Skip to content

Commit

Permalink
Pick Up OidcSessionRegistry Bean
Browse files Browse the repository at this point in the history
Closes gh-15813
  • Loading branch information
jzheaux committed Sep 16, 2024
1 parent 590aef0 commit b311b81
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 24 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -116,10 +116,17 @@ private static <B extends HttpSecurityBuilder<B>> OAuth2AuthorizedClientService

static <B extends HttpSecurityBuilder<B>> OidcSessionRegistry getOidcSessionRegistry(B builder) {
OidcSessionRegistry sessionRegistry = builder.getSharedObject(OidcSessionRegistry.class);
if (sessionRegistry == null) {
if (sessionRegistry != null) {
return sessionRegistry;
}
ApplicationContext context = builder.getSharedObject(ApplicationContext.class);
if (context.getBeanNamesForType(OidcSessionRegistry.class).length == 1) {
sessionRegistry = context.getBean(OidcSessionRegistry.class);
}
else {
sessionRegistry = new InMemoryOidcSessionRegistry();
builder.setSharedObject(OidcSessionRegistry.class, sessionRegistry);
}
builder.setSharedObject(OidcSessionRegistry.class, sessionRegistry);
return sessionRegistry;
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5496,7 +5496,7 @@ private ReactiveClientRegistrationRepository getClientRegistrationRepository() {

private ReactiveOidcSessionRegistry getSessionRegistry() {
if (this.sessionRegistry == null && ServerHttpSecurity.this.oauth2Login == null) {
return new InMemoryReactiveOidcSessionRegistry();
return getBeanOrDefault(ReactiveOidcSessionRegistry.class, new InMemoryReactiveOidcSessionRegistry());
}
if (this.sessionRegistry == null) {
return ServerHttpSecurity.this.oauth2Login.oidcSessionRegistry;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -396,15 +396,13 @@ SecurityFilterChain filters(HttpSecurity http) throws Exception {
@Import(RegistrationConfig.class)
static class SelfLogoutUriConfig {

private final OidcSessionRegistry sessionRegistry = new InMemoryOidcSessionRegistry();

@Bean
@Order(1)
SecurityFilterChain filters(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
.oauth2Login((oauth2) -> oauth2.oidcSessionRegistry(this.sessionRegistry))
.oauth2Login(Customizer.withDefaults())
.oidcLogout((oidc) -> oidc
.backChannel(Customizer.withDefaults())
);
Expand All @@ -413,11 +411,6 @@ SecurityFilterChain filters(HttpSecurity http) throws Exception {
return http.build();
}

@Bean
OidcBackChannelLogoutHandler oidcLogoutHandler() {
return new OidcBackChannelLogoutHandler(this.sessionRegistry);
}

}

@Configuration
Expand All @@ -427,15 +420,13 @@ static class CookieConfig {

private final MockWebServer server = new MockWebServer();

private final OidcSessionRegistry sessionRegistry = new InMemoryOidcSessionRegistry();

@Bean
@Order(1)
SecurityFilterChain filters(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
.oauth2Login((oauth2) -> oauth2.oidcSessionRegistry(this.sessionRegistry))
.oauth2Login(Customizer.withDefaults())
.oidcLogout((oidc) -> oidc
.backChannel(Customizer.withDefaults())
);
Expand All @@ -445,8 +436,13 @@ SecurityFilterChain filters(HttpSecurity http) throws Exception {
}

@Bean
OidcBackChannelLogoutHandler oidcLogoutHandler() {
OidcBackChannelLogoutHandler logoutHandler = new OidcBackChannelLogoutHandler(this.sessionRegistry);
OidcSessionRegistry sessionRegistry() {
return new InMemoryOidcSessionRegistry();
}

@Bean
OidcBackChannelLogoutHandler oidcLogoutHandler(OidcSessionRegistry sessionRegistry) {
OidcBackChannelLogoutHandler logoutHandler = new OidcBackChannelLogoutHandler(sessionRegistry);
logoutHandler.setSessionCookieName("SESSION");
return logoutHandler;
}
Expand Down Expand Up @@ -485,7 +481,7 @@ SecurityFilterChain filters(HttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeHttpRequests((authorize) -> authorize.anyRequest().authenticated())
.oauth2Login((oauth2) -> oauth2.oidcSessionRegistry(this.sessionRegistry))
.oauth2Login(Customizer.withDefaults())
.oidcLogout((oidc) -> oidc.backChannel(Customizer.withDefaults()));
// @formatter:on

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -519,8 +519,6 @@ SecurityWebFilterChain filters(ServerHttpSecurity http) throws Exception {
@Import(RegistrationConfig.class)
static class CookieConfig {

private final ReactiveOidcSessionRegistry sessionRegistry = new InMemoryReactiveOidcSessionRegistry();

private final MockWebServer server = new MockWebServer();

@Bean
Expand All @@ -529,7 +527,7 @@ SecurityWebFilterChain filters(ServerHttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeExchange((authorize) -> authorize.anyExchange().authenticated())
.oauth2Login((oauth2) -> oauth2.oidcSessionRegistry(this.sessionRegistry))
.oauth2Login(Customizer.withDefaults())
.oidcLogout((oidc) -> oidc
.backChannel(Customizer.withDefaults())
);
Expand All @@ -539,9 +537,13 @@ SecurityWebFilterChain filters(ServerHttpSecurity http) throws Exception {
}

@Bean
OidcBackChannelServerLogoutHandler oidcLogoutHandler() {
OidcBackChannelServerLogoutHandler logoutHandler = new OidcBackChannelServerLogoutHandler(
this.sessionRegistry);
ReactiveOidcSessionRegistry oidcSessionRegistry() {
return new InMemoryReactiveOidcSessionRegistry();
}

@Bean
OidcBackChannelServerLogoutHandler oidcLogoutHandler(ReactiveOidcSessionRegistry sessionRegistry) {
OidcBackChannelServerLogoutHandler logoutHandler = new OidcBackChannelServerLogoutHandler(sessionRegistry);
logoutHandler.setSessionCookieName("JSESSIONID");
return logoutHandler;
}
Expand Down Expand Up @@ -580,7 +582,7 @@ SecurityWebFilterChain filters(ServerHttpSecurity http) throws Exception {
// @formatter:off
http
.authorizeExchange((authorize) -> authorize.anyExchange().authenticated())
.oauth2Login((oauth2) -> oauth2.oidcSessionRegistry(this.sessionRegistry))
.oauth2Login(Customizer.withDefaults())
.oidcLogout((oidc) -> oidc.backChannel(Customizer.withDefaults()));
// @formatter:on

Expand Down

0 comments on commit b311b81

Please sign in to comment.