Add copy constructor for DefaultOidcUser

Author: andreblanke

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/DefaultOidcUserMixin.java

@@ -43,10 +43,17 @@
 @JsonIgnoreProperties(value = { "attributes" }, ignoreUnknown = true)
 abstract class DefaultOidcUserMixin {
 
+	@Deprecated
 	@JsonCreator
 	DefaultOidcUserMixin(@JsonProperty("authorities") Collection<? extends GrantedAuthority> authorities,
 			@JsonProperty("idToken") OidcIdToken idToken, @JsonProperty("userInfo") OidcUserInfo userInfo,
 			@JsonProperty("nameAttributeKey") String nameAttributeKey) {
 	}
 
+	@JsonCreator
+	DefaultOidcUserMixin(@JsonProperty("name") String name,
+			@JsonProperty("idToken") OidcIdToken idToken, @JsonProperty("userInfo") OidcUserInfo userInfo,
+			@JsonProperty("authorities") Collection<? extends GrantedAuthority> authorities) {
+	}
+
 }

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserRequestUtils.java

@@ -91,9 +91,10 @@ static OidcUser getUser(OidcUserRequest userRequest, OidcUserInfo userInfo) {
 			authorities.add(new SimpleGrantedAuthority("SCOPE_" + scope));
 		}
 		if (StringUtils.hasText(userNameAttributeName)) {
+			// TODO: Get name from OidcUserAuthority.collectClaims.
 			return new DefaultOidcUser(authorities, userRequest.getIdToken(), userInfo, userNameAttributeName);
 		}
-		return new DefaultOidcUser(authorities, userRequest.getIdToken(), userInfo);
+		return new DefaultOidcUser(userRequest.getIdToken(), userInfo, authorities);
 	}
 
 	private OidcUserRequestUtils() {

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/DefaultOidcUser.java

@@ -51,34 +51,68 @@ public class DefaultOidcUser extends DefaultOAuth2User implements OidcUser {
 	 * @param authorities the authorities granted to the user
 	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
 	 */
+	@Deprecated
 	public DefaultOidcUser(Collection<? extends GrantedAuthority> authorities, OidcIdToken idToken) {
 		this(authorities, idToken, IdTokenClaimNames.SUB);
 	}
 
+	/**
+	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
+	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
+	 * @param authorities the authorities granted to the user
+	 */
+	public DefaultOidcUser(OidcIdToken idToken, Collection<? extends GrantedAuthority> authorities) {
+		this(null, idToken, authorities);
+	}
+
 	/**
 	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
 	 * @param authorities the authorities granted to the user
 	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
 	 * @param nameAttributeKey the key used to access the user's &quot;name&quot; from
 	 * {@link #getAttributes()}
 	 */
+	@Deprecated
 	public DefaultOidcUser(Collection<? extends GrantedAuthority> authorities, OidcIdToken idToken,
 			String nameAttributeKey) {
 		this(authorities, idToken, null, nameAttributeKey);
 	}
 
+	/**
+	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
+	 * @param name the name of the user
+	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
+	 * @param authorities the authorities granted to the user
+	 */
+	public DefaultOidcUser(String name, OidcIdToken idToken, Collection<? extends GrantedAuthority> authorities) {
+		this(name, idToken, null, authorities);
+	}
+
 	/**
 	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
 	 * @param authorities the authorities granted to the user
 	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
 	 * @param userInfo the {@link OidcUserInfo UserInfo} containing claims about the user,
 	 * may be {@code null}
 	 */
+	@Deprecated
 	public DefaultOidcUser(Collection<? extends GrantedAuthority> authorities, OidcIdToken idToken,
 			OidcUserInfo userInfo) {
 		this(authorities, idToken, userInfo, IdTokenClaimNames.SUB);
 	}
 
+	/**
+	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
+	 * @param authorities the authorities granted to the user
+	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
+	 * @param userInfo the {@link OidcUserInfo UserInfo} containing claims about the user,
+	 * may be {@code null}
+	 */
+	public DefaultOidcUser(OidcIdToken idToken, OidcUserInfo userInfo,
+			Collection<? extends GrantedAuthority> authorities) {
+		this(null, idToken, userInfo, authorities);
+	}
+
 	/**
 	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
 	 * @param authorities the authorities granted to the user
@@ -88,13 +122,29 @@ public DefaultOidcUser(Collection<? extends GrantedAuthority> authorities, OidcI
 	 * @param nameAttributeKey the key used to access the user's &quot;name&quot; from
 	 * {@link #getAttributes()}
 	 */
+	@Deprecated
 	public DefaultOidcUser(Collection<? extends GrantedAuthority> authorities, OidcIdToken idToken,
 			OidcUserInfo userInfo, String nameAttributeKey) {
 		super(authorities, OidcUserAuthority.collectClaims(idToken, userInfo), nameAttributeKey);
 		this.idToken = idToken;
 		this.userInfo = userInfo;
 	}
 
+	/**
+	 * Constructs a {@code DefaultOidcUser} using the provided parameters.
+	 * @param name the name of the user
+	 * @param idToken the {@link OidcIdToken ID Token} containing claims about the user
+	 * @param userInfo the {@link OidcUserInfo UserInfo} containing claims about the user,
+	 * may be {@code null}
+	 * @param authorities the authorities granted to the user
+	 */
+	public DefaultOidcUser(String name, OidcIdToken idToken, OidcUserInfo userInfo,
+			Collection<? extends GrantedAuthority> authorities) {
+		super(name, OidcUserAuthority.collectClaims(idToken, userInfo), authorities);
+		this.idToken = idToken;
+		this.userInfo = userInfo;
+	}
+
 	@Override
 	public Map<String, Object> getClaims() {
 		return this.getAttributes();

test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java

@@ -1024,7 +1024,7 @@ private OidcUserInfo getOidcUserInfo() {
 		}
 
 		private OidcUser defaultPrincipal() {
-			return new DefaultOidcUser(getAuthorities(), getOidcIdToken(), this.userInfo);
+			return new DefaultOidcUser(getOidcIdToken(), this.userInfo, getAuthorities());
 		}
 
 	}

test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java

@@ -1534,7 +1534,7 @@ private OidcUserInfo getOidcUserInfo() {
 		}
 
 		private OidcUser defaultPrincipal() {
-			return new DefaultOidcUser(getAuthorities(), getOidcIdToken(), this.userInfo);
+			return new DefaultOidcUser(getOidcIdToken(), this.userInfo, getAuthorities());
 		}
 
 	}