|
16 | 16 | package org.springframework.security.oauth2.server.authorization.web;
|
17 | 17 |
|
18 | 18 | import java.io.IOException;
|
19 |
| -import java.time.temporal.ChronoUnit; |
20 | 19 | import java.util.Arrays;
|
21 |
| -import java.util.Map; |
22 | 20 |
|
23 | 21 | import jakarta.servlet.FilterChain;
|
24 | 22 | import jakarta.servlet.ServletException;
|
25 | 23 | import jakarta.servlet.http.HttpServletRequest;
|
26 | 24 | import jakarta.servlet.http.HttpServletResponse;
|
27 |
| - |
28 | 25 | import org.springframework.core.log.LogMessage;
|
29 | 26 | import org.springframework.http.HttpMethod;
|
30 |
| -import org.springframework.http.converter.HttpMessageConverter; |
31 |
| -import org.springframework.http.server.ServletServerHttpResponse; |
32 | 27 | import org.springframework.security.authentication.AbstractAuthenticationToken;
|
33 | 28 | import org.springframework.security.authentication.AuthenticationDetailsSource;
|
34 | 29 | import org.springframework.security.authentication.AuthenticationManager;
|
35 | 30 | import org.springframework.security.core.Authentication;
|
36 | 31 | import org.springframework.security.core.context.SecurityContextHolder;
|
37 |
| -import org.springframework.security.oauth2.core.OAuth2AccessToken; |
38 | 32 | import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
|
39 | 33 | import org.springframework.security.oauth2.core.OAuth2Error;
|
40 | 34 | import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
|
41 |
| -import org.springframework.security.oauth2.core.OAuth2RefreshToken; |
42 | 35 | import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
|
43 | 36 | import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
44 |
| -import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter; |
45 | 37 | import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
46 | 38 | import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeAuthenticationProvider;
|
47 | 39 | import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;
|
|
54 | 46 | import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2DeviceCodeAuthenticationConverter;
|
55 | 47 | import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ErrorAuthenticationFailureHandler;
|
56 | 48 | import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter;
|
| 49 | +import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AccessTokenResponseAuthenticationSuccessHandler; |
57 | 50 | import org.springframework.security.web.authentication.AuthenticationConverter;
|
58 | 51 | import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
59 | 52 | import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
60 | 53 | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
61 | 54 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
62 | 55 | import org.springframework.security.web.util.matcher.RequestMatcher;
|
63 | 56 | import org.springframework.util.Assert;
|
64 |
| -import org.springframework.util.CollectionUtils; |
65 | 57 | import org.springframework.web.filter.OncePerRequestFilter;
|
66 | 58 |
|
67 | 59 | /**
|
@@ -103,12 +95,10 @@ public final class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
|
103 | 95 | private static final String DEFAULT_ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
|
104 | 96 | private final AuthenticationManager authenticationManager;
|
105 | 97 | private final RequestMatcher tokenEndpointMatcher;
|
106 |
| - private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter = |
107 |
| - new OAuth2AccessTokenResponseHttpMessageConverter(); |
108 | 98 | private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
|
109 | 99 | new WebAuthenticationDetailsSource();
|
110 | 100 | private AuthenticationConverter authenticationConverter;
|
111 |
| - private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAccessTokenResponse; |
| 101 | + private AuthenticationSuccessHandler authenticationSuccessHandler = new OAuth2AccessTokenResponseAuthenticationSuccessHandler(); |
112 | 102 | private AuthenticationFailureHandler authenticationFailureHandler = new OAuth2ErrorAuthenticationFailureHandler();
|
113 | 103 |
|
114 | 104 | /**
|
@@ -218,34 +208,6 @@ public void setAuthenticationFailureHandler(AuthenticationFailureHandler authent
|
218 | 208 | this.authenticationFailureHandler = authenticationFailureHandler;
|
219 | 209 | }
|
220 | 210 |
|
221 |
| - private void sendAccessTokenResponse(HttpServletRequest request, HttpServletResponse response, |
222 |
| - Authentication authentication) throws IOException { |
223 |
| - |
224 |
| - OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = |
225 |
| - (OAuth2AccessTokenAuthenticationToken) authentication; |
226 |
| - |
227 |
| - OAuth2AccessToken accessToken = accessTokenAuthentication.getAccessToken(); |
228 |
| - OAuth2RefreshToken refreshToken = accessTokenAuthentication.getRefreshToken(); |
229 |
| - Map<String, Object> additionalParameters = accessTokenAuthentication.getAdditionalParameters(); |
230 |
| - |
231 |
| - OAuth2AccessTokenResponse.Builder builder = |
232 |
| - OAuth2AccessTokenResponse.withToken(accessToken.getTokenValue()) |
233 |
| - .tokenType(accessToken.getTokenType()) |
234 |
| - .scopes(accessToken.getScopes()); |
235 |
| - if (accessToken.getIssuedAt() != null && accessToken.getExpiresAt() != null) { |
236 |
| - builder.expiresIn(ChronoUnit.SECONDS.between(accessToken.getIssuedAt(), accessToken.getExpiresAt())); |
237 |
| - } |
238 |
| - if (refreshToken != null) { |
239 |
| - builder.refreshToken(refreshToken.getTokenValue()); |
240 |
| - } |
241 |
| - if (!CollectionUtils.isEmpty(additionalParameters)) { |
242 |
| - builder.additionalParameters(additionalParameters); |
243 |
| - } |
244 |
| - OAuth2AccessTokenResponse accessTokenResponse = builder.build(); |
245 |
| - ServletServerHttpResponse httpResponse = new ServletServerHttpResponse(response); |
246 |
| - this.accessTokenHttpResponseConverter.write(accessTokenResponse, null, httpResponse); |
247 |
| - } |
248 |
| - |
249 | 211 | private static void throwError(String errorCode, String parameterName) {
|
250 | 212 | OAuth2Error error = new OAuth2Error(errorCode, "OAuth 2.0 Parameter: " + parameterName, DEFAULT_ERROR_URI);
|
251 | 213 | throw new OAuth2AuthenticationException(error);
|
|
0 commit comments