Merge branch '2.1.x'

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java

@@ -33,6 +33,7 @@ import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails;
+import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails.UserInfoEndpoint;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames;
@@ -61,21 +62,9 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 	@Test
 	public void getClientRegistrationsWhenUsingDefinedProviderShouldAdapt() {
 		OAuth2ClientProperties properties = new OAuth2ClientProperties();
-		Provider provider = new Provider();
-		provider.setAuthorizationUri("http://example.com/auth");
-		provider.setTokenUri("http://example.com/token");
-		provider.setUserInfoUri("http://example.com/info");
+		Provider provider = createProvider();
 		provider.setUserInfoAuthenticationMethod("form");
-		provider.setUserNameAttribute("sub");
-		provider.setJwkSetUri("http://example.com/jwk");
-		OAuth2ClientProperties.Registration registration = new OAuth2ClientProperties.Registration();
-		registration.setProvider("provider");
-		registration.setClientId("clientId");
-		registration.setClientSecret("clientSecret");
-		registration.setClientAuthenticationMethod("post");
-		registration.setAuthorizationGrantType("authorization_code");
-		registration.setRedirectUri("http://example.com/redirect");
-		registration.setScope(Collections.singleton("scope"));
+		OAuth2ClientProperties.Registration registration = createRegistration("provider");
 		registration.setClientName("clientName");
 		properties.getRegistration().put("registration", registration);
 		properties.getProvider().put("provider", provider);
@@ -86,13 +75,11 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 		assertThat(adaptedProvider.getAuthorizationUri())
 				.isEqualTo("http://example.com/auth");
 		assertThat(adaptedProvider.getTokenUri()).isEqualTo("http://example.com/token");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUri())
-				.isEqualTo("http://example.com/info");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getAuthenticationMethod())
-				.isEqualTo(
-						org.springframework.security.oauth2.core.AuthenticationMethod.FORM);
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUserNameAttributeName())
-				.isEqualTo("sub");
+		UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
+		assertThat(userInfoEndpoint.getUri()).isEqualTo("http://example.com/info");
+		assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(
+				org.springframework.security.oauth2.core.AuthenticationMethod.FORM);
+		assertThat(userInfoEndpoint.getUserNameAttributeName()).isEqualTo("sub");
 		assertThat(adaptedProvider.getJwkSetUri()).isEqualTo("http://example.com/jwk");
 		assertThat(adapted.getRegistrationId()).isEqualTo("registration");
 		assertThat(adapted.getClientId()).isEqualTo("clientId");
@@ -103,7 +90,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
 		assertThat(adapted.getRedirectUriTemplate())
 				.isEqualTo("http://example.com/redirect");
-		assertThat(adapted.getScopes()).containsExactly("scope");
+		assertThat(adapted.getScopes()).containsExactly("user");
 		assertThat(adapted.getClientName()).isEqualTo("clientName");
 	}
 
@@ -123,9 +110,10 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				.isEqualTo("https://accounts.google.com/o/oauth2/v2/auth");
 		assertThat(adaptedProvider.getTokenUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v4/token");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUri())
+		UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
+		assertThat(userInfoEndpoint.getUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUserNameAttributeName())
+		assertThat(userInfoEndpoint.getUserNameAttributeName())
 				.isEqualTo(IdTokenClaimNames.SUB);
 		assertThat(adaptedProvider.getJwkSetUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v3/certs");
@@ -145,14 +133,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 	@Test
 	public void getClientRegistrationsWhenUsingCommonProviderWithOverrideShouldAdapt() {
 		OAuth2ClientProperties properties = new OAuth2ClientProperties();
-		OAuth2ClientProperties.Registration registration = new OAuth2ClientProperties.Registration();
-		registration.setProvider("google");
-		registration.setClientId("clientId");
-		registration.setClientSecret("clientSecret");
-		registration.setClientAuthenticationMethod("post");
-		registration.setAuthorizationGrantType("authorization_code");
-		registration.setRedirectUri("http://example.com/redirect");
-		registration.setScope(Collections.singleton("scope"));
+		OAuth2ClientProperties.Registration registration = createRegistration("google");
 		registration.setClientName("clientName");
 		properties.getRegistration().put("registration", registration);
 		Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter
@@ -163,13 +144,13 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				.isEqualTo("https://accounts.google.com/o/oauth2/v2/auth");
 		assertThat(adaptedProvider.getTokenUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v4/token");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUri())
+		UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
+		assertThat(userInfoEndpoint.getUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUserNameAttributeName())
+		assertThat(userInfoEndpoint.getUserNameAttributeName())
 				.isEqualTo(IdTokenClaimNames.SUB);
-		assertThat(adaptedProvider.getUserInfoEndpoint().getAuthenticationMethod())
-				.isEqualTo(
-						org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
+		assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(
+				org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
 		assertThat(adaptedProvider.getJwkSetUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v3/certs");
 		assertThat(adapted.getRegistrationId()).isEqualTo("registration");
@@ -181,7 +162,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
 		assertThat(adapted.getRedirectUriTemplate())
 				.isEqualTo("http://example.com/redirect");
-		assertThat(adapted.getScopes()).containsExactly("scope");
+		assertThat(adapted.getScopes()).containsExactly("user");
 		assertThat(adapted.getClientName()).isEqualTo("clientName");
 	}
 
@@ -212,11 +193,11 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				.isEqualTo("https://accounts.google.com/o/oauth2/v2/auth");
 		assertThat(adaptedProvider.getTokenUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v4/token");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getUri())
+		UserInfoEndpoint userInfoEndpoint = adaptedProvider.getUserInfoEndpoint();
+		assertThat(userInfoEndpoint.getUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo");
-		assertThat(adaptedProvider.getUserInfoEndpoint().getAuthenticationMethod())
-				.isEqualTo(
-						org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
+		assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(
+				org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
 		assertThat(adaptedProvider.getJwkSetUri())
 				.isEqualTo("https://www.googleapis.com/oauth2/v3/certs");
 		assertThat(adapted.getRegistrationId()).isEqualTo("google");
@@ -270,20 +251,10 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 		this.server.start();
 		String issuer = this.server.url("").toString();
 		setupMockResponse(issuer);
-		OAuth2ClientProperties.Registration registration = new OAuth2ClientProperties.Registration();
-		registration.setProvider("okta-oidc");
-		registration.setClientId("clientId");
-		registration.setClientSecret("clientSecret");
-		registration.setClientAuthenticationMethod("post");
-		registration.setRedirectUri("http://example.com/redirect");
-		registration.setScope(Collections.singleton("user"));
-		Provider provider = new Provider();
+		OAuth2ClientProperties.Registration registration = createRegistration(
+				"okta-oidc");
+		Provider provider = createProvider();
 		provider.setIssuerUri(issuer);
-		provider.setAuthorizationUri("http://example.com/auth");
-		provider.setTokenUri("http://example.com/token");
-		provider.setUserInfoUri("http://example.com/info");
-		provider.setUserNameAttribute("sub");
-		provider.setJwkSetUri("http://example.com/jwk");
 		OAuth2ClientProperties properties = new OAuth2ClientProperties();
 		properties.getProvider().put("okta-oidc", provider);
 		properties.getRegistration().put("okta", registration);
@@ -304,10 +275,31 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				.isEqualTo("http://example.com/auth");
 		assertThat(providerDetails.getTokenUri()).isEqualTo("http://example.com/token");
 		assertThat(providerDetails.getJwkSetUri()).isEqualTo("http://example.com/jwk");
-		assertThat(providerDetails.getUserInfoEndpoint().getUri())
-				.isEqualTo("http://example.com/info");
-		assertThat(providerDetails.getUserInfoEndpoint().getUserNameAttributeName())
-				.isEqualTo("sub");
+		UserInfoEndpoint userInfoEndpoint = providerDetails.getUserInfoEndpoint();
+		assertThat(userInfoEndpoint.getUri()).isEqualTo("http://example.com/info");
+		assertThat(userInfoEndpoint.getUserNameAttributeName()).isEqualTo("sub");
+	}
+
+	private Provider createProvider() {
+		Provider provider = new Provider();
+		provider.setAuthorizationUri("http://example.com/auth");
+		provider.setTokenUri("http://example.com/token");
+		provider.setUserInfoUri("http://example.com/info");
+		provider.setUserNameAttribute("sub");
+		provider.setJwkSetUri("http://example.com/jwk");
+		return provider;
+	}
+
+	private OAuth2ClientProperties.Registration createRegistration(String provider) {
+		OAuth2ClientProperties.Registration registration = new OAuth2ClientProperties.Registration();
+		registration.setProvider(provider);
+		registration.setClientId("clientId");
+		registration.setClientSecret("clientSecret");
+		registration.setClientAuthenticationMethod("post");
+		registration.setRedirectUri("http://example.com/redirect");
+		registration.setScope(Collections.singleton("user"));
+		registration.setAuthorizationGrantType("authorization_code");
+		return registration;
 	}
 
 	private void testOidcConfiguration(OAuth2ClientProperties.Registration registration,
@@ -338,18 +330,11 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 				.isEqualTo("https://example.com/oauth2/v4/token");
 		assertThat(providerDetails.getJwkSetUri())
 				.isEqualTo("https://example.com/oauth2/v3/certs");
-		assertThat(providerDetails.getUserInfoEndpoint().getUri())
+		UserInfoEndpoint userInfoEndpoint = providerDetails.getUserInfoEndpoint();
+		assertThat(userInfoEndpoint.getUri())
 				.isEqualTo("https://example.com/oauth2/v3/userinfo");
-		assertThat(providerDetails.getUserInfoEndpoint().getAuthenticationMethod())
-				.isEqualTo(
-						org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
-	}
-
-	private String cleanIssuerPath(String issuer) {
-		if (issuer.endsWith("/")) {
-			return issuer.substring(0, issuer.length() - 1);
-		}
-		return issuer;
+		assertThat(userInfoEndpoint.getAuthenticationMethod()).isEqualTo(
+				org.springframework.security.oauth2.core.AuthenticationMethod.HEADER);
 	}
 
 	private void setupMockResponse(String issuer) throws Exception {