15
15
import io .github .patternknife .securityhelper .oauth2 .api .domain .traditionaloauth .bo .BasicTokenResolver ;
16
16
import io .github .patternknife .securityhelper .oauth2 .api .domain .traditionaloauth .dto .SpringSecurityTraditionalOauthDTO ;
17
17
import jakarta .servlet .http .HttpServletRequest ;
18
+ import jakarta .validation .constraints .NotNull ;
18
19
import org .slf4j .Logger ;
19
20
import org .slf4j .LoggerFactory ;
20
21
import org .springframework .security .core .userdetails .UserDetails ;
@@ -46,7 +47,7 @@ public class TraditionalOauthService {
46
47
47
48
private final ConditionalDetailsService conditionalDetailsService ;
48
49
49
- private final CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationCycle ;
50
+ private final CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationSaver ;
50
51
private final DefaultOauth2AuthenticationHashCheckService oauth2AuthenticationHashCheckService ;
51
52
52
53
@@ -55,15 +56,15 @@ public class TraditionalOauthService {
55
56
public TraditionalOauthService (RegisteredClientRepositoryImpl registeredClientRepository ,
56
57
OAuth2AuthorizationServiceImpl authorizationService ,
57
58
ConditionalDetailsService conditionalDetailsService ,
58
- CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationCycle ,
59
+ CommonOAuth2AuthorizationSaver commonOAuth2AuthorizationSaver ,
59
60
DefaultOauth2AuthenticationHashCheckService oauth2AuthenticationHashCheckService ,
60
61
ISecurityUserExceptionMessageService iSecurityUserExceptionMessageService ) {
61
62
62
63
this .registeredClientRepository = registeredClientRepository ;
63
64
this .authorizationService = authorizationService ;
64
65
this .conditionalDetailsService = conditionalDetailsService ;
65
66
66
- this .commonOAuth2AuthorizationCycle = commonOAuth2AuthorizationCycle ;
67
+ this .commonOAuth2AuthorizationSaver = commonOAuth2AuthorizationSaver ;
67
68
this .oauth2AuthenticationHashCheckService = oauth2AuthenticationHashCheckService ;
68
69
69
70
this .iSecurityUserExceptionMessageService = iSecurityUserExceptionMessageService ;
@@ -76,18 +77,19 @@ public SpringSecurityTraditionalOauthDTO.TokenResponse createAccessToken(SpringS
76
77
try {
77
78
BasicTokenResolver .BasicCredentials basicCredentials = BasicTokenResolver .parse (authorizationHeader ).orElseThrow (() -> new KnifeOauth2AuthenticationException (ErrorMessages .builder ().message ("Header parsing error (header : " + authorizationHeader ).userMessage (iSecurityUserExceptionMessageService .getUserMessage (DefaultSecurityUserExceptionMessage .AUTHENTICATION_WRONG_CLIENT_ID_SECRET )).build ()));
78
79
79
- RegisteredClient registeredClient = registeredClientRepository .findByClientId (basicCredentials .getClientId ());
80
+ HttpServletRequest request =
81
+ ((ServletRequestAttributes ) RequestContextHolder .currentRequestAttributes ()).getRequest ();
82
+
83
+ @ NotNull RegisteredClient registeredClient = registeredClientRepository .findByClientId (basicCredentials .getClientId ());
80
84
81
85
oauth2AuthenticationHashCheckService .validateClientCredentials (basicCredentials .getClientSecret (), registeredClient );
82
86
83
- UserDetails userDetails = conditionalDetailsService .loadUserByUsername (accessTokenRequest .getUsername (), basicCredentials .getClientId ());
87
+ @ NotNull UserDetails userDetails = conditionalDetailsService .loadUserByUsername (accessTokenRequest .getUsername (), basicCredentials .getClientId ());
84
88
85
89
oauth2AuthenticationHashCheckService .validateUsernamePassword (accessTokenRequest .getPassword (), userDetails );
86
90
87
- HttpServletRequest request =
88
- ((ServletRequestAttributes ) RequestContextHolder .currentRequestAttributes ()).getRequest ();
89
91
90
- OAuth2Authorization oAuth2Authorization = commonOAuth2AuthorizationCycle .save (userDetails ,
92
+ @ NotNull OAuth2Authorization oAuth2Authorization = commonOAuth2AuthorizationSaver .save (userDetails ,
91
93
new AuthorizationGrantType (accessTokenRequest .getGrant_type ()), basicCredentials .getClientId (), RequestOAuth2Distiller .getTokenUsingSecurityAdditionalParameters (request ), null );
92
94
93
95
Instant now = Instant .now ();
@@ -127,7 +129,7 @@ public SpringSecurityTraditionalOauthDTO.TokenResponse refreshAccessToken(Spring
127
129
Map <String , Object > modifiableAdditionalParameters = new HashMap <>();
128
130
modifiableAdditionalParameters .put ("refresh_token" , refreshTokenRequest .getRefresh_token ());
129
131
130
- oAuth2Authorization = commonOAuth2AuthorizationCycle .save (userDetails ,
132
+ oAuth2Authorization = commonOAuth2AuthorizationSaver .save (userDetails ,
131
133
new AuthorizationGrantType (refreshTokenRequest .getGrant_type ()),
132
134
basicCredentials .getClientId (), oAuth2Authorization .getAttributes (), modifiableAdditionalParameters );
133
135
0 commit comments