Remove SecurityTokenRepository from AuthorizationCodeAuthenticationProvider constructor

jgrandja · jgrandja · commit 1b7e761be487 · 2017-10-05T17:05:56.000-04:00
Fixes gh-4591
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeAuthenticationFilterConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/AuthorizationCodeAuthenticationFilterConfigurer.java
@@ -27,7 +27,6 @@
 import org.springframework.security.oauth2.client.authentication.jwt.JwtDecoderRegistry;
 import org.springframework.security.oauth2.client.authentication.jwt.nimbus.NimbusJwtDecoderRegistry;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
-import org.springframework.security.oauth2.client.token.InMemoryAccessTokenRepository;
 import org.springframework.security.oauth2.client.token.SecurityTokenRepository;
 import org.springframework.security.oauth2.client.user.CustomUserTypesOAuth2UserService;
 import org.springframework.security.oauth2.client.user.DefaultOAuth2UserService;
@@ -130,8 +129,10 @@ String getLoginFailureUrl() {
 	@Override
 	public void init(H http) throws Exception {
 		AuthorizationCodeAuthenticationProvider authorizationCodeAuthenticationProvider =
-			new AuthorizationCodeAuthenticationProvider(
-				this.getAuthorizationCodeAuthenticator(), this.getAccessTokenRepository());
+			new AuthorizationCodeAuthenticationProvider(this.getAuthorizationCodeAuthenticator());
+		if (this.accessTokenRepository != null) {
+			authorizationCodeAuthenticationProvider.setAccessTokenRepository(this.accessTokenRepository);
+		}
 		authorizationCodeAuthenticationProvider = this.postProcess(authorizationCodeAuthenticationProvider);
 		http.authenticationProvider(authorizationCodeAuthenticationProvider);
 
@@ -180,13 +181,6 @@ private AuthorizationGrantTokenExchanger<AuthorizationCodeAuthenticationToken> g
 		return this.authorizationCodeTokenExchanger;
 	}
 
-	private SecurityTokenRepository<AccessToken> getAccessTokenRepository() {
-		if (this.accessTokenRepository == null) {
-			this.accessTokenRepository = new InMemoryAccessTokenRepository();
-		}
-		return this.accessTokenRepository;
-	}
-
 	private JwtDecoderRegistry getJwtDecoderRegistry() {
 		if (this.jwtDecoderRegistry == null) {
 			this.jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/AuthorizationCodeAuthenticationProvider.java
@@ -18,6 +18,7 @@
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.oauth2.client.token.InMemoryAccessTokenRepository;
 import org.springframework.security.oauth2.client.token.SecurityTokenRepository;
 import org.springframework.security.oauth2.core.AccessToken;
 import org.springframework.security.oauth2.oidc.client.authentication.OidcClientAuthenticationToken;
@@ -49,16 +50,13 @@
  */
 public class AuthorizationCodeAuthenticationProvider implements AuthenticationProvider {
 	private final AuthorizationGrantAuthenticator<AuthorizationCodeAuthenticationToken> authorizationCodeAuthenticator;
-	private final SecurityTokenRepository<AccessToken> accessTokenRepository;
+	private SecurityTokenRepository<AccessToken> accessTokenRepository = new InMemoryAccessTokenRepository();
 
 	public AuthorizationCodeAuthenticationProvider(
-			AuthorizationGrantAuthenticator<AuthorizationCodeAuthenticationToken> authorizationCodeAuthenticator,
-			SecurityTokenRepository<AccessToken> accessTokenRepository) {
+		AuthorizationGrantAuthenticator<AuthorizationCodeAuthenticationToken> authorizationCodeAuthenticator) {
 
 		Assert.notNull(authorizationCodeAuthenticator, "authorizationCodeAuthenticator cannot be null");
-		Assert.notNull(accessTokenRepository, "accessTokenRepository cannot be null");
 		this.authorizationCodeAuthenticator = authorizationCodeAuthenticator;
-		this.accessTokenRepository = accessTokenRepository;
 	}
 
 	@Override
@@ -76,6 +74,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 		return oauth2ClientAuthentication;
 	}
 
+	public final void setAccessTokenRepository(SecurityTokenRepository<AccessToken> accessTokenRepository) {
+		Assert.notNull(accessTokenRepository, "accessTokenRepository cannot be null");
+		this.accessTokenRepository = accessTokenRepository;
+	}
+
 	@Override
 	public boolean supports(Class<?> authentication) {
 		return AuthorizationCodeAuthenticationToken.class.isAssignableFrom(authentication);
