Polish gh-12438

jgrandja · jgrandja · commit e139f1c2baa0 · 2022-12-22T11:16:19.000-05:00
diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -3829,31 +3829,11 @@ public final class OAuth2ClientSpec {
 
 		private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
 
-		private ServerRedirectStrategy authorizationRedirectStrategy;
-
 		private ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver;
 
-		private OAuth2ClientSpec() {
-		}
-
-		/**
-		 * Sets the resolver used for resolving {@link OAuth2AuthorizationRequest}'s.
-		 * @param authorizationRequestResolver the resolver used for resolving
-		 * {@link OAuth2AuthorizationRequest}'s
-		 * @return the {@link OAuth2ClientSpec} for further configuration
-		 * @since 6.1
-		 */
-		public OAuth2ClientSpec authorizationRequestResolver(
-				ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) {
-			this.authorizationRequestResolver = authorizationRequestResolver;
-			return this;
-		}
+		private ServerRedirectStrategy authorizationRedirectStrategy;
 
-		private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
-			if (this.authorizationRequestResolver != null) {
-				return new OAuth2AuthorizationRequestRedirectWebFilter(this.authorizationRequestResolver);
-			}
-			return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository());
+		private OAuth2ClientSpec() {
 		}
 
 		/**
@@ -3945,6 +3925,26 @@ private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> getAuth
 			return this.authorizationRequestRepository;
 		}
 
+		/**
+		 * Sets the resolver used for resolving {@link OAuth2AuthorizationRequest}'s.
+		 * @param authorizationRequestResolver the resolver used for resolving
+		 * {@link OAuth2AuthorizationRequest}'s
+		 * @return the {@link OAuth2ClientSpec} to customize
+		 * @since 6.1
+		 */
+		public OAuth2ClientSpec authorizationRequestResolver(
+				ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver) {
+			this.authorizationRequestResolver = authorizationRequestResolver;
+			return this;
+		}
+
+		private OAuth2AuthorizationRequestRedirectWebFilter getRedirectWebFilter() {
+			if (this.authorizationRequestResolver != null) {
+				return new OAuth2AuthorizationRequestRedirectWebFilter(this.authorizationRequestResolver);
+			}
+			return new OAuth2AuthorizationRequestRedirectWebFilter(getClientRegistrationRepository());
+		}
+
 		/**
 		 * Sets the redirect strategy for Authorization Endpoint redirect URI.
 		 * @param authorizationRedirectStrategy the redirect strategy
@@ -3971,7 +3971,6 @@ public ServerHttpSecurity and() {
 		}
 
 		protected void configure(ServerHttpSecurity http) {
-			ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository();
 			ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository();
 			ServerAuthenticationConverter authenticationConverter = getAuthenticationConverter();
 			ReactiveAuthenticationManager authenticationManager = getAuthenticationManager();
diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -39,8 +39,8 @@
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
 import org.springframework.security.oauth2.client.web.server.ServerAuthorizationRequestRepository;
-import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizationRequestResolver;
+import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
 import org.springframework.security.oauth2.core.TestOAuth2AccessTokens;
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
@@ -134,8 +134,8 @@ public void oauth2ClientWhenCustomObjectsThenUsed() {
 		ServerAuthenticationConverter converter = config.authenticationConverter;
 		ReactiveAuthenticationManager manager = config.manager;
 		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
-		ServerRequestCache requestCache = config.requestCache;
 		ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
+		ServerRequestCache requestCache = config.requestCache;
 		OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request()
 				.redirectUri("/authorize/oauth2/code/registration-id").build();
 		OAuth2AuthorizationResponse authorizationResponse = TestOAuth2AuthorizationResponses.success()
@@ -268,10 +268,10 @@ static class OAuth2ClientCustomConfig {
 		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(
 				ServerAuthorizationRequestRepository.class);
 
-		ServerRequestCache requestCache = mock(ServerRequestCache.class);
-
 		ServerOAuth2AuthorizationRequestResolver resolver = mock(ServerOAuth2AuthorizationRequestResolver.class);
 
+		ServerRequestCache requestCache = mock(ServerRequestCache.class);
+
 		@Bean
 		SecurityWebFilterChain springSecurityFilter(ServerHttpSecurity http) {
 			// @formatter:off
diff --git a/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc b/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc
@@ -39,6 +39,7 @@ public class OAuth2ClientSecurityConfig {
 				.clientRegistrationRepository(this.clientRegistrationRepository())
 				.authorizedClientRepository(this.authorizedClientRepository())
 				.authorizationRequestRepository(this.authorizationRequestRepository())
+				.authorizationRequestResolver(this.authorizationRequestResolver())
 				.authenticationConverter(this.authenticationConverter())
 				.authenticationManager(this.authenticationManager())
 			);
@@ -62,6 +63,7 @@ class OAuth2ClientSecurityConfig {
                 clientRegistrationRepository = clientRegistrationRepository()
                 authorizedClientRepository = authorizedClientRepository()
                 authorizationRequestRepository = authorizedRequestRepository()
+                authorizationRequestResolver = authorizationRequestResolver()
                 authenticationConverter = authenticationConverter()
                 authenticationManager = authenticationManager()
             }
