Merge branch '0.4.x' into 1.0.x
This commit is contained in:
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2020-2023 the original author or authors.
|
||||
* Copyright 2020-2022 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -48,7 +48,6 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.OrRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
/**
|
||||
* An {@link AbstractHttpConfigurer} for OAuth 2.0 Authorization Server support.
|
||||
@@ -332,9 +331,6 @@ public final class OAuth2AuthorizationServerConfigurer
|
||||
} catch (Exception ex) {
|
||||
throw new IllegalArgumentException("issuer must be a valid URL", ex);
|
||||
}
|
||||
if (StringUtils.hasText(issuerUri.getPath())) {
|
||||
throw new IllegalArgumentException("Path component for issuer ('" + issuerUri.getPath() + "') is currently not supported");
|
||||
}
|
||||
// rfc8414 https://datatracker.ietf.org/doc/html/rfc8414#section-2
|
||||
if (issuerUri.getQuery() != null || issuerUri.getFragment() != null) {
|
||||
throw new IllegalArgumentException("issuer cannot contain query or fragment component");
|
||||
|
||||
@@ -161,13 +161,6 @@ public class OidcProviderConfigurationTests {
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithPathThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerPath.class).autowire()
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithQueryThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
@@ -189,13 +182,6 @@ public class OidcProviderConfigurationTests {
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithEmptyPathThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
() -> this.spring.register(AuthorizationServerConfigurationWithIssuerEmptyPath.class).autowire()
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadContextWhenIssuerWithEmptyQueryThenThrowException() {
|
||||
assertThatThrownBy(
|
||||
@@ -313,15 +299,6 @@ public class OidcProviderConfigurationTests {
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerPath extends AuthorizationServerConfiguration {
|
||||
|
||||
@Bean
|
||||
AuthorizationServerSettings authorizationServerSettings() {
|
||||
return AuthorizationServerSettings.builder().issuer(ISSUER_URL + "/issuer1").build();
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerQuery extends AuthorizationServerConfiguration {
|
||||
|
||||
@@ -349,15 +326,6 @@ public class OidcProviderConfigurationTests {
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerEmptyPath extends AuthorizationServerConfiguration {
|
||||
|
||||
@Bean
|
||||
AuthorizationServerSettings authorizationServerSettings() {
|
||||
return AuthorizationServerSettings.builder().issuer(ISSUER_URL + "/").build();
|
||||
}
|
||||
}
|
||||
|
||||
@EnableWebSecurity
|
||||
static class AuthorizationServerConfigurationWithIssuerEmptyQuery extends AuthorizationServerConfiguration {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user