root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 34 Packages Projects Releases Wiki Activity

Polish Error Messages for OpaqueTokenIntrospectors

This commit is contained in:
Josh Cummings 2020-02-04 17:26:29 -07:00
parent 6c310213a8
commit c4ccc96655
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java
View File

@ -1127,7 +1127,7 @@ public class OAuth2ResourceServerConfigurerTests {
.with(bearerToken("token"))) .with(bearerToken("token")))
.andExpect(status().isUnauthorized()) .andExpect(status().isUnauthorized())
.andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE,
containsString("Provided token [token] isn't active"))); containsString("Provided token isn't active")));
} }
@Test @Test

4
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java
View File

@ -133,7 +133,7 @@ public class NimbusOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
public OAuth2AuthenticatedPrincipal introspect(String token) { public OAuth2AuthenticatedPrincipal introspect(String token) {
RequestEntity<?> requestEntity = this.requestEntityConverter.convert(token); RequestEntity<?> requestEntity = this.requestEntityConverter.convert(token);
if (requestEntity == null) { if (requestEntity == null) {
throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); throw new OAuth2IntrospectionException("requestEntityConverter returned a null entity");
} }
ResponseEntity<String> responseEntity = makeRequest(requestEntity); ResponseEntity<String> responseEntity = makeRequest(requestEntity);
@ -143,7 +143,7 @@ public class NimbusOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
// relying solely on the authorization server to validate this token (not checking 'exp', for example) // relying solely on the authorization server to validate this token (not checking 'exp', for example)
if (!introspectionSuccessResponse.isActive()) { if (!introspectionSuccessResponse.isActive()) {
throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); throw new OAuth2IntrospectionException("Provided token isn't active");
} }
return convertClaimsSet(introspectionSuccessResponse); return convertClaimsSet(introspectionSuccessResponse);

2
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java
View File

@ -154,7 +154,7 @@ public class NimbusReactiveOpaqueTokenIntrospector implements ReactiveOpaqueToke
private void validate(String token, TokenIntrospectionSuccessResponse response) { private void validate(String token, TokenIntrospectionSuccessResponse response) {
// relying solely on the authorization server to validate this token (not checking 'exp', for example) // relying solely on the authorization server to validate this token (not checking 'exp', for example)
if (!response.isActive()) { if (!response.isActive()) {
throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); throw new OAuth2IntrospectionException("Provided token isn't active");
} }
} }

2
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java
View File

@ -168,7 +168,7 @@ public class NimbusOpaqueTokenIntrospectorTests {
assertThatCode(() -> introspectionClient.introspect("token")) assertThatCode(() -> introspectionClient.introspect("token"))
.isInstanceOf(OAuth2IntrospectionException.class) .isInstanceOf(OAuth2IntrospectionException.class)
.extracting("message") .extracting("message")
.containsExactly("Provided token [token] isn't active"); .containsExactly("Provided token isn't active");
} }
@Test @Test

2
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java
View File

@ -142,7 +142,7 @@ public class NimbusReactiveOpaqueTokenIntrospectorTests {
assertThatCode(() -> introspectionClient.introspect("token").block()) assertThatCode(() -> introspectionClient.introspect("token").block())
.isInstanceOf(OAuth2IntrospectionException.class) .isInstanceOf(OAuth2IntrospectionException.class)
.extracting("message") .extracting("message")
.containsExactly("Provided token [token] isn't active"); .containsExactly("Provided token isn't active");
} }
@Test @Test