Merge branch '1.3.x'
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2024 the original author or authors.
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -241,13 +241,9 @@ public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2C
|
||||
? OAuth2ConfigurerUtils
|
||||
.withMultipleIssuersPattern(authorizationServerSettings.getAuthorizationEndpoint())
|
||||
: authorizationServerSettings.getAuthorizationEndpoint();
|
||||
List<RequestMatcher> requestMatchers = new ArrayList<>();
|
||||
requestMatchers.add(new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.GET.name()));
|
||||
requestMatchers.add(new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.POST.name()));
|
||||
if (StringUtils.hasText(this.consentPage)) {
|
||||
requestMatchers.add(new AntPathRequestMatcher(this.consentPage));
|
||||
}
|
||||
this.requestMatcher = new OrRequestMatcher(requestMatchers);
|
||||
this.requestMatcher = new OrRequestMatcher(
|
||||
new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.GET.name()),
|
||||
new AntPathRequestMatcher(authorizationEndpointUri, HttpMethod.POST.name()));
|
||||
List<AuthenticationProvider> authenticationProviders = createDefaultAuthenticationProviders(httpSecurity);
|
||||
if (!this.authenticationProviders.isEmpty()) {
|
||||
authenticationProviders.addAll(0, this.authenticationProviders);
|
||||
|
||||
@@ -104,7 +104,6 @@ import org.springframework.security.oauth2.server.authorization.client.Registere
|
||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
||||
import org.springframework.security.oauth2.server.authorization.client.TestRegisteredClients;
|
||||
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
|
||||
import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
|
||||
import org.springframework.security.oauth2.server.authorization.jackson2.TestingAuthenticationTokenMixin;
|
||||
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
|
||||
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
|
||||
@@ -126,14 +125,11 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand
|
||||
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
|
||||
import org.springframework.security.web.context.SecurityContextRepository;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
import org.springframework.test.web.servlet.MvcResult;
|
||||
import org.springframework.util.LinkedMultiValueMap;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.util.UriComponents;
|
||||
import org.springframework.web.util.UriComponentsBuilder;
|
||||
import org.springframework.web.util.UriUtils;
|
||||
@@ -750,15 +746,6 @@ public class OAuth2AuthorizationCodeGrantTests {
|
||||
assertThat(authorization).isNotNull();
|
||||
}
|
||||
|
||||
// gh-1668
|
||||
@Test
|
||||
public void requestWhenCustomConsentPageConfiguredThenAuthorizationServerContextIsAccessible() throws Exception {
|
||||
this.spring.register(AuthorizationServerConfigurationCustomConsentPageAccessAuthorizationServerContext.class)
|
||||
.autowire();
|
||||
|
||||
this.mvc.perform(get(consentPage).with(user("user"))).andExpect(status().isOk());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestWhenCustomConsentCustomizerConfiguredThenUsed() throws Exception {
|
||||
this.spring.register(AuthorizationServerConfigurationCustomConsentRequest.class).autowire();
|
||||
@@ -1222,26 +1209,6 @@ public class OAuth2AuthorizationCodeGrantTests {
|
||||
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
static class AuthorizationServerConfigurationCustomConsentPageAccessAuthorizationServerContext
|
||||
extends AuthorizationServerConfigurationCustomConsentPage {
|
||||
|
||||
@Controller
|
||||
class ConsentController {
|
||||
|
||||
@GetMapping("/oauth2/consent")
|
||||
@ResponseBody
|
||||
String consent() {
|
||||
// Ensure the AuthorizationServerContext is accessible
|
||||
AuthorizationServerContextHolder.getContext().getIssuer();
|
||||
return "";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
@Configuration(proxyBeanMethods = false)
|
||||
static class AuthorizationServerConfigurationCustomConsentRequest extends AuthorizationServerConfiguration {
|
||||
|
||||
Reference in New Issue
Block a user