Polish OAuth2LoginAuthenticationToken

Fixes gh-4744

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProvider.java

@@ -124,10 +124,10 @@ public class OAuth2LoginAuthenticationProvider implements AuthenticationProvider
 			this.authoritiesMapper.mapAuthorities(oauth2User.getAuthorities());
 
 		OAuth2LoginAuthenticationToken authenticationResult = new OAuth2LoginAuthenticationToken(
-			oauth2User,
-			mappedAuthorities,
 			authorizationCodeAuthentication.getClientRegistration(),
 			authorizationCodeAuthentication.getAuthorizationExchange(),
+			oauth2User,
+			mappedAuthorities,
 			accessToken);
 		authenticationResult.setDetails(authorizationCodeAuthentication.getDetails());
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationToken.java

@@ -69,25 +69,25 @@ public class OAuth2LoginAuthenticationToken extends AbstractAuthenticationToken
 	 * which indicates that the Authorization Code Grant flow has fully completed
 	 * and OAuth 2.0 Login has been achieved.
 	 *
-	 * @param principal
-	 * @param authorities
 	 * @param clientRegistration
 	 * @param authorizationExchange
+	 * @param principal
+	 * @param authorities
 	 * @param accessToken
 	 */
-	public OAuth2LoginAuthenticationToken(OAuth2User principal,
-											Collection<? extends GrantedAuthority> authorities,
-											ClientRegistration clientRegistration,
+	public OAuth2LoginAuthenticationToken(ClientRegistration clientRegistration,
 											OAuth2AuthorizationExchange authorizationExchange,
+											OAuth2User principal,
+											Collection<? extends GrantedAuthority> authorities,
 											OAuth2AccessToken accessToken) {
 		super(authorities);
-		Assert.notNull(principal, "principal cannot be null");
 		Assert.notNull(clientRegistration, "clientRegistration cannot be null");
 		Assert.notNull(authorizationExchange, "authorizationExchange cannot be null");
+		Assert.notNull(principal, "principal cannot be null");
 		Assert.notNull(accessToken, "accessToken cannot be null");
-		this.principal = principal;
 		this.clientRegistration = clientRegistration;
 		this.authorizationExchange = authorizationExchange;
+		this.principal = principal;
 		this.accessToken = accessToken;
 		this.setAuthenticated(true);
 	}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProvider.java

@@ -159,10 +159,10 @@ public class OidcAuthorizationCodeAuthenticationProvider implements Authenticati
 			this.authoritiesMapper.mapAuthorities(oidcUser.getAuthorities());
 
 		OidcAuthorizationCodeAuthenticationToken authenticationResult = new OidcAuthorizationCodeAuthenticationToken(
-			oidcUser,
-			mappedAuthorities,
 			authorizationCodeAuthentication.getClientRegistration(),
 			authorizationCodeAuthentication.getAuthorizationExchange(),
+			oidcUser,
+			mappedAuthorities,
 			accessToken,
 			idToken);
 		authenticationResult.setDetails(authorizationCodeAuthentication.getDetails());

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationToken.java

@@ -56,21 +56,21 @@ public class OidcAuthorizationCodeAuthenticationToken extends OAuth2LoginAuthent
 	 * which indicates that the Authorization Code Flow has fully completed
 	 * and OpenID Connect 1.0 Authentication has been achieved.
 	 *
-	 * @param principal
-	 * @param authorities
 	 * @param clientRegistration
 	 * @param authorizationExchange
+	 * @param principal
+	 * @param authorities
 	 * @param accessToken
 	 * @param idToken
 	 */
-	public OidcAuthorizationCodeAuthenticationToken(OidcUser principal,
-													Collection<? extends GrantedAuthority> authorities,
-													ClientRegistration clientRegistration,
+	public OidcAuthorizationCodeAuthenticationToken(ClientRegistration clientRegistration,
 													OAuth2AuthorizationExchange authorizationExchange,
+													OidcUser principal,
+													Collection<? extends GrantedAuthority> authorities,
 													OAuth2AccessToken accessToken,
 													OidcIdToken idToken) {
 
-		super(principal, authorities, clientRegistration, authorizationExchange, accessToken);
+		super(clientRegistration, authorizationExchange, principal, authorities, accessToken);
 		Assert.notNull(idToken, "idToken cannot be null");
 		this.idToken = idToken;
 	}