Skip to content

Commit b7ea708

Browse files
ddevrienrwinch
ddevrien
authored and
rwinch
committed
OAuth2LoginAuthenticationFilter sets AuthenticationDetails
Fixes gh-6866
1 parent 23a7c30 commit b7ea708

File tree

2 files changed

+31
-1
lines changed

2 files changed

+31
-1
lines changed

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java

+3-1
Original file line numberDiff line numberDiff line change
@@ -178,9 +178,10 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
178178
.toUriString();
179179
OAuth2AuthorizationResponse authorizationResponse = OAuth2AuthorizationResponseUtils.convert(params, redirectUri);
180180

181+
Object authenticationDetails = this.authenticationDetailsSource.buildDetails(request);
181182
OAuth2LoginAuthenticationToken authenticationRequest = new OAuth2LoginAuthenticationToken(
182183
clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse));
183-
authenticationRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
184+
authenticationRequest.setDetails(authenticationDetails);
184185

185186
OAuth2LoginAuthenticationToken authenticationResult =
186187
(OAuth2LoginAuthenticationToken) this.getAuthenticationManager().authenticate(authenticationRequest);
@@ -189,6 +190,7 @@ public Authentication attemptAuthentication(HttpServletRequest request, HttpServ
189190
authenticationResult.getPrincipal(),
190191
authenticationResult.getAuthorities(),
191192
authenticationResult.getClientRegistration().getRegistrationId());
193+
oauth2Authentication.setDetails(authenticationDetails);
192194

193195
OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(
194196
authenticationResult.getClientRegistration(),

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilterTests.java

+28
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@
2727

2828
import org.springframework.mock.web.MockHttpServletRequest;
2929
import org.springframework.mock.web.MockHttpServletResponse;
30+
import org.springframework.security.authentication.AuthenticationDetailsSource;
3031
import org.springframework.security.authentication.AuthenticationManager;
3132
import org.springframework.security.core.Authentication;
3233
import org.springframework.security.core.AuthenticationException;
@@ -50,6 +51,7 @@
5051
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
5152
import org.springframework.security.oauth2.core.user.OAuth2User;
5253
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
54+
import org.springframework.security.web.authentication.WebAuthenticationDetails;
5355
import org.springframework.security.web.util.UrlUtils;
5456
import org.springframework.web.util.UriComponentsBuilder;
5557

@@ -79,6 +81,7 @@ public class OAuth2LoginAuthenticationFilterTests {
7981
private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
8082
private AuthenticationFailureHandler failureHandler;
8183
private AuthenticationManager authenticationManager;
84+
private AuthenticationDetailsSource authenticationDetailsSource;
8285
private OAuth2LoginAuthenticationToken loginAuthentication;
8386
private OAuth2LoginAuthenticationFilter filter;
8487

@@ -93,11 +96,13 @@ public void setUp() {
9396
this.authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository();
9497
this.failureHandler = mock(AuthenticationFailureHandler.class);
9598
this.authenticationManager = mock(AuthenticationManager.class);
99+
this.authenticationDetailsSource = mock(AuthenticationDetailsSource.class);
96100
this.filter = spy(new OAuth2LoginAuthenticationFilter(this.clientRegistrationRepository,
97101
this.authorizedClientRepository, OAuth2LoginAuthenticationFilter.DEFAULT_FILTER_PROCESSES_URI));
98102
this.filter.setAuthorizationRequestRepository(this.authorizationRequestRepository);
99103
this.filter.setAuthenticationFailureHandler(this.failureHandler);
100104
this.filter.setAuthenticationManager(this.authenticationManager);
105+
this.filter.setAuthenticationDetailsSource(this.authenticationDetailsSource);
101106
}
102107

103108
@Test
@@ -400,6 +405,29 @@ public void doFilterWhenAuthorizationResponseHasNonDefaultPortThenRedirectUriMat
400405
assertThat(authorizationResponse.getRedirectUri()).isEqualTo(expectedRedirectUri);
401406
}
402407

408+
// gh-6866
409+
@Test
410+
public void attemptAuthenticationShouldSetAuthenticationDetailsOnAuthenticationResult() throws Exception {
411+
String requestUri = "/login/oauth2/code/" + this.registration1.getRegistrationId();
412+
String state = "state";
413+
MockHttpServletRequest request = new MockHttpServletRequest("GET", requestUri);
414+
request.setServletPath(requestUri);
415+
request.addParameter(OAuth2ParameterNames.CODE, "code");
416+
request.addParameter(OAuth2ParameterNames.STATE, state);
417+
418+
WebAuthenticationDetails webAuthenticationDetails = mock(WebAuthenticationDetails.class);
419+
when(authenticationDetailsSource.buildDetails(any())).thenReturn(webAuthenticationDetails);
420+
421+
MockHttpServletResponse response = new MockHttpServletResponse();
422+
423+
this.setUpAuthorizationRequest(request, response, this.registration2, state);
424+
this.setUpAuthenticationResult(this.registration2);
425+
426+
Authentication result = this.filter.attemptAuthentication(request, response);
427+
428+
assertThat(result.getDetails()).isEqualTo(webAuthenticationDetails);
429+
}
430+
403431
private void setUpAuthorizationRequest(HttpServletRequest request, HttpServletResponse response,
404432
ClientRegistration registration, String state) {
405433
Map<String, Object> attributes = new HashMap<>();

0 commit comments

Comments
 (0)