Add builder to OAuth2Authorization

Fixes spring-projectsgh-43

Author: krisztian-toth

core/src/main/java/org/springframework/security/oauth2/server/authorization/OAuth2Authorization.java

@@ -15,9 +15,9 @@
  */
 package org.springframework.security.oauth2.server.authorization;
 
-import org.springframework.lang.Nullable;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
 import org.springframework.util.Assert;
+import org.springframework.util.CollectionUtils;
 
 import java.util.Collections;
 import java.util.Map;
@@ -30,48 +30,12 @@
  * @author Krisztian Toth
  */
 public class OAuth2Authorization {
-	private final String registeredClientId;
-	private final String principalName;
-	private final OAuth2AccessToken accessToken;
-	private final Map<String, Object> attributes;
+	private String registeredClientId;
+	private String principalName;
+	private OAuth2AccessToken accessToken;
+	private Map<String, Object> attributes;
 
-	/**
-	 * Creates a {@link OAuth2Authorization} object with the provided params and an empty, unmodifiable
-	 * {@code attributes} map.
-	 *
-	 * @see #OAuth2Authorization(String, String, OAuth2AccessToken, Map)
-	 */
-	public OAuth2Authorization(String registeredClientId, String principalName, OAuth2AccessToken accessToken) {
-		this(registeredClientId, principalName, accessToken, Collections.emptyMap());
-	}
-
-	/**
-	 * Creates a {@link OAuth2Authorization} object without an {@link OAuth2AccessToken}.
-	 *
-	 * @see #OAuth2Authorization(String, String, OAuth2AccessToken, Map)
-	 */
-	public OAuth2Authorization(String registeredClientId, String principalName, Map<String, Object> attributes) {
-		this(registeredClientId, principalName, null, attributes);
-	}
-
-	/**
-	 * Creates an {@link OAuth2Authorization} object with the provided params.
-	 *
-	 * @param registeredClientId the client's identifier which issued the authorization
-	 * @param principalName      the name of the principal the client wants to authorize
-	 * @param accessToken		 the access token of the authorization
-	 * @param attributes         additional attributes associated with the authorization
-	 */
-	public OAuth2Authorization(String registeredClientId, String principalName,
-			@Nullable OAuth2AccessToken accessToken, @Nullable Map<String, Object> attributes) {
-		Assert.hasText(registeredClientId, "registeredClientId cannot be empty");
-		Assert.hasText(principalName, "principalName cannot be empty");
-		this.registeredClientId = registeredClientId;
-		this.principalName = principalName;
-		this.accessToken = accessToken;
-		this.attributes = attributes == null ?
-				Collections.emptyMap() :
-				Collections.unmodifiableMap(attributes);
+	private OAuth2Authorization() {
 	}
 
 	public String getRegisteredClientId() {
@@ -119,4 +83,115 @@ public String toString() {
 				", attributes=" + attributes +
 				'}';
 	}
+
+	/**
+	 * Returns an empty {@link Builder}.
+	 *
+	 * @return the {@link Builder}
+	 */
+	public static Builder builder() {
+		return new Builder();
+	}
+
+	/**
+	 * Returns a new {@link Builder}, initialized with the provided {@link OAuth2Authorization}.
+	 *
+	 * @param authorization the {@link OAuth2Authorization} to copy from
+	 * @return the {@link Builder}
+	 */
+	public static Builder withOAuth2Authorization(OAuth2Authorization authorization) {
+		Assert.notNull(authorization, "authorization cannot be null");
+		return new Builder(authorization);
+	}
+
+	/**
+	 * Builder class for {@link OAuth2Authorization}.
+	 */
+	public static final class Builder {
+		private String registeredClientId;
+		private String principalName;
+		private OAuth2AccessToken accessToken;
+		private Map<String, Object> attributes;
+
+		protected Builder() {
+		}
+
+		protected Builder(OAuth2Authorization authorization) {
+			this.registeredClientId = authorization.registeredClientId;
+			this.principalName = authorization.principalName;
+			this.accessToken = authorization.accessToken;
+			this.attributes = authorization.attributes;
+		}
+
+		/**
+		 * Sets the registered client identifier.
+		 *
+		 * @param registeredClientId the client id
+		 * @return the {@link Builder}
+		 */
+		public Builder registeredClientId(String registeredClientId) {
+			this.registeredClientId = registeredClientId;
+			return this;
+		}
+
+		/**
+		 * Sets the principal name.
+		 *
+		 * @param principalName the principal name
+		 * @return the {@link Builder}
+		 */
+		public Builder principalName(String principalName) {
+			this.principalName = principalName;
+			return this;
+		}
+
+		/**
+		 * Sets the {@link OAuth2AccessToken}.
+		 *
+		 * @param accessToken the {@link OAuth2AccessToken}
+		 * @return the {@link Builder}
+		 */
+		public Builder accessToken(OAuth2AccessToken accessToken) {
+			this.accessToken = accessToken;
+			return this;
+		}
+
+		/**
+		 * Sets the attributes map.
+		 *
+		 * @param attributes the attributes map
+		 * @return the {@link Builder}
+		 */
+		public Builder attributes(Map<String, Object> attributes) {
+			this.attributes = attributes;
+			return this;
+		}
+
+		/**
+		 * Builds a new {@link OAuth2Authorization}.
+		 *
+		 * @return the {@link OAuth2Authorization}
+		 */
+		public OAuth2Authorization build() {
+			Assert.hasText(this.registeredClientId, "registeredClientId cannot be empty");
+			Assert.hasText(this.principalName, "principalName cannot be empty");
+			if (CollectionUtils.isEmpty(this.attributes)) {
+				this.attributes = Collections.emptyMap();
+			}
+			if (this.accessToken == null && this.attributes.get(TokenType.AUTHORIZATION_CODE.getValue()) == null) {
+				throw new IllegalArgumentException("either accessToken has to be set or the authorization code with key '"
+						+ TokenType.AUTHORIZATION_CODE.getValue() + "' must be provided in the attributes map");
+			}
+			return create();
+		}
+
+		private OAuth2Authorization create() {
+			OAuth2Authorization oAuth2Authorization = new OAuth2Authorization();
+			oAuth2Authorization.registeredClientId = this.registeredClientId;
+			oAuth2Authorization.principalName = this.principalName;
+			oAuth2Authorization.accessToken = this.accessToken;
+			oAuth2Authorization.attributes = this.attributes;
+			return oAuth2Authorization;
+		}
+	}
 }

core/src/test/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationServiceTest.java

@@ -36,8 +36,8 @@ public class InMemoryOAuth2AuthorizationServiceTest {
 	private static final String TOKEN = "token";
 	private static final TokenType AUTHORIZATION_CODE = TokenType.AUTHORIZATION_CODE;
 	private static final TokenType ACCESS_TOKEN = TokenType.ACCESS_TOKEN;
-	public static final Instant ISSUED_AT = Instant.now().minusSeconds(60);
-	public static final Instant EXPIRES_AT = Instant.now();
+	private static final Instant ISSUED_AT = Instant.now().minusSeconds(60);
+	private static final Instant EXPIRES_AT = Instant.now();
 
 	private List<OAuth2Authorization> store;
 	private InMemoryOAuth2AuthorizationService authorizationService;
@@ -50,8 +50,11 @@ public void setUp() throws Exception {
 
 	@Test
 	public void testSave() {
-		OAuth2Authorization authorization = new OAuth2Authorization("clientId", "principalName",
-				Collections.singletonMap(AUTHORIZATION_CODE.getValue(), TOKEN));
+		OAuth2Authorization authorization = OAuth2Authorization.builder()
+				.registeredClientId("clientId")
+				.principalName("principalName")
+				.attributes(Collections.singletonMap(AUTHORIZATION_CODE.getValue(), TOKEN))
+				.build();
 		authorizationService.save(authorization);
 
 		assertEquals(1, store.size());
@@ -65,9 +68,11 @@ public void testSaveWithNullParam() {
 
 	@Test
 	public void testFindByTokenAndTokenTypeWhenTokenTypeIsAuthorizationCode() {
-		OAuth2Authorization authorization = new OAuth2Authorization("clientId", "principalName",
-				Collections.singletonMap(AUTHORIZATION_CODE.getValue(), TOKEN));
-
+		OAuth2Authorization authorization = OAuth2Authorization.builder()
+				.registeredClientId("clientId")
+				.principalName("principalName")
+				.attributes(Collections.singletonMap(AUTHORIZATION_CODE.getValue(), TOKEN))
+				.build();
 		store.add(authorization);
 
 		OAuth2Authorization result = authorizationService.findByTokenAndTokenType(TOKEN, TokenType.AUTHORIZATION_CODE);
@@ -78,8 +83,11 @@ public void testFindByTokenAndTokenTypeWhenTokenTypeIsAuthorizationCode() {
 	public void testFindByTokenAndTokenTypeWhenTokenTypeIsAccessToken() {
 		OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, TOKEN, ISSUED_AT,
 				EXPIRES_AT);
-		OAuth2Authorization authorization = new OAuth2Authorization("clientId", "principalName", accessToken);
-
+		OAuth2Authorization authorization = OAuth2Authorization.builder()
+				.registeredClientId("clientId")
+				.principalName("principalName")
+				.accessToken(accessToken)
+				.build();
 		store.add(authorization);
 
 		OAuth2Authorization result = authorizationService.findByTokenAndTokenType(TOKEN, ACCESS_TOKEN);
@@ -88,9 +96,11 @@ public void testFindByTokenAndTokenTypeWhenTokenTypeIsAccessToken() {
 
 	@Test
 	public void testFindByTokenAndTokenTypeWhenTokenNotFound() {
-		OAuth2Authorization authorization = new OAuth2Authorization("clientId", "principalName",
-				Collections.singletonMap(AUTHORIZATION_CODE.getValue(), TOKEN));
-
+		OAuth2Authorization authorization = OAuth2Authorization.builder()
+				.registeredClientId("clientId")
+				.principalName("principalName")
+				.attributes(Collections.singletonMap(AUTHORIZATION_CODE.getValue(), TOKEN))
+				.build();
 		store.add(authorization);
 
 		OAuth2Authorization result = authorizationService.findByTokenAndTokenType(TOKEN, ACCESS_TOKEN);

core/src/test/java/org/springframework/security/oauth2/server/authorization/OAuth2AuthorizationTest.java

@@ -0,0 +1,119 @@
+/*
+ * Copyright 2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.oauth2.server.authorization;
+
+import org.junit.Test;
+import org.springframework.security.oauth2.core.OAuth2AccessToken;
+
+import java.time.Instant;
+import java.util.Collections;
+import java.util.Map;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+/**
+ * Unit tests For {@link OAuth2Authorization}.
+ *
+ * @author Krisztian Toth
+ */
+public class OAuth2AuthorizationTest {
+
+	public static final String REGISTERED_CLIENT_ID = "clientId";
+	public static final String PRINCIPAL_NAME = "principal";
+	public static final OAuth2AccessToken ACCESS_TOKEN = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER,
+			"token", Instant.now().minusSeconds(60), Instant.now());
+	public static final Map<String, Object> ATTRIBUTES = Collections.singletonMap(
+			TokenType.AUTHORIZATION_CODE.getValue(), "code");
+
+	@Test
+	public void buildWhenAllAttributesAreProvidedThenAllAttributesAreSet() {
+		OAuth2Authorization authorization = OAuth2Authorization.builder()
+				.registeredClientId(REGISTERED_CLIENT_ID)
+				.principalName(PRINCIPAL_NAME)
+				.accessToken(ACCESS_TOKEN)
+				.attributes(ATTRIBUTES)
+				.build();
+
+		assertThat(authorization.getRegisteredClientId()).isEqualTo(REGISTERED_CLIENT_ID);
+		assertThat(authorization.getPrincipalName()).isEqualTo(PRINCIPAL_NAME);
+		assertThat(authorization.getAccessToken()).isEqualTo(ACCESS_TOKEN);
+		assertThat(authorization.getAttributes()).isEqualTo(ATTRIBUTES);
+	}
+
+	@Test
+	public void buildWhenAttributesNotProvidedThenEmptyImmutableMapCreated() {
+		OAuth2Authorization authorization = OAuth2Authorization.builder()
+				.registeredClientId(REGISTERED_CLIENT_ID)
+				.principalName(PRINCIPAL_NAME)
+				.accessToken(ACCESS_TOKEN)
+				.build();
+
+		assertThat(authorization.getAttributes()).isEqualTo(Collections.emptyMap());
+		assertThatThrownBy(() -> authorization.getAttributes().put("any", "value"))
+				.isInstanceOf(UnsupportedOperationException.class);
+	}
+
+	@Test
+	public void buildWhenAccessTokenAndAuthorizationCodeNotProvidedThenThrowIllegalArgumentException() {
+		assertThatThrownBy(() ->
+				OAuth2Authorization.builder()
+						.registeredClientId(REGISTERED_CLIENT_ID)
+						.principalName(PRINCIPAL_NAME)
+						.build()
+		).isInstanceOf(IllegalArgumentException.class);
+	}
+
+	@Test
+	public void buildWhenRegisteredClientIdNotProvidedThenThrowIllegalArgumentException() {
+		assertThatThrownBy(() ->
+				OAuth2Authorization.builder()
+						.principalName(PRINCIPAL_NAME)
+						.accessToken(ACCESS_TOKEN)
+						.attributes(ATTRIBUTES)
+						.build()
+		).isInstanceOf(IllegalArgumentException.class);
+	}
+
+	@Test
+	public void buildWhenPrincipalNameNotProvidedThenThrowIllegalArgumentException() {
+		assertThatThrownBy(() ->
+				OAuth2Authorization.builder()
+						.registeredClientId(REGISTERED_CLIENT_ID)
+						.accessToken(ACCESS_TOKEN)
+						.attributes(ATTRIBUTES)
+						.build()
+		).isInstanceOf(IllegalArgumentException.class);
+	}
+
+	@Test
+	public void withOAuth2AuthorizationWhenAuthorizationProvidedThenAllAttributesAreCopied() {
+		OAuth2Authorization authorizationToCopy = OAuth2Authorization.builder()
+				.registeredClientId(REGISTERED_CLIENT_ID)
+				.principalName(PRINCIPAL_NAME)
+				.attributes(ATTRIBUTES)
+				.build();
+
+		OAuth2Authorization authorization = OAuth2Authorization.withOAuth2Authorization(authorizationToCopy)
+				.accessToken(ACCESS_TOKEN)
+				.build();
+
+		assertThat(authorization.getRegisteredClientId()).isEqualTo(REGISTERED_CLIENT_ID);
+		assertThat(authorization.getPrincipalName()).isEqualTo(PRINCIPAL_NAME);
+		assertThat(authorization.getAccessToken()).isEqualTo(ACCESS_TOKEN);
+		assertThat(authorization.getAttributes()).isEqualTo(ATTRIBUTES);
+	}
+}