Skip to content

Commit fe4b5ad

Browse files
jgrandjajgrandja
committed
Polish gh-1997 
1 parent ce528ee commit fe4b5ad

File tree

2 files changed

+15
-7
lines changed

2 files changed

+15
-7
lines changed

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@
2222
import org.apache.commons.logging.Log;
2323
import org.apache.commons.logging.LogFactory;
2424

25+
import org.springframework.core.log.LogMessage;
2526
import org.springframework.security.authentication.AnonymousAuthenticationToken;
2627
import org.springframework.security.authentication.AuthenticationProvider;
2728
import org.springframework.security.core.Authentication;
@@ -114,6 +115,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
114115
if (!userCode.isInvalidated()) {
115116
authorization = OAuth2AuthenticationProviderUtils.invalidate(authorization, userCode.getToken());
116117
this.authorizationService.save(authorization);
118+
if (this.logger.isWarnEnabled()) {
119+
this.logger.warn(LogMessage.format("Invalidated user code used by registered client '%s'",
120+
authorization.getRegisteredClientId()));
121+
}
117122
}
118123
throw new OAuth2AuthenticationException(OAuth2ErrorCodes.INVALID_GRANT);
119124
}

oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProviderTests.java

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,7 @@
5656
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
5757
import static org.mockito.ArgumentMatchers.any;
5858
import static org.mockito.ArgumentMatchers.anyString;
59+
import static org.mockito.ArgumentMatchers.eq;
5960
import static org.mockito.BDDMockito.given;
6061
import static org.mockito.Mockito.mock;
6162
import static org.mockito.Mockito.verify;
@@ -147,7 +148,7 @@ public void authenticateWhenAuthorizationNotFoundThenThrowOAuth2AuthenticationEx
147148
}
148149

149150
@Test
150-
public void authenticateWhenUserCodeIsInvalidedThenThrowOAuth2AuthenticationException() {
151+
public void authenticateWhenUserCodeIsInvalidatedThenThrowOAuth2AuthenticationException() {
151152
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
152153
// @formatter:off
153154
OAuth2Authorization authorization = TestOAuth2Authorizations
@@ -157,7 +158,9 @@ public void authenticateWhenUserCodeIsInvalidedThenThrowOAuth2AuthenticationExce
157158
.attribute(OAuth2ParameterNames.SCOPE, registeredClient.getScopes())
158159
.build();
159160
// @formatter:on
160-
given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
161+
given(this.authorizationService.findByToken(eq(USER_CODE),
162+
eq(OAuth2DeviceVerificationAuthenticationProvider.USER_CODE_TOKEN_TYPE)))
163+
.willReturn(authorization);
161164
Authentication authentication = createAuthentication();
162165
// @formatter:off
163166
assertThatExceptionOfType(OAuth2AuthenticationException.class)
@@ -174,7 +177,7 @@ public void authenticateWhenUserCodeIsInvalidedThenThrowOAuth2AuthenticationExce
174177
}
175178

176179
@Test
177-
public void authenticateWhenUserCodeIsExpiredButNotInvalidatedThenInvalidateUserCodeAndThrowOAuth2AuthenticationException() {
180+
public void authenticateWhenUserCodeIsExpiredAndNotInvalidatedThenThrowOAuth2AuthenticationException() {
178181
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
179182
// @formatter:off
180183
OAuth2Authorization authorization = TestOAuth2Authorizations
@@ -185,7 +188,9 @@ public void authenticateWhenUserCodeIsExpiredButNotInvalidatedThenInvalidateUser
185188
.attribute(OAuth2ParameterNames.SCOPE, registeredClient.getScopes())
186189
.build();
187190
// @formatter:on
188-
given(this.authorizationService.findByToken(anyString(), any(OAuth2TokenType.class))).willReturn(authorization);
191+
given(this.authorizationService.findByToken(eq(USER_CODE),
192+
eq(OAuth2DeviceVerificationAuthenticationProvider.USER_CODE_TOKEN_TYPE)))
193+
.willReturn(authorization);
189194
Authentication authentication = createAuthentication();
190195
// @formatter:off
191196
assertThatExceptionOfType(OAuth2AuthenticationException.class)
@@ -203,9 +208,7 @@ public void authenticateWhenUserCodeIsExpiredButNotInvalidatedThenInvalidateUser
203208
verifyNoInteractions(this.registeredClientRepository, this.authorizationConsentService);
204209

205210
OAuth2Authorization updatedAuthorization = authorizationCaptor.getValue();
206-
assertThat(updatedAuthorization.getToken(OAuth2UserCode.class))
207-
.extracting(isInvalidated())
208-
.isEqualTo(true);
211+
assertThat(updatedAuthorization.getToken(OAuth2UserCode.class)).extracting(isInvalidated()).isEqualTo(true);
209212
}
210213

211214
@Test

0 commit comments

Comments
 (0)