Rename ClientSettings.requireUserConsent() to requireAuthorizationConsent()

Closes spring-projectsgh-363

Author: jgrandja

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java

@@ -341,7 +341,7 @@ private static OAuth2Authorization.Builder authorizationBuilder(RegisteredClient
 	private static boolean requireAuthorizationConsent(RegisteredClient registeredClient,
 			OAuth2AuthorizationRequest authorizationRequest, OAuth2AuthorizationConsent authorizationConsent) {
 
-		if (!registeredClient.getClientSettings().requireUserConsent()) {
+		if (!registeredClient.getClientSettings().requireAuthorizationConsent()) {
 			return false;
 		}
 		// 'openid' scope does not require consent

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/ClientSettings.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 the original author or authors.
+ * Copyright 2020-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -28,7 +28,7 @@
 public class ClientSettings extends Settings {
 	private static final String CLIENT_SETTING_BASE = "setting.client.";
 	public static final String REQUIRE_PROOF_KEY = CLIENT_SETTING_BASE.concat("require-proof-key");
-	public static final String REQUIRE_USER_CONSENT = CLIENT_SETTING_BASE.concat("require-user-consent");
+	public static final String REQUIRE_AUTHORIZATION_CONSENT = CLIENT_SETTING_BASE.concat("require-authorization-consent");
 
 	/**
 	 * Constructs a {@code ClientSettings}.
@@ -69,31 +69,31 @@ public ClientSettings requireProofKey(boolean requireProofKey) {
 	}
 
 	/**
-	 * Returns {@code true} if the user's consent is required when the client requests access.
+	 * Returns {@code true} if authorization consent is required when the client requests access.
 	 * The default is {@code false}.
 	 *
-	 * @return {@code true} if the user's consent is required when the client requests access, {@code false} otherwise
+	 * @return {@code true} if authorization consent is required when the client requests access, {@code false} otherwise
 	 */
-	public boolean requireUserConsent() {
-		return setting(REQUIRE_USER_CONSENT);
+	public boolean requireAuthorizationConsent() {
+		return setting(REQUIRE_AUTHORIZATION_CONSENT);
 	}
 
 	/**
-	 * Set to {@code true} if the user's consent is required when the client requests access.
+	 * Set to {@code true} if authorization consent is required when the client requests access.
 	 * This applies to all interactive flows (e.g. {@code authorization_code} and {@code device_code}).
 	 *
-	 * @param requireUserConsent {@code true} if the user's consent is required when the client requests access, {@code false} otherwise
+	 * @param requireAuthorizationConsent {@code true} if authorization consent is required when the client requests access, {@code false} otherwise
 	 * @return the {@link ClientSettings}
 	 */
-	public ClientSettings requireUserConsent(boolean requireUserConsent) {
-		setting(REQUIRE_USER_CONSENT, requireUserConsent);
+	public ClientSettings requireAuthorizationConsent(boolean requireAuthorizationConsent) {
+		setting(REQUIRE_AUTHORIZATION_CONSENT, requireAuthorizationConsent);
 		return this;
 	}
 
 	protected static Map<String, Object> defaultSettings() {
 		Map<String, Object> settings = new HashMap<>();
 		settings.put(REQUIRE_PROOF_KEY, false);
-		settings.put(REQUIRE_USER_CONSENT, false);
+		settings.put(REQUIRE_AUTHORIZATION_CONSENT, false);
 		return settings;
 	}
 }

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java

@@ -172,7 +172,7 @@ private static RegisteredClient create(OidcClientRegistration clientRegistration
 				.clientSettings(clientSettings ->
 						clientSettings
 								.requireProofKey(true)
-								.requireUserConsent(true))
+								.requireAuthorizationConsent(true))
 				.tokenSettings(tokenSettings ->
 						tokenSettings
 								.idTokenSignatureAlgorithm(SignatureAlgorithm.RS256));

oauth2-authorization-server/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2AuthorizationCodeGrantTests.java

@@ -389,7 +389,7 @@ public void requestWhenRequiresConsentThenDisplaysConsentPage() throws Exception
 					scopes.add("message.read");
 					scopes.add("message.write");
 				})
-				.clientSettings(settings -> settings.requireUserConsent(true))
+				.clientSettings(settings -> settings.requireAuthorizationConsent(true))
 				.build();
 		this.registeredClientRepository.save(registeredClient);
 
@@ -416,7 +416,7 @@ public void requestWhenConsentRequestThenReturnAccessTokenResponse() throws Exce
 					scopes.add("message.read");
 					scopes.add("message.write");
 				})
-				.clientSettings(settings -> settings.requireUserConsent(true))
+				.clientSettings(settings -> settings.requireAuthorizationConsent(true))
 				.build();
 		this.registeredClientRepository.save(registeredClient);
 
@@ -464,7 +464,7 @@ public void requestWhenCustomConsentPageConfiguredThenRedirect() throws Exceptio
 					scopes.add("message.read");
 					scopes.add("message.write");
 				})
-				.clientSettings(settings -> settings.requireUserConsent(true))
+				.clientSettings(settings -> settings.requireAuthorizationConsent(true))
 				.build();
 		this.registeredClientRepository.save(registeredClient);
 

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProviderTests.java

@@ -365,7 +365,7 @@ public void authenticateWhenPrincipalNotAuthenticatedThenReturnAuthorizationCode
 	@Test
 	public void authenticateWhenRequireAuthorizationConsentThenReturnAuthorizationConsent() {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireAuthorizationConsent(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 				.thenReturn(registeredClient);
@@ -412,7 +412,7 @@ public void authenticateWhenRequireAuthorizationConsentThenReturnAuthorizationCo
 	@Test
 	public void authenticateWhenRequireAuthorizationConsentAndOnlyOpenidScopeRequestedThenAuthorizationConsentNotRequired() {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireAuthorizationConsent(true))
 				.scopes(scopes -> {
 					scopes.clear();
 					scopes.add(OidcScopes.OPENID);
@@ -434,7 +434,7 @@ public void authenticateWhenRequireAuthorizationConsentAndOnlyOpenidScopeRequest
 	@Test
 	public void authenticateWhenRequireAuthorizationConsentAndAllPreviouslyApprovedThenAuthorizationConsentNotRequired() {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient()
-				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireAuthorizationConsent(true))
 				.build();
 		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 				.thenReturn(registeredClient);

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/ClientSettingsTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020 the original author or authors.
+ * Copyright 2020-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -32,7 +32,7 @@ public void constructorWhenDefaultThenDefaultsAreSet() {
 		ClientSettings clientSettings = new ClientSettings();
 		assertThat(clientSettings.settings()).hasSize(2);
 		assertThat(clientSettings.requireProofKey()).isFalse();
-		assertThat(clientSettings.requireUserConsent()).isFalse();
+		assertThat(clientSettings.requireAuthorizationConsent()).isFalse();
 	}
 
 	@Test
@@ -49,9 +49,9 @@ public void requireProofKeyWhenTrueThenSet() {
 	}
 
 	@Test
-	public void requireUserConsentWhenTrueThenSet() {
-		ClientSettings clientSettings = new ClientSettings().requireUserConsent(true);
-		assertThat(clientSettings.requireUserConsent()).isTrue();
+	public void requireAuthorizationConsentWhenTrueThenSet() {
+		ClientSettings clientSettings = new ClientSettings().requireAuthorizationConsent(true);
+		assertThat(clientSettings.requireAuthorizationConsent()).isTrue();
 	}
 
 	@Test
@@ -60,10 +60,10 @@ public void settingWhenCalledThenReturnClientSettings() {
 				.<ClientSettings>setting("name1", "value1")
 				.requireProofKey(true)
 				.<ClientSettings>settings(settings -> settings.put("name2", "value2"))
-				.requireUserConsent(true);
+				.requireAuthorizationConsent(true);
 		assertThat(clientSettings.settings()).hasSize(4);
 		assertThat(clientSettings.requireProofKey()).isTrue();
-		assertThat(clientSettings.requireUserConsent()).isTrue();
+		assertThat(clientSettings.requireAuthorizationConsent()).isTrue();
 		assertThat(clientSettings.<String>setting("name1")).isEqualTo("value1");
 		assertThat(clientSettings.<String>setting("name2")).isEqualTo("value2");
 	}

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProviderTests.java

@@ -265,7 +265,7 @@ public void authenticateWhenValidAccessTokenThenReturnClientRegistration() {
 				.containsExactlyInAnyOrder(AuthorizationGrantType.AUTHORIZATION_CODE, AuthorizationGrantType.CLIENT_CREDENTIALS);
 		assertThat(registeredClientResult.getScopes()).containsExactlyInAnyOrder("scope1", "scope2");
 		assertThat(registeredClientResult.getClientSettings().requireProofKey()).isTrue();
-		assertThat(registeredClientResult.getClientSettings().requireUserConsent()).isTrue();
+		assertThat(registeredClientResult.getClientSettings().requireAuthorizationConsent()).isTrue();
 		assertThat(registeredClientResult.getTokenSettings().idTokenSignatureAlgorithm()).isEqualTo(SignatureAlgorithm.RS256);
 
 		OidcClientRegistration clientRegistrationResult = authenticationResult.getClientRegistration();

samples/boot/oauth2-integration/authorizationserver-custom-consent-page/src/main/java/sample/config/AuthorizationServerConfig.java

@@ -86,7 +86,7 @@ public RegisteredClientRepository registeredClientRepository() {
 				.scope(OidcScopes.OPENID)
 				.scope("message.read")
 				.scope("message.write")
-				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireAuthorizationConsent(true))
 				.build();
 		return new InMemoryRegisteredClientRepository(registeredClient);
 	}

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java

@@ -77,7 +77,7 @@ public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTe
 				.scope(OidcScopes.OPENID)
 				.scope("message.read")
 				.scope("message.write")
-				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
+				.clientSettings(clientSettings -> clientSettings.requireAuthorizationConsent(true))
 				.build();
 
 		// Save registered client in db as if in-memory