Skip to content

Make OidcUserService overrideable #14899

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

Make OidcUserService overrideable #14899

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 16 additions & 16 deletions ...c/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,22 +67,22 @@
*/
public class OidcUserService implements OAuth2UserService<OidcUserRequest, OidcUser> {

private static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response";
protected static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response";

private static final Converter<Map<String, Object>, Map<String, Object>> DEFAULT_CLAIM_TYPE_CONVERTER = new ClaimTypeConverter(
protected static final Converter<Map<String, Object>, Map<String, Object>> DEFAULT_CLAIM_TYPE_CONVERTER = new ClaimTypeConverter(
createDefaultClaimTypeConverters());

private Set<String> accessibleScopes = new HashSet<>(
protected Set<String> accessibleScopes = new HashSet<>(
Arrays.asList(OidcScopes.PROFILE, OidcScopes.EMAIL, OidcScopes.ADDRESS, OidcScopes.PHONE));

private OAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService = new DefaultOAuth2UserService();
protected OAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService = new DefaultOAuth2UserService();

private Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>> claimTypeConverterFactory = (
protected Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>> claimTypeConverterFactory = (
clientRegistration) -> DEFAULT_CLAIM_TYPE_CONVERTER;

private Predicate<OidcUserRequest> retrieveUserInfo = this::shouldRetrieveUserInfo;
protected Predicate<OidcUserRequest> retrieveUserInfo = this::shouldRetrieveUserInfo;

private BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper = OidcUserRequestUtils::getUser;
protected BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper = OidcUserRequestUtils::getUser;

/**
* Returns the default {@link Converter}'s used for type conversion of claim values
Expand All @@ -101,7 +101,7 @@ public class OidcUserService implements OAuth2UserService<OidcUserRequest, OidcU
return claimTypeConverters;
}

private static Converter<Object, ?> getConverter(TypeDescriptor targetDescriptor) {
protected static Converter<Object, ?> getConverter(TypeDescriptor targetDescriptor) {
TypeDescriptor sourceDescriptor = TypeDescriptor.valueOf(Object.class);
return (source) -> ClaimConversionService.getSharedInstance()
.convert(source, sourceDescriptor, targetDescriptor);
Expand Down Expand Up @@ -136,7 +136,7 @@ public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2Authenticatio
return this.oidcUserMapper.apply(userRequest, userInfo);
}

private Map<String, Object> getClaims(OidcUserRequest userRequest, OAuth2User oauth2User) {
protected Map<String, Object> getClaims(OidcUserRequest userRequest, OAuth2User oauth2User) {
Converter<Map<String, Object>, Map<String, Object>> converter = this.claimTypeConverterFactory
.apply(userRequest.getClientRegistration());
if (converter != null) {
Expand All @@ -145,7 +145,7 @@ private Map<String, Object> getClaims(OidcUserRequest userRequest, OAuth2User oa
return DEFAULT_CLAIM_TYPE_CONVERTER.convert(oauth2User.getAttributes());
}

private boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) {
protected boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) {
// Auto-disabled if UserInfo Endpoint URI is not provided
ProviderDetails providerDetails = userRequest.getClientRegistration().getProviderDetails();
if (!StringUtils.hasLength(providerDetails.getUserInfoEndpoint().getUri())) {
Expand Down Expand Up @@ -182,7 +182,7 @@ private boolean shouldRetrieveUserInfo(OidcUserRequest userRequest) {
* user info resource.
* @since 5.1
*/
public final void setOauth2UserService(OAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService) {
public void setOauth2UserService(OAuth2UserService<OAuth2UserRequest, OAuth2User> oauth2UserService) {
Assert.notNull(oauth2UserService, "oauth2UserService cannot be null");
this.oauth2UserService = oauth2UserService;
}
Expand All @@ -196,7 +196,7 @@ public final void setOauth2UserService(OAuth2UserService<OAuth2UserRequest, OAut
* client}
* @since 5.2
*/
public final void setClaimTypeConverterFactory(
public void setClaimTypeConverterFactory(
Function<ClientRegistration, Converter<Map<String, Object>, Map<String, Object>>> claimTypeConverterFactory) {
Assert.notNull(claimTypeConverterFactory, "claimTypeConverterFactory cannot be null");
this.claimTypeConverterFactory = claimTypeConverterFactory;
Expand All @@ -215,7 +215,7 @@ public final void setClaimTypeConverterFactory(
* @deprecated Use {@link #setRetrieveUserInfo(Predicate)} instead
*/
@Deprecated(since = "6.3", forRemoval = true)
public final void setAccessibleScopes(Set<String> accessibleScopes) {
public void setAccessibleScopes(Set<String> accessibleScopes) {
Assert.notNull(accessibleScopes, "accessibleScopes cannot be null");
this.accessibleScopes = accessibleScopes;
}
Expand All @@ -238,7 +238,7 @@ public final void setAccessibleScopes(Set<String> accessibleScopes) {
* should be called
* @since 6.3
*/
public final void setRetrieveUserInfo(Predicate<OidcUserRequest> retrieveUserInfo) {
public void setRetrieveUserInfo(Predicate<OidcUserRequest> retrieveUserInfo) {
Assert.notNull(retrieveUserInfo, "retrieveUserInfo cannot be null");
this.retrieveUserInfo = retrieveUserInfo;
}
Expand All @@ -257,7 +257,7 @@ public final void setRetrieveUserInfo(Predicate<OidcUserRequest> retrieveUserInf
* return userService;
* }
*
* private static BiFunction&lt;OidcUserRequest, OidcUserInfo, OidcUser&gt; oidcUserMapper() {
* protected static BiFunction&lt;OidcUserRequest, OidcUserInfo, OidcUser&gt; oidcUserMapper() {
* return (userRequest, userInfo) -> {
* var accessToken = userRequest.getAccessToken();
* var grantedAuthorities = new HashSet&lt;GrantedAuthority&gt;();
Expand Down Expand Up @@ -294,7 +294,7 @@ public final void setRetrieveUserInfo(Predicate<OidcUserRequest> retrieveUserInf
* {@link OidcUserRequest} and {@link OidcUserInfo}
* @since 6.3
*/
public final void setOidcUserMapper(BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper) {
public void setOidcUserMapper(BiFunction<OidcUserRequest, OidcUserInfo, OidcUser> oidcUserMapper) {
Assert.notNull(oidcUserMapper, "oidcUserMapper cannot be null");
this.oidcUserMapper = oidcUserMapper;
}
Expand Down