From f3055f26856005df3a1a669f596072c109d98a62 Mon Sep 17 00:00:00 2001 From: Thiago Hirata Date: Tue, 17 Oct 2017 19:33:46 -0200 Subject: [PATCH] UserNameAttribute for custom OAuth2 provider The UserNameAttribute field for a custom OAuth2 provider was ignored when building the ClientRegistration. Closes gh-10672 --- .../OAuth2ClientPropertiesRegistrationAdapter.java | 2 ++ .../OAuth2ClientPropertiesRegistrationAdapterTests.java | 9 +++++++++ 2 files changed, 11 insertions(+) diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java index 3f041341dd..2c5dccfd2c 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java @@ -37,6 +37,7 @@ import org.springframework.security.oauth2.core.ClientAuthenticationMethod; * {@link ClientRegistration}. * * @author Phillip Webb + * @author Thiago Hirata * @since 2.0.0 */ final class OAuth2ClientPropertiesRegistrationAdapter { @@ -98,6 +99,7 @@ final class OAuth2ClientPropertiesRegistrationAdapter { copyIfNotNull(provider::getTokenUri, builder::tokenUri); copyIfNotNull(provider::getUserInfoUri, builder::userInfoUri); copyIfNotNull(provider::getJwkSetUri, builder::jwkSetUri); + copyIfNotNull(provider::getUserNameAttribute, builder::userNameAttributeName); return builder; } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java index 0b18ddac81..90eefc1266 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java @@ -27,6 +27,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2Clien import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties.Registration; import org.springframework.security.oauth2.client.registration.ClientRegistration; import org.springframework.security.oauth2.client.registration.ClientRegistration.ProviderDetails; +import org.springframework.security.oauth2.core.oidc.IdTokenClaimNames; import static org.assertj.core.api.Assertions.assertThat; @@ -35,6 +36,7 @@ import static org.assertj.core.api.Assertions.assertThat; * * @author Phillip Webb * @author Madhura Bhave + * @author Thiago Hirata */ public class OAuth2ClientPropertiesRegistrationAdapterTests { @@ -48,6 +50,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests { provider.setAuthorizationUri("http://example.com/auth"); provider.setTokenUri("http://example.com/token"); provider.setUserInfoUri("http://example.com/info"); + provider.setUserNameAttribute("sub"); provider.setJwkSetUri("http://example.com/jwk"); Registration registration = new Registration(); registration.setProvider("provider"); @@ -69,6 +72,8 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests { assertThat(adaptedProvider.getTokenUri()).isEqualTo("http://example.com/token"); assertThat(adaptedProvider.getUserInfoEndpoint().getUri()) .isEqualTo("http://example.com/info"); + assertThat(adaptedProvider.getUserInfoEndpoint().getUserNameAttributeName()) + .isEqualTo("sub"); assertThat(adaptedProvider.getJwkSetUri()).isEqualTo("http://example.com/jwk"); assertThat(adapted.getRegistrationId()).isEqualTo("registration"); assertThat(adapted.getClientId()).isEqualTo("clientId"); @@ -101,6 +106,8 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests { .isEqualTo("https://www.googleapis.com/oauth2/v4/token"); assertThat(adaptedProvider.getUserInfoEndpoint().getUri()) .isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo"); + assertThat(adaptedProvider.getUserInfoEndpoint().getUserNameAttributeName()) + .isEqualTo(IdTokenClaimNames.SUB); assertThat(adaptedProvider.getJwkSetUri()) .isEqualTo("https://www.googleapis.com/oauth2/v3/certs"); assertThat(adapted.getRegistrationId()).isEqualTo("registration"); @@ -140,6 +147,8 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests { .isEqualTo("https://www.googleapis.com/oauth2/v4/token"); assertThat(adaptedProvider.getUserInfoEndpoint().getUri()) .isEqualTo("https://www.googleapis.com/oauth2/v3/userinfo"); + assertThat(adaptedProvider.getUserInfoEndpoint().getUserNameAttributeName()) + .isEqualTo(IdTokenClaimNames.SUB); assertThat(adaptedProvider.getJwkSetUri()) .isEqualTo("https://www.googleapis.com/oauth2/v3/certs"); assertThat(adapted.getRegistrationId()).isEqualTo("registration");