Polish gh-1105

jgrandja · jgrandja · commit ad01779479d7 · 2023-03-07T07:57:54.000-05:00
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -126,7 +126,7 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			registeredClient = RegisteredClient.from(registeredClient)
 					.clientSecret(this.passwordEncoder.encode(clientSecret))
 					.build();
-			registeredClientRepository.save(registeredClient);
+			this.registeredClientRepository.save(registeredClient);
 		}
 
 		if (this.logger.isTraceEnabled()) {
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepository.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepository.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2021 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -72,14 +72,11 @@ public InMemoryRegisteredClientRepository(List<RegisteredClient> registrations)
 	@Override
 	public void save(RegisteredClient registeredClient) {
 		Assert.notNull(registeredClient, "registeredClient cannot be null");
-		if (this.idRegistrationMap.containsKey(registeredClient.getId())) {
-			this.idRegistrationMap.put(registeredClient.getId(), registeredClient);
-			this.clientIdRegistrationMap.put(registeredClient.getClientId(), registeredClient);
-		} else {
+		if (!this.idRegistrationMap.containsKey(registeredClient.getId())) {
 			assertUniqueIdentifiers(registeredClient, this.idRegistrationMap);
-			this.idRegistrationMap.put(registeredClient.getId(), registeredClient);
-			this.clientIdRegistrationMap.put(registeredClient.getClientId(), registeredClient);
 		}
+		this.idRegistrationMap.put(registeredClient.getId(), registeredClient);
+		this.clientIdRegistrationMap.put(registeredClient.getClientId(), registeredClient);
 	}
 
 	@Nullable
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProviderTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProviderTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -228,7 +228,7 @@ public void authenticateWhenValidCredentialsThenAuthenticated() {
 	}
 
 	@Test
-	public void authenticateWhenValidCredentialsAndNonExpiredThenPasswordUpgraded() {
+	public void authenticateWhenValidCredentialsAndRequiresUpgradingThenClientSecretUpgraded() {
 		RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
 		when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId())))
 				.thenReturn(registeredClient);
@@ -243,10 +243,9 @@ public void authenticateWhenValidCredentialsAndNonExpiredThenPasswordUpgraded()
 		verify(this.passwordEncoder).encode(any());
 		verify(this.registeredClientRepository).save(any());
 		assertThat(authenticationResult.isAuthenticated()).isTrue();
-		assertThat(registeredClient).isNotSameAs(authenticationResult.getPrincipal());
 		assertThat(authenticationResult.getPrincipal().toString()).isEqualTo(registeredClient.getClientId());
 		assertThat(authenticationResult.getCredentials().toString()).isEqualTo(registeredClient.getClientSecret());
-		assertThat(authenticationResult.getRegisteredClient()).isEqualTo(registeredClient);
+		assertThat(authenticationResult.getRegisteredClient()).isNotSameAs(registeredClient);
 	}
 
 	@Test
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepositoryTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/client/InMemoryRegisteredClientRepositoryTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -155,10 +155,10 @@ public void saveWhenNullThenThrowIllegalArgumentException() {
 	@Test
 	public void saveWhenExistingIdThenUpdate() {
 		RegisteredClient registeredClient = createRegisteredClient(
-				this.registration.getId(), "client-id", "client-secret-2");
+				this.registration.getId(), "client-id-2", "client-secret-2");
 		this.clients.save(registeredClient);
 		RegisteredClient savedClient = this.clients.findByClientId(registeredClient.getClientId());
-		assertThat(savedClient.getClientSecret()).isEqualTo("client-secret-2");
+		assertThat(savedClient).isEqualTo(registeredClient);
 	}
 
 	@Test
diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2ClientCredentialsGrantTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -233,7 +233,7 @@ public void requestWhenTokenRequestPostsClientCredentialsThenTokenResponse() thr
 	}
 
 	@Test
-	public void requestWhenTokenRequestPostsClientCredentialsThenTokenResponseAndSecretUpgraded() throws Exception {
+	public void requestWhenTokenRequestPostsClientCredentialsAndRequiresUpgradingThenClientSecretUpgraded() throws Exception {
 		this.spring.register(AuthorizationServerConfigurationCustomPasswordEncoder.class).autowire();
 
 		String clientSecret = "secret-2";
@@ -250,7 +250,8 @@ public void requestWhenTokenRequestPostsClientCredentialsThenTokenResponseAndSec
 				.andExpect(jsonPath("$.scope").value("scope1 scope2"));
 
 		verify(jwtCustomizer).customize(any());
-		assertThat(this.registeredClientRepository.findByClientId(registeredClient.getClientId()).getClientSecret()).startsWith("{bcrypt}");
+		RegisteredClient updatedRegisteredClient = this.registeredClientRepository.findByClientId(registeredClient.getClientId());
+		assertThat(updatedRegisteredClient.getClientSecret()).startsWith("{bcrypt}");
 	}
 
 	@Test

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`/*`
`2`		`- * Copyright 2020-2022 the original author or authors.`
	`2`	`+ * Copyright 2020-2023 the original author or authors.`
`3`	`3`	`*`
`4`	`4`	`* Licensed under the Apache License, Version 2.0 (the "License");`
`5`	`5`	`* you may not use this file except in compliance with the License.`
`@@ -126,7 +126,7 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`126`	`126`	`registeredClient = RegisteredClient.from(registeredClient)`
`127`	`127`	`.clientSecret(this.passwordEncoder.encode(clientSecret))`
`128`	`128`	`.build();`
`129`		`- registeredClientRepository.save(registeredClient);`
	`129`	`+ this.registeredClientRepository.save(registeredClient);`
`130`	`130`	`}`
`131`	`131`
`132`	`132`	`if (this.logger.isTraceEnabled()) {`