Add missing calls to principalName

Issue gh-8054

Author: jzheaux

test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java

@@ -785,16 +785,18 @@ public void beforeServerCreated(WebHttpHandlerBuilder builder) {
 					.clientRegistration(this.clientRegistration)
 					.principalName(token.getPrincipal().getName())
 					.beforeServerCreated(builder);
-			mockAuthentication(getToken()).beforeServerCreated(builder);
+			mockAuthentication(token).beforeServerCreated(builder);
 		}
 
 		@Override
 		public void afterConfigureAdded(WebTestClient.MockServerSpec<?> serverSpec) {
+			OAuth2AuthenticationToken token = getToken();
 			mockOAuth2Client()
 					.accessToken(this.accessToken)
 					.clientRegistration(this.clientRegistration)
+					.principalName(token.getPrincipal().getName())
 					.afterConfigureAdded(serverSpec);
-			mockAuthentication(getToken()).afterConfigureAdded(serverSpec);
+			mockAuthentication(token).afterConfigureAdded(serverSpec);
 		}
 
 		@Override
@@ -806,6 +808,7 @@ public void afterConfigurerAdded(
 			mockOAuth2Client()
 					.accessToken(this.accessToken)
 					.clientRegistration(this.clientRegistration)
+					.principalName(token.getPrincipal().getName())
 					.afterConfigurerAdded(builder, httpHandlerBuilder, connector);
 			mockAuthentication(token).afterConfigurerAdded(builder, httpHandlerBuilder, connector);
 		}
@@ -953,18 +956,21 @@ public void beforeServerCreated(WebHttpHandlerBuilder builder) {
 			OAuth2AuthenticationToken token = getToken();
 			mockOAuth2Client()
 					.accessToken(this.accessToken)
+					.principalName(token.getPrincipal().getName())
 					.clientRegistration(this.clientRegistration)
 					.beforeServerCreated(builder);
-			mockAuthentication(getToken()).beforeServerCreated(builder);
+			mockAuthentication(token).beforeServerCreated(builder);
 		}
 
 		@Override
 		public void afterConfigureAdded(WebTestClient.MockServerSpec<?> serverSpec) {
+			OAuth2AuthenticationToken token = getToken();
 			mockOAuth2Client()
 					.accessToken(this.accessToken)
+					.principalName(token.getPrincipal().getName())
 					.clientRegistration(this.clientRegistration)
 					.afterConfigureAdded(serverSpec);
-			mockAuthentication(getToken()).afterConfigureAdded(serverSpec);
+			mockAuthentication(token).afterConfigureAdded(serverSpec);
 		}
 
 		@Override
@@ -975,6 +981,7 @@ public void afterConfigurerAdded(
 			OAuth2AuthenticationToken token = getToken();
 			mockOAuth2Client()
 					.accessToken(this.accessToken)
+					.principalName(token.getPrincipal().getName())
 					.clientRegistration(this.clientRegistration)
 					.afterConfigurerAdded(builder, httpHandlerBuilder, connector);
 			mockAuthentication(token).afterConfigurerAdded(builder, httpHandlerBuilder, connector);

test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOAuth2LoginTests.java

@@ -131,6 +131,34 @@ public void oauth2LoginWhenAttributeSpecifiedThenUserHasAttribute() {
 				.containsEntry("iss", "https://idp.example.org");
 	}
 
+	@Test
+	public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception {
+		OAuth2User oauth2User = new DefaultOAuth2User(
+				AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
+				Collections.singletonMap("custom-attribute", "test-subject"),
+				"custom-attribute");
+
+		this.client.mutateWith(mockOAuth2Login()
+				.oauth2User(oauth2User))
+				.get().uri("/token")
+				.exchange()
+				.expectStatus().isOk();
+
+		OAuth2AuthenticationToken token = this.controller.token;
+		assertThat(token.getPrincipal().getName())
+				.isEqualTo("test-subject");
+
+		this.client.mutateWith(mockOAuth2Login()
+				.oauth2User(oauth2User))
+				.get().uri("/client")
+				.exchange()
+				.expectStatus().isOk();
+
+		OAuth2AuthorizedClient client = this.controller.authorizedClient;
+		assertThat(client.getPrincipalName())
+				.isEqualTo("test-subject");
+	}
+
 	@Test
 	public void oauth2LoginWhenOAuth2UserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
 		OAuth2User oauth2User = new DefaultOAuth2User(

test/src/test/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurersOidcLoginTests.java

@@ -36,6 +36,7 @@
 import org.springframework.security.oauth2.client.web.reactive.result.method.annotation.OAuth2AuthorizedClientArgumentResolver;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.server.WebSessionServerOAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.web.server.context.SecurityContextServerWebExchangeWebFilter;
@@ -45,6 +46,7 @@
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.springframework.security.oauth2.core.oidc.TestOidcIdTokens.idToken;
+import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOAuth2Login;
 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.mockOidcLogin;
 import static org.springframework.security.test.web.reactive.server.SecurityMockServerConfigurers.springSecurity;
 
@@ -146,6 +148,34 @@ public void oidcLoginWhenUserInfoSpecifiedThenUserHasClaims() throws Exception {
 				.containsEntry("email", "email@email");
 	}
 
+	@Test
+	public void oidcUserWhenNameSpecifiedThenUserHasName() throws Exception {
+		OidcUser oidcUser = new DefaultOidcUser(
+				AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
+				OidcIdToken.withTokenValue("id-token").claim("custom-attribute", "test-subject").build(),
+				"custom-attribute");
+
+		this.client.mutateWith(mockOAuth2Login()
+				.oauth2User(oidcUser))
+				.get().uri("/token")
+				.exchange()
+				.expectStatus().isOk();
+
+		OAuth2AuthenticationToken token = this.controller.token;
+		assertThat(token.getPrincipal().getName())
+				.isEqualTo("test-subject");
+
+		this.client.mutateWith(mockOAuth2Login()
+				.oauth2User(oidcUser))
+				.get().uri("/client")
+				.exchange()
+				.expectStatus().isOk();
+
+		OAuth2AuthorizedClient client = this.controller.authorizedClient;
+		assertThat(client.getPrincipalName())
+				.isEqualTo("test-subject");
+	}
+
 	// gh-7794
 	@Test
 	public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOAuth2LoginTests.java

@@ -130,6 +130,10 @@ public void oauth2LoginWhenNameSpecifiedThenUserHasName() throws Exception {
 		this.mvc.perform(get("/name")
 				.with(oauth2Login().oauth2User(oauth2User)))
 				.andExpect(content().string("test-subject"));
+
+		this.mvc.perform(get("/client-name")
+				.with(oauth2Login().oauth2User(oauth2User)))
+				.andExpect(content().string("test-subject"));
 	}
 
 	@Test
@@ -193,6 +197,11 @@ String authorizedClient(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient
 				return authorizedClient.getClientRegistration().getClientId();
 			}
 
+			@GetMapping("/client-name")
+			String clientName(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) {
+				return authorizedClient.getPrincipalName();
+			}
+
 			@GetMapping("/attributes/{attribute}")
 			String attributes(
 					@AuthenticationPrincipal OAuth2User oauth2User, @PathVariable("attribute") String attribute) {

test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsOidcLoginTests.java

@@ -38,6 +38,7 @@
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
+import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
 import org.springframework.security.oauth2.core.oidc.user.OidcUser;
 import org.springframework.security.test.context.TestSecurityContextHolder;
@@ -129,6 +130,26 @@ public void oidcLoginWhenUserInfoSpecifiedThenUserHasClaims() throws Exception {
 				.andExpect(content().string("email@email"));
 	}
 
+	@Test
+	public void oidcLoginWhenNameSpecifiedThenUserHasName() throws Exception {
+		OidcUser oidcUser = new DefaultOidcUser(
+				AuthorityUtils.commaSeparatedStringToAuthorityList("SCOPE_read"),
+				OidcIdToken.withTokenValue("id-token").claim("custom-attribute", "test-subject").build(),
+				"custom-attribute");
+
+		this.mvc.perform(get("/id-token/custom-attribute")
+				.with(oidcLogin().oidcUser(oidcUser)))
+				.andExpect(content().string("test-subject"));
+
+		this.mvc.perform(get("/name")
+				.with(oidcLogin().oidcUser(oidcUser)))
+				.andExpect(content().string("test-subject"));
+
+		this.mvc.perform(get("/client-name")
+				.with(oidcLogin().oidcUser(oidcUser)))
+				.andExpect(content().string("test-subject"));
+	}
+
 	// gh-7794
 	@Test
 	public void oidcLoginWhenOidcUserSpecifiedThenLastCalledTakesPrecedence() throws Exception {
@@ -179,6 +200,11 @@ String name(@AuthenticationPrincipal OidcUser oidcUser) {
 				return oidcUser.getName();
 			}
 
+			@GetMapping("/client-name")
+			String clientName(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) {
+				return authorizedClient.getPrincipalName();
+			}
+
 			@GetMapping("/access-token")
 			String authorizedClient(@RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient) {
 				return authorizedClient.getAccessToken().getTokenValue();