spring-projects · baezzys · Jul 17, 2024
diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java
@@ -4108,7 +4108,7 @@ public final class OAuth2LoginSpec {
 
 		private ServerOAuth2AuthorizedClientRepository authorizedClientRepository;
 
-		private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
+		private ServerAuthorizationRequestRepository authorizationRequestRepository;
 
 		private ReactiveAuthenticationManager authenticationManager;
 
@@ -4314,7 +4314,7 @@ public OAuth2LoginSpec authorizedClientRepository(
 		 * @since 5.2
 		 */
 		public OAuth2LoginSpec authorizationRequestRepository(
-				ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
+				ServerAuthorizationRequestRepository authorizationRequestRepository) {
 			this.authorizationRequestRepository = authorizationRequestRepository;
 			return this;
 		}
@@ -4380,7 +4380,7 @@ protected void configure(ServerHttpSecurity http) {
 			ReactiveClientRegistrationRepository clientRegistrationRepository = getClientRegistrationRepository();
 			ServerOAuth2AuthorizedClientRepository authorizedClientRepository = getAuthorizedClientRepository();
 			OAuth2AuthorizationRequestRedirectWebFilter oauthRedirectFilter = getRedirectWebFilter();
-			ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = getAuthorizationRequestRepository();
+			ServerAuthorizationRequestRepository authorizationRequestRepository = getAuthorizationRequestRepository();
 			oauthRedirectFilter.setAuthorizationRequestRepository(authorizationRequestRepository);
 			oauthRedirectFilter.setAuthorizationRedirectStrategy(getAuthorizationRedirectStrategy());
 			oauthRedirectFilter.setRequestCache(http.requestCache.requestCache);
@@ -4553,7 +4553,7 @@ private ServerOAuth2AuthorizedClientRepository getAuthorizedClientRepository() {
 			return result;
 		}
 
-		private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> getAuthorizationRequestRepository() {
+		private ServerAuthorizationRequestRepository getAuthorizationRequestRepository() {
 			if (this.authorizationRequestRepository == null) {
 				this.authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
 			}
@@ -4737,7 +4737,7 @@ public final class OAuth2ClientSpec {
 
 		private ReactiveAuthenticationManager authenticationManager;
 
-		private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
+		private ServerAuthorizationRequestRepository authorizationRequestRepository;
 
 		private ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver;
 
@@ -4823,12 +4823,12 @@ public OAuth2ClientSpec authorizedClientRepository(
 		 * @since 5.2
 		 */
 		public OAuth2ClientSpec authorizationRequestRepository(
-				ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
+				ServerAuthorizationRequestRepository authorizationRequestRepository) {
 			this.authorizationRequestRepository = authorizationRequestRepository;
 			return this;
 		}
 
-		private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> getAuthorizationRequestRepository() {
+		private ServerAuthorizationRequestRepository getAuthorizationRequestRepository() {
 			if (this.authorizationRequestRepository == null) {
 				this.authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
 			}

diff --git a/...g/src/main/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDsl.kt b/...g/src/main/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDsl.kt
@@ -46,7 +46,7 @@ class ServerOAuth2ClientDsl {
     var authenticationConverter: ServerAuthenticationConverter? = null
     var clientRegistrationRepository: ReactiveClientRegistrationRepository? = null
     var authorizedClientRepository: ServerOAuth2AuthorizedClientRepository? = null
-    var authorizationRequestRepository: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>? = null
+    var authorizationRequestRepository: ServerAuthorizationRequestRepository? = null
     var authorizationRedirectStrategy: ServerRedirectStrategy? = null
 
     internal fun get(): (ServerHttpSecurity.OAuth2ClientSpec) -> Unit {

diff --git a/...ig/src/main/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDsl.kt b/...ig/src/main/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDsl.kt
@@ -64,7 +64,7 @@ class ServerOAuth2LoginDsl {
     var clientRegistrationRepository: ReactiveClientRegistrationRepository? = null
     var authorizedClientService: ReactiveOAuth2AuthorizedClientService? = null
     var authorizedClientRepository: ServerOAuth2AuthorizedClientRepository? = null
-    var authorizationRequestRepository: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest>? = null
+    var authorizationRequestRepository: ServerAuthorizationRequestRepository? = null
     var authorizationRequestResolver: ServerOAuth2AuthorizationRequestResolver? = null
     var authorizationRedirectStrategy: ServerRedirectStrategy? = null
     var authenticationMatcher: ServerWebExchangeMatcher? = null

diff --git a/...g/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java b/...g/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java
@@ -134,7 +134,7 @@ public void oauth2ClientWhenCustomObjectsThenUsed() {
 		OAuth2ClientCustomConfig config = this.spring.getContext().getBean(OAuth2ClientCustomConfig.class);
 		ServerAuthenticationConverter converter = config.authenticationConverter;
 		ReactiveAuthenticationManager manager = config.manager;
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
+		ServerAuthorizationRequestRepository authorizationRequestRepository = config.authorizationRequestRepository;
 		ServerOAuth2AuthorizationRequestResolver resolver = config.resolver;
 		ServerRequestCache requestCache = config.requestCache;
 		OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request()
@@ -181,7 +181,7 @@ public void oauth2ClientWhenCustomObjectsInLambdaThenUsed() {
 			.getBean(OAuth2ClientInLambdaCustomConfig.class);
 		ServerAuthenticationConverter converter = config.authenticationConverter;
 		ReactiveAuthenticationManager manager = config.manager;
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
+		ServerAuthorizationRequestRepository authorizationRequestRepository = config.authorizationRequestRepository;
 		ServerRequestCache requestCache = config.requestCache;
 		OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request()
 			.redirectUri("/authorize/oauth2/code/registration-id")
@@ -272,7 +272,7 @@ static class OAuth2ClientCustomConfig {
 
 		ServerAuthenticationConverter authenticationConverter = mock(ServerAuthenticationConverter.class);
 
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(
+		ServerAuthorizationRequestRepository authorizationRequestRepository = mock(
 				ServerAuthorizationRequestRepository.class);
 
 		ServerOAuth2AuthorizationRequestResolver resolver = mock(ServerOAuth2AuthorizationRequestResolver.class);
@@ -303,7 +303,7 @@ static class OAuth2ClientInLambdaCustomConfig {
 
 		ServerAuthenticationConverter authenticationConverter = mock(ServerAuthenticationConverter.class);
 
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(
+		ServerAuthorizationRequestRepository authorizationRequestRepository = mock(
 				ServerAuthorizationRequestRepository.class);
 
 		ServerRequestCache requestCache = mock(ServerRequestCache.class);

diff --git a/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java b/config/src/test/java/org/springframework/security/config/web/server/OAuth2LoginTests.java
@@ -265,7 +265,7 @@ public void oauth2AuthorizeWhenCustomObjectsThenUsed() {
 		OAuth2AuthorizeWithMockObjectsConfig config = this.spring.getContext()
 			.getBean(OAuth2AuthorizeWithMockObjectsConfig.class);
 		ServerOAuth2AuthorizedClientRepository authorizedClientRepository = config.authorizedClientRepository;
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = config.authorizationRequestRepository;
+		ServerAuthorizationRequestRepository authorizationRequestRepository = config.authorizationRequestRepository;
 		ServerRequestCache requestCache = config.requestCache;
 		given(authorizedClientRepository.loadAuthorizedClient(any(), any(), any())).willReturn(Mono.empty());
 		given(authorizationRequestRepository.saveAuthorizationRequest(any(), any())).willReturn(Mono.empty());
@@ -670,7 +670,7 @@ static class OAuth2AuthorizeWithMockObjectsConfig {
 		ServerOAuth2AuthorizedClientRepository authorizedClientRepository = mock(
 				ServerOAuth2AuthorizedClientRepository.class);
 
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(
+		ServerAuthorizationRequestRepository authorizationRequestRepository = mock(
 				ServerAuthorizationRequestRepository.class);
 
 		ServerRequestCache requestCache = mock(ServerRequestCache.class);

diff --git a/...src/test/java/org/springframework/security/config/web/server/ServerHttpSecurityTests.java b/...src/test/java/org/springframework/security/config/web/server/ServerHttpSecurityTests.java
@@ -625,7 +625,7 @@ public void shouldConfigureRequestCacheForOAuth2LoginAuthenticationEntryPointAnd
 
 	@Test
 	public void shouldConfigureAuthorizationRequestRepositoryForOAuth2Login() {
-		ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = mock(
+		ServerAuthorizationRequestRepository authorizationRequestRepository = mock(
 				ServerAuthorizationRequestRepository.class);
 		ReactiveClientRegistrationRepository clientRegistrationRepository = mock(
 				ReactiveClientRegistrationRepository.class);

diff --git a/.../test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt b/.../test/kotlin/org/springframework/security/config/web/server/ServerOAuth2ClientDslTests.kt
@@ -121,7 +121,7 @@ class ServerOAuth2ClientDslTests {
     open class AuthorizationRequestRepositoryConfig {
 
         companion object {
-            val AUTHORIZATION_REQUEST_REPOSITORY : ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> = WebSessionOAuth2ServerAuthorizationRequestRepository()
+            val AUTHORIZATION_REQUEST_REPOSITORY : ServerAuthorizationRequestRepository = WebSessionOAuth2ServerAuthorizationRequestRepository()
         }
 
         @Bean
@@ -203,7 +203,7 @@ class ServerOAuth2ClientDslTests {
     open class AuthenticationConverterConfig {
 
         companion object {
-            val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> = WebSessionOAuth2ServerAuthorizationRequestRepository()
+            val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository = WebSessionOAuth2ServerAuthorizationRequestRepository()
             val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter =
 				ServerBearerTokenAuthenticationConverter()
         }
@@ -257,7 +257,7 @@ class ServerOAuth2ClientDslTests {
     open class AuthenticationManagerConfig {
 
         companion object {
-            val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> = WebSessionOAuth2ServerAuthorizationRequestRepository()
+            val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository = WebSessionOAuth2ServerAuthorizationRequestRepository()
             val AUTHENTICATION_CONVERTER: ServerAuthenticationConverter =
 				ServerBearerTokenAuthenticationConverter()
             val AUTHENTICATION_MANAGER: ReactiveAuthenticationManager = NoopReactiveAuthenticationManager()

diff --git a/...c/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt b/...c/test/kotlin/org/springframework/security/config/web/server/ServerOAuth2LoginDslTests.kt
@@ -133,7 +133,7 @@ class ServerOAuth2LoginDslTests {
     open class AuthorizationRequestRepositoryConfig {
 
         companion object {
-            val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> = WebSessionOAuth2ServerAuthorizationRequestRepository()
+            val AUTHORIZATION_REQUEST_REPOSITORY: ServerAuthorizationRequestRepository = WebSessionOAuth2ServerAuthorizationRequestRepository()
         }
 
         @Bean

diff --git a/...ingframework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilter.java b/...ingframework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilter.java
@@ -107,7 +107,7 @@ public class OAuth2AuthorizationCodeGrantWebFilter implements WebFilter {
 
 	private final ServerOAuth2AuthorizedClientRepository authorizedClientRepository;
 
-	private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
+	private ServerAuthorizationRequestRepository authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
 
 	private ServerAuthenticationSuccessHandler authenticationSuccessHandler;
 
@@ -168,7 +168,7 @@ public OAuth2AuthorizationCodeGrantWebFilter(ReactiveAuthenticationManager authe
 	 * @since 5.2
 	 */
 	public final void setAuthorizationRequestRepository(
-			ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
+			ServerAuthorizationRequestRepository authorizationRequestRepository) {
 		Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
 		this.authorizationRequestRepository = authorizationRequestRepository;
 		updateDefaultAuthenticationConverter();

diff --git a/...mework/security/oauth2/client/web/server/OAuth2AuthorizationRequestRedirectWebFilter.java b/...mework/security/oauth2/client/web/server/OAuth2AuthorizationRequestRedirectWebFilter.java
@@ -73,7 +73,7 @@ public class OAuth2AuthorizationRequestRedirectWebFilter implements WebFilter {
 
 	private final ServerOAuth2AuthorizationRequestResolver authorizationRequestResolver;
 
-	private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
+	private ServerAuthorizationRequestRepository authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
 
 	private ServerRequestCache requestCache = new WebSessionServerRequestCache();
 
@@ -114,7 +114,7 @@ public void setAuthorizationRedirectStrategy(ServerRedirectStrategy authorizatio
 	 * {@link OAuth2AuthorizationRequest}'s
 	 */
 	public final void setAuthorizationRequestRepository(
-			ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
+			ServerAuthorizationRequestRepository authorizationRequestRepository) {
 		Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
 		this.authorizationRequestRepository = authorizationRequestRepository;
 	}

diff --git a/...ringframework/security/oauth2/client/web/server/ServerAuthorizationRequestRepository.java b/...ringframework/security/oauth2/client/web/server/ServerAuthorizationRequestRepository.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -34,29 +34,29 @@
  * used by the {@link OAuth2LoginAuthenticationFilter} for resolving the associated
  * Authorization Request when handling the callback of the Authorization Response.
  *
- * @param <T> The type of OAuth 2.0 Authorization Request
  * @author Rob Winch
+ * @author Jinwoo Bae
  * @since 5.1
  * @see OAuth2AuthorizationRequest
  * @see HttpSessionOAuth2AuthorizationRequestRepository
  */
-public interface ServerAuthorizationRequestRepository<T extends OAuth2AuthorizationRequest> {
+public interface ServerAuthorizationRequestRepository {
 
 	/**
 	 * Returns the {@link OAuth2AuthorizationRequest} associated to the provided
 	 * {@code HttpServletRequest} or {@code null} if not available.
 	 * @param exchange the {@code ServerWebExchange}
 	 * @return the {@link OAuth2AuthorizationRequest} or {@code null} if not available
 	 */
-	Mono<T> loadAuthorizationRequest(ServerWebExchange exchange);
+	Mono<OAuth2AuthorizationRequest> loadAuthorizationRequest(ServerWebExchange exchange);
 
 	/**
 	 * Persists the {@link OAuth2AuthorizationRequest} associating it to the provided
 	 * {@code HttpServletRequest} and/or {@code HttpServletResponse}.
 	 * @param authorizationRequest the {@link OAuth2AuthorizationRequest}
 	 * @param exchange the {@code ServerWebExchange}
 	 */
-	Mono<Void> saveAuthorizationRequest(T authorizationRequest, ServerWebExchange exchange);
+	Mono<Void> saveAuthorizationRequest(OAuth2AuthorizationRequest authorizationRequest, ServerWebExchange exchange);
 
 	/**
 	 * Removes and returns the {@link OAuth2AuthorizationRequest} associated to the
@@ -65,6 +65,6 @@ public interface ServerAuthorizationRequestRepository<T extends OAuth2Authorizat
 	 * @return the removed {@link OAuth2AuthorizationRequest} or {@code null} if not
 	 * available
 	 */
-	Mono<T> removeAuthorizationRequest(ServerWebExchange exchange);
+	Mono<OAuth2AuthorizationRequest> removeAuthorizationRequest(ServerWebExchange exchange);
 
 }
diff --git a/...y/oauth2/client/web/server/ServerOAuth2AuthorizationCodeAuthenticationTokenConverter.java b/...y/oauth2/client/web/server/ServerOAuth2AuthorizationCodeAuthenticationTokenConverter.java
@@ -47,7 +47,7 @@ public class ServerOAuth2AuthorizationCodeAuthenticationTokenConverter implement
 
 	static final String CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE = "client_registration_not_found";
 
-	private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
+	private ServerAuthorizationRequestRepository authorizationRequestRepository = new WebSessionOAuth2ServerAuthorizationRequestRepository();
 
 	private final ReactiveClientRegistrationRepository clientRegistrationRepository;
 
@@ -62,8 +62,7 @@ public ServerOAuth2AuthorizationCodeAuthenticationTokenConverter(
 	 * {@link WebSessionOAuth2ServerAuthorizationRequestRepository}.
 	 * @param authorizationRequestRepository the repository to use.
 	 */
-	public void setAuthorizationRequestRepository(
-			ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
+	public void setAuthorizationRequestRepository(ServerAuthorizationRequestRepository authorizationRequestRepository) {
 		Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
 		this.authorizationRequestRepository = authorizationRequestRepository;
 	}

diff --git a/...curity/oauth2/client/web/server/WebSessionOAuth2ServerAuthorizationRequestRepository.java b/...curity/oauth2/client/web/server/WebSessionOAuth2ServerAuthorizationRequestRepository.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2022 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -34,12 +34,13 @@
  *
  * @author Rob Winch
  * @author Steve Riesenberg
+ * @author Jinwoo Bae
  * @since 5.1
  * @see AuthorizationRequestRepository
  * @see OAuth2AuthorizationRequest
  */
 public final class WebSessionOAuth2ServerAuthorizationRequestRepository
-		implements ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> {
+		implements ServerAuthorizationRequestRepository {
 
 	private static final String DEFAULT_AUTHORIZATION_REQUEST_ATTR_NAME = WebSessionOAuth2ServerAuthorizationRequestRepository.class
 		.getName() + ".AUTHORIZATION_REQUEST";

diff --git a/...amework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilterTests.java b/...amework/security/oauth2/client/web/server/OAuth2AuthorizationCodeGrantWebFilterTests.java
@@ -78,7 +78,7 @@ public class OAuth2AuthorizationCodeGrantWebFilterTests {
 	private ServerOAuth2AuthorizedClientRepository authorizedClientRepository;
 
 	@Mock
-	private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
+	private ServerAuthorizationRequestRepository authorizationRequestRepository;
 
 	@BeforeEach
 	public void setup() {

diff --git a/...k/security/oauth2/client/web/server/OAuth2AuthorizationRequestRedirectWebFilterTests.java b/...k/security/oauth2/client/web/server/OAuth2AuthorizationRequestRedirectWebFilterTests.java
@@ -37,7 +37,6 @@
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
-import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.web.server.ServerRedirectStrategy;
 import org.springframework.security.web.server.savedrequest.ServerRequestCache;
 import org.springframework.test.web.reactive.server.FluxExchangeResult;
@@ -62,7 +61,7 @@ public class OAuth2AuthorizationRequestRedirectWebFilterTests {
 	private ReactiveClientRegistrationRepository clientRepository;
 
 	@Mock
-	private ServerAuthorizationRequestRepository<OAuth2AuthorizationRequest> authzRequestRepository;
+	private ServerAuthorizationRequestRepository authzRequestRepository;
 
 	@Mock
 	private ServerRequestCache requestCache;