Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Make user info response status check error only

Closes gh-9336
Benjamin Faal 4 years ago
parent
76229cfab7
commit
d85a7cfc4a
2 changed files with 22 additions and 3 deletions
Split View Show Diff Stats
  1. 2 2
      oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java
  2. 20 1
      oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserServiceTests.java

+ 2 - 2
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java
View File 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2021 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -108,7 +108,7 @@ public class DefaultReactiveOAuth2UserService implements ReactiveOAuth2UserServi
 
 					authenticationMethod);
 
 			// @formatter:off
 
 			Mono<Map<String, Object>> userAttributes = requestHeadersSpec.retrieve()
 
-					.onStatus((s) -> s != HttpStatus.OK, (response) ->
 
+					.onStatus(HttpStatus::isError, (response) ->
 
 						parse(response)
 
 							.map((userInfoErrorResponse) -> {
 
 								String description = userInfoErrorResponse.getErrorObject().getDescription();

+ 20 - 1
oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserServiceTests.java
View File 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2020 the original author or authors.
 
+ * Copyright 2002-2021 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -51,6 +51,7 @@ import org.springframework.web.reactive.function.client.WebClient;
 
 
 import static org.assertj.core.api.Assertions.assertThat;
 
 import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
+import static org.assertj.core.api.Assertions.assertThatNoException;
 
 import static org.mockito.ArgumentMatchers.any;
 
 import static org.mockito.BDDMockito.given;
 
 import static org.mockito.Mockito.mock;
 
@@ -144,6 +145,24 @@ public class DefaultReactiveOAuth2UserServiceTests {
 
 		assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes());
 
 	}
 
 
+	// gh-9336
 
+	@Test
 
+	public void loadUserWhenUserInfo201CreatedResponseThenReturnUser() {
 
+		// @formatter:off
 
+		String userInfoResponse = "{\n"
 
+				+ "   \"id\": \"user1\",\n"
 
+				+ "   \"first-name\": \"first\",\n"
 
+				+ "   \"last-name\": \"last\",\n"
 
+				+ "   \"middle-name\": \"middle\",\n"
 
+				+ "   \"address\": \"address\",\n"
 
+				+ "   \"email\": \"user1@example.com\"\n"
 
+				+ "}\n";
 
+		// @formatter:on
 
+		this.server.enqueue(new MockResponse().setResponseCode(201)
 
+				.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE).setBody(userInfoResponse));
 
+		assertThatNoException().isThrownBy(() -> this.userService.loadUser(oauth2UserRequest()).block());
 
+	}
 
+
 
 	// gh-5500
 
 	@Test
 
 	public void loadUserWhenAuthenticationMethodHeaderSuccessResponseThenHttpMethodGet() throws Exception {