Align Assertions in Builder with Deprecated Constructor
The deprecated (introspectionUri, clientId, clientSecret) constructors that the builders replaced explicitly asserted non-null clientId and clientSecret. Bring the builder's build() in line with that contract by asserting at the API boundary rather than relying on downstream classes to enforce it. Closes gh-19201 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
This commit is contained in:
Josh Cummings
+2
@@ -361,6 +361,8 @@ public class SpringOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
|
|||||||
* @since 6.5
|
* @since 6.5
|
||||||
*/
|
*/
|
||||||
public SpringOpaqueTokenIntrospector build() {
|
public SpringOpaqueTokenIntrospector build() {
|
||||||
|
Assert.notNull(this.clientId, "clientId cannot be null");
|
||||||
|
Assert.notNull(this.clientSecret, "clientSecret cannot be null");
|
||||||
RestTemplate restTemplate = new RestTemplate();
|
RestTemplate restTemplate = new RestTemplate();
|
||||||
restTemplate.getInterceptors().add(new BasicAuthenticationInterceptor(this.clientId, this.clientSecret));
|
restTemplate.getInterceptors().add(new BasicAuthenticationInterceptor(this.clientId, this.clientSecret));
|
||||||
return new SpringOpaqueTokenIntrospector(this.introspectionUri, restTemplate);
|
return new SpringOpaqueTokenIntrospector(this.introspectionUri, restTemplate);
|
||||||
|
|||||||
+2
@@ -314,6 +314,8 @@ public class SpringReactiveOpaqueTokenIntrospector implements ReactiveOpaqueToke
|
|||||||
* @since 6.5
|
* @since 6.5
|
||||||
*/
|
*/
|
||||||
public SpringReactiveOpaqueTokenIntrospector build() {
|
public SpringReactiveOpaqueTokenIntrospector build() {
|
||||||
|
Assert.notNull(this.clientId, "clientId cannot be null");
|
||||||
|
Assert.notNull(this.clientSecret, "clientSecret cannot be null");
|
||||||
WebClient webClient = WebClient.builder()
|
WebClient webClient = WebClient.builder()
|
||||||
.defaultHeaders((h) -> h.setBasicAuth(this.clientId, this.clientSecret))
|
.defaultHeaders((h) -> h.setBasicAuth(this.clientId, this.clientSecret))
|
||||||
.build();
|
.build();
|
||||||
|
|||||||
+7
@@ -383,6 +383,13 @@ public class SpringOpaqueTokenIntrospectorTests {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// gh-19201
|
||||||
|
@Test
|
||||||
|
public void builderWhenMissingClientCredentialsThenThrowsException() {
|
||||||
|
assertThatExceptionOfType(IllegalArgumentException.class)
|
||||||
|
.isThrownBy(() -> SpringOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL).build());
|
||||||
|
}
|
||||||
|
|
||||||
private static ResponseEntity<Map<String, Object>> response(String content) {
|
private static ResponseEntity<Map<String, Object>> response(String content) {
|
||||||
HttpHeaders headers = new HttpHeaders();
|
HttpHeaders headers = new HttpHeaders();
|
||||||
headers.setContentType(MediaType.APPLICATION_JSON);
|
headers.setContentType(MediaType.APPLICATION_JSON);
|
||||||
|
|||||||
+7
@@ -308,6 +308,13 @@ public class SpringReactiveOpaqueTokenIntrospectorTests {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// gh-19201
|
||||||
|
@Test
|
||||||
|
public void builderWhenMissingClientCredentialsThenThrowsException() {
|
||||||
|
assertThatExceptionOfType(IllegalArgumentException.class)
|
||||||
|
.isThrownBy(() -> SpringReactiveOpaqueTokenIntrospector.withIntrospectionUri(INTROSPECTION_URL).build());
|
||||||
|
}
|
||||||
|
|
||||||
private WebClient mockResponse(String response) {
|
private WebClient mockResponse(String response) {
|
||||||
return mockResponse(toMap(response));
|
return mockResponse(toMap(response));
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user