From 32690175aa63b8fa134bd94bcc496c73a6ba385d Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Thu, 13 Feb 2025 06:32:48 +0700 Subject: [PATCH] Polish Signed-off-by: Tran Ngoc Nhan --- .../BearerTokenAuthenticationEntryPoint.java | 8 +++---- .../web/DefaultBearerTokenResolver.java | 4 ++-- ...erTokenServerAuthenticationEntryPoint.java | 21 +++++++++---------- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java index 19361ecdd31..84597d854c0 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/BearerTokenAuthenticationEntryPoint.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -65,8 +65,8 @@ public void commence(HttpServletRequest request, HttpServletResponse response, if (this.realmName != null) { parameters.put("realm", this.realmName); } - if (authException instanceof OAuth2AuthenticationException) { - OAuth2Error error = ((OAuth2AuthenticationException) authException).getError(); + if (authException instanceof OAuth2AuthenticationException oAuth2AuthenticationException) { + OAuth2Error error = oAuth2AuthenticationException.getError(); parameters.put("error", error.getErrorCode()); if (StringUtils.hasText(error.getDescription())) { parameters.put("error_description", error.getDescription()); @@ -78,7 +78,7 @@ public void commence(HttpServletRequest request, HttpServletResponse response, if (StringUtils.hasText(bearerTokenError.getScope())) { parameters.put("scope", bearerTokenError.getScope()); } - status = ((BearerTokenError) error).getHttpStatus(); + status = bearerTokenError.getHttpStatus(); } } String wwwAuthenticate = computeWWWAuthenticateHeaderValue(parameters); diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/DefaultBearerTokenResolver.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/DefaultBearerTokenResolver.java index d238e870178..36e27fccd87 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/DefaultBearerTokenResolver.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/DefaultBearerTokenResolver.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -64,7 +64,7 @@ public String resolve(final HttpServletRequest request) { return authorizationHeaderToken; } if (parameterToken != null && isParameterTokenEnabledForRequest(request)) { - if (!StringUtils.hasText(parameterToken)) { + if (parameterToken.isBlank()) { BearerTokenError error = BearerTokenErrors .invalidRequest("The requested token parameter is an empty string"); throw new OAuth2AuthenticationException(error); diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java index a2bc58a50d2..dea0c5bc853 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/web/server/BearerTokenServerAuthenticationEntryPoint.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -73,8 +73,8 @@ private Map createParameters(AuthenticationException authExcepti if (this.realmName != null) { parameters.put("realm", this.realmName); } - if (authException instanceof OAuth2AuthenticationException) { - OAuth2Error error = ((OAuth2AuthenticationException) authException).getError(); + if (authException instanceof OAuth2AuthenticationException oAuth2AuthenticationException) { + OAuth2Error error = oAuth2AuthenticationException.getError(); parameters.put("error", error.getErrorCode()); if (StringUtils.hasText(error.getDescription())) { parameters.put("error_description", error.getDescription()); @@ -82,20 +82,19 @@ private Map createParameters(AuthenticationException authExcepti if (StringUtils.hasText(error.getUri())) { parameters.put("error_uri", error.getUri()); } - if (error instanceof BearerTokenError bearerTokenError) { - if (StringUtils.hasText(bearerTokenError.getScope())) { - parameters.put("scope", bearerTokenError.getScope()); - } + if (error instanceof BearerTokenError bearerTokenError + && StringUtils.hasText(bearerTokenError.getScope())) { + parameters.put("scope", bearerTokenError.getScope()); } } return parameters; } private HttpStatus getStatus(AuthenticationException authException) { - if (authException instanceof OAuth2AuthenticationException) { - OAuth2Error error = ((OAuth2AuthenticationException) authException).getError(); - if (error instanceof BearerTokenError) { - return ((BearerTokenError) error).getHttpStatus(); + if (authException instanceof OAuth2AuthenticationException oAuth2AuthenticationException) { + OAuth2Error error = oAuth2AuthenticationException.getError(); + if (error instanceof BearerTokenError bearerTokenError) { + return bearerTokenError.getHttpStatus(); } } return HttpStatus.UNAUTHORIZED;