Enhance OAuth2AuthenticationToken details with upstream details

Adds a new property to OAuth2AuthenticationDetails (decodedDetails) to hold the AuthenticationDetails (if any) loaded by the ResourceServerTokenServices. In this way we can preserve the existing OAuth2AuthenticationDetails behaviour (in particular the access token value which people rely on) but retain all the data from the ResourceServerTokenServices. Fixes spring-atticgh-285
srshalen23 · Nov 4, 2014 · 178f3c5 · 178f3c5
1 parent 9d21b2a
commit 178f3c5
Show file tree

Hide file tree

Showing 3 changed files with 47 additions and 4 deletions.
diff --git a/.../springframework/security/oauth2/provider/authentication/OAuth2AuthenticationDetails.java b/.../springframework/security/oauth2/provider/authentication/OAuth2AuthenticationDetails.java
@@ -38,6 +38,8 @@ public class OAuth2AuthenticationDetails implements Serializable {
 	private final String tokenValue;
 
 	private final String display;
+
+	private Object decodedDetails;
 
 	/**
 	 * Records the access token value and remote address and will also set the session Id if a session already exists
@@ -97,6 +99,26 @@ public String getSessionId() {
 		return sessionId;
 	}
 
+	/**
+	 * The authentication details obtained by decoding the access token
+	 * if available.
+	 * 
+	 * @return the decodedDetails if available (default null)
+	 */
+	public Object getDecodedDetails() {
+		return decodedDetails;
+	}
+
+	/**
+	 * The authentication details obtained by decoding the access token
+	 * if available.
+	 * 
+	 * @param decodedDetails the decodedDetails to set
+	 */
+	public void setDecodedDetails(Object decodedDetails) {
+		this.decodedDetails = decodedDetails;
+	}
+
 	@Override
 	public String toString() {
 		return display;

diff --git a/.../springframework/security/oauth2/provider/authentication/OAuth2AuthenticationManager.java b/.../springframework/security/oauth2/provider/authentication/OAuth2AuthenticationManager.java
@@ -89,6 +89,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 
 		checkClientDetails(auth);
 
+		if (authentication.getDetails() instanceof OAuth2AuthenticationDetails) {
+			OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails();
+			// Preserve the authentication details if any from the one loaded by token services
+			details.setDecodedDetails(auth.getDetails());
+		}
 		auth.setDetails(authentication.getDetails());
 		auth.setAuthenticated(true);
 		return auth;

diff --git a/...ngframework/security/oauth2/provider/authentication/OAuth2AuthenticationManagerTests.java b/...ngframework/security/oauth2/provider/authentication/OAuth2AuthenticationManagerTests.java
@@ -11,13 +11,13 @@
  * specific language governing permissions and limitations under the License.
  */
 
-
 package org.springframework.security.oauth2.provider.authentication;
 
 import static org.junit.Assert.assertEquals;
 
 import org.junit.Test;
 import org.mockito.Mockito;
+import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
@@ -32,13 +32,14 @@
 public class OAuth2AuthenticationManagerTests {
 
 	private OAuth2AuthenticationManager manager = new OAuth2AuthenticationManager();
-	
+
 	private ResourceServerTokenServices tokenServices = Mockito.mock(ResourceServerTokenServices.class);
 
 	private Authentication userAuthentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
 
-	private OAuth2Authentication authentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("foo", false), userAuthentication);
-
+	private OAuth2Authentication authentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request(
+			"foo", false), userAuthentication);
+
 	{
 		manager.setTokenServices(tokenServices);
 	}
@@ -53,4 +54,19 @@ public void testDetailsAdded() throws Exception {
 		assertEquals("BAR", result.getDetails());
 	}
 
+	@Test
+	public void testDetailsEnhanced() throws Exception {
+		authentication.setDetails("DETAILS");
+		Mockito.when(tokenServices.loadAuthentication("FOO")).thenReturn(authentication);
+		PreAuthenticatedAuthenticationToken request = new PreAuthenticatedAuthenticationToken("FOO", "");
+		MockHttpServletRequest servletRequest = new MockHttpServletRequest();
+		servletRequest.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, "BAR");
+		OAuth2AuthenticationDetails details = new OAuth2AuthenticationDetails(servletRequest);
+		request.setDetails(details);
+		Authentication result = manager.authenticate(request);
+		assertEquals(authentication, result);
+		assertEquals("BAR", ((OAuth2AuthenticationDetails) result.getDetails()).getTokenValue());
+		assertEquals("DETAILS", ((OAuth2AuthenticationDetails) result.getDetails()).getDecodedDetails());
+	}
+
 }