From be58e2ac49bb0d4b5996df0f8b830d08e6800571 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Fri, 15 Jul 2022 07:01:24 -0400 Subject: [PATCH] Remove deprecations in ClientAuthenticationMethod Closes gh-11516 --- ...lientReactiveOAuth2AccessTokenResponseClient.java | 12 +++++------- .../JwtBearerGrantRequestEntityConverter.java | 5 ++--- ...AuthorizationCodeGrantRequestEntityConverter.java | 9 ++++----- .../OAuth2AuthorizationGrantRequestEntityUtils.java | 5 ++--- ...ClientCredentialsGrantRequestEntityConverter.java | 5 ++--- .../OAuth2PasswordGrantRequestEntityConverter.java | 5 ++--- ...Auth2RefreshTokenGrantRequestEntityConverter.java | 5 ++--- .../oauth2/client/jackson2/StdConverters.java | 6 ++---- .../oauth2/core/ClientAuthenticationMethod.java | 12 ------------ .../oauth2/core/ClientAuthenticationMethodTests.java | 12 +----------- 10 files changed, 22 insertions(+), 54 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java index c502bc701a..41a3206202 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/AbstractWebClientReactiveOAuth2AccessTokenResponseClient.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -116,8 +116,7 @@ public abstract class AbstractWebClientReactiveOAuth2AccessTokenResponseClient populateTokenRequestBody(T grantRequest, BodyInserters.FormInserter body) { ClientRegistration clientRegistration = clientRegistration(grantRequest); - if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) - && !ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) { + if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC + .equals(clientRegistration.getClientAuthenticationMethod())) { body.with(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) { body.with(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); } Set scopes = scopes(grantRequest); diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/JwtBearerGrantRequestEntityConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/JwtBearerGrantRequestEntityConverter.java index b0a8320363..6c8cf4fbc6 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/JwtBearerGrantRequestEntityConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/JwtBearerGrantRequestEntityConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -51,8 +51,7 @@ public class JwtBearerGrantRequestEntityConverter parameters.add(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " ")); } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) { parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestEntityConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestEntityConverter.java index 364a4ac591..de47ad150f 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestEntityConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationCodeGrantRequestEntityConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -54,12 +54,11 @@ public class OAuth2AuthorizationCodeGrantRequestEntityConverter if (redirectUri != null) { parameters.add(OAuth2ParameterNames.REDIRECT_URI, redirectUri); } - if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) - && !ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) { + if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC + .equals(clientRegistration.getClientAuthenticationMethod())) { parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) { parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); } if (codeVerifier != null) { diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java index 91f4a597ba..ba82a9466c 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2AuthorizationGrantRequestEntityUtils.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -49,8 +49,7 @@ final class OAuth2AuthorizationGrantRequestEntityUtils { static HttpHeaders getTokenRequestHeaders(ClientRegistration clientRegistration) { HttpHeaders headers = new HttpHeaders(); headers.addAll(DEFAULT_TOKEN_REQUEST_HEADERS); - if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod())) { String clientId = encodeClientCredential(clientRegistration.getClientId()); String clientSecret = encodeClientCredential(clientRegistration.getClientSecret()); headers.setBasicAuth(clientId, clientSecret); diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2ClientCredentialsGrantRequestEntityConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2ClientCredentialsGrantRequestEntityConverter.java index 14b51138df..3c8347c707 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2ClientCredentialsGrantRequestEntityConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2ClientCredentialsGrantRequestEntityConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -50,8 +50,7 @@ public class OAuth2ClientCredentialsGrantRequestEntityConverter parameters.add(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " ")); } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) { parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2PasswordGrantRequestEntityConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2PasswordGrantRequestEntityConverter.java index 34dc96479b..aa649fdf10 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2PasswordGrantRequestEntityConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2PasswordGrantRequestEntityConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -51,8 +51,7 @@ public class OAuth2PasswordGrantRequestEntityConverter parameters.add(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " ")); } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) { parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2RefreshTokenGrantRequestEntityConverter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2RefreshTokenGrantRequestEntityConverter.java index e98652ae54..0758258331 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2RefreshTokenGrantRequestEntityConverter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2RefreshTokenGrantRequestEntityConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -50,8 +50,7 @@ public class OAuth2RefreshTokenGrantRequestEntityConverter parameters.add(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(refreshTokenGrantRequest.getScopes(), " ")); } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) - || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod())) { parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId()); parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret()); } diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/StdConverters.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/StdConverters.java index d214885a0b..4ce6223cf4 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/StdConverters.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/StdConverters.java @@ -50,12 +50,10 @@ abstract class StdConverters { @Override public ClientAuthenticationMethod convert(JsonNode jsonNode) { String value = JsonNodeUtils.findStringValue(jsonNode, "value"); - if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue().equalsIgnoreCase(value) - || ClientAuthenticationMethod.BASIC.getValue().equalsIgnoreCase(value)) { + if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue().equalsIgnoreCase(value)) { return ClientAuthenticationMethod.CLIENT_SECRET_BASIC; } - if (ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue().equalsIgnoreCase(value) - || ClientAuthenticationMethod.POST.getValue().equalsIgnoreCase(value)) { + if (ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue().equalsIgnoreCase(value)) { return ClientAuthenticationMethod.CLIENT_SECRET_POST; } if (ClientAuthenticationMethod.NONE.getValue().equalsIgnoreCase(value)) { diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java index 1843c1d262..fdb843a1ab 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java @@ -34,24 +34,12 @@ public final class ClientAuthenticationMethod implements Serializable { private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; - /** - * @deprecated Use {@link #CLIENT_SECRET_BASIC} - */ - @Deprecated - public static final ClientAuthenticationMethod BASIC = new ClientAuthenticationMethod("basic"); - /** * @since 5.5 */ public static final ClientAuthenticationMethod CLIENT_SECRET_BASIC = new ClientAuthenticationMethod( "client_secret_basic"); - /** - * @deprecated Use {@link #CLIENT_SECRET_POST} - */ - @Deprecated - public static final ClientAuthenticationMethod POST = new ClientAuthenticationMethod("post"); - /** * @since 5.5 */ diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java index 3ae9a181f8..373b6277c6 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/ClientAuthenticationMethodTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2022 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -33,21 +33,11 @@ public class ClientAuthenticationMethodTests { assertThatIllegalArgumentException().isThrownBy(() -> new ClientAuthenticationMethod(null)); } - @Test - public void getValueWhenAuthenticationMethodBasicThenReturnBasic() { - assertThat(ClientAuthenticationMethod.BASIC.getValue()).isEqualTo("basic"); - } - @Test public void getValueWhenAuthenticationMethodClientSecretBasicThenReturnClientSecretBasic() { assertThat(ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue()).isEqualTo("client_secret_basic"); } - @Test - public void getValueWhenAuthenticationMethodPostThenReturnPost() { - assertThat(ClientAuthenticationMethod.POST.getValue()).isEqualTo("post"); - } - @Test public void getValueWhenAuthenticationMethodClientSecretPostThenReturnClientSecretPost() { assertThat(ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue()).isEqualTo("client_secret_post");