Merge branch '1.0.x' into 1.1.x
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -55,7 +55,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.OrRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* An {@link AbstractHttpConfigurer} for OAuth 2.0 Authorization Server support.
|
||||
@@ -388,9 +387,6 @@ public final class OAuth2AuthorizationServerConfigurer
|
||||
} catch (Exception ex) {
|
||||
throw new IllegalArgumentException("issuer must be a valid URL", ex);
|
||||
}
|
||||
if (StringUtils.hasText(issuerUri.getPath())) {
|
||||
throw new IllegalArgumentException("Path component for issuer ('" + issuerUri.getPath() + "') is currently not supported");
|
||||
}
|
||||
// rfc8414 https://datatracker.ietf.org/doc/html/rfc8414#section-2
|
||||
if (issuerUri.getQuery() != null || issuerUri.getFragment() != null) {
|
||||
throw new IllegalArgumentException("issuer cannot contain query or fragment component");
|
||||
|
||||
@@ -162,13 +162,6 @@ public class OidcProviderConfigurationTests {
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithPathThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerPath.class).autowire()
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithQueryThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
@@ -190,13 +183,6 @@ public class OidcProviderConfigurationTests {
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithEmptyPathThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerEmptyPath.class).autowire()
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithEmptyQueryThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
@@ -314,15 +300,6 @@ public class OidcProviderConfigurationTests {
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerPath extends AuthorizationServerConfiguration {
|
||||
|
||||
@Bean
|
||||
AuthorizationServerSettings authorizationServerSettings() {
|
||||
return AuthorizationServerSettings.builder().issuer(ISSUER_URL + "/issuer1").build();
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerQuery extends AuthorizationServerConfiguration {
|
||||
|
||||
@@ -350,15 +327,6 @@ public class OidcProviderConfigurationTests {
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerEmptyPath extends AuthorizationServerConfiguration {
|
||||
|
||||
@Bean
|
||||
AuthorizationServerSettings authorizationServerSettings() {
|
||||
return AuthorizationServerSettings.builder().issuer(ISSUER_URL + "/").build();
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerEmptyQuery extends AuthorizationServerConfiguration {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user