|
16 | 16 |
|
17 | 17 | package org.springframework.security.oauth2.client.userinfo; |
18 | 18 |
|
| 19 | +import java.util.Collection; |
19 | 20 | import java.util.LinkedHashSet; |
20 | 21 | import java.util.Map; |
21 | | -import java.util.Set; |
22 | 22 |
|
23 | 23 | import org.springframework.core.ParameterizedTypeReference; |
24 | 24 | import org.springframework.core.convert.converter.Converter; |
@@ -90,35 +90,13 @@ public DefaultOAuth2UserService() { |
90 | 90 | @Override |
91 | 91 | public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException { |
92 | 92 | Assert.notNull(userRequest, "userRequest cannot be null"); |
93 | | - if (!StringUtils |
94 | | - .hasText(userRequest.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri())) { |
95 | | - OAuth2Error oauth2Error = new OAuth2Error(MISSING_USER_INFO_URI_ERROR_CODE, |
96 | | - "Missing required UserInfo Uri in UserInfoEndpoint for Client Registration: " |
97 | | - + userRequest.getClientRegistration().getRegistrationId(), |
98 | | - null); |
99 | | - throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); |
100 | | - } |
101 | | - String userNameAttributeName = userRequest.getClientRegistration() |
102 | | - .getProviderDetails() |
103 | | - .getUserInfoEndpoint() |
104 | | - .getUserNameAttributeName(); |
105 | | - if (!StringUtils.hasText(userNameAttributeName)) { |
106 | | - OAuth2Error oauth2Error = new OAuth2Error(MISSING_USER_NAME_ATTRIBUTE_ERROR_CODE, |
107 | | - "Missing required \"user name\" attribute name in UserInfoEndpoint for Client Registration: " |
108 | | - + userRequest.getClientRegistration().getRegistrationId(), |
109 | | - null); |
110 | | - throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); |
111 | | - } |
| 93 | + String userNameAttributeName = getUserNameAttributeName(userRequest); |
112 | 94 | RequestEntity<?> request = this.requestEntityConverter.convert(userRequest); |
113 | 95 | ResponseEntity<Map<String, Object>> response = getResponse(userRequest, request); |
114 | | - Map<String, Object> userAttributes = this.attributesConverter.convert(userRequest).convert(response.getBody()); |
115 | | - Set<GrantedAuthority> authorities = new LinkedHashSet<>(); |
116 | | - authorities.add(new OAuth2UserAuthority(userAttributes)); |
117 | 96 | OAuth2AccessToken token = userRequest.getAccessToken(); |
118 | | - for (String authority : token.getScopes()) { |
119 | | - authorities.add(new SimpleGrantedAuthority("SCOPE_" + authority)); |
120 | | - } |
121 | | - return new DefaultOAuth2User(authorities, userAttributes, userNameAttributeName); |
| 97 | + Map<String, Object> attributes = this.attributesConverter.convert(userRequest).convert(response.getBody()); |
| 98 | + Collection<GrantedAuthority> authorities = getAuthorities(token, attributes); |
| 99 | + return new DefaultOAuth2User(authorities, attributes, userNameAttributeName); |
122 | 100 | } |
123 | 101 |
|
124 | 102 | /** |
@@ -186,6 +164,38 @@ private ResponseEntity<Map<String, Object>> getResponse(OAuth2UserRequest userRe |
186 | 164 | } |
187 | 165 | } |
188 | 166 |
|
| 167 | + private String getUserNameAttributeName(OAuth2UserRequest userRequest) { |
| 168 | + if (!StringUtils |
| 169 | + .hasText(userRequest.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri())) { |
| 170 | + OAuth2Error oauth2Error = new OAuth2Error(MISSING_USER_INFO_URI_ERROR_CODE, |
| 171 | + "Missing required UserInfo Uri in UserInfoEndpoint for Client Registration: " |
| 172 | + + userRequest.getClientRegistration().getRegistrationId(), |
| 173 | + null); |
| 174 | + throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); |
| 175 | + } |
| 176 | + String userNameAttributeName = userRequest.getClientRegistration() |
| 177 | + .getProviderDetails() |
| 178 | + .getUserInfoEndpoint() |
| 179 | + .getUserNameAttributeName(); |
| 180 | + if (!StringUtils.hasText(userNameAttributeName)) { |
| 181 | + OAuth2Error oauth2Error = new OAuth2Error(MISSING_USER_NAME_ATTRIBUTE_ERROR_CODE, |
| 182 | + "Missing required \"user name\" attribute name in UserInfoEndpoint for Client Registration: " |
| 183 | + + userRequest.getClientRegistration().getRegistrationId(), |
| 184 | + null); |
| 185 | + throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); |
| 186 | + } |
| 187 | + return userNameAttributeName; |
| 188 | + } |
| 189 | + |
| 190 | + private Collection<GrantedAuthority> getAuthorities(OAuth2AccessToken token, Map<String, Object> attributes) { |
| 191 | + Collection<GrantedAuthority> authorities = new LinkedHashSet<>(); |
| 192 | + authorities.add(new OAuth2UserAuthority(attributes)); |
| 193 | + for (String authority : token.getScopes()) { |
| 194 | + authorities.add(new SimpleGrantedAuthority("SCOPE_" + authority)); |
| 195 | + } |
| 196 | + return authorities; |
| 197 | + } |
| 198 | + |
189 | 199 | /** |
190 | 200 | * Sets the {@link Converter} used for converting the {@link OAuth2UserRequest} to a |
191 | 201 | * {@link RequestEntity} representation of the UserInfo Request. |
|
0 commit comments