1717package org .springframework .security .oauth2 .server .resource .introspection ;
1818
1919import java .io .Serial ;
20- import java .net .URI ;
2120import java .net .URLEncoder ;
2221import java .nio .charset .StandardCharsets ;
2322import java .time .Instant ;
3534
3635import org .springframework .core .ParameterizedTypeReference ;
3736import org .springframework .core .convert .converter .Converter ;
38- import org .springframework .http .HttpHeaders ;
39- import org .springframework .http .HttpMethod ;
4037import org .springframework .http .HttpStatus ;
4138import org .springframework .http .MediaType ;
42- import org .springframework .http .RequestEntity ;
4339import org .springframework .http .ResponseEntity ;
4440import org .springframework .security .core .GrantedAuthority ;
4541import org .springframework .security .core .authority .SimpleGrantedAuthority ;
@@ -71,7 +67,7 @@ public final class RestClientOpaqueTokenIntrospector implements OpaqueTokenIntro
7167
7268 private final RestClient restClient ;
7369
74- private Converter < String , RequestEntity <?>> requestEntityConverter ;
70+ private final String introspectionUri ;
7571
7672 private Converter <OAuth2TokenIntrospectionClaimAccessor , ? extends OAuth2AuthenticatedPrincipal > authenticationConverter = this ::defaultAuthenticationConverter ;
7773
@@ -85,24 +81,10 @@ public final class RestClientOpaqueTokenIntrospector implements OpaqueTokenIntro
8581 public RestClientOpaqueTokenIntrospector (String introspectionUri , RestClient restClient ) {
8682 Assert .notNull (introspectionUri , "introspectionUri cannot be null" );
8783 Assert .notNull (restClient , "restClient cannot be null" );
88- this .requestEntityConverter = this . defaultRequestEntityConverter ( URI . create ( introspectionUri )) ;
84+ this .introspectionUri = introspectionUri ;
8985 this .restClient = restClient ;
9086 }
9187
92- private Converter <String , RequestEntity <?>> defaultRequestEntityConverter (URI introspectionUri ) {
93- return (token ) -> {
94- HttpHeaders headers = requestHeaders ();
95- MultiValueMap <String , String > body = requestBody (token );
96- return new RequestEntity <>(body , headers , HttpMethod .POST , introspectionUri );
97- };
98- }
99-
100- private HttpHeaders requestHeaders () {
101- HttpHeaders headers = new HttpHeaders ();
102- headers .setAccept (Collections .singletonList (MediaType .APPLICATION_JSON ));
103- return headers ;
104- }
105-
10688 private MultiValueMap <String , String > requestBody (String token ) {
10789 MultiValueMap <String , String > body = new LinkedMultiValueMap <>();
10890 body .add ("token" , token );
@@ -111,33 +93,19 @@ private MultiValueMap<String, String> requestBody(String token) {
11193
11294 @ Override
11395 public OAuth2AuthenticatedPrincipal introspect (String token ) {
114- RequestEntity <?> requestEntity = this .requestEntityConverter .convert (token );
115- if (requestEntity == null ) {
116- throw new OAuth2IntrospectionException ("requestEntityConverter returned a null entity" );
117- }
118- ResponseEntity <Map <String , Object >> responseEntity = makeRequest (requestEntity );
96+ ResponseEntity <Map <String , Object >> responseEntity = makeRequest (token );
11997 Map <String , Object > claims = adaptToNimbusResponse (responseEntity );
12098 OAuth2TokenIntrospectionClaimAccessor accessor = convertClaimsSet (claims );
12199 return this .authenticationConverter .convert (accessor );
122100 }
123101
124- /**
125- * Sets the {@link Converter} used for converting the OAuth 2.0 access token to a
126- * {@link RequestEntity} representation of the OAuth 2.0 token introspection request.
127- * @param requestEntityConverter the {@link Converter} used for converting to a
128- * {@link RequestEntity} representation of the token introspection request
129- */
130- public void setRequestEntityConverter (Converter <String , RequestEntity <?>> requestEntityConverter ) {
131- Assert .notNull (requestEntityConverter , "requestEntityConverter cannot be null" );
132- this .requestEntityConverter = requestEntityConverter ;
133- }
134-
135- private ResponseEntity <Map <String , Object >> makeRequest (RequestEntity <?> requestEntity ) {
102+ private ResponseEntity <Map <String , Object >> makeRequest (String token ) {
136103 try {
137- RestClient .RequestBodySpec spec = this .restClient .method (requestEntity .getMethod ())
138- .uri (requestEntity .getUrl ())
139- .headers ((headers ) -> headers .addAll (requestEntity .getHeaders ()));
140- return spec .body (requestEntity .getBody ()).retrieve ().toEntity (STRING_OBJECT_MAP );
104+ RestClient .RequestBodySpec spec = this .restClient .post ()
105+ .uri (this .introspectionUri )
106+ .headers ((h ) -> h .setAccept (List .of (MediaType .APPLICATION_JSON )))
107+ .body (requestBody (token ));
108+ return spec .retrieve ().toEntity (STRING_OBJECT_MAP );
141109 }
142110 catch (Exception ex ) {
143111 throw new OAuth2IntrospectionException (ex .getMessage (), ex );
0 commit comments