Skip to content

Commit 18f48e4

Browse files
jgrandjajgrandja
committed
DefaultReactiveOAuth2AuthorizedClientManager requires non-null serverWebExchange
Issue gh-7544
1 parent 42ab673 commit 18f48e4

File tree

2 files changed

+21
-31
lines changed

2 files changed

+21
-31
lines changed

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManager.java

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -99,15 +99,16 @@ public Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRe
9999
private Mono<OAuth2AuthorizedClient> loadAuthorizedClient(String clientRegistrationId, Authentication principal, ServerWebExchange serverWebExchange) {
100100
return Mono.justOrEmpty(serverWebExchange)
101101
.switchIfEmpty(Mono.defer(() -> currentServerWebExchange()))
102+
.switchIfEmpty(Mono.error(() -> new IllegalArgumentException("serverWebExchange cannot be null")))
102103
.flatMap(exchange -> this.authorizedClientRepository.loadAuthorizedClient(clientRegistrationId, principal, exchange));
103104
}
104105

105106
private Mono<OAuth2AuthorizedClient> saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal, ServerWebExchange serverWebExchange) {
106107
return Mono.justOrEmpty(serverWebExchange)
107108
.switchIfEmpty(Mono.defer(() -> currentServerWebExchange()))
109+
.switchIfEmpty(Mono.error(() -> new IllegalArgumentException("serverWebExchange cannot be null")))
108110
.flatMap(exchange -> this.authorizedClientRepository.saveAuthorizedClient(authorizedClient, principal, exchange)
109-
.thenReturn(authorizedClient))
110-
.defaultIfEmpty(authorizedClient);
111+
.thenReturn(authorizedClient));
111112
}
112113

113114
private static Mono<ServerWebExchange> currentServerWebExchange() {

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManagerTests.java

Lines changed: 18 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@ public class DefaultReactiveOAuth2AuthorizedClientManagerTests {
6565
private MockServerWebExchange serverWebExchange;
6666
private Context context;
6767
private ArgumentCaptor<OAuth2AuthorizationContext> authorizationContextCaptor;
68+
private PublisherProbe<OAuth2AuthorizedClient> loadAuthorizedClientProbe;
6869
private PublisherProbe<Void> saveAuthorizedClientProbe;
6970

7071
@SuppressWarnings("unchecked")
@@ -74,8 +75,9 @@ public void setup() {
7475
when(this.clientRegistrationRepository.findByRegistrationId(
7576
anyString())).thenReturn(Mono.empty());
7677
this.authorizedClientRepository = mock(ServerOAuth2AuthorizedClientRepository.class);
78+
this.loadAuthorizedClientProbe = PublisherProbe.empty();
7779
when(this.authorizedClientRepository.loadAuthorizedClient(
78-
anyString(), any(Authentication.class), any(ServerWebExchange.class))).thenReturn(Mono.empty());
80+
anyString(), any(Authentication.class), any(ServerWebExchange.class))).thenReturn(this.loadAuthorizedClientProbe.mono());
7981
this.saveAuthorizedClientProbe = PublisherProbe.empty();
8082
when(this.authorizedClientRepository.saveAuthorizedClient(
8183
any(OAuth2AuthorizedClient.class), any(Authentication.class), any(ServerWebExchange.class))).thenReturn(this.saveAuthorizedClientProbe.mono());
@@ -131,6 +133,16 @@ public void authorizeWhenRequestIsNullThenThrowIllegalArgumentException() {
131133
.hasMessage("authorizeRequest cannot be null");
132134
}
133135

136+
@Test
137+
public void authorizeWhenExchangeIsNullThenThrowIllegalArgumentException() {
138+
OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(this.clientRegistration.getRegistrationId())
139+
.principal(this.principal)
140+
.build();
141+
assertThatThrownBy(() -> this.authorizedClientManager.authorize(authorizeRequest).block())
142+
.isInstanceOf(IllegalArgumentException.class)
143+
.hasMessage("serverWebExchange cannot be null");
144+
}
145+
134146
@Test
135147
public void authorizeWhenClientRegistrationNotFoundThenThrowIllegalArgumentException() {
136148
OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId("invalid-registration-id")
@@ -162,7 +174,8 @@ public void authorizeWhenNotAuthorizedAndUnsupportedProviderThenNotAuthorized()
162174
assertThat(authorizationContext.getPrincipal()).isEqualTo(this.principal);
163175

164176
assertThat(authorizedClient).isNull();
165-
verify(this.authorizedClientRepository, never()).saveAuthorizedClient(any(), any(), any());
177+
this.loadAuthorizedClientProbe.assertWasSubscribed();
178+
this.saveAuthorizedClientProbe.assertWasNotSubscribed();
166179
}
167180

168181
@SuppressWarnings("unchecked")
@@ -193,38 +206,14 @@ public void authorizeWhenNotAuthorizedAndSupportedProviderThenAuthorized() {
193206
this.saveAuthorizedClientProbe.assertWasSubscribed();
194207
}
195208

196-
@Test
197-
public void authorizeWhenNotAuthorizedAndSupportedProviderAndExchangeUnavailableThenAuthorizedButNotSaved() {
198-
when(this.clientRegistrationRepository.findByRegistrationId(
199-
eq(this.clientRegistration.getRegistrationId()))).thenReturn(Mono.just(this.clientRegistration));
200-
201-
when(this.authorizedClientProvider.authorize(
202-
any(OAuth2AuthorizationContext.class))).thenReturn(Mono.just(this.authorizedClient));
203-
204-
OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId(this.clientRegistration.getRegistrationId())
205-
.principal(this.principal)
206-
.build();
207-
OAuth2AuthorizedClient authorizedClient = this.authorizedClientManager.authorize(authorizeRequest).block();
208-
209-
verify(this.authorizedClientProvider).authorize(this.authorizationContextCaptor.capture());
210-
verify(this.contextAttributesMapper).apply(eq(authorizeRequest));
211-
212-
OAuth2AuthorizationContext authorizationContext = this.authorizationContextCaptor.getValue();
213-
assertThat(authorizationContext.getClientRegistration()).isEqualTo(this.clientRegistration);
214-
assertThat(authorizationContext.getAuthorizedClient()).isNull();
215-
assertThat(authorizationContext.getPrincipal()).isEqualTo(this.principal);
216-
217-
assertThat(authorizedClient).isSameAs(this.authorizedClient);
218-
verify(this.authorizedClientRepository, never()).saveAuthorizedClient(any(), any(), any());
219-
}
220-
221209
@SuppressWarnings("unchecked")
222210
@Test
223211
public void authorizeWhenAuthorizedAndSupportedProviderThenReauthorized() {
224212
when(this.clientRegistrationRepository.findByRegistrationId(
225213
eq(this.clientRegistration.getRegistrationId()))).thenReturn(Mono.just(this.clientRegistration));
214+
this.loadAuthorizedClientProbe = PublisherProbe.of(Mono.just(this.authorizedClient));
226215
when(this.authorizedClientRepository.loadAuthorizedClient(
227-
eq(this.clientRegistration.getRegistrationId()), eq(this.principal), eq(this.serverWebExchange))).thenReturn(Mono.just(this.authorizedClient));
216+
eq(this.clientRegistration.getRegistrationId()), eq(this.principal), eq(this.serverWebExchange))).thenReturn(this.loadAuthorizedClientProbe.mono());
228217

229218
OAuth2AuthorizedClient reauthorizedClient = new OAuth2AuthorizedClient(
230219
this.clientRegistration, this.principal.getName(),
@@ -313,7 +302,7 @@ public void reauthorizeWhenUnsupportedProviderThenNotReauthorized() {
313302
assertThat(authorizationContext.getPrincipal()).isEqualTo(this.principal);
314303

315304
assertThat(authorizedClient).isSameAs(this.authorizedClient);
316-
verify(this.authorizedClientRepository, never()).saveAuthorizedClient(any(), any(), any());
305+
this.saveAuthorizedClientProbe.assertWasNotSubscribed();
317306
}
318307

319308
@SuppressWarnings("unchecked")

0 commit comments

Comments
 (0)