From efbc5fe5785423f20b353047261c35bd011f21b2 Mon Sep 17 00:00:00 2001 From: Andre Blanke Date: Sun, 8 Dec 2024 11:09:40 +0100 Subject: [PATCH] Use new DefaultOauth2User constructor --- .../client/OAuth2LoginConfigurerTests.java | 4 +-- .../config/web/server/OAuth2LoginTests.java | 3 +- .../login/RedirectionEndpointDslTests.kt | 2 +- .../oauth2/login/UserInfoEndpointDslTests.kt | 2 +- .../userinfo/DefaultOAuth2UserService.java | 2 +- .../DefaultReactiveOAuth2UserService.java | 2 +- ...ginReactiveAuthenticationManagerTests.java | 12 ++++---- .../OidcReactiveOAuth2UserServiceTests.java | 28 +++++++++---------- ...uth2ClientHttpRequestInterceptorTests.java | 2 +- ...izedClientExchangeFilterFunctionTests.java | 8 +++--- ...uth2LoginAuthenticationWebFilterTests.java | 4 +-- .../core/user/DefaultOAuth2UserTests.java | 12 ++++---- .../oauth2/core/user/TestOAuth2Users.java | 2 +- .../server/SecurityMockServerConfigurers.java | 3 +- .../SecurityMockMvcRequestPostProcessors.java | 3 +- ...MockServerConfigurersOAuth2LoginTests.java | 9 +++--- ...RequestPostProcessorsOAuth2LoginTests.java | 9 +++--- 17 files changed, 56 insertions(+), 51 deletions(-) diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java index b56d047a5f7..8246698881e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java @@ -711,8 +711,8 @@ private static OAuth2AccessTokenResponseClient createOauth2UserService() { Map userAttributes = Collections.singletonMap("name", "spring"); - return (request) -> new DefaultOAuth2User(Collections.singleton(new OAuth2UserAuthority(userAttributes)), - userAttributes, "name"); + return (request) -> new DefaultOAuth2User("spring", userAttributes, + Collections.singleton(new OAuth2UserAuthority(userAttributes))); } private static OAuth2UserService createOidcUserService() { diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java index 4597d3e7865..a3f5765fcbb 100644 --- a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java +++ b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java @@ -696,7 +696,8 @@ public void oauth2LoginWhenOauth2UserServiceBeanPresent() { given(tokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse)); ReactiveOAuth2UserService userService = config.reactiveOAuth2UserService; given(userService.loadUser(any())).willReturn(Mono - .just(new DefaultOAuth2User(AuthorityUtils.createAuthorityList("USER"), Map.of("sub", "subject"), "sub"))); + .just(new DefaultOAuth2User("subject", Map.of("sub", "subject"), + AuthorityUtils.createAuthorityList("USER")))); webTestClient.get().uri("/login/oauth2/code/google").exchange().expectStatus().is3xxRedirection(); verify(userService).loadUser(any()); diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt index 6fff212a96f..af415136a83 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/RedirectionEndpointDslTests.kt @@ -92,7 +92,7 @@ class RedirectionEndpointDslTests { .build() every { UserServiceConfig.USER_SERVICE.loadUser(any()) - } returns DefaultOAuth2User(listOf(SimpleGrantedAuthority("ROLE_USER")), mapOf(Pair("user", "user")), "user") + } returns DefaultOAuth2User("user", mapOf(Pair("user", "user")), listOf(SimpleGrantedAuthority("ROLE_USER"))) this.mockMvc.get("/callback") { param("code", "auth-code") diff --git a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt index 8ff3e15e070..edefb08ee9f 100644 --- a/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt +++ b/config/src/test/kotlin/org/springframework/security/config/annotation/web/oauth2/login/UserInfoEndpointDslTests.kt @@ -91,7 +91,7 @@ class UserInfoEndpointDslTests { .build() every { UserServiceConfig.USER_SERVICE.loadUser(any()) - } returns DefaultOAuth2User(listOf(SimpleGrantedAuthority("ROLE_USER")), mapOf(Pair("user", "user")), "user") + } returns DefaultOAuth2User("user", mapOf(Pair("user", "user")), listOf(SimpleGrantedAuthority("ROLE_USER"))) this.mockMvc.get("/login/oauth2/code/google") { param("code", "auth-code") diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java index 02930047b16..5bc9595d8fd 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserService.java @@ -96,7 +96,7 @@ public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2Authentic OAuth2AccessToken token = userRequest.getAccessToken(); Map attributes = this.attributesConverter.convert(userRequest).convert(response.getBody()); Collection authorities = getAuthorities(token, attributes, userNameAttributeName); - return new DefaultOAuth2User(authorities, attributes, userNameAttributeName); + return new DefaultOAuth2User(attributes.get(userNameAttributeName).toString(), attributes, authorities); } /** diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java index ae3a65b52c0..e934b34ecab 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java @@ -138,7 +138,7 @@ public Mono loadUser(OAuth2UserRequest userRequest) throws OAuth2Aut authorities.add(new SimpleGrantedAuthority("SCOPE_" + scope)); } - return new DefaultOAuth2User(authorities, attrs, userNameAttributeName); + return new DefaultOAuth2User(attrs.get(userNameAttributeName).toString(), attrs, authorities); }) .onErrorMap((ex) -> (ex instanceof UnsupportedMediaTypeException || ex.getCause() instanceof UnsupportedMediaTypeException), (ex) -> { diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManagerTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManagerTests.java index 86075e83d25..4e16ffb0245 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManagerTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginReactiveAuthenticationManagerTests.java @@ -156,8 +156,8 @@ public void authenticationWhenOAuth2UserFoundThenSuccess() { .tokenType(OAuth2AccessToken.TokenType.BEARER) .build(); given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse)); - DefaultOAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + DefaultOAuth2User user = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.userService.loadUser(any())).willReturn(Mono.just(user)); OAuth2LoginAuthenticationToken result = (OAuth2LoginAuthenticationToken) this.manager.authenticate(loginToken()) .block(); @@ -177,8 +177,8 @@ public void authenticateWhenTokenSuccessResponseThenAdditionalParametersAddedToU .additionalParameters(additionalParameters) .build(); given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse)); - DefaultOAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + DefaultOAuth2User user = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); ArgumentCaptor userRequestArgCaptor = ArgumentCaptor.forClass(OAuth2UserRequest.class); given(this.userService.loadUser(userRequestArgCaptor.capture())).willReturn(Mono.just(user)); this.manager.authenticate(loginToken()).block(); @@ -192,8 +192,8 @@ public void authenticateWhenAuthoritiesMapperSetThenReturnMappedAuthorities() { .tokenType(OAuth2AccessToken.TokenType.BEARER) .build(); given(this.accessTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse)); - DefaultOAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + DefaultOAuth2User user = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.userService.loadUser(any())).willReturn(Mono.just(user)); List mappedAuthorities = AuthorityUtils.createAuthorityList("ROLE_OAUTH_USER"); GrantedAuthoritiesMapper authoritiesMapper = mock(GrantedAuthoritiesMapper.class); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserServiceTests.java index 172a7b3bacb..efe2e29b35e 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserServiceTests.java @@ -139,8 +139,8 @@ public void loadUserWhenOAuth2UserEmptyThenNullUserInfo() { @Test public void loadUserWhenOAuth2UserSubjectNullThenOAuth2AuthenticationException() { - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + OAuth2User oauth2User = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User)); assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.userService.loadUser(userRequest()).block()); @@ -151,8 +151,8 @@ public void loadUserWhenOAuth2UserSubjectNotEqualThenOAuth2AuthenticationExcepti Map attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "not-equal"); attributes.put("user", "rob"); - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, - "user"); + OAuth2User oauth2User = new DefaultOAuth2User("rob", attributes, + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User)); assertThatExceptionOfType(OAuth2AuthenticationException.class) .isThrownBy(() -> this.userService.loadUser(userRequest()).block()); @@ -163,8 +163,8 @@ public void loadUserWhenOAuth2UserThenUserInfoNotNull() { Map attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "subject"); attributes.put("user", "rob"); - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, - "user"); + OAuth2User oauth2User = new DefaultOAuth2User("rob", attributes, + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User)); assertThat(this.userService.loadUser(userRequest()).block().getUserInfo()).isNotNull(); } @@ -175,8 +175,8 @@ public void loadUserWhenOAuth2UserAndUser() { Map attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "subject"); attributes.put("user", "rob"); - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, - "user"); + OAuth2User oauth2User = new DefaultOAuth2User("rob", attributes, + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User)); assertThat(this.userService.loadUser(userRequest()).block().getName()).isEqualTo("rob"); } @@ -186,8 +186,8 @@ public void loadUserWhenCustomClaimTypeConverterFactorySetThenApplied() { Map attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "subject"); attributes.put("user", "rob"); - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, - "user"); + OAuth2User oauth2User = new DefaultOAuth2User("rob", attributes, + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User)); OidcUserRequest userRequest = userRequest(); Function, Map>> customClaimTypeConverterFactory = mock( @@ -220,8 +220,8 @@ public void loadUserWhenCustomRetrieveUserInfoSetThenUsed() { Map attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "subject"); attributes.put("user", "steve"); - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, - "user"); + OAuth2User oauth2User = new DefaultOAuth2User("steve", attributes, + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any())).willReturn(Mono.just(oauth2User)); Predicate customRetrieveUserInfo = mock(Predicate.class); this.userService.setRetrieveUserInfo(customRetrieveUserInfo); @@ -246,8 +246,8 @@ public void loadUserWhenCustomOidcUserMapperSetThenUsed() { Map attributes = new HashMap<>(); attributes.put(StandardClaimNames.SUB, "subject"); attributes.put("user", "steve"); - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), attributes, - "user"); + OAuth2User oauth2User = new DefaultOAuth2User("steve", attributes, + AuthorityUtils.createAuthorityList("ROLE_USER")); given(this.oauth2UserService.loadUser(any(OidcUserRequest.class))).willReturn(Mono.just(oauth2User)); BiFunction> customOidcUserMapper = mock(BiFunction.class); OidcUser actualUser = new DefaultOidcUser(AuthorityUtils.createAuthorityList("a", "b"), this.idToken, diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/client/OAuth2ClientHttpRequestInterceptorTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/client/OAuth2ClientHttpRequestInterceptorTests.java index f19d81c277d..30834fc57f1 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/client/OAuth2ClientHttpRequestInterceptorTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/client/OAuth2ClientHttpRequestInterceptorTests.java @@ -149,7 +149,7 @@ public void setUp() { this.authorizedClient = new OAuth2AuthorizedClient(this.clientRegistration, "user", accessToken); List authorities = AuthorityUtils.createAuthorityList("OAUTH2_USER"); Map attributes = Map.of(StandardClaimNames.SUB, "user"); - OAuth2User user = new DefaultOAuth2User(authorities, attributes, StandardClaimNames.SUB); + OAuth2User user = new DefaultOAuth2User("user", attributes, authorities); this.principal = new OAuth2AuthenticationToken(user, authorities, "login-client"); this.requestInterceptor = new OAuth2ClientHttpRequestInterceptor(this.authorizedClientManager); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunctionTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunctionTests.java index f847d2b5ec8..faa56e26585 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunctionTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunctionTests.java @@ -808,8 +808,8 @@ public void filterWhenClientRegistrationIdFromAuthenticationThenAuthorizedClient given(this.authorizedClientRepository.loadAuthorizedClient(any(), any(), any())) .willReturn(Mono.just(authorizedClient)); ClientRequest request = ClientRequest.create(HttpMethod.GET, URI.create("https://example.com")).build(); - OAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + OAuth2User user = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); OAuth2AuthenticationToken authentication = new OAuth2AuthenticationToken(user, user.getAuthorities(), "client-id"); this.function.filter(request, this.exchange) @@ -828,8 +828,8 @@ public void filterWhenClientRegistrationIdFromAuthenticationThenAuthorizedClient @Test public void filterWhenDefaultOAuth2AuthorizedClientFalseThenEmpty() { ClientRequest request = ClientRequest.create(HttpMethod.GET, URI.create("https://example.com")).build(); - OAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + OAuth2User user = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); OAuth2AuthenticationToken authentication = new OAuth2AuthenticationToken(user, user.getAuthorities(), "client-id"); // @formatter:off diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/authentication/OAuth2LoginAuthenticationWebFilterTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/authentication/OAuth2LoginAuthenticationWebFilterTests.java index fafe7e6d5c2..324e14464a0 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/authentication/OAuth2LoginAuthenticationWebFilterTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/authentication/OAuth2LoginAuthenticationWebFilterTests.java @@ -87,8 +87,8 @@ public void onAuthenticationSuccessWhenOAuth2LoginAuthenticationTokenThenSavesAu private OAuth2LoginAuthenticationToken loginToken() { OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "token", Instant.now(), Instant.now().plus(Duration.ofDays(1)), Collections.singleton("user")); - DefaultOAuth2User user = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("ROLE_USER"), - Collections.singletonMap("user", "rob"), "user"); + DefaultOAuth2User user = new DefaultOAuth2User("rob", Collections.singletonMap("user", "rob"), + AuthorityUtils.createAuthorityList("ROLE_USER")); ClientRegistration clientRegistration = this.registration.build(); // @formatter:off OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode() diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java index e426879d822..a1a8e8747f7 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/DefaultOAuth2UserTests.java @@ -51,13 +51,13 @@ public class DefaultOAuth2UserTests { @Test public void constructorWhenAttributesIsNullThenThrowIllegalArgumentException() { assertThatIllegalArgumentException() - .isThrownBy(() -> new DefaultOAuth2User(AUTHORITIES, null, ATTRIBUTE_NAME_KEY)); + .isThrownBy(() -> new DefaultOAuth2User(USERNAME, null, AUTHORITIES)); } @Test public void constructorWhenAttributesIsEmptyThenThrowIllegalArgumentException() { assertThatIllegalArgumentException() - .isThrownBy(() -> new DefaultOAuth2User(AUTHORITIES, Collections.emptyMap(), ATTRIBUTE_NAME_KEY)); + .isThrownBy(() -> new DefaultOAuth2User(USERNAME, Collections.emptyMap(), AUTHORITIES)); } @Test @@ -82,7 +82,7 @@ public void constructorWhenNameAttributeKeyIsInvalidThenThrowIllegalArgumentExce @Test public void constructorWhenAuthoritiesIsNullThenCreatedWithEmptyAuthorities() { - DefaultOAuth2User user = new DefaultOAuth2User(null, ATTRIBUTES, ATTRIBUTE_NAME_KEY); + DefaultOAuth2User user = new DefaultOAuth2User(USERNAME, ATTRIBUTES, null); assertThat(user.getName()).isEqualTo(USERNAME); assertThat(user.getAuthorities()).isEmpty(); assertThat(user.getAttributes()).containsOnlyKeys(ATTRIBUTE_NAME_KEY); @@ -90,7 +90,7 @@ public void constructorWhenAuthoritiesIsNullThenCreatedWithEmptyAuthorities() { @Test public void constructorWhenAuthoritiesIsEmptyThenCreated() { - DefaultOAuth2User user = new DefaultOAuth2User(Collections.emptySet(), ATTRIBUTES, ATTRIBUTE_NAME_KEY); + DefaultOAuth2User user = new DefaultOAuth2User(USERNAME, ATTRIBUTES, Collections.emptySet()); assertThat(user.getName()).isEqualTo(USERNAME); assertThat(user.getAuthorities()).isEmpty(); assertThat(user.getAttributes()).containsOnlyKeys(ATTRIBUTE_NAME_KEY); @@ -98,7 +98,7 @@ public void constructorWhenAuthoritiesIsEmptyThenCreated() { @Test public void constructorWhenAllParametersProvidedAndValidThenCreated() { - DefaultOAuth2User user = new DefaultOAuth2User(AUTHORITIES, ATTRIBUTES, ATTRIBUTE_NAME_KEY); + DefaultOAuth2User user = new DefaultOAuth2User(USERNAME, ATTRIBUTES, AUTHORITIES); assertThat(user.getName()).isEqualTo(USERNAME); assertThat(user.getAuthorities()).hasSize(1); assertThat(user.getAuthorities().iterator().next()).isEqualTo(AUTHORITY); @@ -108,7 +108,7 @@ public void constructorWhenAllParametersProvidedAndValidThenCreated() { // gh-4917 @Test public void constructorWhenCreatedThenIsSerializable() { - DefaultOAuth2User user = new DefaultOAuth2User(AUTHORITIES, ATTRIBUTES, ATTRIBUTE_NAME_KEY); + DefaultOAuth2User user = new DefaultOAuth2User(USERNAME, ATTRIBUTES, AUTHORITIES); SerializationUtils.serialize(user); } diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/TestOAuth2Users.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/TestOAuth2Users.java index adf1197e166..cf1b2bd419e 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/TestOAuth2Users.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/user/TestOAuth2Users.java @@ -38,7 +38,7 @@ public static DefaultOAuth2User create() { Map attributes = new HashMap<>(); attributes.put(nameAttributeKey, "user"); Collection authorities = authorities(attributes, nameAttributeKey); - return new DefaultOAuth2User(authorities, attributes, nameAttributeKey); + return new DefaultOAuth2User("user", attributes, authorities); } private static Collection authorities(Map attributes, diff --git a/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java b/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java index 360b7a22982..0cce15b39d1 100644 --- a/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java +++ b/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java @@ -848,7 +848,8 @@ private Map defaultAttributes() { } private OAuth2User defaultPrincipal() { - return new DefaultOAuth2User(this.authorities.get(), this.attributes.get(), this.nameAttributeKey); + String name = this.attributes.get().get(this.nameAttributeKey).toString(); + return new DefaultOAuth2User(name, this.attributes.get(), this.authorities.get()); } } diff --git a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java index 8d0aac3e696..2bba7a50f97 100644 --- a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java +++ b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java @@ -1390,7 +1390,8 @@ private Map defaultAttributes() { } private OAuth2User defaultPrincipal() { - return new DefaultOAuth2User(this.authorities.get(), this.attributes.get(), this.nameAttributeKey); + String name = this.attributes.get().get(this.nameAttributeKey).toString(); + return new DefaultOAuth2User(name, this.attributes.get(), this.authorities.get()); } } diff --git a/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java b/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java index 382943522bf..6c8ed005297 100644 --- a/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java @@ -133,8 +133,9 @@ public void oauth2LoginWhenAttributeSpecifiedThenUserHasAttribute() { @Test public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception { - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"), - Collections.singletonMap("custom-attribute", "test-subject"), "custom-attribute"); + OAuth2User oauth2User = new DefaultOAuth2User("test-subject", + Collections.singletonMap("custom-attribute", "test-subject"), + AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read")); this.client.mutateWith(SecurityMockServerConfigurers.mockOAuth2Login().oauth2User(oauth2User)) .get() .uri("/token") @@ -155,8 +156,8 @@ public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception { @Test public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception { - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("SCOPE_read"), - Collections.singletonMap("sub", "subject"), "sub"); + OAuth2User oauth2User = new DefaultOAuth2User("subject", Collections.singletonMap("sub", "subject"), + AuthorityUtils.createAuthorityList("SCOPE_read")); this.client .mutateWith(SecurityMockServerConfigurers.mockOAuth2Login() .attributes((a) -> a.put("subject", "foo")) diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java index f834d431658..975b2834b96 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java @@ -115,8 +115,9 @@ public void oauth2LoginWhenAttributeSpecifiedThenUserHasAttribute() throws Excep @Test public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception { - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"), - Collections.singletonMap("custom-attribute", "test-subject"), "custom-attribute"); + OAuth2User oauth2User = new DefaultOAuth2User("test-subject", + Collections.singletonMap("custom-attribute", "test-subject"), + AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read")); this.mvc.perform(get("/attributes/custom-attribute").with(oauth2Login().oauth2User(oauth2User))) .andExpect(content().string("test-subject")); this.mvc.perform(get("/name").with(oauth2Login().oauth2User(oauth2User))) @@ -135,8 +136,8 @@ public void oauth2LoginWhenClientRegistrationSpecifiedThenUses() throws Exceptio @Test public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception { - OAuth2User oauth2User = new DefaultOAuth2User(AuthorityUtils.createAuthorityList("SCOPE_read"), - Collections.singletonMap("username", "user"), "username"); + OAuth2User oauth2User = new DefaultOAuth2User("user", Collections.singletonMap("username", "user"), + AuthorityUtils.createAuthorityList("SCOPE_read")); this.mvc .perform(get("/attributes/sub") .with(oauth2Login().attributes((a) -> a.put("sub", "bar")).oauth2User(oauth2User)))