diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContext.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContext.java index 371a081b..1cdd75e7 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContext.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContext.java @@ -58,12 +58,12 @@ public final class JwtEncodingContext implements OAuth2TokenContext { } /** - * Returns the {@link JwsHeader.Builder headers} + * Returns the {@link JwsHeader.Builder JWS headers} * allowing the ability to add, replace, or remove. * * @return the {@link JwsHeader.Builder} */ - public JwsHeader.Builder getHeaders() { + public JwsHeader.Builder getJwsHeader() { return get(JwsHeader.Builder.class); } @@ -78,14 +78,14 @@ public final class JwtEncodingContext implements OAuth2TokenContext { } /** - * Constructs a new {@link Builder} with the provided headers and claims. + * Constructs a new {@link Builder} with the provided JWS headers and claims. * - * @param headersBuilder the headers to initialize the builder + * @param jwsHeaderBuilder the JWS headers to initialize the builder * @param claimsBuilder the claims to initialize the builder * @return the {@link Builder} */ - public static Builder with(JwsHeader.Builder headersBuilder, JwtClaimsSet.Builder claimsBuilder) { - return new Builder(headersBuilder, claimsBuilder); + public static Builder with(JwsHeader.Builder jwsHeaderBuilder, JwtClaimsSet.Builder claimsBuilder) { + return new Builder(jwsHeaderBuilder, claimsBuilder); } /** @@ -93,10 +93,10 @@ public final class JwtEncodingContext implements OAuth2TokenContext { */ public static final class Builder extends AbstractBuilder { - private Builder(JwsHeader.Builder headersBuilder, JwtClaimsSet.Builder claimsBuilder) { - Assert.notNull(headersBuilder, "headersBuilder cannot be null"); + private Builder(JwsHeader.Builder jwsHeaderBuilder, JwtClaimsSet.Builder claimsBuilder) { + Assert.notNull(jwsHeaderBuilder, "jwsHeaderBuilder cannot be null"); Assert.notNull(claimsBuilder, "claimsBuilder cannot be null"); - put(JwsHeader.Builder.class, headersBuilder); + put(JwsHeader.Builder.class, jwsHeaderBuilder); put(JwtClaimsSet.Builder.class, claimsBuilder); } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtGenerator.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtGenerator.java index acfcec33..d5cf84ee 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtGenerator.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/token/JwtGenerator.java @@ -125,11 +125,11 @@ public final class JwtGenerator implements OAuth2TokenGenerator { } // @formatter:on - JwsHeader.Builder headersBuilder = JwsHeader.with(SignatureAlgorithm.RS256); + JwsHeader.Builder jwsHeaderBuilder = JwsHeader.with(SignatureAlgorithm.RS256); if (this.jwtCustomizer != null) { // @formatter:off - JwtEncodingContext.Builder jwtContextBuilder = JwtEncodingContext.with(headersBuilder, claimsBuilder) + JwtEncodingContext.Builder jwtContextBuilder = JwtEncodingContext.with(jwsHeaderBuilder, claimsBuilder) .registeredClient(context.getRegisteredClient()) .principal(context.getPrincipal()) .providerContext(context.getProviderContext()) @@ -148,17 +148,17 @@ public final class JwtGenerator implements OAuth2TokenGenerator { this.jwtCustomizer.customize(jwtContext); } - JwsHeader headers = headersBuilder.build(); + JwsHeader jwsHeader = jwsHeaderBuilder.build(); JwtClaimsSet claims = claimsBuilder.build(); - Jwt jwt = this.jwtEncoder.encode(JwtEncoderParameters.from(headers, claims)); + Jwt jwt = this.jwtEncoder.encode(JwtEncoderParameters.from(jwsHeader, claims)); return jwt; } /** * Sets the {@link OAuth2TokenCustomizer} that customizes the - * {@link JwtEncodingContext#getHeaders() headers} and/or + * {@link JwtEncodingContext#getJwsHeader() JWS headers} and/or * {@link JwtEncodingContext#getClaims() claims} for the generated {@link Jwt}. * * @param jwtCustomizer the {@link OAuth2TokenCustomizer} that customizes the headers and/or claims for the generated {@code Jwt} diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java index c8d9ec14..13a57d84 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProviderTests.java @@ -414,7 +414,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests { assertThat(jwtEncodingContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN); assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE); assertThat(jwtEncodingContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(jwtEncodingContext.getHeaders()).isNotNull(); + assertThat(jwtEncodingContext.getJwsHeader()).isNotNull(); assertThat(jwtEncodingContext.getClaims()).isNotNull(); ArgumentCaptor jwtEncoderParametersCaptor = ArgumentCaptor.forClass(JwtEncoderParameters.class); @@ -474,7 +474,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests { assertThat(accessTokenContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN); assertThat(accessTokenContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE); assertThat(accessTokenContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(accessTokenContext.getHeaders()).isNotNull(); + assertThat(accessTokenContext.getJwsHeader()).isNotNull(); assertThat(accessTokenContext.getClaims()).isNotNull(); Map claims = new HashMap<>(); accessTokenContext.getClaims().claims(claims::putAll); @@ -491,7 +491,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests { assertThat(idTokenContext.getTokenType().getValue()).isEqualTo(OidcParameterNames.ID_TOKEN); assertThat(idTokenContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE); assertThat(idTokenContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(idTokenContext.getHeaders()).isNotNull(); + assertThat(idTokenContext.getJwsHeader()).isNotNull(); assertThat(idTokenContext.getClaims()).isNotNull(); verify(this.jwtEncoder, times(2)).encode(any()); // Access token and ID Token @@ -548,7 +548,7 @@ public class OAuth2AuthorizationCodeAuthenticationProviderTests { assertThat(jwtEncodingContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN); assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.AUTHORIZATION_CODE); assertThat(jwtEncodingContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(jwtEncodingContext.getHeaders()).isNotNull(); + assertThat(jwtEncodingContext.getJwsHeader()).isNotNull(); assertThat(jwtEncodingContext.getClaims()).isNotNull(); ArgumentCaptor jwtEncoderParametersCaptor = ArgumentCaptor.forClass(JwtEncoderParameters.class); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java index 9c372d21..322dfc95 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProviderTests.java @@ -252,7 +252,7 @@ public class OAuth2ClientCredentialsAuthenticationProviderTests { assertThat(jwtEncodingContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN); assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS); assertThat(jwtEncodingContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(jwtEncodingContext.getHeaders()).isNotNull(); + assertThat(jwtEncodingContext.getJwsHeader()).isNotNull(); assertThat(jwtEncodingContext.getClaims()).isNotNull(); ArgumentCaptor authorizationCaptor = ArgumentCaptor.forClass(OAuth2Authorization.class); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java index 8e8e14eb..b0e73388 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProviderTests.java @@ -178,7 +178,7 @@ public class OAuth2RefreshTokenAuthenticationProviderTests { assertThat(jwtEncodingContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN); assertThat(jwtEncodingContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.REFRESH_TOKEN); assertThat(jwtEncodingContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(jwtEncodingContext.getHeaders()).isNotNull(); + assertThat(jwtEncodingContext.getJwsHeader()).isNotNull(); assertThat(jwtEncodingContext.getClaims()).isNotNull(); ArgumentCaptor authorizationCaptor = ArgumentCaptor.forClass(OAuth2Authorization.class); @@ -223,7 +223,7 @@ public class OAuth2RefreshTokenAuthenticationProviderTests { assertThat(accessTokenContext.getTokenType()).isEqualTo(OAuth2TokenType.ACCESS_TOKEN); assertThat(accessTokenContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.REFRESH_TOKEN); assertThat(accessTokenContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(accessTokenContext.getHeaders()).isNotNull(); + assertThat(accessTokenContext.getJwsHeader()).isNotNull(); assertThat(accessTokenContext.getClaims()).isNotNull(); Map claims = new HashMap<>(); accessTokenContext.getClaims().claims(claims::putAll); @@ -240,7 +240,7 @@ public class OAuth2RefreshTokenAuthenticationProviderTests { assertThat(idTokenContext.getTokenType().getValue()).isEqualTo(OidcParameterNames.ID_TOKEN); assertThat(idTokenContext.getAuthorizationGrantType()).isEqualTo(AuthorizationGrantType.REFRESH_TOKEN); assertThat(idTokenContext.getAuthorizationGrant()).isEqualTo(authentication); - assertThat(idTokenContext.getHeaders()).isNotNull(); + assertThat(idTokenContext.getJwsHeader()).isNotNull(); assertThat(idTokenContext.getClaims()).isNotNull(); verify(this.jwtEncoder, times(2)).encode(any()); // Access token and ID Token diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java index 21c4b7c0..437bda8e 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtEncodingContextTests.java @@ -46,10 +46,10 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; public class JwtEncodingContextTests { @Test - public void withWhenHeadersNullThenThrowIllegalArgumentException() { + public void withWhenJwsHeaderNullThenThrowIllegalArgumentException() { assertThatThrownBy(() -> JwtEncodingContext.with(null, TestJwtClaimsSets.jwtClaimsSet())) .isInstanceOf(IllegalArgumentException.class) - .hasMessage("headersBuilder cannot be null"); + .hasMessage("jwsHeaderBuilder cannot be null"); } @Test @@ -105,7 +105,7 @@ public class JwtEncodingContextTests { .context(ctx -> ctx.put("custom-key-2", "custom-value-2")) .build(); - assertThat(context.getHeaders()).isEqualTo(headers); + assertThat(context.getJwsHeader()).isEqualTo(headers); assertThat(context.getClaims()).isEqualTo(claims); assertThat(context.getRegisteredClient()).isEqualTo(registeredClient); assertThat(context.getPrincipal()).isEqualTo(principal); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtGeneratorTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtGeneratorTests.java index 08fd7867..54587adb 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtGeneratorTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/token/JwtGeneratorTests.java @@ -187,7 +187,7 @@ public class JwtGeneratorTests { verify(this.jwtCustomizer).customize(jwtEncodingContextCaptor.capture()); JwtEncodingContext jwtEncodingContext = jwtEncodingContextCaptor.getValue(); - assertThat(jwtEncodingContext.getHeaders()).isNotNull(); + assertThat(jwtEncodingContext.getJwsHeader()).isNotNull(); assertThat(jwtEncodingContext.getClaims()).isNotNull(); assertThat(jwtEncodingContext.getRegisteredClient()).isEqualTo(tokenContext.getRegisteredClient()); assertThat(jwtEncodingContext.getPrincipal()).isEqualTo(tokenContext.getPrincipal());