diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java index a7b0151ae02..36a11a7c87b 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java @@ -67,22 +67,22 @@ */ public class OidcUserService implements OAuth2UserService { - private static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response"; + protected static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response"; - private static final Converter, Map> DEFAULT_CLAIM_TYPE_CONVERTER = new ClaimTypeConverter( + protected static final Converter, Map> DEFAULT_CLAIM_TYPE_CONVERTER = new ClaimTypeConverter( createDefaultClaimTypeConverters()); - private Set accessibleScopes = new HashSet<>( + protected Set accessibleScopes = new HashSet<>( Arrays.asList(OidcScopes.PROFILE, OidcScopes.EMAIL, OidcScopes.ADDRESS, OidcScopes.PHONE)); - private OAuth2UserService oauth2UserService = new DefaultOAuth2UserService(); + protected OAuth2UserService oauth2UserService = new DefaultOAuth2UserService(); - private Function, Map>> claimTypeConverterFactory = ( + protected Function, Map>> claimTypeConverterFactory = ( clientRegistration) -> DEFAULT_CLAIM_TYPE_CONVERTER; - private Predicate retrieveUserInfo = this::shouldRetrieveUserInfo; + protected Predicate retrieveUserInfo = this::shouldRetrieveUserInfo; - private BiFunction oidcUserMapper = OidcUserRequestUtils::getUser; + protected BiFunction oidcUserMapper = OidcUserRequestUtils::getUser; /** * Returns the default {@link Converter}'s used for type conversion of claim values @@ -101,7 +101,7 @@ public class OidcUserService implements OAuth2UserService getConverter(TypeDescriptor targetDescriptor) { + protected static Converter getConverter(TypeDescriptor targetDescriptor) { TypeDescriptor sourceDescriptor = TypeDescriptor.valueOf(Object.class); return (source) -> ClaimConversionService.getSharedInstance() .convert(source, sourceDescriptor, targetDescriptor); @@ -136,7 +136,7 @@ public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2Authenticatio return this.oidcUserMapper.apply(userRequest, userInfo); } - private Map getClaims(OidcUserRequest userRequest, OAuth2User oauth2User) { + protected Map getClaims(OidcUserRequest userRequest, OAuth2User oauth2User) { Converter, Map> converter = this.claimTypeConverterFactory .apply(userRequest.getClientRegistration()); if (converter != null) { @@ -145,7 +145,7 @@ private Map getClaims(OidcUserRequest userRequest, OAuth2User oa return DEFAULT_CLAIM_TYPE_CONVERTER.convert(oauth2User.getAttributes()); } - private boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) { + protected boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) { // Auto-disabled if UserInfo Endpoint URI is not provided ProviderDetails providerDetails = userRequest.getClientRegistration().getProviderDetails(); if (!StringUtils.hasLength(providerDetails.getUserInfoEndpoint().getUri())) { @@ -182,7 +182,7 @@ private boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) { * user info resource. * @since 5.1 */ - public final void setOauth2UserService(OAuth2UserService oauth2UserService) { + public void setOauth2UserService(OAuth2UserService oauth2UserService) { Assert.notNull(oauth2UserService, "oauth2UserService cannot be null"); this.oauth2UserService = oauth2UserService; } @@ -196,7 +196,7 @@ public final void setOauth2UserService(OAuth2UserService, Map>> claimTypeConverterFactory) { Assert.notNull(claimTypeConverterFactory, "claimTypeConverterFactory cannot be null"); this.claimTypeConverterFactory = claimTypeConverterFactory; @@ -215,7 +215,7 @@ public final void setClaimTypeConverterFactory( * @deprecated Use {@link #setRetrieveUserInfo(Predicate)} instead */ @Deprecated(since = "6.3", forRemoval = true) - public final void setAccessibleScopes(Set accessibleScopes) { + public void setAccessibleScopes(Set accessibleScopes) { Assert.notNull(accessibleScopes, "accessibleScopes cannot be null"); this.accessibleScopes = accessibleScopes; } @@ -238,7 +238,7 @@ public final void setAccessibleScopes(Set accessibleScopes) { * should be called * @since 6.3 */ - public final void setRetrieveUserInfo(Predicate retrieveUserInfo) { + public void setRetrieveUserInfo(Predicate retrieveUserInfo) { Assert.notNull(retrieveUserInfo, "retrieveUserInfo cannot be null"); this.retrieveUserInfo = retrieveUserInfo; } @@ -257,7 +257,7 @@ public final void setRetrieveUserInfo(Predicate retrieveUserInf * return userService; * } * - * private static BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper() { + * protected static BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper() { * return (userRequest, userInfo) -> { * var accessToken = userRequest.getAccessToken(); * var grantedAuthorities = new HashSet<GrantedAuthority>(); @@ -294,7 +294,7 @@ public final void setRetrieveUserInfo(Predicate retrieveUserInf * {@link OidcUserRequest} and {@link OidcUserInfo} * @since 6.3 */ - public final void setOidcUserMapper(BiFunction oidcUserMapper) { + public void setOidcUserMapper(BiFunction oidcUserMapper) { Assert.notNull(oidcUserMapper, "oidcUserMapper cannot be null"); this.oidcUserMapper = oidcUserMapper; }