Revert "Temporarily fix integration tests"

This reverts commit 35f41f87d1. Issue gh-17880
2026-05-22 21:33:16 +00:00 · 2025-10-10 13:31:48 -04:00
parent 864a9b2fb3
commit 586081c125
20 changed files with 38 additions and 95 deletions
@@ -114,7 +114,6 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.AuthenticationConverter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.WebAuthenticationDetails;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;

@@ -364,7 +363,6 @@ public class OAuth2ClientCredentialsGrantTests {
 				Instant.now(), Instant.now().plus(Duration.ofHours(1)));
 		OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = new OAuth2AccessTokenAuthenticationToken(
 				registeredClient, clientPrincipal, accessToken);
-		accessTokenAuthentication.setDetails(new WebAuthenticationDetails("remoteAddress", "sessionId"));
 		given(authenticationProvider.supports(eq(OAuth2ClientCredentialsAuthenticationToken.class))).willReturn(true);
 		given(authenticationProvider.authenticate(any())).willReturn(accessTokenAuthentication);

@@ -624,10 +624,7 @@ public class OAuth2RefreshTokenGrantTests {
 				throwInvalidClient("authentication_method");
 			}

-			PublicClientRefreshTokenAuthenticationToken publicClientRefreshTokenAuthenticationResult = new PublicClientRefreshTokenAuthenticationToken(
-					registeredClient);
-			publicClientRefreshTokenAuthenticationResult.setDetails(publicClientAuthentication.getDetails());
-			return publicClientRefreshTokenAuthenticationResult;
+			return new PublicClientRefreshTokenAuthenticationToken(registeredClient);
 		}

 		@Override
@@ -155,11 +155,8 @@ public final class ClientSecretAuthenticationProvider implements AuthenticationP
 			this.logger.trace("Authenticated client secret");
 		}

-		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
-				registeredClient, clientAuthentication.getClientAuthenticationMethod(),
-				clientAuthentication.getCredentials());
-		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
-		return clientAuthenticationResult;
+		return new OAuth2ClientAuthenticationToken(registeredClient,
+				clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials());
 	}

 	@Override
@@ -138,10 +138,7 @@ public final class JwtClientAssertionAuthenticationProvider implements Authentic
 			this.logger.trace("Authenticated client assertion");
 		}

-		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
-				registeredClient, clientAuthenticationMethod, jwtAssertion);
-		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
-		return clientAuthenticationResult;
+		return new OAuth2ClientAuthenticationToken(registeredClient, clientAuthenticationMethod, jwtAssertion);
 	}

 	@Override
@@ -312,10 +312,8 @@ public final class OAuth2AuthorizationCodeAuthenticationProvider implements Auth
 			this.logger.trace("Authenticated token request");
 		}

-		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
-				registeredClient, clientPrincipal, accessToken, refreshToken, additionalParameters);
-		accessTokenAuthenticationResult.setDetails(authorizationCodeAuthentication.getDetails());
-		return accessTokenAuthenticationResult;
+		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken,
+				additionalParameters);
 	}

 	@Override
@@ -167,13 +167,11 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen
 						authorizationCodeRequestAuthentication, null);
 			}

-			Object authenticationDetails = authorizationCodeRequestAuthentication.getDetails();
 			authorizationCodeRequestAuthentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
 					authorizationCodeRequestAuthentication.getAuthorizationUri(), authorizationRequest.getClientId(),
 					(Authentication) authorizationCodeRequestAuthentication.getPrincipal(),
 					authorizationRequest.getRedirectUri(), authorizationRequest.getState(),
 					authorizationRequest.getScopes(), authorizationRequest.getAdditionalParameters());
-			authorizationCodeRequestAuthentication.setDetails(authenticationDetails);
 		}

 		RegisteredClient registeredClient = this.registeredClientRepository
@@ -285,11 +283,8 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen
 			Set<String> currentAuthorizedScopes = (currentAuthorizationConsent != null)
 					? currentAuthorizationConsent.getScopes() : null;

-			OAuth2AuthorizationConsentAuthenticationToken authorizationConsentAuthentication = new OAuth2AuthorizationConsentAuthenticationToken(
-					authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal, state,
-					currentAuthorizedScopes, null);
-			authorizationConsentAuthentication.setDetails(authorizationCodeRequestAuthentication.getDetails());
-			return authorizationConsentAuthentication;
+			return new OAuth2AuthorizationConsentAuthenticationToken(authorizationRequest.getAuthorizationUri(),
+					registeredClient.getClientId(), principal, state, currentAuthorizedScopes, null);
 		}

 		OAuth2TokenContext tokenContext = createAuthorizationCodeTokenContext(authorizationCodeRequestAuthentication,
@@ -332,11 +327,9 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen
 			this.logger.trace("Authenticated authorization code request");
 		}

-		OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken(
-				authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal,
-				authorizationCode, redirectUri, authorizationRequest.getState(), authorizationRequest.getScopes());
-		authorizationCodeRequestAuthenticationResult.setDetails(authorizationCodeRequestAuthentication.getDetails());
-		return authorizationCodeRequestAuthenticationResult;
+		return new OAuth2AuthorizationCodeRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(),
+				registeredClient.getClientId(), principal, authorizationCode, redirectUri,
+				authorizationRequest.getState(), authorizationRequest.getScopes());
 	}

 	@Override
@@ -488,7 +481,6 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationProvider implemen
 				(Authentication) authorizationCodeRequestAuthentication.getPrincipal(), redirectUri,
 				authorizationCodeRequestAuthentication.getState(), authorizationCodeRequestAuthentication.getScopes(),
 				authorizationCodeRequestAuthentication.getAdditionalParameters());
-		authorizationCodeRequestAuthenticationResult.setDetails(authorizationCodeRequestAuthentication.getDetails());

 		throw new OAuth2AuthorizationCodeRequestAuthenticationException(error,
 				authorizationCodeRequestAuthenticationResult);
@@ -260,11 +260,9 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A
 			this.logger.trace("Authenticated authorization consent request");
 		}

-		OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken(
-				authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal,
-				authorizationCode, redirectUri, authorizationRequest.getState(), authorizedScopes);
-		authorizationCodeRequestAuthenticationResult.setDetails(authorizationConsentAuthentication.getDetails());
-		return authorizationCodeRequestAuthenticationResult;
+		return new OAuth2AuthorizationCodeRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(),
+				registeredClient.getClientId(), principal, authorizationCode, redirectUri,
+				authorizationRequest.getState(), authorizedScopes);
 	}

 	@Override
@@ -364,7 +362,6 @@ public final class OAuth2AuthorizationConsentAuthenticationProvider implements A
 				authorizationConsentAuthentication.getClientId(),
 				(Authentication) authorizationConsentAuthentication.getPrincipal(), redirectUri, state, requestedScopes,
 				null);
-		authorizationCodeRequestAuthenticationResult.setDetails(authorizationConsentAuthentication.getDetails());

 		throw new OAuth2AuthorizationCodeRequestAuthenticationException(error,
 				authorizationCodeRequestAuthenticationResult);
@@ -170,10 +170,7 @@ public final class OAuth2ClientCredentialsAuthenticationProvider implements Auth
 			this.logger.trace("Authenticated token request");
 		}

-		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
-				registeredClient, clientPrincipal, accessToken);
-		accessTokenAuthenticationResult.setDetails(clientCredentialsAuthentication.getDetails());
-		return accessTokenAuthenticationResult;
+		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken);
 	}

 	@Override
@@ -181,11 +181,8 @@ public final class OAuth2DeviceAuthorizationRequestAuthenticationProvider implem
 			this.logger.trace("Authenticated device authorization request");
 		}

-		OAuth2DeviceAuthorizationRequestAuthenticationToken deviceAuthorizationRequestAuthenticationResult = new OAuth2DeviceAuthorizationRequestAuthenticationToken(
-				clientPrincipal, requestedScopes, deviceCode, userCode);
-		deviceAuthorizationRequestAuthenticationResult
-			.setDetails(deviceAuthorizationRequestAuthentication.getDetails());
-		return deviceAuthorizationRequestAuthenticationResult;
+		return new OAuth2DeviceAuthorizationRequestAuthenticationToken(clientPrincipal, requestedScopes, deviceCode,
+				userCode);
 	}

 	@Override
@@ -260,10 +260,7 @@ public final class OAuth2DeviceCodeAuthenticationProvider implements Authenticat
 			this.logger.trace("Authenticated device token request");
 		}

-		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
-				registeredClient, clientPrincipal, accessToken, refreshToken);
-		accessTokenAuthenticationResult.setDetails(deviceCodeAuthentication.getDetails());
-		return accessTokenAuthenticationResult;
+		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken);
 	}

 	@Override
@@ -182,11 +182,9 @@ public final class OAuth2DeviceVerificationAuthenticationProvider implements Aut
 				.getAuthorizationServerSettings();
 			String deviceVerificationUri = authorizationServerSettings.getDeviceVerificationEndpoint();

-			OAuth2DeviceAuthorizationConsentAuthenticationToken deviceAuthorizationConsentAuthenticationResult = new OAuth2DeviceAuthorizationConsentAuthenticationToken(
-					deviceVerificationUri, registeredClient.getClientId(), principal,
-					deviceVerificationAuthentication.getUserCode(), state, requestedScopes, currentAuthorizedScopes);
-			deviceAuthorizationConsentAuthenticationResult.setDetails(deviceVerificationAuthentication.getDetails());
-			return deviceAuthorizationConsentAuthenticationResult;
+			return new OAuth2DeviceAuthorizationConsentAuthenticationToken(deviceVerificationUri,
+					registeredClient.getClientId(), principal, deviceVerificationAuthentication.getUserCode(), state,
+					requestedScopes, currentAuthorizedScopes);
 		}

 		// @formatter:off
@@ -138,14 +138,10 @@ public final class OAuth2PushedAuthorizationRequestAuthenticationProvider implem
 			this.logger.trace("Authenticated pushed authorization request");
 		}

-		OAuth2PushedAuthorizationRequestAuthenticationToken pushedAuthorizationRequestAuthenticationResult = new OAuth2PushedAuthorizationRequestAuthenticationToken(
-				authorizationRequest.getAuthorizationUri(), authorizationRequest.getClientId(), clientPrincipal,
-				pushedAuthorizationRequestUri.getRequestUri(), pushedAuthorizationRequestUri.getExpiresAt(),
-				authorizationRequest.getRedirectUri(), authorizationRequest.getState(),
-				authorizationRequest.getScopes());
-		pushedAuthorizationRequestAuthenticationResult
-			.setDetails(pushedAuthorizationRequestAuthentication.getDetails());
-		return pushedAuthorizationRequestAuthenticationResult;
+		return new OAuth2PushedAuthorizationRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(),
+				authorizationRequest.getClientId(), clientPrincipal, pushedAuthorizationRequestUri.getRequestUri(),
+				pushedAuthorizationRequestUri.getExpiresAt(), authorizationRequest.getRedirectUri(),
+				authorizationRequest.getState(), authorizationRequest.getScopes());
 	}

 	@Override
@@ -283,10 +283,8 @@ public final class OAuth2RefreshTokenAuthenticationProvider implements Authentic
 			this.logger.trace("Authenticated token request");
 		}

-		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
-				registeredClient, clientPrincipal, accessToken, currentRefreshToken, additionalParameters);
-		accessTokenAuthenticationResult.setDetails(refreshTokenAuthentication.getDetails());
-		return accessTokenAuthenticationResult;
+		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken,
+				currentRefreshToken, additionalParameters);
 	}

 	@Override
@@ -268,10 +268,8 @@ public final class OAuth2TokenExchangeAuthenticationProvider implements Authenti
 			this.logger.trace("Authenticated token request");
 		}

-		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
-				registeredClient, clientPrincipal, accessToken, null, additionalParameters);
-		accessTokenAuthenticationResult.setDetails(tokenExchangeAuthentication.getDetails());
-		return accessTokenAuthenticationResult;
+		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, null,
+				additionalParameters);
 	}

 	private static boolean isValidTokenType(String tokenType, OAuth2Authorization.Token<OAuth2Token> token) {
@@ -118,10 +118,8 @@ public final class OAuth2TokenIntrospectionAuthenticationProvider implements Aut
 			this.logger.trace("Authenticated token introspection request");
 		}

-		OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthenticationResult = new OAuth2TokenIntrospectionAuthenticationToken(
-				authorizedToken.getToken().getTokenValue(), clientPrincipal, tokenClaims);
-		tokenIntrospectionAuthenticationResult.setDetails(tokenIntrospectionAuthentication.getDetails());
-		return tokenIntrospectionAuthenticationResult;
+		return new OAuth2TokenIntrospectionAuthenticationToken(authorizedToken.getToken().getTokenValue(),
+				clientPrincipal, tokenClaims);
 	}

 	@Override
@@ -89,10 +89,7 @@ public final class OAuth2TokenRevocationAuthenticationProvider implements Authen
 			this.logger.trace("Authenticated token revocation request");
 		}

-		OAuth2TokenRevocationAuthenticationToken tokenRevocationAuthenticationResult = new OAuth2TokenRevocationAuthenticationToken(
-				token.getToken(), clientPrincipal);
-		tokenRevocationAuthenticationResult.setDetails(tokenRevocationAuthentication.getDetails());
-		return tokenRevocationAuthenticationResult;
+		return new OAuth2TokenRevocationAuthenticationToken(token.getToken(), clientPrincipal);
 	}

 	@Override
@@ -103,10 +103,8 @@ public final class PublicClientAuthenticationProvider implements AuthenticationP
 			this.logger.trace("Authenticated public client");
 		}

-		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
-				registeredClient, clientAuthentication.getClientAuthenticationMethod(), null);
-		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
-		return clientAuthenticationResult;
+		return new OAuth2ClientAuthenticationToken(registeredClient,
+				clientAuthentication.getClientAuthenticationMethod(), null);
 	}

 	@Override
@@ -125,11 +125,8 @@ public final class X509ClientCertificateAuthenticationProvider implements Authen
 			this.logger.trace("Authenticated client X509Certificate");
 		}

-		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
-				registeredClient, clientAuthentication.getClientAuthenticationMethod(),
-				clientAuthentication.getCredentials());
-		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
-		return clientAuthenticationResult;
+		return new OAuth2ClientAuthenticationToken(registeredClient,
+				clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials());
 	}

 	@Override
@@ -169,10 +169,8 @@ public final class OidcClientConfigurationAuthenticationProvider implements Auth
 			this.logger.trace("Authenticated client configuration request");
 		}

-		OidcClientRegistrationAuthenticationToken clientRegistrationAuthenticationResult = new OidcClientRegistrationAuthenticationToken(
+		return new OidcClientRegistrationAuthenticationToken(
 				(Authentication) clientRegistrationAuthentication.getPrincipal(), clientRegistration);
-		clientRegistrationAuthenticationResult.setDetails(clientRegistrationAuthentication.getDetails());
-		return clientRegistrationAuthenticationResult;
 	}

 	@SuppressWarnings("unchecked")
@@ -279,10 +279,8 @@ public final class OidcClientRegistrationAuthenticationProvider implements Authe
 			this.logger.trace("Authenticated client registration request");
 		}

-		OidcClientRegistrationAuthenticationToken clientRegistrationAuthenticationResult = new OidcClientRegistrationAuthenticationToken(
+		return new OidcClientRegistrationAuthenticationToken(
 				(Authentication) clientRegistrationAuthentication.getPrincipal(), clientRegistration);
-		clientRegistrationAuthenticationResult.setDetails(clientRegistrationAuthentication.getDetails());
-		return clientRegistrationAuthenticationResult;
 	}

 	private OAuth2Authorization registerAccessToken(RegisteredClient registeredClient) {