Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enable null-safety in spring-security-oauth2-client

Browse Source 
Closes gh-17819
This commit is contained in:
Joe Grandja
2026-03-16 14:32:47 -04:00
parent bb062585a8
commit baad23caab
126 changed files with 1381 additions and 533 deletions
Download Patch File Download Diff File Expand all files Collapse all files
test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java
+6 -4
View File
@@ -35,9 +35,11 @@ import reactor.core.publisher.Mono;
import org.springframework.context.ApplicationContext;
import org.springframework.core.convert.converter.Converter;
import org.springframework.http.client.reactive.ClientHttpConnector;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContext;
@@ -1154,7 +1156,9 @@ public final class SecurityMockServerConfigurers {
OAuth2ClientServerTestUtils.setAuthorizedClientRepository(exchange, authorizedClientRepository);
}
TestOAuth2AuthorizedClientRepository.enable(exchange);
return authorizedClientRepository.saveAuthorizedClient(client, null, exchange)
Authentication anonymousPrincipal = new AnonymousAuthenticationToken("anonymous", "anonymousUser",
AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
return authorizedClientRepository.saveAuthorizedClient(client, anonymousPrincipal, exchange)
.then(chain.filter(exchange));
});
}
@@ -1195,9 +1199,7 @@ public final class SecurityMockServerConfigurers {
@Override
public Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRequest) {
ServerWebExchange exchange = authorizeRequest.getAttribute(ServerWebExchange.class.getName());
if (isEnabled(exchange)) {
Assert.isTrue(this.authorizedClientRepository != null,
"ServerOAuth2AuthorizedClientRepository not set");
if (exchange != null && isEnabled(exchange) && this.authorizedClientRepository != null) {
return this.authorizedClientRepository.loadAuthorizedClient(
authorizeRequest.getClientRegistrationId(), authorizeRequest.getPrincipal(), exchange);
}
test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java
+6 -3
View File
@@ -1634,7 +1634,10 @@ public final class SecurityMockMvcRequestPostProcessors {
OAuth2ClientServletTestUtils.setAuthorizedClientRepository(request, authorizedClientRepository);
}
TestOAuth2AuthorizedClientRepository.enable(request);
authorizedClientRepository.saveAuthorizedClient(client, null, request, new MockHttpServletResponse());
Authentication anonymousPrincipal = new AnonymousAuthenticationToken("anonymous", "anonymousUser",
AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
authorizedClientRepository.saveAuthorizedClient(client, anonymousPrincipal, request,
new MockHttpServletResponse());
return request;
}
@@ -1668,7 +1671,7 @@ public final class SecurityMockMvcRequestPostProcessors {
@Override
public @Nullable OAuth2AuthorizedClient authorize(OAuth2AuthorizeRequest authorizeRequest) {
HttpServletRequest request = authorizeRequest.getAttribute(HttpServletRequest.class.getName());
if (this.authorizedClientRepository != null && isEnabled(request)) {
if (request != null && isEnabled(request) && this.authorizedClientRepository != null) {
return this.authorizedClientRepository.loadAuthorizedClient(
authorizeRequest.getClientRegistrationId(), authorizeRequest.getPrincipal(), request);
}
@@ -1703,7 +1706,7 @@ public final class SecurityMockMvcRequestPostProcessors {
}
@Override
public <T extends OAuth2AuthorizedClient> T loadAuthorizedClient(String clientRegistrationId,
public <T extends OAuth2AuthorizedClient> @Nullable T loadAuthorizedClient(String clientRegistrationId,
Authentication principal, HttpServletRequest request) {
if (isEnabled(request)) {
return (T) request.getAttribute(TOKEN_ATTR_NAME);