Polish gh-1252
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2021 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -84,7 +84,7 @@ public final class OAuth2AuthorizationCodeAuthenticationConverter implements Aut
|
||||
!key.equals(OAuth2ParameterNames.CLIENT_ID) &&
|
||||
!key.equals(OAuth2ParameterNames.CODE) &&
|
||||
!key.equals(OAuth2ParameterNames.REDIRECT_URI)) {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -138,7 +138,7 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationConverter impleme
|
||||
!key.equals(OAuth2ParameterNames.REDIRECT_URI) &&
|
||||
!key.equals(OAuth2ParameterNames.SCOPE) &&
|
||||
!key.equals(OAuth2ParameterNames.STATE)) {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -93,7 +93,7 @@ public final class OAuth2AuthorizationConsentAuthenticationConverter implements
|
||||
if (!key.equals(OAuth2ParameterNames.CLIENT_ID) &&
|
||||
!key.equals(OAuth2ParameterNames.STATE) &&
|
||||
!key.equals(OAuth2ParameterNames.SCOPE)) {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2021 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -79,7 +79,7 @@ public final class OAuth2ClientCredentialsAuthenticationConverter implements Aut
|
||||
parameters.forEach((key, value) -> {
|
||||
if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
|
||||
!key.equals(OAuth2ParameterNames.SCOPE)) {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2021 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -16,8 +16,8 @@
|
||||
package org.springframework.security.oauth2.server.authorization.web.authentication;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
@@ -58,13 +58,16 @@ final class OAuth2EndpointUtils {
|
||||
if (!matchesAuthorizationCodeGrantRequest(request)) {
|
||||
return Collections.emptyMap();
|
||||
}
|
||||
MultiValueMap<String, String> parameters = getParameters(request);
|
||||
MultiValueMap<String, String> multiValueParameters = getParameters(request);
|
||||
for (String exclusion : exclusions) {
|
||||
parameters.remove(exclusion);
|
||||
multiValueParameters.remove(exclusion);
|
||||
}
|
||||
return parameters.entrySet().stream()
|
||||
.collect(Collectors.toMap(Map.Entry::getKey,
|
||||
e -> e.getValue().size() == 1 ? e.getValue().get(0) : e.getValue().toArray(new String[0])));
|
||||
|
||||
Map<String, Object> parameters = new HashMap<>();
|
||||
multiValueParameters.forEach((key, value) ->
|
||||
parameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0])));
|
||||
|
||||
return parameters;
|
||||
}
|
||||
|
||||
static boolean matchesAuthorizationCodeGrantRequest(HttpServletRequest request) {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2021 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -90,7 +90,7 @@ public final class OAuth2RefreshTokenAuthenticationConverter implements Authenti
|
||||
if (!key.equals(OAuth2ParameterNames.GRANT_TYPE) &&
|
||||
!key.equals(OAuth2ParameterNames.REFRESH_TOKEN) &&
|
||||
!key.equals(OAuth2ParameterNames.SCOPE)) {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -69,7 +69,7 @@ public final class OAuth2TokenIntrospectionAuthenticationConverter implements Au
|
||||
parameters.forEach((key, value) -> {
|
||||
if (!key.equals(OAuth2ParameterNames.TOKEN) &&
|
||||
!key.equals(OAuth2ParameterNames.TOKEN_TYPE_HINT)) {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0]));
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2021 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -70,9 +70,8 @@ public final class PublicClientAuthenticationConverter implements Authentication
|
||||
parameters.remove(OAuth2ParameterNames.CLIENT_ID);
|
||||
|
||||
Map<String, Object> additionalParameters = new HashMap<>();
|
||||
parameters.forEach((key, value) -> {
|
||||
additionalParameters.put(key, value.size() == 1 ? value.get(0) : value.toArray(new String[0]));
|
||||
});
|
||||
parameters.forEach((key, value) ->
|
||||
additionalParameters.put(key, (value.size() == 1) ? value.get(0) : value.toArray(new String[0])));
|
||||
|
||||
return new OAuth2ClientAuthenticationToken(clientId, ClientAuthenticationMethod.NONE, null,
|
||||
additionalParameters);
|
||||
|
||||
@@ -556,7 +556,7 @@ public class OAuth2AuthorizationEndpointFilterTests {
|
||||
.thenReturn(authorizationCodeRequestAuthenticationResult);
|
||||
|
||||
MockHttpServletRequest request = createAuthorizationRequest(registeredClient);
|
||||
request.addParameter("foo", "value1", "value2");
|
||||
request.addParameter("custom-param", "custom-value-1", "custom-value-2");
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
FilterChain filterChain = mock(FilterChain.class);
|
||||
@@ -575,9 +575,9 @@ public class OAuth2AuthorizationEndpointFilterTests {
|
||||
|
||||
// Assert that multi-valued request parameters are preserved
|
||||
assertThat(authorizationCodeRequestAuthenticationCaptor.getValue().getAdditionalParameters())
|
||||
.extracting(ap -> ap.get("foo"))
|
||||
.extracting(params -> params.get("custom-param"))
|
||||
.asInstanceOf(type(String[].class))
|
||||
.isEqualTo(new String[] { "value1", "value2" });
|
||||
.isEqualTo(new String[] { "custom-value-1", "custom-value-2" });
|
||||
assertThat(response.getStatus()).isEqualTo(HttpStatus.FOUND.value());
|
||||
assertThat(response.getRedirectedUrl()).isEqualTo(
|
||||
"https://example.com?param=encoded%20parameter%20value&code=code&state=client%20state");
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -18,7 +18,6 @@ package org.springframework.security.oauth2.server.authorization.web;
|
||||
import java.time.Duration;
|
||||
import java.time.Instant;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
|
||||
@@ -242,10 +241,9 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
new HashSet<>(Arrays.asList("scope1", "scope2")));
|
||||
OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
|
||||
"refresh-token", Instant.now(), Instant.now().plus(Duration.ofDays(1)));
|
||||
Map<String, Object> additionalParameters = Collections.singletonMap("custom-param", "custom-value");
|
||||
OAuth2AccessTokenAuthenticationToken accessTokenAuthentication =
|
||||
new OAuth2AccessTokenAuthenticationToken(
|
||||
registeredClient, clientPrincipal, accessToken, refreshToken, additionalParameters);
|
||||
registeredClient, clientPrincipal, accessToken, refreshToken);
|
||||
|
||||
when(this.authenticationManager.authenticate(any())).thenReturn(accessTokenAuthentication);
|
||||
|
||||
@@ -274,7 +272,7 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
request.getParameter(OAuth2ParameterNames.REDIRECT_URI));
|
||||
assertThat(authorizationCodeAuthentication.getAdditionalParameters())
|
||||
.containsExactly(entry("custom-param-1", "custom-value-1"),
|
||||
entry("custom-param-2", new String[]{ "custom-value-2a", "custom-value-2b" }));
|
||||
entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
|
||||
assertThat(authorizationCodeAuthentication.getDetails())
|
||||
.asInstanceOf(type(WebAuthenticationDetails.class))
|
||||
.extracting(WebAuthenticationDetails::getRemoteAddress)
|
||||
@@ -292,7 +290,6 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
accessToken.getExpiresAt().minusSeconds(1), accessToken.getExpiresAt().plusSeconds(1));
|
||||
assertThat(accessTokenResult.getScopes()).isEqualTo(accessToken.getScopes());
|
||||
assertThat(accessTokenResponse.getRefreshToken().getTokenValue()).isEqualTo(refreshToken.getTokenValue());
|
||||
assertThat(accessTokenResponse.getAdditionalParameters()).containsExactly(entry("custom-param", "custom-value"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -342,7 +339,7 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
assertThat(clientCredentialsAuthentication.getScopes()).isEqualTo(registeredClient.getScopes());
|
||||
assertThat(clientCredentialsAuthentication.getAdditionalParameters())
|
||||
.containsExactly(entry("custom-param-1", "custom-value-1"),
|
||||
entry("custom-param-2", new String[]{ "custom-value-2a", "custom-value-2b" }));
|
||||
entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
|
||||
assertThat(clientCredentialsAuthentication.getDetails())
|
||||
.asInstanceOf(type(WebAuthenticationDetails.class))
|
||||
.extracting(WebAuthenticationDetails::getRemoteAddress)
|
||||
@@ -433,7 +430,7 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
assertThat(refreshTokenAuthenticationToken.getScopes()).isEqualTo(registeredClient.getScopes());
|
||||
assertThat(refreshTokenAuthenticationToken.getAdditionalParameters())
|
||||
.containsExactly(entry("custom-param-1", "custom-value-1"),
|
||||
entry("custom-param-2", new String[]{ "custom-value-2a", "custom-value-2b" }));
|
||||
entry("custom-param-2", new String[] { "custom-value-1", "custom-value-2" }));
|
||||
assertThat(refreshTokenAuthenticationToken.getDetails())
|
||||
.asInstanceOf(type(WebAuthenticationDetails.class))
|
||||
.extracting(WebAuthenticationDetails::getRemoteAddress)
|
||||
@@ -616,7 +613,7 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
// The client does not need to send the client ID param, but we are resilient in case they do
|
||||
request.addParameter(OAuth2ParameterNames.CLIENT_ID, registeredClient.getClientId());
|
||||
request.addParameter("custom-param-1", "custom-value-1");
|
||||
request.addParameter("custom-param-2", "custom-value-2a", "custom-value-2b");
|
||||
request.addParameter("custom-param-2", "custom-value-1", "custom-value-2");
|
||||
|
||||
return request;
|
||||
}
|
||||
@@ -631,7 +628,7 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
request.addParameter(OAuth2ParameterNames.SCOPE,
|
||||
StringUtils.collectionToDelimitedString(registeredClient.getScopes(), " "));
|
||||
request.addParameter("custom-param-1", "custom-value-1");
|
||||
request.addParameter("custom-param-2", "custom-value-2a", "custom-value-2b");
|
||||
request.addParameter("custom-param-2", "custom-value-1", "custom-value-2");
|
||||
|
||||
return request;
|
||||
}
|
||||
@@ -647,7 +644,7 @@ public class OAuth2TokenEndpointFilterTests {
|
||||
request.addParameter(OAuth2ParameterNames.SCOPE,
|
||||
StringUtils.collectionToDelimitedString(registeredClient.getScopes(), " "));
|
||||
request.addParameter("custom-param-1", "custom-value-1");
|
||||
request.addParameter("custom-param-2", "custom-value-2a", "custom-value-2b");
|
||||
request.addParameter("custom-param-2", "custom-value-1", "custom-value-2");
|
||||
|
||||
return request;
|
||||
}
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -219,7 +219,7 @@ public class OAuth2TokenIntrospectionEndpointFilterTests {
|
||||
MockHttpServletRequest request = createTokenIntrospectionRequest(
|
||||
accessToken.getTokenValue(), OAuth2TokenType.ACCESS_TOKEN.getValue());
|
||||
request.addParameter("custom-param-1", "custom-value-1");
|
||||
request.addParameter("custom-param-2", "custom-value-2a", "custom-value-2b");
|
||||
request.addParameter("custom-param-2", "custom-value-1", "custom-value-2");
|
||||
|
||||
MockHttpServletResponse response = new MockHttpServletResponse();
|
||||
FilterChain filterChain = mock(FilterChain.class);
|
||||
@@ -236,7 +236,7 @@ public class OAuth2TokenIntrospectionEndpointFilterTests {
|
||||
assertThat(tokenIntrospectionAuthentication.getValue().getAdditionalParameters())
|
||||
.contains(
|
||||
entry("custom-param-1", "custom-value-1"),
|
||||
entry("custom-param-2", new String[]{"custom-value-2a", "custom-value-2b"}));
|
||||
entry("custom-param-2", new String[] {"custom-value-1", "custom-value-2"}));
|
||||
|
||||
OAuth2TokenIntrospection tokenIntrospectionResponse = readTokenIntrospectionResponse(response);
|
||||
assertThat(tokenIntrospectionResponse.isActive()).isEqualTo(tokenClaims.isActive());
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -106,7 +106,7 @@ public class ClientSecretBasicAuthenticationConverterTests {
|
||||
@Test
|
||||
public void convertWhenConfidentialClientWithPkceParametersThenAdditionalParametersIncluded() throws Exception {
|
||||
MockHttpServletRequest request = createPkceTokenRequest();
|
||||
request.addParameter("custom-param-1", "custom-value-1a", "custom-value-1b");
|
||||
request.addParameter("custom-param", "custom-value-1", "custom-value-2");
|
||||
request.addHeader(HttpHeaders.AUTHORIZATION, "Basic " + encodeBasicAuth("clientId", "secret"));
|
||||
OAuth2ClientAuthenticationToken authentication = (OAuth2ClientAuthenticationToken) this.converter.convert(request);
|
||||
assertThat(authentication.getPrincipal()).isEqualTo("clientId");
|
||||
@@ -117,7 +117,7 @@ public class ClientSecretBasicAuthenticationConverterTests {
|
||||
entry(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue()),
|
||||
entry(OAuth2ParameterNames.CODE, "code"),
|
||||
entry(PkceParameterNames.CODE_VERIFIER, "code-verifier-1"),
|
||||
entry("custom-param-1", new String[] { "custom-value-1a", "custom-value-1b" }));
|
||||
entry("custom-param", new String[] { "custom-value-1", "custom-value-2" }));
|
||||
}
|
||||
|
||||
private static String encodeBasicAuth(String clientId, String secret) throws Exception {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -95,7 +95,7 @@ public class ClientSecretPostAuthenticationConverterTests {
|
||||
MockHttpServletRequest request = createPkceTokenRequest();
|
||||
request.addParameter(OAuth2ParameterNames.CLIENT_ID, "client-1");
|
||||
request.addParameter(OAuth2ParameterNames.CLIENT_SECRET, "client-secret");
|
||||
request.addParameter("custom-param-1", "custom-value-1a", "custom-value-1b");
|
||||
request.addParameter("custom-param", "custom-value-1", "custom-value-2");
|
||||
OAuth2ClientAuthenticationToken authentication = (OAuth2ClientAuthenticationToken) this.converter.convert(request);
|
||||
assertThat(authentication.getPrincipal()).isEqualTo("client-1");
|
||||
assertThat(authentication.getCredentials()).isEqualTo("client-secret");
|
||||
@@ -105,7 +105,7 @@ public class ClientSecretPostAuthenticationConverterTests {
|
||||
entry(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue()),
|
||||
entry(OAuth2ParameterNames.CODE, "code"),
|
||||
entry(PkceParameterNames.CODE_VERIFIER, "code-verifier-1"),
|
||||
entry("custom-param-1", new String[] { "custom-value-1a", "custom-value-1b" }));
|
||||
entry("custom-param", new String[] { "custom-value-1", "custom-value-2" }));
|
||||
}
|
||||
|
||||
private static MockHttpServletRequest createPkceTokenRequest() {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -108,7 +108,7 @@ public class JwtClientAssertionAuthenticationConverterTests {
|
||||
request.addParameter(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
|
||||
request.addParameter(OAuth2ParameterNames.CODE, "code");
|
||||
request.addParameter("custom-param-1", "custom-value-1");
|
||||
request.addParameter("custom-param-2", "custom-value-2a", "custom-value-2b");
|
||||
request.addParameter("custom-param-2", "custom-value-1", "custom-value-2");
|
||||
OAuth2ClientAuthenticationToken authentication = (OAuth2ClientAuthenticationToken) this.converter.convert(request);
|
||||
assertThat(authentication.getPrincipal()).isEqualTo("client-1");
|
||||
assertThat(authentication.getCredentials()).isEqualTo("jwt-assertion");
|
||||
@@ -118,7 +118,7 @@ public class JwtClientAssertionAuthenticationConverterTests {
|
||||
entry(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue()),
|
||||
entry(OAuth2ParameterNames.CODE, "code"),
|
||||
entry("custom-param-1", "custom-value-1"),
|
||||
entry("custom-param-2", new String[] {"custom-value-2a", "custom-value-2b"}));
|
||||
entry("custom-param-2", new String[] {"custom-value-1", "custom-value-2"}));
|
||||
}
|
||||
|
||||
private void assertThrown(MockHttpServletRequest request, String errorCode) {
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -82,8 +82,8 @@ public class PublicClientAuthenticationConverterTests {
|
||||
@Test
|
||||
public void convertWhenPublicClientThenReturnClientAuthenticationToken() {
|
||||
MockHttpServletRequest request = createPkceTokenRequest();
|
||||
request.addParameter("param-1", "value-1");
|
||||
request.addParameter("param-2", "value-2", "value-2b");
|
||||
request.addParameter("custom-param-1", "custom-value-1");
|
||||
request.addParameter("custom-param-2", "custom-value-1", "custom-value-2");
|
||||
OAuth2ClientAuthenticationToken authentication = (OAuth2ClientAuthenticationToken) this.converter.convert(request);
|
||||
assertThat(authentication.getPrincipal()).isEqualTo("client-1");
|
||||
assertThat(authentication.getClientAuthenticationMethod()).isEqualTo(ClientAuthenticationMethod.NONE);
|
||||
@@ -92,8 +92,8 @@ public class PublicClientAuthenticationConverterTests {
|
||||
entry(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue()),
|
||||
entry(OAuth2ParameterNames.CODE, "code"),
|
||||
entry(PkceParameterNames.CODE_VERIFIER, "code-verifier-1"),
|
||||
entry("param-1", "value-1"),
|
||||
entry("param-2", new String[] {"value-2", "value-2b"}));
|
||||
entry("custom-param-1", "custom-value-1"),
|
||||
entry("custom-param-2", new String[] {"custom-value-1", "custom-value-2"}));
|
||||
}
|
||||
|
||||
private static MockHttpServletRequest createPkceTokenRequest() {
|
||||
|
||||
Reference in New Issue
Block a user