root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Map custom OAuth2User types using String 

Fixes gh-4691
This commit is contained in:
Joe Grandja 2017-10-25 17:13:44 -04:00
parent 1a3b9c1f3f
commit d0a4e49870
2 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -190,7 +190,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
public class UserInfoEndpointConfig { public class UserInfoEndpointConfig {
private OAuth2UserService userService; private OAuth2UserService userService;
private Map<URI, Class<? extends OAuth2User>> customUserTypes = new HashMap<>(); private Map<String, Class<? extends OAuth2User>> customUserTypes = new HashMap<>();
private GrantedAuthoritiesMapper userAuthoritiesMapper; private GrantedAuthoritiesMapper userAuthoritiesMapper;
private UserInfoEndpointConfig() { private UserInfoEndpointConfig() {
@ -202,9 +202,9 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
return this; return this;
} }
public UserInfoEndpointConfig customUserType(Class<? extends OAuth2User> customUserType, URI userInfoUri) { public UserInfoEndpointConfig customUserType(Class<? extends OAuth2User> customUserType, String userInfoUri) {
Assert.notNull(customUserType, "customUserType cannot be null"); Assert.notNull(customUserType, "customUserType cannot be null");
Assert.notNull(userInfoUri, "userInfoUri cannot be null"); Assert.hasText(userInfoUri, "userInfoUri cannot be empty");
this.customUserTypes.put(userInfoUri, customUserType); this.customUserTypes.put(userInfoUri, customUserType);
return this; return this;
} }

9
oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/CustomUserTypesOAuth2UserService.java
View File

@ -20,7 +20,6 @@ import org.springframework.security.oauth2.client.authentication.OAuth2Authentic
import org.springframework.security.oauth2.core.user.OAuth2User; import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import java.net.URI;
import java.util.Collections; import java.util.Collections;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.Map; import java.util.Map;
@ -29,7 +28,7 @@ import java.util.Map;
* An implementation of an {@link OAuth2UserService} that supports custom {@link OAuth2User} types. * An implementation of an {@link OAuth2UserService} that supports custom {@link OAuth2User} types.
* <p> * <p>
* The custom user type(s) is supplied via the constructor, * The custom user type(s) is supplied via the constructor,
* using a <code>Map</code> of {@link OAuth2User} type <i>keyed</i> by <code>URI</code>, * using a <code>Map</code> of {@link OAuth2User} type <i>keyed</i> by <code>String</code>,
* representing the <i>UserInfo Endpoint</i> address. * representing the <i>UserInfo Endpoint</i> address.
* <p> * <p>
* This implementation uses a {@link UserInfoRetriever} to obtain the user attributes * This implementation uses a {@link UserInfoRetriever} to obtain the user attributes
@ -42,17 +41,17 @@ import java.util.Map;
* @see UserInfoRetriever * @see UserInfoRetriever
*/ */
public class CustomUserTypesOAuth2UserService implements OAuth2UserService { public class CustomUserTypesOAuth2UserService implements OAuth2UserService {
private final Map<URI, Class<? extends OAuth2User>> customUserTypes; private final Map<String, Class<? extends OAuth2User>> customUserTypes;
private UserInfoRetriever userInfoRetriever = new NimbusUserInfoRetriever(); private UserInfoRetriever userInfoRetriever = new NimbusUserInfoRetriever();
public CustomUserTypesOAuth2UserService(Map<URI, Class<? extends OAuth2User>> customUserTypes) { public CustomUserTypesOAuth2UserService(Map<String, Class<? extends OAuth2User>> customUserTypes) {
Assert.notEmpty(customUserTypes, "customUserTypes cannot be empty"); Assert.notEmpty(customUserTypes, "customUserTypes cannot be empty");
this.customUserTypes = Collections.unmodifiableMap(new LinkedHashMap<>(customUserTypes)); this.customUserTypes = Collections.unmodifiableMap(new LinkedHashMap<>(customUserTypes));
} }
@Override @Override
public OAuth2User loadUser(AuthorizedClient authorizedClient) throws OAuth2AuthenticationException { public OAuth2User loadUser(AuthorizedClient authorizedClient) throws OAuth2AuthenticationException {
URI userInfoUri = URI.create(authorizedClient.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri()); String userInfoUri = authorizedClient.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri();
Class<? extends OAuth2User> customUserType; Class<? extends OAuth2User> customUserType;
if ((customUserType = this.customUserTypes.get(userInfoUri)) == null) { if ((customUserType = this.customUserTypes.get(userInfoUri)) == null) {
return null; return null;