser(Set<GrantedAuthority> authorities, OidcIdToken idToken, String nameAttributeKey) {
 
 		this(authorities, idToken, null, nameAttributeKey);
 
 	}
 
 
-	public DefaultOidcUser(Set<GrantedAuthority> authorities, IdToken idToken, UserInfo userInfo) {
 
-		this(authorities, idToken, userInfo, IdTokenClaim.SUB);
 
+	public DefaultOidcUser(Set<GrantedAuthority> authorities, OidcIdToken idToken, OidcUserInfo userInfo) {
 
+		this(authorities, idToken, userInfo, IdTokenClaimNames.SUB);
 
 	}
 
 
-	public DefaultOidcUser(Set<GrantedAuthority> authorities, IdToken idToken, UserInfo userInfo,
 
-			String nameAttributeKey) {
 
+	public DefaultOidcUser(Set<GrantedAuthority> authorities, OidcIdToken idToken, OidcUserInfo userInfo,
 
+						   String nameAttributeKey) {
 
 		super(authorities, OidcUser.collectClaims(idToken, userInfo), nameAttributeKey);
 
 		this.idToken = idToken;
 
 		this.userInfo = userInfo;
 
@@ -70,11 +69,11 @@ public class DefaultOidcUser extends DefaultOAuth2User implements OidcUser {
 
 		return this.getAttributes();
 
 	}
 
 
-	public IdToken getIdToken() {
 
+	public OidcIdToken getIdToken() {
 
 		return this.idToken;
 
 	}
 
 
-	public UserInfo getUserInfo() {
 
+	public OidcUserInfo getUserInfo() {
 
 		return this.userInfo;
 
 	}
 
 }

+ 6 - 6
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUser.java
파일 보기 

@@ -17,11 +17,11 @@ package org.springframework.security.oauth2.core.oidc.user;
 
 
 import org.springframework.security.core.AuthenticatedPrincipal;
 
 import org.springframework.security.core.Authentication;
 
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 
 import org.springframework.security.oauth2.core.user.OAuth2User;
 
-import org.springframework.security.oauth2.core.oidc.IdToken;
 
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 
 import org.springframework.security.oauth2.core.oidc.IdTokenClaimAccessor;
 
 import org.springframework.security.oauth2.core.oidc.StandardClaimAccessor;
 
-import org.springframework.security.oauth2.core.oidc.UserInfo;
 
 import org.springframework.util.Assert;
 
 
 import java.util.HashMap;
 
@@ -33,7 +33,7 @@ import java.util.Map;
 
  *
 
  * <p>
 
  * An <code>OidcUser</code> contains &quot;Claims&quot; about the Authentication of the End-User.
 
- * The claims are aggregated from the <code>IdToken</code> and optionally the <code>UserInfo</code>.
 
+ * The claims are aggregated from the <code>OidcIdToken</code> and optionally the <code>OidcUserInfo</code>.
 
  *
 
  * <p>
 
  * Implementation instances of this interface represent an {@link AuthenticatedPrincipal}
 
@@ -44,8 +44,8 @@ import java.util.Map;
 
  * @since 5.0
 
  * @see DefaultOidcUser
 
  * @see OAuth2User
 
- * @see IdToken
 
- * @see UserInfo
 
+ * @see OidcIdToken
 
+ * @see OidcUserInfo
 
  * @see IdTokenClaimAccessor
 
  * @see StandardClaimAccessor
 
  * @see <a target="_blank" href="http://openid.net/specs/openid-connect-core-1_0.html#IDToken">ID Token</a>
 
@@ -55,7 +55,7 @@ public interface OidcUser extends OAuth2User, IdTokenClaimAccessor {
 
 
 	Map<String, Object> getClaims();
 
 
-	static Map<String, Object> collectClaims(IdToken idToken, UserInfo userInfo) {
 
+	static Map<String, Object> collectClaims(OidcIdToken idToken, OidcUserInfo userInfo) {
 
 		Assert.notNull(idToken, "idToken cannot be null");
 
 		Map<String, Object> claims = new HashMap<>();
 
 		if (userInfo != null) {

+ 9 - 10
oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java
파일 보기 

@@ -16,10 +16,9 @@
 
 package org.springframework.security.oauth2.core.oidc.user;
 
 
 import org.springframework.security.core.GrantedAuthority;
 
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 
-import org.springframework.security.oauth2.core.oidc.IdToken;
 
-import org.springframework.security.oauth2.core.oidc.UserInfo;
 
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 
 
 /**
 
  * A {@link GrantedAuthority} that is associated with an {@link OidcUser}.
 
@@ -29,28 +28,28 @@ import org.springframework.security.oauth2.core.oidc.UserInfo;
 
  * @see OidcUser
 
  */
 
 public class OidcUserAuthority extends OAuth2UserAuthority {
 
-	private final IdToken idToken;
 
-	private final UserInfo userInfo;
 
+	private final OidcIdToken idToken;
 
+	private final OidcUserInfo userInfo;
 
 
-	public OidcUserAuthority(IdToken idToken) {
 
+	public OidcUserAuthority(OidcIdToken idToken) {
 
 		this(idToken, null);
 
 	}
 
 
-	public OidcUserAuthority(IdToken idToken, UserInfo userInfo) {
 
+	public OidcUserAuthority(OidcIdToken idToken, OidcUserInfo userInfo) {
 
 		this("ROLE_USER", idToken, userInfo);
 
 	}
 
 
-	public OidcUserAuthority(String authority, IdToken idToken, UserInfo userInfo) {
 
+	public OidcUserAuthority(String authority, OidcIdToken idToken, OidcUserInfo userInfo) {
 
 		super(authority, OidcUser.collectClaims(idToken, userInfo));
 
 		this.idToken = idToken;
 
 		this.userInfo = userInfo;
 
 	}
 
 
-	public IdToken getIdToken() {
 
+	public OidcIdToken getIdToken() {
 
 		return this.idToken;
 
 	}
 
 
-	public UserInfo getUserInfo() {
 
+	public OidcUserInfo getUserInfo() {
 
 		return this.userInfo;
 
 	}

+ 9 - 9
oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/TokenResponseTest.java → oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponseTests.java
파일 보기 

@@ -16,16 +16,16 @@
 
 package org.springframework.security.oauth2.core.endpoint;
 
 
 import org.junit.Test;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
 
 import java.util.Collections;
 
 
 /**
 
- * Tests {@link TokenResponse}
 
+ * Tests {@link OAuth2AccessTokenResponse}
 
  *
 
  * @author Luander Ribeiro
 
  */
 
-public class TokenResponseTest {
 
+public class OAuth2AccessTokenResponseTests {
 
 
 	private static final String TOKEN = "token";
 
 	private static final long INVALID_EXPIRES_IN = -1L;
 
@@ -33,27 +33,27 @@ public class TokenResponseTest {
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenTokenValueIsNullThenThrowIllegalArgumentException() {
 
-		TokenResponse.withToken(null)
 
+		OAuth2AccessTokenResponse.withToken(null)
 
 			.expiresIn(EXPIRES_IN)
 
 			.additionalParameters(Collections.emptyMap())
 
 			.scopes(Collections.emptySet())
 
-			.tokenType(AccessToken.TokenType.BEARER)
 
+			.tokenType(OAuth2AccessToken.TokenType.BEARER)
 
 			.build();
 
 	}
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenExpiresInIsNegativeThenThrowIllegalArgumentException() {
 
-		TokenResponse.withToken(TOKEN)
 
+		OAuth2AccessTokenResponse.withToken(TOKEN)
 
 			.expiresIn(INVALID_EXPIRES_IN)
 
 			.additionalParameters(Collections.emptyMap())
 
 			.scopes(Collections.emptySet())
 
-			.tokenType(AccessToken.TokenType.BEARER)
 
+			.tokenType(OAuth2AccessToken.TokenType.BEARER)
 
 			.build();
 
 	}
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenTokenTypeIsInvalidThenThrowIllegalArgumentException() {
 
-		TokenResponse.withToken(TOKEN)
 
+		OAuth2AccessTokenResponse.withToken(TOKEN)
 
 			.expiresIn(EXPIRES_IN)
 
 			.additionalParameters(Collections.emptyMap())
 
 			.tokenType(null)
 
@@ -62,7 +62,7 @@ public class TokenResponseTest {
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenTokenTypeNotSetThenThrowIllegalArgumentException() {
 
-		TokenResponse.withToken(TOKEN)
 
+		OAuth2AccessTokenResponse.withToken(TOKEN)
 
 			.expiresIn(EXPIRES_IN)
 
 			.additionalParameters(Collections.emptyMap())
 
 			.build();

+ 15 - 15
oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/AuthorizationRequestTest.java → oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequestTests.java
파일 보기 

@@ -24,11 +24,11 @@ import static org.assertj.core.api.Assertions.assertThat;
 
 import static org.assertj.core.api.Assertions.assertThatCode;
 
 
 /**
 
- * Tests {@link AuthorizationRequest}
 
+ * Tests {@link OAuth2AuthorizationRequest}
 
  *
 
  * @author Luander Ribeiro
 
  */
 
-public class AuthorizationRequestTest {
 
+public class OAuth2AuthorizationRequestTests {
 
 	private static final String AUTHORIZE_URI = "http://authorize.uri/";
 
 	private static final String CLIENT_ID = "client id";
 
 	private static final String REDIRECT_URI = "http://redirect.uri/";
 
@@ -37,7 +37,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenAuthorizationUriIsNullThenThrowIllegalArgumentException() {
 
-		AuthorizationRequest.authorizationCode()
 
+		OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(null)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)
 
@@ -48,7 +48,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenAuthorizeUriNotSetThenThrowIllegalArgumentException() {
 
-		AuthorizationRequest.authorizationCode()
 
+		OAuth2AuthorizationRequest.authorizationCode()
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)
 
 			.scopes(SCOPE)
 
@@ -58,7 +58,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenClientIdIsNullThenThrowIllegalArgumentException() {
 
-		AuthorizationRequest.authorizationCode()
 
+		OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(null)
 
 			.redirectUri(REDIRECT_URI)
 
@@ -69,7 +69,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test(expected = IllegalArgumentException.class)
 
 	public void buildWhenClientIdNotSetThenThrowIllegalArgumentException() {
 
-		AuthorizationRequest.authorizationCode()
 
+		OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.redirectUri(REDIRECT_URI)
 
 			.scopes(SCOPE)
 
@@ -79,8 +79,8 @@ public class AuthorizationRequestTest {
 
 
 	@Test
 
 	public void buildWhenGetResponseTypeIsCalledThenReturnCode() {
 
-		AuthorizationRequest authorizationRequest;
 
-		authorizationRequest = AuthorizationRequest.authorizationCode()
 
+		OAuth2AuthorizationRequest authorizationRequest;
 
+		authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)
 
@@ -88,12 +88,12 @@ public class AuthorizationRequestTest {
 
 			.state(STATE)
 
 			.build();
 
 
-		assertThat(authorizationRequest.getResponseType()).isEqualTo(ResponseType.CODE);
 
+		assertThat(authorizationRequest.getResponseType()).isEqualTo(OAuth2AuthorizationResponseType.CODE);
 
 	}
 
 
 	@Test
 
 	public void buildWhenRedirectUriIsNullThenDoesNotThrowAnyException() {
 
-		assertThatCode(() -> AuthorizationRequest.authorizationCode()
 
+		assertThatCode(() -> OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(null)
 
@@ -104,7 +104,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test
 
 	public void buildWhenRedirectUriNotSetThenDoesNotThrowAnyException() {
 
-		assertThatCode(() -> AuthorizationRequest.authorizationCode()
 
+		assertThatCode(() -> OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.scopes(SCOPE)
 
@@ -114,7 +114,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test
 
 	public void buildWhenScopesIsNullThenDoesNotThrowAnyException() {
 
-		assertThatCode(() -> AuthorizationRequest.authorizationCode()
 
+		assertThatCode(() -> OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)
 
@@ -125,7 +125,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test
 
 	public void buildWhenScopesNotSetThenDoesNotThrowAnyException() {
 
-		assertThatCode(() -> AuthorizationRequest.authorizationCode()
 
+		assertThatCode(() -> OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)
 
@@ -135,7 +135,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test
 
 	public void buildWhenStateIsNullThenDoesNotThrowAnyException() {
 
-		assertThatCode(() -> AuthorizationRequest.authorizationCode()
 
+		assertThatCode(() -> OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)
 
@@ -146,7 +146,7 @@ public class AuthorizationRequestTest {
 
 
 	@Test
 
 	public void buildWhenStateNotSetThenDoesNotThrowAnyException() {
 
-		assertThatCode(() -> AuthorizationRequest.authorizationCode()
 
+		assertThatCode(() -> OAuth2AuthorizationRequest.authorizationCode()
 
 			.authorizationUri(AUTHORIZE_URI)
 
 			.clientId(CLIENT_ID)
 
 			.redirectUri(REDIRECT_URI)

+ 16 - 16
oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUserTests.java
파일 보기 

@@ -27,10 +27,10 @@ import org.junit.Test;
 
 import org.junit.rules.ExpectedException;
 
 import org.springframework.security.core.GrantedAuthority;
 
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
-import org.springframework.security.oauth2.core.oidc.IdToken;
 
-import org.springframework.security.oauth2.core.oidc.IdTokenClaim;
 
-import org.springframework.security.oauth2.core.oidc.StandardClaim;
 
-import org.springframework.security.oauth2.core.oidc.UserInfo;
 
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 
+import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
 
+import org.springframework.security.oauth2.core.oidc.OidcUserInfo;
 
+import org.springframework.security.oauth2.core.oidc.StandardClaimNames;
 
 
 import static org.assertj.core.api.Assertions.assertThat;
 
 
@@ -52,13 +52,13 @@ public class DefaultOidcUserTests {
 
 	private static final Map<String, Object> TEST_ID_TOKEN_CLAIMS = new HashMap<>();
 
 
 	static {
 
-		TEST_ID_TOKEN_CLAIMS.put(IdTokenClaim.ISS, "https://example.com");
 
-		TEST_ID_TOKEN_CLAIMS.put(IdTokenClaim.SUB, TEST_SUBJECT);
 
+		TEST_ID_TOKEN_CLAIMS.put(IdTokenClaimNames.ISS, "https://example.com");
 
+		TEST_ID_TOKEN_CLAIMS.put(IdTokenClaimNames.SUB, TEST_SUBJECT);
 
 	}
 
 
-	private static final IdToken TEST_ID_TOKEN = new IdToken("value", Instant.EPOCH, Instant.MAX, TEST_ID_TOKEN_CLAIMS);
 
+	private static final OidcIdToken TEST_ID_TOKEN = new OidcIdToken("value", Instant.EPOCH, Instant.MAX, TEST_ID_TOKEN_CLAIMS);
 
 
-	private static final UserInfo TEST_USER_INFO = new UserInfo(Collections.singletonMap(StandardClaim.EMAIL, TEST_EMAIL));
 
+	private static final OidcUserInfo TEST_USER_INFO = new OidcUserInfo(Collections.singletonMap(StandardClaimNames.EMAIL, TEST_EMAIL));
 
 
 	@Rule
 
 	public ExpectedException thrown = ExpectedException.none();
 
@@ -70,17 +70,17 @@ public class DefaultOidcUserTests {
 
 		assertThat(user.getName()).isEqualTo(TEST_SUBJECT);
 
 		assertThat(user.getAuthorities()).hasSize(1);
 
 		assertThat(user.getAuthorities().iterator().next()).isEqualTo(TEST_AUTHORITY);
 
-		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaim.ISS, IdTokenClaim.SUB);
 
+		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaimNames.ISS, IdTokenClaimNames.SUB);
 
 	}
 
 
 	@Test
 
 	public void constructorWhenAuthoritiesAndIdTokenAndNameAttributeKeyThenIsCreated() {
 
-		DefaultOidcUser user = new DefaultOidcUser(TEST_AUTHORITIES, TEST_ID_TOKEN, IdTokenClaim.SUB);
 
+		DefaultOidcUser user = new DefaultOidcUser(TEST_AUTHORITIES, TEST_ID_TOKEN, IdTokenClaimNames.SUB);
 
 
 		assertThat(user.getName()).isEqualTo(TEST_SUBJECT);
 
 		assertThat(user.getAuthorities()).hasSize(1);
 
 		assertThat(user.getAuthorities().iterator().next()).isEqualTo(TEST_AUTHORITY);
 
-		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaim.ISS, IdTokenClaim.SUB);
 
+		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaimNames.ISS, IdTokenClaimNames.SUB);
 
 	}
 
 
 	@Test
 
@@ -90,17 +90,17 @@ public class DefaultOidcUserTests {
 
 		assertThat(user.getName()).isEqualTo(TEST_SUBJECT);
 
 		assertThat(user.getAuthorities()).hasSize(1);
 
 		assertThat(user.getAuthorities().iterator().next()).isEqualTo(TEST_AUTHORITY);
 
-		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaim.ISS, IdTokenClaim.SUB, StandardClaim.EMAIL);
 
+		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaimNames.ISS, IdTokenClaimNames.SUB, StandardClaimNames.EMAIL);
 
 	}
 
 
 	@Test
 
 	public void constructorWhenAuthoritiesAndIdTokenAndUserInfoAndNameAttributeKeyThenIsCreated() {
 
-		DefaultOidcUser user = new DefaultOidcUser(TEST_AUTHORITIES, TEST_ID_TOKEN, TEST_USER_INFO, StandardClaim.EMAIL);
 
+		DefaultOidcUser user = new DefaultOidcUser(TEST_AUTHORITIES, TEST_ID_TOKEN, TEST_USER_INFO, StandardClaimNames.EMAIL);
 
 
 		assertThat(user.getName()).isEqualTo(TEST_EMAIL);
 
 		assertThat(user.getAuthorities()).hasSize(1);
 
 		assertThat(user.getAuthorities().iterator().next()).isEqualTo(TEST_AUTHORITY);
 
-		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaim.ISS, IdTokenClaim.SUB, StandardClaim.EMAIL);
 
+		assertThat(user.getAttributes()).containsOnlyKeys(IdTokenClaimNames.ISS, IdTokenClaimNames.SUB, StandardClaimNames.EMAIL);
 
 	}
 
 
 	@Test
 
@@ -114,9 +114,9 @@ public class DefaultOidcUserTests {
 
 	@Test
 
 	public void constructorWhenNameAttributeKeyClaimIsNotPresentThenThrowsException() {
 
 		this.thrown.expect(IllegalArgumentException.class);
 
-		this.thrown.expectMessage("Missing attribute '" + StandardClaim.NAME + "' in attributes");
 
+		this.thrown.expectMessage("Missing attribute '" + StandardClaimNames.NAME + "' in attributes");
 
 
-		new DefaultOidcUser(TEST_AUTHORITIES, TEST_ID_TOKEN, TEST_USER_INFO, StandardClaim.NAME);
 
+		new DefaultOidcUser(TEST_AUTHORITIES, TEST_ID_TOKEN, TEST_USER_INFO, StandardClaimNames.NAME);
 
 	}
 
 
 }

+ 24 - 24
samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
파일 보기 

@@ -43,10 +43,10 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 
 import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
 
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRedirectFilter;
 
-import org.springframework.security.oauth2.core.AccessToken;
 
-import org.springframework.security.oauth2.core.endpoint.OAuth2Parameter;
 
-import org.springframework.security.oauth2.core.endpoint.ResponseType;
 
-import org.springframework.security.oauth2.core.endpoint.TokenResponse;
 
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponseType;
 
+import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
 
 import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
 
 import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 
 import org.springframework.test.context.junit4.SpringRunner;
 
@@ -136,13 +136,13 @@ public class OAuth2LoginApplicationTests {
 
 
 		Map<String, String> params = uriComponents.getQueryParams().toSingleValueMap();
 
 
-		assertThat(params.get(OAuth2Parameter.RESPONSE_TYPE)).isEqualTo(ResponseType.CODE.getValue());
 
-		assertThat(params.get(OAuth2Parameter.CLIENT_ID)).isEqualTo(this.githubClientRegistration.getClientId());
 
+		assertThat(params.get(OAuth2ParameterNames.RESPONSE_TYPE)).isEqualTo(OAuth2AuthorizationResponseType.CODE.getValue());
 
+		assertThat(params.get(OAuth2ParameterNames.CLIENT_ID)).isEqualTo(this.githubClientRegistration.getClientId());
 
 		String redirectUri = AUTHORIZE_BASE_URL + "/" + this.githubClientRegistration.getRegistrationId();
 
-		assertThat(URLDecoder.decode(params.get(OAuth2Parameter.REDIRECT_URI), "UTF-8")).isEqualTo(redirectUri);
 
-		assertThat(URLDecoder.decode(params.get(OAuth2Parameter.SCOPE), "UTF-8"))
 
+		assertThat(URLDecoder.decode(params.get(OAuth2ParameterNames.REDIRECT_URI), "UTF-8")).isEqualTo(redirectUri);
 
+		assertThat(URLDecoder.decode(params.get(OAuth2ParameterNames.SCOPE), "UTF-8"))
 
 				.isEqualTo(this.githubClientRegistration.getScopes().stream().collect(Collectors.joining(" ")));
 
-		assertThat(params.get(OAuth2Parameter.STATE)).isNotNull();
 
+		assertThat(params.get(OAuth2ParameterNames.STATE)).isNotNull();
 
 	}
 
 
 	@Test
 
@@ -177,13 +177,13 @@ public class OAuth2LoginApplicationTests {
 
 
 		Map<String, String> params = authorizeRequestUriComponents.getQueryParams().toSingleValueMap();
 
 		String code = "auth-code";
 
-		String state = URLDecoder.decode(params.get(OAuth2Parameter.STATE), "UTF-8");
 
-		String redirectUri = URLDecoder.decode(params.get(OAuth2Parameter.REDIRECT_URI), "UTF-8");
 
+		String state = URLDecoder.decode(params.get(OAuth2ParameterNames.STATE), "UTF-8");
 
+		String redirectUri = URLDecoder.decode(params.get(OAuth2ParameterNames.REDIRECT_URI), "UTF-8");
 
 
 		String authorizationResponseUri =
 
 				UriComponentsBuilder.fromHttpUrl(redirectUri)
 
-						.queryParam(OAuth2Parameter.CODE, code)
 
-						.queryParam(OAuth2Parameter.STATE, state)
 
+						.queryParam(OAuth2ParameterNames.CODE, code)
 
+						.queryParam(OAuth2ParameterNames.STATE, state)
 
 						.build().encode().toUriString();
 
 
 		page = this.webClient.getPage(new URL(authorizationResponseUri));
 
@@ -202,8 +202,8 @@ public class OAuth2LoginApplicationTests {
 
 
 		String authorizationResponseUri =
 
 				UriComponentsBuilder.fromHttpUrl(redirectUri)
 
-						.queryParam(OAuth2Parameter.CODE, code)
 
-						.queryParam(OAuth2Parameter.STATE, state)
 
+						.queryParam(OAuth2ParameterNames.CODE, code)
 
+						.queryParam(OAuth2ParameterNames.STATE, state)
 
 						.build().encode().toUriString();
 
 
 		// Clear session cookie will ensure the 'session-saved'
 
@@ -234,8 +234,8 @@ public class OAuth2LoginApplicationTests {
 
 
 		String authorizationResponseUri =
 
 				UriComponentsBuilder.fromHttpUrl(redirectUri)
 
-						.queryParam(OAuth2Parameter.CODE, code)
 
-						.queryParam(OAuth2Parameter.STATE, state)
 
+						.queryParam(OAuth2ParameterNames.CODE, code)
 
+						.queryParam(OAuth2ParameterNames.STATE, state)
 
 						.build().encode().toUriString();
 
 
 		page = this.webClient.getPage(new URL(authorizationResponseUri));
 
@@ -262,14 +262,14 @@ public class OAuth2LoginApplicationTests {
 
 
 		Map<String, String> params = authorizeRequestUriComponents.getQueryParams().toSingleValueMap();
 
 		String code = "auth-code";
 
-		String state = URLDecoder.decode(params.get(OAuth2Parameter.STATE), "UTF-8");
 
-		String redirectUri = URLDecoder.decode(params.get(OAuth2Parameter.REDIRECT_URI), "UTF-8");
 
+		String state = URLDecoder.decode(params.get(OAuth2ParameterNames.STATE), "UTF-8");
 
+		String redirectUri = URLDecoder.decode(params.get(OAuth2ParameterNames.REDIRECT_URI), "UTF-8");
 
 		redirectUri += "-invalid";
 
 
 		String authorizationResponseUri =
 
 				UriComponentsBuilder.fromHttpUrl(redirectUri)
 
-						.queryParam(OAuth2Parameter.CODE, code)
 
-						.queryParam(OAuth2Parameter.STATE, state)
 
+						.queryParam(OAuth2ParameterNames.CODE, code)
 
+						.queryParam(OAuth2ParameterNames.STATE, state)
 
 						.build().encode().toUriString();
 
 
 		page = this.webClient.getPage(new URL(authorizationResponseUri));
 
@@ -355,13 +355,13 @@ public class OAuth2LoginApplicationTests {
 
 		// @formatter:on
 
 
 		private AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> mockAuthorizationCodeTokenExchanger() {
 
-			TokenResponse tokenResponse = TokenResponse.withToken("access-token-1234")
 
-				.tokenType(AccessToken.TokenType.BEARER)
 
+			OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("access-token-1234")
 
+				.tokenType(OAuth2AccessToken.TokenType.BEARER)
 
 				.expiresIn(60 * 1000)
 
 				.build();
 
 
 			AuthorizationGrantTokenExchanger mock = mock(AuthorizationGrantTokenExchanger.class);
 
-			when(mock.exchange(any())).thenReturn(tokenResponse);
 
+			when(mock.exchange(any())).thenReturn(accessTokenResponse);
 
 			return mock;
 
 		}