Add nonce to OIDC Authentication Request
Fixes gh-4442
This commit is contained in:
committed by
Joe Grandja
parent
adde18b873
commit
da9f027fa4
@@ -75,6 +75,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
||||
* Tests for {@link OAuth2ClientConfigurer}.
|
||||
*
|
||||
* @author Joe Grandja
|
||||
* @author Mark Heckler
|
||||
*/
|
||||
public class OAuth2ClientConfigurerTests {
|
||||
private static ClientRegistrationRepository clientRegistrationRepository;
|
||||
@@ -138,7 +139,8 @@ public class OAuth2ClientConfigurerTests {
|
||||
assertThat(mvcResult.getResponse().getRedirectedUrl()).matches("https://provider.com/oauth2/authorize\\?" +
|
||||
"response_type=code&client_id=client-1&" +
|
||||
"scope=user&state=.{15,}&" +
|
||||
"redirect_uri=http://localhost/client-1");
|
||||
"redirect_uri=http://localhost/client-1&" +
|
||||
"nonce=([a-zA-Z0-9\\-\\.\\_\\~]){43}");
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -151,7 +153,8 @@ public class OAuth2ClientConfigurerTests {
|
||||
assertThat(mvcResult.getResponse().getRedirectedUrl()).matches("https://provider.com/oauth2/authorize\\?" +
|
||||
"response_type=code&client_id=client-1&" +
|
||||
"scope=user&state=.{15,}&" +
|
||||
"redirect_uri=http://localhost/client-1");
|
||||
"redirect_uri=http://localhost/client-1&" +
|
||||
"nonce=([a-zA-Z0-9\\-\\.\\_\\~]){43}");
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -203,7 +206,8 @@ public class OAuth2ClientConfigurerTests {
|
||||
assertThat(mvcResult.getResponse().getRedirectedUrl()).matches("https://provider.com/oauth2/authorize\\?" +
|
||||
"response_type=code&client_id=client-1&" +
|
||||
"scope=user&state=.{15,}&" +
|
||||
"redirect_uri=http://localhost/client-1");
|
||||
"redirect_uri=http://localhost/client-1&" +
|
||||
"nonce=([a-zA-Z0-9\\-\\.\\_\\~]){43}");
|
||||
|
||||
verify(requestCache).saveRequest(any(HttpServletRequest.class), any(HttpServletResponse.class));
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user