root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Polish oauth2 client ExchangeFilterFunction's 

Fixes gh-6355
This commit is contained in:
Joe Grandja 2019-01-07 14:35:41 -05:00
parent d8d9abed2a
commit 673a2adf26
2 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java
View File

@ -253,9 +253,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
return createRequest(request)
.flatMap(r -> authorizeWithClientCredentials(clientRegistration, r));
} else if (shouldRefresh(authorizedClient)) {
} else if (shouldRefreshToken(authorizedClient)) {
return createRequest(request)
.flatMap(r -> refreshAuthorizedClient(next, authorizedClient, r));
.flatMap(r -> authorizeWithRefreshToken(next, authorizedClient, r));
}
return Mono.just(authorizedClient);
}
@ -273,8 +273,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
.thenReturn(result));
}
private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ExchangeFunction next,
OAuth2AuthorizedClient authorizedClient, OAuth2AuthorizedClientResolver.Request r) {
private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ExchangeFunction next,
OAuth2AuthorizedClient authorizedClient,
OAuth2AuthorizedClientResolver.Request r) {
ServerWebExchange exchange = r.getExchange();
Authentication authentication = r.getAuthentication();
ClientRegistration clientRegistration = authorizedClient
@ -293,7 +294,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
.thenReturn(result));
}
private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) {
private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
if (this.authorizedClientRepository == null) {
return false;
}

20
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java
View File

@ -333,7 +333,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
throw new IllegalArgumentException("Could not find ClientRegistration with id " + clientRegistrationId);
}
if (isClientCredentialsGrantType(clientRegistration)) {
return getAuthorizedClient(clientRegistration, attrs);
return authorizeWithClientCredentials(clientRegistration, attrs);
}
throw new ClientAuthorizationRequiredException(clientRegistrationId);
}
@ -342,10 +342,8 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
return AuthorizationGrantType.CLIENT_CREDENTIALS.equals(clientRegistration.getAuthorizationGrantType());
}
private OAuth2AuthorizedClient getAuthorizedClient(ClientRegistration clientRegistration,
Map<String, Object> attrs) {
private OAuth2AuthorizedClient authorizeWithClientCredentials(
ClientRegistration clientRegistration, Map<String, Object> attrs) {
HttpServletRequest request = getRequest(attrs);
HttpServletResponse response = getResponse(attrs);
OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest =
@ -372,15 +370,15 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
private Mono<OAuth2AuthorizedClient> authorizedClient(ClientRequest request, ExchangeFunction next, OAuth2AuthorizedClient authorizedClient) {
ClientRegistration clientRegistration = authorizedClient.getClientRegistration();
if (isClientCredentialsGrantType(clientRegistration) && hasTokenExpired(authorizedClient)) {
//Client credentials grant do not have refresh tokens but can expire so we need to get another one
return Mono.fromSupplier(() -> getAuthorizedClient(clientRegistration, request.attributes()));
} else if (shouldRefresh(authorizedClient)) {
return refreshAuthorizedClient(request, next, authorizedClient);
// Client credentials grant do not have refresh tokens but can expire so we need to get another one
return Mono.fromSupplier(() -> authorizeWithClientCredentials(clientRegistration, request.attributes()));
} else if (shouldRefreshToken(authorizedClient)) {
return authorizeWithRefreshToken(request, next, authorizedClient);
}
return Mono.just(authorizedClient);
}
private Mono<OAuth2AuthorizedClient> refreshAuthorizedClient(ClientRequest request, ExchangeFunction next,
private Mono<OAuth2AuthorizedClient> authorizeWithRefreshToken(ClientRequest request, ExchangeFunction next,
OAuth2AuthorizedClient authorizedClient) {
ClientRegistration clientRegistration = authorizedClient
.getClientRegistration();
@ -407,7 +405,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement
.publishOn(Schedulers.elastic());
}
private boolean shouldRefresh(OAuth2AuthorizedClient authorizedClient) {
private boolean shouldRefreshToken(OAuth2AuthorizedClient authorizedClient) {
if (this.authorizedClientRepository == null) {
return false;
}