Skip to content

Commit

Permalink
Remove the openid scope matcher in OAuth2AuthorizationCodeRequestAuth…
Browse files Browse the repository at this point in the history 
…enticationConverter

Closes spring-projectsgh-1811

Signed-off-by: sylvain-costanzo <[email protected]>
  • Loading branch information
@sylvain-costanzo
sylvain-costanzo committed Jan 22, 2025
1 parent 1df3e76 commit 40c8b22
Showing 1 changed file with 4 additions and 8 deletions.
12 changes: 4 additions & 8 deletions ...thorization/web/authentication/OAuth2AuthorizationCodeRequestAuthenticationConverter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,11 +64,11 @@ public final class OAuth2AuthorizationCodeRequestAuthenticationConverter impleme
private static final Authentication ANONYMOUS_AUTHENTICATION = new AnonymousAuthenticationToken("anonymous",
"anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));

private static final RequestMatcher OIDC_REQUEST_MATCHER = createOidcRequestMatcher();
private static final RequestMatcher POST_WITH_RESPONSE_TYPE_REQUEST_MATCHER = createPostWithResponseTypeRequestMatcher();

@Override
public Authentication convert(HttpServletRequest request) {
if (!"GET".equals(request.getMethod()) && !OIDC_REQUEST_MATCHER.matches(request)) {
if (!"GET".equals(request.getMethod()) && !POST_WITH_RESPONSE_TYPE_REQUEST_MATCHER.matches(request)) {
return null;
}

Expand Down Expand Up @@ -153,15 +153,11 @@ else if (!responseType.equals(OAuth2AuthorizationResponseType.CODE.getValue()))
state, scopes, additionalParameters);
}

private static RequestMatcher createOidcRequestMatcher() {
private static RequestMatcher createPostWithResponseTypeRequestMatcher() {
RequestMatcher postMethodMatcher = (request) -> "POST".equals(request.getMethod());
RequestMatcher responseTypeParameterMatcher = (
request) -> request.getParameter(OAuth2ParameterNames.RESPONSE_TYPE) != null;
RequestMatcher openidScopeMatcher = (request) -> {
String scope = request.getParameter(OAuth2ParameterNames.SCOPE);
return StringUtils.hasText(scope) && scope.contains(OidcScopes.OPENID);
};
return new AndRequestMatcher(postMethodMatcher, responseTypeParameterMatcher, openidScopeMatcher);
return new AndRequestMatcher(postMethodMatcher, responseTypeParameterMatcher);
}

private static void throwError(String errorCode, String parameterName) {
Expand Down

0 comments on commit 40c8b22

Please sign in to comment.