From 53c38fccea1cd8c581a50b2254734e7b318d8ff6 Mon Sep 17 00:00:00 2001 From: DingHao Date: Fri, 20 Dec 2024 16:28:34 +0800 Subject: [PATCH] Add ServerWebExchange parameter to AuthorizationRequestCustomizer Closes gh-16306 --- ...verOAuth2AuthorizationRequestResolver.java | 24 +++++++++++++++++-- ...uth2AuthorizationRequestResolverTests.java | 17 ++++++++++++- 2 files changed, 38 insertions(+), 3 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java index bb95dd20b73..9a0500e0421 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java @@ -22,6 +22,7 @@ import java.util.Base64; import java.util.HashMap; import java.util.Map; +import java.util.function.BiConsumer; import java.util.function.Consumer; import reactor.core.publisher.Mono; @@ -92,7 +93,8 @@ public class DefaultServerOAuth2AuthorizationRequestResolver implements ServerOA private final ReactiveClientRegistrationRepository clientRegistrationRepository; - private Consumer authorizationRequestCustomizer = (customizer) -> { + private BiConsumer authorizationRequestCustomizer = ( + customizer, exchange) -> { }; /** @@ -148,11 +150,29 @@ public Mono resolve(ServerWebExchange exchange, Stri * @param authorizationRequestCustomizer the {@code Consumer} to be provided the * {@link OAuth2AuthorizationRequest.Builder} * @since 5.3 + * @deprecated Use {@link #setAuthorizationRequestCustomizer(BiConsumer) } instead * @see OAuth2AuthorizationRequestCustomizers */ + @Deprecated public final void setAuthorizationRequestCustomizer( Consumer authorizationRequestCustomizer) { Assert.notNull(authorizationRequestCustomizer, "authorizationRequestCustomizer cannot be null"); + this.authorizationRequestCustomizer = (customizer, exchange) -> authorizationRequestCustomizer + .accept(customizer); + } + + /** + * Sets the {@code BiConsumer} to be provided the + * {@link OAuth2AuthorizationRequest.Builder} and {@link ServerWebExchange} allowing + * for further customizations. + * @param authorizationRequestCustomizer the {@code BiConsumer} to be provided the + * {@link OAuth2AuthorizationRequest.Builder} and {@link ServerWebExchange} + * @since 6.5 + * @see OAuth2AuthorizationRequestCustomizers + */ + public final void setAuthorizationRequestCustomizer( + BiConsumer authorizationRequestCustomizer) { + Assert.notNull(authorizationRequestCustomizer, "authorizationRequestCustomizer cannot be null"); this.authorizationRequestCustomizer = authorizationRequestCustomizer; } @@ -175,7 +195,7 @@ private OAuth2AuthorizationRequest authorizationRequest(ServerWebExchange exchan .state(DEFAULT_STATE_GENERATOR.generateKey()); // @formatter:on - this.authorizationRequestCustomizer.accept(builder); + this.authorizationRequestCustomizer.accept(builder, exchange); return builder.build(); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolverTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolverTests.java index ec293997f5e..c7c76e8f815 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolverTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolverTests.java @@ -16,6 +16,8 @@ package org.springframework.security.oauth2.client.web.server; +import java.util.function.Consumer; + import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -68,7 +70,8 @@ public void setup() { @Test public void setAuthorizationRequestCustomizerWhenNullThenThrowIllegalArgumentException() { - assertThatIllegalArgumentException().isThrownBy(() -> this.resolver.setAuthorizationRequestCustomizer(null)); + assertThatIllegalArgumentException().isThrownBy(() -> this.resolver + .setAuthorizationRequestCustomizer((Consumer) null)); } @Test @@ -254,6 +257,18 @@ public void resolveWhenAuthorizationRequestCustomizerOverridesParameterThenQuery + "nonce=([a-zA-Z0-9\\-\\.\\_\\~]){43}&" + "appid=client-id"); } + @Test + public void resolveWhenAuthorizationRequestCustomizerAdditionParameterFromRequest() { + given(this.clientRegistrationRepository.findByRegistrationId(any())) + .willReturn(Mono.just(TestClientRegistrations.clientRegistration().scope(OidcScopes.OPENID).build())); + this.resolver.setAuthorizationRequestCustomizer((builder, exchange) -> builder.parameters((params) -> { + params.put("aa", exchange.getRequest().getQueryParams().getFirst("a")); + params.put("bb", exchange.getRequest().getQueryParams().getFirst("b")); + })); + OAuth2AuthorizationRequest authorizationRequest = resolve("/oauth2/authorization/registration-id?a=A&b=B"); + assertThat(authorizationRequest.getAuthorizationRequestUri()).contains("aa=A&bb=B"); + } + private OAuth2AuthorizationRequest resolve(String path) { ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get(path)); return this.resolver.resolve(exchange).block();