accessTokenHttpResponseConverter and errorHttpResponseConverter allows custom

luamas · luamas · commit 26e2f342461a · 2023-02-03T16:18:05.000+08:00
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2TokenEndpointConfigurer.java
@@ -22,6 +22,7 @@
 import jakarta.servlet.http.HttpServletRequest;
 
 import org.springframework.http.HttpMethod;
+import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.ObjectPostProcessor;
@@ -65,6 +66,8 @@ public final class OAuth2TokenEndpointConfigurer extends AbstractOAuth2Configure
 	private Consumer<List<AuthenticationConverter>> accessTokenRequestConvertersConsumer = (accessTokenRequestConverters) -> {};
 	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
 	private Consumer<List<AuthenticationProvider>> authenticationProvidersConsumer = (authenticationProviders) -> {};
+	private HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter;
+	private HttpMessageConverter<OAuth2Error> errorHttpResponseConverter;
 	private AuthenticationSuccessHandler accessTokenResponseHandler;
 	private AuthenticationFailureHandler errorResponseHandler;
 
@@ -132,6 +135,26 @@ public OAuth2TokenEndpointConfigurer authenticationProviders(
 		return this;
 	}
 
+	/**
+	 * Sets the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2AccessTokenResponse}.
+	 *
+	 * @param accessTokenHttpResponseConverter the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2AccessTokenResponse}
+	 */
+	public OAuth2TokenEndpointConfigurer accessTokenHttpResponseConverter(HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter) {
+		this.accessTokenHttpResponseConverter = accessTokenHttpResponseConverter;
+		return this;
+	}
+
+	/**
+	 * Sets the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2Error}.
+	 *
+	 * @param errorHttpResponseConverter the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2Error}
+	 */
+	public OAuth2TokenEndpointConfigurer errorHttpResponseConverter(HttpMessageConverter<OAuth2Error> errorHttpResponseConverter) {
+		this.errorHttpResponseConverter = errorHttpResponseConverter;
+		return this;
+	}
+
 	/**
 	 * Sets the {@link AuthenticationSuccessHandler} used for handling an {@link OAuth2AccessTokenAuthenticationToken}
 	 * and returning the {@link OAuth2AccessTokenResponse Access Token Response}.
@@ -187,6 +210,12 @@ void configure(HttpSecurity httpSecurity) {
 		this.accessTokenRequestConvertersConsumer.accept(authenticationConverters);
 		tokenEndpointFilter.setAuthenticationConverter(
 				new DelegatingAuthenticationConverter(authenticationConverters));
+		if (this.accessTokenHttpResponseConverter != null) {
+			tokenEndpointFilter.setAccessTokenHttpResponseConverter(this.accessTokenHttpResponseConverter);
+		}
+		if (this.errorHttpResponseConverter != null) {
+			tokenEndpointFilter.setErrorHttpResponseConverter(this.errorHttpResponseConverter);
+		}
 		if (this.accessTokenResponseHandler != null) {
 			tokenEndpointFilter.setAuthenticationSuccessHandler(this.accessTokenResponseHandler);
 		}
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilter.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilter.java
@@ -102,9 +102,9 @@ public final class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
 	private static final String DEFAULT_ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
 	private final AuthenticationManager authenticationManager;
 	private final RequestMatcher tokenEndpointMatcher;
-	private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
+	private HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
 			new OAuth2AccessTokenResponseHttpMessageConverter();
-	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
+	private HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
 			new OAuth2ErrorHttpMessageConverter();
 	private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
 			new WebAuthenticationDetailsSource();
@@ -175,6 +175,26 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 		}
 	}
 
+	/**
+	 * Sets the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2AccessTokenResponse}.
+	 *
+	 * @param accessTokenHttpResponseConverter the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2AccessTokenResponse}
+	 */
+	public void setAccessTokenHttpResponseConverter(HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter) {
+		Assert.notNull(accessTokenHttpResponseConverter, "accessTokenHttpResponseConverter cannot be null");
+		this.accessTokenHttpResponseConverter = accessTokenHttpResponseConverter;
+	}
+
+	/**
+	 * Sets the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2Error}.
+	 *
+	 * @param errorHttpResponseConverter the {@link HttpMessageConverter} used for building a custom the response body from {@link OAuth2Error}
+	 */
+	public void setErrorHttpResponseConverter(HttpMessageConverter<OAuth2Error> errorHttpResponseConverter) {
+		Assert.notNull(errorHttpResponseConverter, "errorHttpResponseConverter cannot be null");
+		this.errorHttpResponseConverter = errorHttpResponseConverter;
+	}
+
 	/**
 	 * Sets the {@link AuthenticationDetailsSource} used for building an authentication details instance from {@link HttpServletRequest}.
 	 *
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilterTests.java
@@ -117,6 +117,21 @@ public void constructorWhenTokenEndpointUriNullThenThrowIllegalArgumentException
 				.hasMessage("tokenEndpointUri cannot be empty");
 	}
 
+	@Test
+	public void setAccessTokenHttpResponseConverterWhenNullThenThrowIllegalArgumentException() {
+		assertThatThrownBy(() -> this.filter.setAccessTokenHttpResponseConverter(null))
+				.isInstanceOf(IllegalArgumentException.class)
+				.hasMessage("accessTokenHttpResponseConverter cannot be null");
+	}
+
+	@Test
+	public void setErrorHttpResponseConverterWhenNullThenThrowIllegalArgumentException() {
+		assertThatThrownBy(() -> this.filter.setErrorHttpResponseConverter(null))
+				.isInstanceOf(IllegalArgumentException.class)
+				.hasMessage("errorHttpResponseConverter cannot be null");
+	}
+
+
 	@Test
 	public void setAuthenticationDetailsSourceWhenNullThenThrowIllegalArgumentException() {
 		assertThatThrownBy(() -> this.filter.setAuthenticationDetailsSource(null))
