Removed DefaultAuthorizationRequest from AbstractTokenGranter

aanganes · aanganes · commit c29cbb6e5840 · 2013-05-28T13:34:23.000-04:00
diff --git a/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/client/ClientCredentialsTokenGranter.java b/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/client/ClientCredentialsTokenGranter.java
@@ -19,6 +19,7 @@
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
+import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
@@ -32,8 +33,8 @@ public class ClientCredentialsTokenGranter extends AbstractTokenGranter {
 	private static final String GRANT_TYPE = "client_credentials";
 
 	public ClientCredentialsTokenGranter(AuthorizationServerTokenServices tokenServices,
-			ClientDetailsService clientDetailsService) {
-		super(tokenServices, clientDetailsService, GRANT_TYPE);
+			ClientDetailsService clientDetailsService, AuthorizationRequestManager authorizationRequestManager) {
+		super(tokenServices, clientDetailsService, GRANT_TYPE, authorizationRequestManager);
 	}
 
 	@Override
diff --git a/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/code/AuthorizationCodeTokenGranter.java b/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/code/AuthorizationCodeTokenGranter.java
@@ -27,7 +27,6 @@
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
 import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
-import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
@@ -48,7 +47,7 @@ public class AuthorizationCodeTokenGranter extends AbstractTokenGranter {
 
 	public AuthorizationCodeTokenGranter(AuthorizationServerTokenServices tokenServices,
 			AuthorizationCodeServices authorizationCodeServices, ClientDetailsService clientDetailsService, AuthorizationRequestManager authorizationRequestManager) {
-		super(tokenServices, clientDetailsService, GRANT_TYPE);
+		super(tokenServices, clientDetailsService, GRANT_TYPE, authorizationRequestManager);
 		this.authorizationCodeServices = authorizationCodeServices;
 		this.authorizationRequestManager = authorizationRequestManager;
 	}
diff --git a/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/implicit/ImplicitTokenGranter.java b/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/implicit/ImplicitTokenGranter.java
@@ -21,6 +21,7 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
+import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
@@ -34,8 +35,9 @@ public class ImplicitTokenGranter extends AbstractTokenGranter {
 
 	private static final String GRANT_TYPE = "implicit";
 
-	public ImplicitTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService) {
-		super(tokenServices, clientDetailsService, GRANT_TYPE);
+	public ImplicitTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, 
+			AuthorizationRequestManager authorizationRequestManager) {
+		super(tokenServices, clientDetailsService, GRANT_TYPE, authorizationRequestManager);
 	}
 
 	@Override
diff --git a/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/password/ResourceOwnerPasswordTokenGranter.java b/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/password/ResourceOwnerPasswordTokenGranter.java
@@ -26,6 +26,7 @@
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
+import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
@@ -43,8 +44,8 @@ public class ResourceOwnerPasswordTokenGranter extends AbstractTokenGranter {
 	private final AuthenticationManager authenticationManager;
 
 	public ResourceOwnerPasswordTokenGranter(AuthenticationManager authenticationManager,
-			AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService) {
-		super(tokenServices, clientDetailsService, GRANT_TYPE);
+			AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, AuthorizationRequestManager authorizationRequestManager) {
+		super(tokenServices, clientDetailsService, GRANT_TYPE, authorizationRequestManager);
 		this.authenticationManager = authenticationManager;
 	}
 
@@ -76,4 +77,4 @@ protected OAuth2Authentication getOAuth2Authentication(AuthorizationRequest clie
 
 		return new OAuth2Authentication(request, userAuth);
 	}
-}
+}
diff --git a/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/refresh/RefreshTokenGranter.java b/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/refresh/RefreshTokenGranter.java
@@ -18,6 +18,7 @@
 
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
+import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
@@ -30,8 +31,9 @@ public class RefreshTokenGranter extends AbstractTokenGranter {
 
 	private static final String GRANT_TYPE = "refresh_token";
 
-	public RefreshTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService) {
-		super(tokenServices, clientDetailsService, GRANT_TYPE);
+	public RefreshTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService,
+			AuthorizationRequestManager authorizationRequestManager) {
+		super(tokenServices, clientDetailsService, GRANT_TYPE, authorizationRequestManager);
 	}
 	
 	@Override
diff --git a/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/AbstractTokenGranter.java b/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/AbstractTokenGranter.java
@@ -19,9 +19,9 @@
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
+import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.ClientDetails;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
-import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.TokenGranter;
 
@@ -34,16 +34,19 @@ public abstract class AbstractTokenGranter implements TokenGranter {
 	protected final Log logger = LogFactory.getLog(getClass());
 
 	private final AuthorizationServerTokenServices tokenServices;
+	
+	private final AuthorizationRequestManager authorizationRequestManager;
 
 	private final ClientDetailsService clientDetailsService;
 	
 	private final String grantType;
 
 	protected AbstractTokenGranter(AuthorizationServerTokenServices tokenServices,
-			ClientDetailsService clientDetailsService, String grantType) {
+			ClientDetailsService clientDetailsService, String grantType, AuthorizationRequestManager authorizationRequestManager) {
 		this.clientDetailsService = clientDetailsService;
 		this.grantType = grantType;
 		this.tokenServices = tokenServices;
+		this.authorizationRequestManager = authorizationRequestManager;
 	}
 
 	public OAuth2AccessToken grant(String grantType, AuthorizationRequest authorizationRequest) {
@@ -62,7 +65,7 @@ public OAuth2AccessToken grant(String grantType, AuthorizationRequest authorizat
 	}
 
 	protected OAuth2AccessToken getAccessToken(AuthorizationRequest authorizationRequest) {
-		DefaultAuthorizationRequest outgoingRequest  = new DefaultAuthorizationRequest(authorizationRequest);
+		AuthorizationRequest outgoingRequest  = authorizationRequestManager.createFromExisting(authorizationRequest);
 		outgoingRequest.setApproved(true);
 		// FIXME: do we need to explicitly set approved flag here?
 		return tokenServices.createAccessToken(getOAuth2Authentication(outgoingRequest));
diff --git a/spring-security-oauth2/src/test/java/org/springframework/security/oauth2/provider/password/TestResourceOwnerPasswordTokenGranter.java b/spring-security-oauth2/src/test/java/org/springframework/security/oauth2/provider/password/TestResourceOwnerPasswordTokenGranter.java
@@ -30,10 +30,12 @@
 import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
+import org.springframework.security.oauth2.provider.AuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.BaseClientDetails;
 import org.springframework.security.oauth2.provider.ClientDetails;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
+import org.springframework.security.oauth2.provider.DefaultAuthorizationRequestManager;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.InMemoryTokenStore;
@@ -62,6 +64,8 @@ public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exceptio
 	};
 
 	private AuthorizationRequest authorizationRequest;
+	
+	private AuthorizationRequestManager authorizationRequestManager = new DefaultAuthorizationRequestManager(clientDetailsService);
 
 	public TestResourceOwnerPasswordTokenGranter() {
 		providerTokenServices.setTokenStore(new InMemoryTokenStore());
@@ -75,7 +79,7 @@ public TestResourceOwnerPasswordTokenGranter() {
 	@Test
 	public void testSunnyDay() {
 		ResourceOwnerPasswordTokenGranter granter = new ResourceOwnerPasswordTokenGranter(authenticationManager,
-				providerTokenServices, clientDetailsService);
+				providerTokenServices, clientDetailsService, authorizationRequestManager);
 		OAuth2AccessToken token = granter.grant("password", authorizationRequest);
 		OAuth2Authentication authentication = providerTokenServices.loadAuthentication(token.getValue());
 		assertTrue(authentication.isAuthenticated());
@@ -87,7 +91,7 @@ public void testBadCredentials() {
 			public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 				throw new BadCredentialsException("test");
 			}
-		}, providerTokenServices, clientDetailsService);
+		}, providerTokenServices, clientDetailsService, authorizationRequestManager);
 		granter.grant("password", authorizationRequest);
 	}
 	
@@ -97,15 +101,15 @@ public void testAccountLocked() {
 			public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 				throw new LockedException("test");
 			}
-		}, providerTokenServices, clientDetailsService);
+		}, providerTokenServices, clientDetailsService, authorizationRequestManager);
 		granter.grant("password", authorizationRequest);
 	}
 
 	@Test(expected = InvalidGrantException.class)
 	public void testUnauthenticated() {
 		validUser = new UsernamePasswordAuthenticationToken("foo", "bar");
 		ResourceOwnerPasswordTokenGranter granter = new ResourceOwnerPasswordTokenGranter(authenticationManager,
-				providerTokenServices, clientDetailsService);
+				providerTokenServices, clientDetailsService, authorizationRequestManager);
 		granter.grant("password", authorizationRequest);
 	}
 
