UserInfoTokenServices should not throw UserRedirectRequiredException

It can just catch all exceptions from the remote /user endpoint
because in a resource server it needs to throw `InvalidTokenException`
and in an SSO setting it will never be called.

Fixes gh-3205
pull/3211/head
Dave Syer 10 years ago
parent 34e4163ebc
commit 462c5f29b1

@ -16,6 +16,7 @@
package org.springframework.boot.autoconfigure.security.oauth2.resource; package org.springframework.boot.autoconfigure.security.oauth2.resource;
import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -109,6 +110,7 @@ public class UserInfoTokenServices implements ResourceServerTokenServices {
@SuppressWarnings({ "unchecked" }) @SuppressWarnings({ "unchecked" })
private Map<String, Object> getMap(String path, String accessToken) { private Map<String, Object> getMap(String path, String accessToken) {
this.logger.info("Getting user info from: " + path); this.logger.info("Getting user info from: " + path);
try {
OAuth2RestOperations restTemplate = this.restTemplate; OAuth2RestOperations restTemplate = this.restTemplate;
if (restTemplate == null) { if (restTemplate == null) {
BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails(); BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails();
@ -120,5 +122,11 @@ public class UserInfoTokenServices implements ResourceServerTokenServices {
restTemplate.getOAuth2ClientContext().setAccessToken(token); restTemplate.getOAuth2ClientContext().setAccessToken(token);
return restTemplate.getForEntity(path, Map.class).getBody(); return restTemplate.getForEntity(path, Map.class).getBody();
} }
catch (Exception e) {
this.logger.info("Could not fetch user details: " + e.getClass() + ", "
+ e.getMessage());
return Collections.<String, Object> singletonMap("error",
"Could not fetch user details");
}
}
} }

@ -15,17 +15,22 @@
*/ */
package org.springframework.boot.autoconfigure.security.oauth2.resource; package org.springframework.boot.autoconfigure.security.oauth2.resource;
import java.util.Collections;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.Map; import java.util.Map;
import org.junit.Before; import org.junit.Before;
import org.junit.Rule;
import org.junit.Test; import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.client.OAuth2ClientContext; import org.springframework.security.oauth2.client.OAuth2ClientContext;
import org.springframework.security.oauth2.client.OAuth2RestOperations; import org.springframework.security.oauth2.client.OAuth2RestOperations;
import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails; import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertEquals;
import static org.mockito.BDDMockito.given; import static org.mockito.BDDMockito.given;
@ -39,6 +44,9 @@ import static org.mockito.Mockito.mock;
*/ */
public class UserInfoTokenServicesTests { public class UserInfoTokenServicesTests {
@Rule
public ExpectedException expected = ExpectedException.none();
private UserInfoTokenServices services = new UserInfoTokenServices( private UserInfoTokenServices services = new UserInfoTokenServices(
"http://example.com", "foo"); "http://example.com", "foo");
@ -67,6 +75,17 @@ public class UserInfoTokenServicesTests {
assertEquals("unknown", this.services.loadAuthentication("FOO").getName()); assertEquals("unknown", this.services.loadAuthentication("FOO").getName());
} }
@SuppressWarnings("unchecked")
@Test
public void badToken() {
this.services.setRestTemplate(this.template);
given(this.template.getForEntity(any(String.class), any(Class.class))).willThrow(
new UserRedirectRequiredException("foo:bar", Collections
.<String, String> emptyMap()));
this.expected.expect(InvalidTokenException.class);
assertEquals("unknown", this.services.loadAuthentication("FOO").getName());
}
@Test @Test
public void userId() { public void userId() {
this.map.put("userid", "spencer"); this.map.put("userid", "spencer");

Loading…
Cancel
Save