Make AuthorizationRequestRepository a Generic

Fixes gh-4723

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java

@@ -43,6 +43,7 @@ import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequest
 import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
 import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
@@ -100,7 +101,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 	public class AuthorizationEndpointConfig {
 		private String authorizationRequestBaseUri;
 		private AuthorizationRequestUriBuilder authorizationRequestUriBuilder;
-		private AuthorizationRequestRepository authorizationRequestRepository;
+		private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
 
 		private AuthorizationEndpointConfig() {
 		}
@@ -117,7 +118,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 			return this;
 		}
 
-		public AuthorizationEndpointConfig authorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) {
+		public AuthorizationEndpointConfig authorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
 			Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
 			this.authorizationRequestRepository = authorizationRequestRepository;
 			return this;

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/AuthorizationRequestRepository.java

@@ -33,15 +33,17 @@ import javax.servlet.http.HttpServletResponse;
  * @author Joe Grandja
  * @since 5.0
  * @see OAuth2AuthorizationRequest
- * @see HttpSessionAuthorizationRequestRepository
+ * @see HttpSessionOAuth2AuthorizationRequestRepository
+ *
+ * @param <T> The type of <i>OAuth 2.0 Authorization Request</i>
  */
-public interface AuthorizationRequestRepository {
+public interface AuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> {
 
-	OAuth2AuthorizationRequest loadAuthorizationRequest(HttpServletRequest request);
+	T loadAuthorizationRequest(HttpServletRequest request);
 
-	void saveAuthorizationRequest(OAuth2AuthorizationRequest authorizationRequest, HttpServletRequest request,
+	void saveAuthorizationRequest(T authorizationRequest, HttpServletRequest request,
 									HttpServletResponse response);
 
-	OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request);
+	T removeAuthorizationRequest(HttpServletRequest request);
 
 }

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionAuthorizationRequestRepository.java → oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepository.java

@@ -29,9 +29,9 @@ import javax.servlet.http.HttpSession;
  * @since 5.0
  * @see OAuth2AuthorizationRequest
  */
-public final class HttpSessionAuthorizationRequestRepository implements AuthorizationRequestRepository {
+public final class HttpSessionOAuth2AuthorizationRequestRepository implements AuthorizationRequestRepository<OAuth2AuthorizationRequest> {
 	private static final String DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME =
-			HttpSessionAuthorizationRequestRepository.class.getName() +  ".AUTHORIZATION_REQUEST";
+			HttpSessionOAuth2AuthorizationRequestRepository.class.getName() +  ".AUTHORIZATION_REQUEST";
 	private final String sessionAttributeName = DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME;
 
 	@Override

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java

@@ -73,7 +73,8 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
 	private AuthorizationRequestUriBuilder authorizationRequestUriBuilder = new OAuth2AuthorizationRequestUriBuilder();
 	private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();
 	private final StringKeyGenerator stateGenerator = new Base64StringKeyGenerator(Base64.getUrlEncoder());
-	private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
+	private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository =
+		new HttpSessionOAuth2AuthorizationRequestRepository();
 
 	public OAuth2AuthorizationRequestRedirectFilter(ClientRegistrationRepository clientRegistrationRepository) {
 		this(DEFAULT_AUTHORIZATION_REQUEST_BASE_URI, clientRegistrationRepository);
@@ -94,7 +95,7 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
 		this.authorizationRequestUriBuilder = authorizationRequestUriBuilder;
 	}
 
-	public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) {
+	public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
 		Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
 		this.authorizationRequestRepository = authorizationRequestRepository;
 	}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java

@@ -84,7 +84,8 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 	public static final String DEFAULT_FILTER_PROCESSES_URI = "/login/oauth2/code/*";
 	private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
 	private ClientRegistrationRepository clientRegistrationRepository;
-	private AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
+	private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository =
+		new HttpSessionOAuth2AuthorizationRequestRepository();
 	private OAuth2TokenRepository<OAuth2AccessToken> accessTokenRepository = new InMemoryAccessTokenRepository();
 
 	public OAuth2LoginAuthenticationFilter() {
@@ -152,7 +153,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce
 		this.clientRegistrationRepository = clientRegistrationRepository;
 	}
 
-	public final void setAuthorizationRequestRepository(AuthorizationRequestRepository authorizationRequestRepository) {
+	public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
 		Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
 		this.authorizationRequestRepository = authorizationRequestRepository;
 	}

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilterTests.java

@@ -87,7 +87,8 @@ public class OAuth2AuthorizationRequestRedirectFilterTests {
 		String authorizationUri = clientRegistration.getProviderDetails().getAuthorizationUri().toString();
 		OAuth2AuthorizationRequestRedirectFilter filter =
 				setupFilter(authorizationUri, clientRegistration);
-		AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
+		AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository =
+			new HttpSessionOAuth2AuthorizationRequestRepository();
 		filter.setAuthorizationRequestRepository(authorizationRequestRepository);
 
 		String requestUri = TestUtil.AUTHORIZATION_BASE_URI + "/" + clientRegistration.getRegistrationId();

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java

@@ -109,7 +109,8 @@ public class OAuth2LoginAuthenticationFilterTests {
 		OAuth2LoginAuthenticationFilter filter = Mockito.spy(setupFilter(authenticationManager, clientRegistration));
 		AuthenticationSuccessHandler successHandler = mock(AuthenticationSuccessHandler.class);
 		filter.setAuthenticationSuccessHandler(successHandler);
-		AuthorizationRequestRepository authorizationRequestRepository = new HttpSessionAuthorizationRequestRepository();
+		AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository =
+			new HttpSessionOAuth2AuthorizationRequestRepository();
 		filter.setAuthorizationRequestRepository(authorizationRequestRepository);
 
 		MockHttpServletRequest request = this.setupRequest(clientRegistration);
@@ -187,7 +188,7 @@ public class OAuth2LoginAuthenticationFilterTests {
 		return filter;
 	}
 
-	private void setupAuthorizationRequest(AuthorizationRequestRepository authorizationRequestRepository,
+	private void setupAuthorizationRequest(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository,
 											HttpServletRequest request,
 											HttpServletResponse response,
 											ClientRegistration clientRegistration,