evolink
diff --git a/‎samples/oauth2/sparklr/src/main/java/org/springframework/security/oauth/examples/sparklr/mvc/AccessConfirmationController.java
Lines changed: 2 additions & 2 deletions b/‎samples/oauth2/sparklr/src/main/java/org/springframework/security/oauth/examples/sparklr/mvc/AccessConfirmationController.java
Lines changed: 2 additions & 2 deletions
diff --git a/‎samples/oauth2/sparklr/src/main/java/org/springframework/security/oauth/examples/sparklr/oauth/SparklrUserApprovalHandler.java
Lines changed: 4 additions & 3 deletions b/‎samples/oauth2/sparklr/src/main/java/org/springframework/security/oauth/examples/sparklr/oauth/SparklrUserApprovalHandler.java
Lines changed: 4 additions & 3 deletions
diff --git a/‎samples/oauth2/sparklr/src/main/webapp/WEB-INF/spring-servlet.xml
Lines changed: 5 additions & 0 deletions b/‎samples/oauth2/sparklr/src/main/webapp/WEB-INF/spring-servlet.xml
Lines changed: 5 additions & 0 deletions
diff --git a/‎samples/oauth2/sparklr/src/test/java/org/springframework/security/oauth2/provider/TestAuthorizationCodeProvider.java
Lines changed: 3 additions & 2 deletions b/‎samples/oauth2/sparklr/src/test/java/org/springframework/security/oauth2/provider/TestAuthorizationCodeProvider.java
Lines changed: 3 additions & 2 deletions
diff --git a/‎samples/oauth2/sparklr/src/test/java/org/springframework/security/oauth2/provider/TestImplicitProvider.java
Lines changed: 2 additions & 1 deletion b/‎samples/oauth2/sparklr/src/test/java/org/springframework/security/oauth2/provider/TestImplicitProvider.java
Lines changed: 2 additions & 1 deletion
diff --git a/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/client/token/grant/code/AuthorizationCodeAccessTokenProvider.java
Lines changed: 4 additions & 5 deletions b/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/client/token/grant/code/AuthorizationCodeAccessTokenProvider.java
Lines changed: 4 additions & 5 deletions
diff --git a/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/common/util/OAuth2Utils.java
Lines changed: 17 additions & 0 deletions b/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/common/util/OAuth2Utils.java
Lines changed: 17 additions & 0 deletions
diff --git a/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/config/AuthorizationServerBeanDefinitionParser.java
Lines changed: 17 additions & 10 deletions b/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/config/AuthorizationServerBeanDefinitionParser.java
Lines changed: 17 additions & 10 deletions
diff --git a/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/OAuth2Request.java renamed to ‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/AuthorizationRequest.java
Lines changed: 8 additions & 21 deletions b/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/OAuth2Request.java renamed to ‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/AuthorizationRequest.java
Lines changed: 8 additions & 21 deletions
diff --git a/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/CompositeTokenGranter.java
Lines changed: 1 addition & 1 deletion b/‎spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/CompositeTokenGranter.java
Lines changed: 1 addition & 1 deletion
@@ -5,7 +5,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.oauth2.provider.ClientDetails;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
-import org.springframework.security.oauth2.provider.OAuth2Request;
+import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.SessionAttributes;
@@ -24,7 +24,7 @@ public class AccessConfirmationController {
 
 	@RequestMapping("/oauth/confirm_access")
 	public ModelAndView getAccessConfirmation(Map<String, Object> model) throws Exception {
-		OAuth2Request clientAuth = (OAuth2Request) model.remove("authorizationRequest");
+		AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
 		ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
 		model.put("auth_request", clientAuth);
 		model.put("client", client);
 
@@ -20,7 +20,8 @@
 import java.util.HashSet;
 
 import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.provider.OAuth2Request;
+import org.springframework.security.oauth2.common.util.OAuth2Utils;
+import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler;
 
 /**
@@ -56,7 +57,7 @@ public void setAutoApproveClients(Collection<String> autoApproveClients) {
 	 * @return Whether the specified request has been approved by the current user.
 	 */
 	@Override
-	public boolean isApproved(OAuth2Request authorizationRequest, Authentication userAuthentication) {
+	public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
 
 		// If we are allowed to check existing approvals this will short circuit the decision
 		if (useTokenServices && super.isApproved(authorizationRequest, userAuthentication)) {
@@ -67,7 +68,7 @@ public boolean isApproved(OAuth2Request authorizationRequest, Authentication use
 			return false;
 		}
 
-		String flag = authorizationRequest.getApprovalParameters().get(OAuth2Request.USER_OAUTH_APPROVAL);
+		String flag = authorizationRequest.getApprovalParameters().get(OAuth2Utils.USER_OAUTH_APPROVAL);
 		boolean approved = flag != null && flag.toLowerCase().equals("true");
 
 		return approved
 
@@ -124,13 +124,18 @@
 		<property name="clientDetailsService" ref="clientDetails" />
 	</bean>
 
+	<bean id="requestFactory" class="org.springframework.security.oauth2.provider.DefaultOAuth2RequestFactory">
+		<constructor-arg name="clientDetailsService" ref="clientDetails" />
+	</bean>
+
 	<bean id="userApprovalHandler" class="org.springframework.security.oauth.examples.sparklr.oauth.SparklrUserApprovalHandler">
 		<property name="autoApproveClients">
 			<set>
 				<value>my-less-trusted-autoapprove-client</value>
 			</set>
 		</property>
 		<property name="tokenServices" ref="tokenServices" />
+		<property name="requestFactory" ref="requestFactory" />
 	</bean>
 
 	<oauth:authorization-server client-details-service-ref="clientDetails" token-services-ref="tokenServices"
 
@@ -39,6 +39,7 @@
 import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException;
+import org.springframework.security.oauth2.common.util.OAuth2Utils;
 import org.springframework.security.oauth2.provider.ServerRunning.UriBuilder;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
@@ -146,7 +147,7 @@ public void testUnauthenticatedAuthorizationRequestRedirectsToLogin() throws Exc
 
 		AccessTokenRequest request = context.getAccessTokenRequest();
 		request.setCurrentUri("http://anywhere");
-		request.add(OAuth2Request.USER_OAUTH_APPROVAL, "true");
+		request.add(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
 
 		String location = null;
 
@@ -446,7 +447,7 @@ private void approveAccessTokenGrant(String currentUri, boolean approved) {
 		assertNull(request.getAuthorizationCode());
 
 		// The approval (will be processed on the next attempt to obtain an access token)...
-		request.set(OAuth2Request.USER_OAUTH_APPROVAL, "" + approved);
+		request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
 
 	}
 
 
@@ -23,6 +23,7 @@
 import org.springframework.security.oauth2.client.test.OAuth2ContextSetup;
 import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitAccessTokenProvider;
 import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitResourceDetails;
+import org.springframework.security.oauth2.common.util.OAuth2Utils;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 
@@ -98,7 +99,7 @@ public void testPostForNonAutomaticApprovalToken() throws Exception {
 			// ignore
 		}
 		// add user approval parameter for the second request
-		context.getAccessTokenRequest().add(OAuth2Request.USER_OAUTH_APPROVAL, "true");
+		context.getAccessTokenRequest().add(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
 		assertNotNull(context.getAccessToken());
 	}
 
 
@@ -57,7 +57,6 @@
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.common.exceptions.InvalidRequestException;
 import org.springframework.security.oauth2.common.util.OAuth2Utils;
-import org.springframework.security.oauth2.provider.OAuth2Request;
 import org.springframework.util.LinkedMultiValueMap;
 import org.springframework.util.MultiValueMap;
 import org.springframework.web.client.ResponseExtractor;
@@ -96,9 +95,9 @@ public String obtainAuthorizationCode(OAuth2ProtectedResourceDetails details, Ac
 
 		HttpHeaders headers = getHeadersForTokenRequest(request);
 		MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
-		if (request.containsKey(OAuth2Request.USER_OAUTH_APPROVAL)) {
-			form.set(OAuth2Request.USER_OAUTH_APPROVAL,
-					request.getFirst(OAuth2Request.USER_OAUTH_APPROVAL));
+		if (request.containsKey(OAuth2Utils.USER_OAUTH_APPROVAL)) {
+			form.set(OAuth2Utils.USER_OAUTH_APPROVAL,
+					request.getFirst(OAuth2Utils.USER_OAUTH_APPROVAL));
 		}
 		else {
 			form.putAll(getParametersForAuthorizeRequest(resource, request));
@@ -320,7 +319,7 @@ protected UserApprovalRequiredException getUserApprovalSignal(AuthorizationCodeR
 		String message = String.format("Do you approve the client '%s' to access your resources with scope=%s",
 				resource.getClientId(), resource.getScope());
 		return new UserApprovalRequiredException(resource.getUserAuthorizationUri(), Collections.singletonMap(
-				OAuth2Request.USER_OAUTH_APPROVAL, message), resource.getClientId(), resource.getScope());
+				OAuth2Utils.USER_OAUTH_APPROVAL, message), resource.getClientId(), resource.getScope());
 	}
 
 }
@@ -31,6 +31,23 @@
  */
 public abstract class OAuth2Utils {
 
+	/**
+	 * Constants to use while parsing parameter maps for OAuth2 requests
+	 */
+	public static final String CLIENT_ID = "client_id";
+
+	public static final String STATE = "state";
+
+	public static final String SCOPE = "scope";
+
+	public static final String REDIRECT_URI = "redirect_uri";
+
+	public static final String RESPONSE_TYPE = "response_type";
+
+	public static final String USER_OAUTH_APPROVAL = "user_oauth_approval";
+	
+	public static final String GRANT_TYPE = "grant_type";
+	
 	/**
 	 * Parses a string parameter value into a set of strings.
 	 * 
 
@@ -16,13 +16,13 @@
 import java.util.List;
 
 import org.springframework.beans.BeanMetadataElement;
+import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.beans.factory.config.TypedStringValue;
 import org.springframework.beans.factory.support.AbstractBeanDefinition;
 import org.springframework.beans.factory.support.BeanDefinitionBuilder;
 import org.springframework.beans.factory.support.ManagedList;
 import org.springframework.beans.factory.support.ManagedMap;
 import org.springframework.beans.factory.xml.ParserContext;
-import org.springframework.beans.factory.config.RuntimeBeanReference;
 import org.springframework.security.config.BeanIds;
 import org.springframework.security.oauth2.provider.CompositeTokenGranter;
 import org.springframework.security.oauth2.provider.DefaultOAuth2RequestFactory;
@@ -70,6 +70,15 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 		BeanDefinitionBuilder authorizationEndpointBean = BeanDefinitionBuilder
 				.rootBeanDefinition(AuthorizationEndpoint.class);
 
+		if (!StringUtils.hasText(oAuth2RequestFactoryRef)) {
+			oAuth2RequestFactoryRef = "oAuth2AuthorizationRequestManager";
+			BeanDefinitionBuilder oAuth2RequestManager = BeanDefinitionBuilder
+					.rootBeanDefinition(DefaultOAuth2RequestFactory.class);
+			oAuth2RequestManager.addConstructorArgReference(clientDetailsRef);
+			parserContext.getRegistry().registerBeanDefinition(oAuth2RequestFactoryRef,
+					oAuth2RequestManager.getBeanDefinition());
+		}
+		
 		ManagedList<BeanMetadataElement> tokenGranters = null;
 		if (!StringUtils.hasText(tokenGranterRef)) {
 			tokenGranterRef = "oauth2TokenGranter";
@@ -84,6 +93,7 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 		boolean registerAuthorizationEndpoint = false;
 
 		Element authorizationCodeElement = DomUtils.getChildElementByTagName(element, "authorization-code");
+		
 		if (authorizationCodeElement != null
 				&& !"true".equalsIgnoreCase(authorizationCodeElement.getAttribute("disabled"))) {
 			// authorization code grant configuration.
@@ -108,6 +118,7 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 			authorizationEndpointBean.addPropertyReference("authorizationCodeServices", authorizationCodeServices);
 			authorizationCodeTokenGranterBean.addConstructorArgReference(authorizationCodeServices);
 			authorizationCodeTokenGranterBean.addConstructorArgReference(clientDetailsRef);
+			authorizationCodeTokenGranterBean.addConstructorArgReference(oAuth2RequestFactoryRef);
 
 			if (StringUtils.hasText(clientTokenCacheRef)) {
 				authorizationEndpointBean.addPropertyReference("clientTokenCache", clientTokenCacheRef);
@@ -124,22 +135,15 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 			registerAuthorizationEndpoint = true;
 		}
 
-		if (!StringUtils.hasText(oAuth2RequestFactoryRef)) {
-			oAuth2RequestFactoryRef = "oAuth2AuthorizationRequestManager";
-			BeanDefinitionBuilder oAuth2RequestManager = BeanDefinitionBuilder
-					.rootBeanDefinition(DefaultOAuth2RequestFactory.class);
-			oAuth2RequestManager.addConstructorArgReference(clientDetailsRef);
-			parserContext.getRegistry().registerBeanDefinition(oAuth2RequestFactoryRef,
-					oAuth2RequestManager.getBeanDefinition());
-		}
-
 		if (tokenGranters != null) {
 			Element refreshTokenElement = DomUtils.getChildElementByTagName(element, "refresh-token");
+			
 			if (refreshTokenElement != null && !"true".equalsIgnoreCase(refreshTokenElement.getAttribute("disabled"))) {
 				BeanDefinitionBuilder refreshTokenGranterBean = BeanDefinitionBuilder
 						.rootBeanDefinition(RefreshTokenGranter.class);
 				refreshTokenGranterBean.addConstructorArgReference(tokenServicesRef);
 				refreshTokenGranterBean.addConstructorArgReference(clientDetailsRef);
+				refreshTokenGranterBean.addConstructorArgReference(oAuth2RequestFactoryRef);
 				tokenGranters.add(refreshTokenGranterBean.getBeanDefinition());
 			}
 			Element implicitElement = DomUtils.getChildElementByTagName(element, "implicit");
@@ -148,6 +152,7 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 						.rootBeanDefinition(ImplicitTokenGranter.class);
 				implicitGranterBean.addConstructorArgReference(tokenServicesRef);
 				implicitGranterBean.addConstructorArgReference(clientDetailsRef);
+				implicitGranterBean.addConstructorArgReference(oAuth2RequestFactoryRef);
 				tokenGranters.add(implicitGranterBean.getBeanDefinition());
 				registerAuthorizationEndpoint = true;
 			}
@@ -158,6 +163,7 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 						.rootBeanDefinition(ClientCredentialsTokenGranter.class);
 				clientCredentialsGranterBean.addConstructorArgReference(tokenServicesRef);
 				clientCredentialsGranterBean.addConstructorArgReference(clientDetailsRef);
+				clientCredentialsGranterBean.addConstructorArgReference(oAuth2RequestFactoryRef);
 				tokenGranters.add(clientCredentialsGranterBean.getBeanDefinition());
 			}
 			Element clientPasswordElement = DomUtils.getChildElementByTagName(element, "password");
@@ -172,6 +178,7 @@ protected AbstractBeanDefinition parseEndpointAndReturnFilter(Element element, P
 				clientPasswordTokenGranter.addConstructorArgReference(authenticationManagerRef);
 				clientPasswordTokenGranter.addConstructorArgReference(tokenServicesRef);
 				clientPasswordTokenGranter.addConstructorArgReference(clientDetailsRef);
+				clientPasswordTokenGranter.addConstructorArgReference(oAuth2RequestFactoryRef);
 				tokenGranters.add(clientPasswordTokenGranter.getBeanDefinition());
 			}
 			List<Element> customGrantElements = DomUtils.getChildElementsByTagName(element, "custom-grant");
 
@@ -13,7 +13,7 @@
 import org.springframework.security.oauth2.common.util.OAuth2Utils;
 
 /**
- * Base class representing an OAuth2 authorization or token request. HTTP request parameters are stored in
+ * Base class representing an OAuth2 Authorization Request. HTTP request parameters are stored in
  * the parameters map, and any processing the server makes throughout the lifecycle of a request are stored
  * on individual properties. The original request parameters will remain available through the parameters
  * map. For convenience, constants are defined in order to get at those original values. However, the
@@ -23,24 +23,12 @@
  * @author Dave Syer
  * @author Amanda Anganes
  */
-public class OAuth2Request implements Serializable {
+public class AuthorizationRequest implements Serializable {
 
 	private static final long serialVersionUID = 1L;
-
-	public static final String CLIENT_ID = "client_id";
-
-	public static final String STATE = "state";
-
-	public static final String SCOPE = "scope";
-
-	public static final String REDIRECT_URI = "redirect_uri";
-
-	public static final String RESPONSE_TYPE = "response_type";
-
-	public static final String USER_OAUTH_APPROVAL = "user_oauth_approval";
 
 	/**
-	 * Map of parameters passed in to the Authorizatoin Endpoint or Token
+	 * Map of parameters passed in to the Authorization Endpoint or Token
 	 * Endpoint, preserved unchanged from the original request. This map should
 	 * not be modified after initialization. In general, classes should not
 	 * retrieve values from this map directly, and should instead use the
@@ -123,7 +111,7 @@ public class OAuth2Request implements Serializable {
 	/**
 	 * Default constructor. 
 	 */
-	public OAuth2Request() {
+	public AuthorizationRequest() {
 
 	}
 
@@ -141,12 +129,11 @@ public OAuth2Request() {
 	 * @param redirectUri
 	 * @param responseTypes
 	 */
-	public OAuth2Request(Map<String, String> authorizationParameters, Map<String, String> approvalParameters, 
+	public AuthorizationRequest(Map<String, String> authorizationParameters, Map<String, String> approvalParameters, 
 			String clientId, Set<String> scope, Set<String> resourceIds, 
 			Collection<? extends GrantedAuthority> authorities, boolean approved, String state, 
 			String redirectUri, Set<String> responseTypes){
 		if (authorizationParameters != null) {
-			//this.authorizationParameters.putAll(authorizationParameters);
 			this.requestParameters = Collections.unmodifiableMap(authorizationParameters);
 		}
 		if (approvalParameters != null) {
@@ -177,7 +164,7 @@ public OAuth2Request(Map<String, String> authorizationParameters, Map<String, St
 	 * @param clientId
 	 * @param scopes
 	 */
-	public OAuth2Request(String clientId, Collection<String> scopes) {
+	public AuthorizationRequest(String clientId, Collection<String> scopes) {
 		this.clientId = clientId;
 		if (scopes!= null) {
 			this.scope.addAll(scopes);
@@ -356,10 +343,10 @@ public boolean equals(Object obj) {
 		if (obj == null) {
 			return false;
 		}
-		if (!(obj instanceof OAuth2Request)) {
+		if (!(obj instanceof AuthorizationRequest)) {
 			return false;
 		}
-		OAuth2Request other = (OAuth2Request) obj;
+		AuthorizationRequest other = (AuthorizationRequest) obj;
 		if (approvalParameters == null) {
 			if (other.approvalParameters != null) {
 				return false;
 
@@ -33,7 +33,7 @@ public CompositeTokenGranter(List<TokenGranter> tokenGranters) {
 		this.tokenGranters = new ArrayList<TokenGranter>(tokenGranters);
 	}
 
-	public OAuth2AccessToken grant(String grantType, OAuth2Request tokenRequest) {
+	public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
 		for (TokenGranter granter : tokenGranters) {
 			OAuth2AccessToken grant = granter.grant(grantType, tokenRequest);
 			if (grant!=null) {
Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,7 @@`
`23`	`23`	`import org.springframework.security.oauth2.client.test.OAuth2ContextSetup;`
`24`	`24`	`import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitAccessTokenProvider;`
`25`	`25`	`import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitResourceDetails;`
	`26`	`+import org.springframework.security.oauth2.common.util.OAuth2Utils;`
`26`	`27`	`import org.springframework.util.LinkedMultiValueMap;`
`27`	`28`	`import org.springframework.util.MultiValueMap;`
`28`	`29`
`@@ -98,7 +99,7 @@ public void testPostForNonAutomaticApprovalToken() throws Exception {`
`98`	`99`	`// ignore`
`99`	`100`	`}`
`100`	`101`	`// add user approval parameter for the second request`
`101`		`- context.getAccessTokenRequest().add(OAuth2Request.USER_OAUTH_APPROVAL, "true");`
	`102`	`+ context.getAccessTokenRequest().add(OAuth2Utils.USER_OAUTH_APPROVAL, "true");`
`102`	`103`	`assertNotNull(context.getAccessToken());`
`103`	`104`	`}`
`104`	`105`
Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ public CompositeTokenGranter(List<TokenGranter> tokenGranters) {`
`33`	`33`	`this.tokenGranters = new ArrayList<TokenGranter>(tokenGranters);`
`34`	`34`	`}`
`35`	`35`
`36`		`- public OAuth2AccessToken grant(String grantType, OAuth2Request tokenRequest) {`
	`36`	`+ public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {`
`37`	`37`	`for (TokenGranter granter : tokenGranters) {`
`38`	`38`	`OAuth2AccessToken grant = granter.grant(grantType, tokenRequest);`
`39`	`39`	`if (grant!=null) {`