Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 13:23:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change default authority for oauth2Login()

Browse Source 
Previously, the default authority was ROLE_USER when using
oauth2Login() for both OAuth2 and OIDC providers.

* Default authority for OAuth2UserAuthority is now OAUTH2_USER
* Default authority for OidcUserAuthority is now OIDC_USER

Documentation has been updated to include this implementation detail.

Closes gh-7856
This commit is contained in:
Steve Riesenberg
2022-09-15 17:16:27 -05:00
parent 7527fd811c
commit 181ee7410b
9 changed files with 33 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurerTests.java
+10 -10
View File
@@ -193,7 +193,7 @@ public class OAuth2LoginConfigurerTests {
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(1);
assertThat(authentication.getAuthorities()).first().isInstanceOf(OAuth2UserAuthority.class)
.hasToString("ROLE_USER");
.hasToString("OAUTH2_USER");
}
@Test
@@ -208,7 +208,7 @@ public class OAuth2LoginConfigurerTests {
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(1);
assertThat(authentication.getAuthorities()).first().isInstanceOf(OAuth2UserAuthority.class)
.hasToString("ROLE_USER");
.hasToString("OAUTH2_USER");
}
// gh-6009
@@ -246,7 +246,7 @@ public class OAuth2LoginConfigurerTests {
Authentication authentication = this.securityContextRepository
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(2);
assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
assertThat(authentication.getAuthorities()).first().hasToString("OAUTH2_USER");
assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");
}
@@ -266,7 +266,7 @@ public class OAuth2LoginConfigurerTests {
Authentication authentication = this.securityContextRepository
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(2);
assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
assertThat(authentication.getAuthorities()).first().hasToString("OAUTH2_USER");
assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");
}
@@ -286,7 +286,7 @@ public class OAuth2LoginConfigurerTests {
Authentication authentication = this.securityContextRepository
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(2);
assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
assertThat(authentication.getAuthorities()).first().hasToString("OAUTH2_USER");
assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OAUTH2_USER");
}
@@ -309,7 +309,7 @@ public class OAuth2LoginConfigurerTests {
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(1);
assertThat(authentication.getAuthorities()).first().isInstanceOf(OAuth2UserAuthority.class)
.hasToString("ROLE_USER");
.hasToString("OAUTH2_USER");
}
// gh-5521
@@ -518,7 +518,7 @@ public class OAuth2LoginConfigurerTests {
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(1);
assertThat(authentication.getAuthorities()).first().isInstanceOf(OidcUserAuthority.class)
.hasToString("ROLE_USER");
.hasToString("OIDC_USER");
}
@Test
@@ -538,7 +538,7 @@ public class OAuth2LoginConfigurerTests {
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(1);
assertThat(authentication.getAuthorities()).first().isInstanceOf(OidcUserAuthority.class)
.hasToString("ROLE_USER");
.hasToString("OIDC_USER");
}
@Test
@@ -557,7 +557,7 @@ public class OAuth2LoginConfigurerTests {
Authentication authentication = this.securityContextRepository
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(2);
assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
assertThat(authentication.getAuthorities()).first().hasToString("OIDC_USER");
assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OIDC_USER");
}
@@ -577,7 +577,7 @@ public class OAuth2LoginConfigurerTests {
Authentication authentication = this.securityContextRepository
.loadContext(new HttpRequestResponseHolder(this.request, this.response)).getAuthentication();
assertThat(authentication.getAuthorities()).hasSize(2);
assertThat(authentication.getAuthorities()).first().hasToString("ROLE_USER");
assertThat(authentication.getAuthorities()).first().hasToString("OIDC_USER");
assertThat(authentication.getAuthorities()).last().hasToString("ROLE_OIDC_USER");
}