From 04f8ce78b42e9bc3afd6c117a7d5a987d776d1f4 Mon Sep 17 00:00:00 2001 From: Leo-Fish <1957774799@qq.com> Date: Thu, 9 Oct 2025 21:41:35 -0500 Subject: [PATCH] Make OAuth2AuthorizationCodeGrantTests deterministic Signed-off-by: Leo-Fish <1957774799@qq.com> --- .../authorization/TestOAuth2Authorizations.java | 14 ++++++++++++-- .../OAuth2AuthorizationCodeGrantTests.java | 6 +++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/TestOAuth2Authorizations.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/TestOAuth2Authorizations.java index ee60cf8a1..fa2a2a6f5 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/TestOAuth2Authorizations.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/TestOAuth2Authorizations.java @@ -18,9 +18,13 @@ import java.security.Principal; import java.time.Instant; import java.time.temporal.ChronoUnit; +import java.util.ArrayList; import java.util.Collections; import java.util.HashMap; +import java.util.List; import java.util.Map; +import java.util.Set; +import java.util.TreeSet; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.oauth2.core.AuthorizationGrantType; @@ -76,11 +80,17 @@ public static OAuth2Authorization.Builder authorization(RegisteredClient registe private static OAuth2Authorization.Builder authorization(RegisteredClient registeredClient, OAuth2AuthorizationCode authorizationCode, OAuth2AccessToken accessToken, Map accessTokenClaims, Map authorizationRequestAdditionalParameters) { + + List sortedRedirectUris = new ArrayList<>(registeredClient.getRedirectUris()); + Collections.sort(sortedRedirectUris); + + Set sortedScopes = new TreeSet<>(registeredClient.getScopes()); + OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode() .authorizationUri("https://provider.com/oauth2/authorize") .clientId(registeredClient.getClientId()) - .redirectUri(registeredClient.getRedirectUris().iterator().next()) - .scopes(registeredClient.getScopes()) + .redirectUri(sortedRedirectUris.get(0)) + .scopes(sortedScopes) .additionalParameters(authorizationRequestAdditionalParameters) .state("state") .build(); diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java index 55a2bdbe7..1cb5a2127 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/OAuth2AuthorizationCodeGrantTests.java @@ -23,8 +23,10 @@ import java.text.MessageFormat; import java.time.Instant; import java.time.temporal.ChronoUnit; +import java.util.ArrayList; import java.util.Arrays; import java.util.Base64; +import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Map; @@ -1113,7 +1115,9 @@ private static MultiValueMap getTokenRequestParameters(Registere parameters.set(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue()); parameters.set(OAuth2ParameterNames.CODE, authorization.getToken(OAuth2AuthorizationCode.class).getToken().getTokenValue()); - parameters.set(OAuth2ParameterNames.REDIRECT_URI, registeredClient.getRedirectUris().iterator().next()); + List sortedRedirectUris = new ArrayList<>(registeredClient.getRedirectUris()); + Collections.sort(sortedRedirectUris); + parameters.set(OAuth2ParameterNames.REDIRECT_URI, sortedRedirectUris.get(0)); return parameters; }