changed: made recommended changes

bibibiu2017 · bibibiu2017 · commit 96b9600b5ba9 · 2021-07-28T17:16:42.000+03:00
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2AuthorizationServerMetadata.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2AuthorizationServerMetadata.java
@@ -15,6 +15,8 @@
  */
 package org.springframework.security.oauth2.core;
 
+import org.springframework.security.oauth2.core.oidc.OidcProviderConfiguration;
+import org.springframework.security.oauth2.core.oidc.OidcProviderMetadataClaimNames;
 import java.io.Serializable;
 import java.net.URI;
 import java.net.URL;
@@ -33,10 +35,11 @@
  * The metadata endpoint returns a set of claims an Authorization Server describes about its configuration.
  *
  * @author Daniel Garnier-Moiroux
+ * @author Arthur Mita
  * @see OAuth2AuthorizationServerMetadataClaimAccessor
- * @since 0.1.1
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc8414#section-3.2">3.2. Authorization Server Metadata Response</a>
  * @see <a target="_blank" href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationResponse">4.2. OpenID Provider Configuration Response</a>
+ * @since 0.1.1
  */
 public abstract class AbstractOAuth2AuthorizationServerMetadata implements OAuth2AuthorizationServerMetadataClaimAccessor, Serializable {
 	private static final long serialVersionUID = Version.SERIAL_VERSION_UID;
@@ -73,7 +76,7 @@ protected Map<String, Object> getClaims() {
 		@SuppressWarnings("unchecked")
 		protected final B getThis() {
 			return (B) this;	// avoid unchecked casts in subclasses by using "getThis()" instead of "(B) this"
-		};
+		}
 
 		/**
 		 * Use this {@code issuer} in the resulting {@link AbstractOAuth2AuthorizationServerMetadata}, REQUIRED.
@@ -105,6 +108,16 @@ public B tokenEndpoint(String tokenEndpoint) {
 			return claim(OAuth2AuthorizationServerMetadataClaimNames.TOKEN_ENDPOINT, tokenEndpoint);
 		}
 
+		/**
+		 * Add this registration endpoint in the resulting {@link OidcProviderConfiguration} OPTIONAL
+		 *
+		 * @param registrationEndpoint the supported registration client url
+		 * @return the {@link OidcProviderConfiguration.Builder} for further configuration
+		 */
+		public B clientRegistrationEndpoint(String registrationEndpoint) {
+			return claim(OAuth2AuthorizationServerMetadataClaimNames.REGISTRATION_ENDPOINT, registrationEndpoint);
+		}
+
 		/**
 		 * Add this client authentication method to the collection of {@code token_endpoint_auth_methods_supported}
 		 * in the resulting {@link AbstractOAuth2AuthorizationServerMetadata}, OPTIONAL.
@@ -299,7 +312,7 @@ public B codeChallengeMethods(Consumer<List<String>> codeChallengeMethodsConsume
 		/**
 		 * Use this claim in the resulting {@link AbstractOAuth2AuthorizationServerMetadata}.
 		 *
-		 * @param name the claim name
+		 * @param name  the claim name
 		 * @param value the claim value
 		 * @return the {@link AbstractBuilder} for further configuration
 		 */
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthorizationServerMetadataClaimNames.java
@@ -20,6 +20,7 @@
  * used in OAuth 2.0 Authorization Server Metadata and OpenID Connect Discovery 1.0.
  *
  * @author Daniel Garnier-Moiroux
+ * @author Arthur Mita
  * @since 0.1.1
  * @see <a target="_blank" href="https://tools.ietf.org/html/rfc8414#section-2">2. Authorization Server Metadata</a>
  * @see <a target="_blank" href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata">3. OpenID Provider Metadata</a>
@@ -41,6 +42,11 @@ public interface OAuth2AuthorizationServerMetadataClaimNames {
 	 */
 	String TOKEN_ENDPOINT = "token_endpoint";
 
+	/**
+	 * {@code registration_endpoint} - the {@code URL} of the OpenID Connect Discovery 1.0 Client Registration Endpoint
+	 */
+	String REGISTRATION_ENDPOINT = "registration_endpoint";
+
 	/**
 	 * {@code token_endpoint_auth_methods_supported} - the client authentication methods supported by the OAuth 2.0 Token Endpoint
 	 */
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderConfiguration.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderConfiguration.java
@@ -21,7 +21,6 @@
 import java.util.function.Consumer;
 
 import org.springframework.security.oauth2.core.AbstractOAuth2AuthorizationServerMetadata;
-import org.springframework.security.oauth2.core.OAuth2AuthorizationServerMetadataClaimNames;
 import org.springframework.security.oauth2.jose.jws.JwsAlgorithm;
 import org.springframework.util.Assert;
 
@@ -32,7 +31,6 @@
  * The claims are defined by the OpenID Connect Discovery 1.0 specification.
  *
  * @author Daniel Garnier-Moiroux
- * @author Arthur Mita
  * @since 0.1.0
  * @see AbstractOAuth2AuthorizationServerMetadata
  * @see OidcProviderMetadataClaimAccessor
@@ -120,15 +118,6 @@ public Builder idTokenSigningAlgorithms(Consumer<List<String>> signingAlgorithms
 			return this;
 		}
 
-		/**
-		 * Add this registration endpoint in the resulting {@link OidcProviderConfiguration} OPTIONAL
-		 * @param registrationEndpoint the supported registration client url
-		 * @return the {@link Builder} for further configuration
-		 */
-		public Builder registrationEndpoint(String registrationEndpoint) {
-			return claim(OidcProviderMetadataClaimNames.REGISTRATION_ENDPOINT, registrationEndpoint);
-		}
-
 		/**
 		 * Validate the claims and build the {@link OidcProviderConfiguration}.
 		 * <p>
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/core/oidc/OidcProviderMetadataClaimNames.java
@@ -23,7 +23,6 @@
  * in the OpenID Provider Configuration Response.
  *
  * @author Daniel Garnier-Moiroux
- * @author Arthur Mita
  * @since 0.1.0
  * @see OAuth2AuthorizationServerMetadataClaimNames
  * @see <a target="_blank" href="https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata">3. OpenID Provider Metadata</a>
@@ -40,10 +39,4 @@ public interface OidcProviderMetadataClaimNames extends OAuth2AuthorizationServe
 	 */
 	String ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = "id_token_signing_alg_values_supported";
 
-
-	/**
-	 * {@code registration_endpoint} - the {@code URL} of the OpenID Connect Discovery 1.0 Client Registration Endpoint
-	 */
-	String REGISTRATION_ENDPOINT = "registration_endpoint";
-
 }
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/web/OidcProviderConfigurationEndpointFilter.java
@@ -90,7 +90,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 				.grantType(AuthorizationGrantType.REFRESH_TOKEN.getValue())
 				.subjectType("public")
 				.idTokenSigningAlgorithm(SignatureAlgorithm.RS256.getName())
-				.registrationEndpoint(asUrl(this.providerSettings.getIssuer(), this.providerSettings.getOidcClientRegistrationEndpoint()))
+				.clientRegistrationEndpoint(asUrl(this.providerSettings.getIssuer(), this.providerSettings.getOidcClientRegistrationEndpoint()))
 				.scope(OidcScopes.OPENID)
 				.build();
 
