Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 13:23:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '7.0.x'

Browse Source
This commit is contained in:
Josh Cummings
2026-05-21 10:46:45 -06:00
parent aaaa9b98ec 944149ba71
commit 7c11ada795
4 changed files with 24 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/SpringOpaqueTokenIntrospector.java
+3 -4
View File
@@ -380,11 +380,10 @@ public class SpringOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
* @since 6.5
*/
public SpringOpaqueTokenIntrospector build() {
Assert.notNull(this.clientId, "clientId cannot be null");
Assert.notNull(this.clientSecret, "clientSecret cannot be null");
RestTemplate restTemplate = new RestTemplate();
if (this.clientId != null && this.clientSecret != null) {
restTemplate.getInterceptors()
.add(new BasicAuthenticationInterceptor(this.clientId, this.clientSecret));
}
restTemplate.getInterceptors().add(new BasicAuthenticationInterceptor(this.clientId, this.clientSecret));
SpringOpaqueTokenIntrospector introspector = new SpringOpaqueTokenIntrospector(this.introspectionUri,
restTemplate);
this.postProcessors.forEach((postProcessor) -> postProcessor.accept(introspector));
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/SpringReactiveOpaqueTokenIntrospector.java
+5 -5
View File
@@ -334,13 +334,13 @@ public class SpringReactiveOpaqueTokenIntrospector implements ReactiveOpaqueToke
* @since 6.5
*/
public SpringReactiveOpaqueTokenIntrospector build() {
WebClient.Builder builder = WebClient.builder();
if (this.clientId != null && this.clientSecret != null) {
Assert.notNull(this.clientId, "clientId cannot be null");
Assert.notNull(this.clientSecret, "clientSecret cannot be null");
String clientId = this.clientId;
String clientSecret = this.clientSecret;
builder.defaultHeaders((h) -> h.setBasicAuth(clientId, clientSecret));
}
WebClient webClient = builder.build();
WebClient webClient = WebClient.builder()
.defaultHeaders((h) -> h.setBasicAuth(clientId, clientSecret))
.build();
SpringReactiveOpaqueTokenIntrospector introspector = new SpringReactiveOpaqueTokenIntrospector(
this.introspectionUri, webClient);
this.postProcessors.forEach((postProcessor) -> postProcessor.accept(introspector));
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/SpringOpaqueTokenIntrospectorTests.java
+7
View File
@@ -402,6 +402,13 @@ public class SpringOpaqueTokenIntrospectorTests {
}
}
// gh-19201
@Test
public void builderWhenMissingClientCredentialsThenThrowsException() {
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> SpringOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL).build());
}
private static ResponseEntity<Map<String, Object>> response(String content) {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/SpringReactiveOpaqueTokenIntrospectorTests.java
+7
View File
@@ -328,6 +328,13 @@ public class SpringReactiveOpaqueTokenIntrospectorTests {
}
}
// gh-19201
@Test
public void builderWhenMissingClientCredentialsThenThrowsException() {
assertThatExceptionOfType(IllegalArgumentException.class)
.isThrownBy(() -> SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL).build());
}
private WebClient mockResponse(String response) {
return mockResponse(toMap(response));
}