fix: support deprecated config micronaut.security.oauth2.clients.*.to…

…ken.auth-method (#1818) support deprecated config `micronaut.security.oauth2.clients.*.token.auth-method` and new `micronaut.security.oauth2.clients.*.token.authentication-method` options. Close: #1808
micronaut-projects · Oct 2, 2024 · 7dc7710 · 7dc7710
1 parent 51bdcbc
commit 7dc7710
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 1 deletion.
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
@@ -3,7 +3,7 @@ managed-nimbus-jose-jwt = "9.40"
 managed-jjwt = "0.12.6"
 
 micronaut = "4.6.5"
-micronaut-platform = "4.5.1"
+micronaut-platform = "4.6.2"
 micronaut-docs = "2.0.0"
 
 geb = "7.0"

diff --git a/...micronaut/security/oauth2/configuration/endpoints/DefaultSecureEndpointConfiguration.java b/...micronaut/security/oauth2/configuration/endpoints/DefaultSecureEndpointConfiguration.java
@@ -53,6 +53,7 @@ public Optional<AuthenticationMethod> getAuthMethod() {
     @Deprecated(forRemoval = true)
     public void setAuthMethod(@NonNull AuthenticationMethod authMethod) {
         this.authMethod = authMethod;
+        this.authenticationMethod = authMethod.toString();
     }
 
     @Override
@@ -65,6 +66,11 @@ public Optional<String> getAuthenticationMethod() {
      * @param authenticationMethod Authentication Method
      */
     public void setAuthenticationMethod(String authenticationMethod) {
+        try {
+            this.authMethod = AuthenticationMethod.valueOf(authenticationMethod.toUpperCase());
+        } catch (IllegalArgumentException e) {
+            // don't crash for non-existing enum options
+        }
         this.authenticationMethod = authenticationMethod;
     }
 }
diff --git a/...rc/test/java/io/micronaut/security/oauth2/configuration/OauthClientConfigurationTest.java b/...rc/test/java/io/micronaut/security/oauth2/configuration/OauthClientConfigurationTest.java
@@ -0,0 +1,55 @@
+package io.micronaut.security.oauth2.configuration;
+
+import io.micronaut.context.annotation.Property;
+import io.micronaut.security.oauth2.configuration.endpoints.SecureEndpointConfiguration;
+import io.micronaut.security.oauth2.endpoint.AuthenticationMethod;
+import io.micronaut.test.extensions.junit5.annotation.MicronautTest;
+import jakarta.inject.Inject;
+import jakarta.inject.Named;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+@Property(name = "micronaut.security.oauth2.clients.stravaold.scopes", value = "read")
+@Property(name = "micronaut.security.oauth2.clients.stravaold.authorization.url", value = "https://www.strava.com/oauth/authorize")
+@Property(name = "micronaut.security.oauth2.clients.stravaold.token.url", value = "https://www.strava.com/oauth/token")
+@Property(name = "micronaut.security.oauth2.clients.stravaold.token.auth-method", value = "client_secret_post")
+@Property(name = "micronaut.security.oauth2.clients.stravaold.client-id", value = "xxx")
+@Property(name = "micronaut.security.oauth2.clients.stravaold.client-secret", value = "yyy")
+@Property(name = "micronaut.security.oauth2.clients.stravanew.scopes", value = "read")
+@Property(name = "micronaut.security.oauth2.clients.stravanew.authorization.url", value = "https://www.strava.com/oauth/authorize")
+@Property(name = "micronaut.security.oauth2.clients.stravanew.token.url", value = "https://www.strava.com/oauth/token")
+@Property(name = "micronaut.security.oauth2.clients.stravanew.token.authentication-method", value = "client_secret_post")
+@Property(name = "micronaut.security.oauth2.clients.stravanew.client-id", value = "xxx")
+@Property(name = "micronaut.security.oauth2.clients.stravanew.client-secret", value = "yyy")
+@MicronautTest(startApplication = false)
+class OauthClientConfigurationTest {
+
+    @Inject
+    @Named("stravaold")
+    OauthClientConfiguration stravaOldConfiguration;
+
+    @Inject
+    @Named("stravanew")
+    OauthClientConfiguration stravaNewConfiguration;
+
+
+    @Test
+    void deprecatedAuthMethodConfigurationIsStillSupported() {
+        assertTrue(stravaOldConfiguration.getToken().isPresent());
+        SecureEndpointConfiguration tokenEndpoint = stravaOldConfiguration.getToken().get();
+        assertTrue(tokenEndpoint.getAuthenticationMethod().isPresent());
+        assertEquals("client_secret_post", tokenEndpoint.getAuthenticationMethod().get());
+        assertTrue(tokenEndpoint.getAuthMethod().isPresent());
+        assertEquals(AuthenticationMethod.CLIENT_SECRET_POST, tokenEndpoint.getAuthMethod().get());
+
+        assertTrue(stravaNewConfiguration.getToken().isPresent());
+        SecureEndpointConfiguration tokenNewEndpoint = stravaNewConfiguration.getToken().get();
+        assertTrue(tokenNewEndpoint.getAuthenticationMethod().isPresent());
+        assertEquals("client_secret_post", tokenNewEndpoint.getAuthenticationMethod().get());
+        assertTrue(tokenNewEndpoint.getAuthMethod().isPresent());
+        assertEquals(AuthenticationMethod.CLIENT_SECRET_POST, tokenNewEndpoint.getAuthMethod().get());
+
+    }
+
+}