Polish "Add properties to support device grant"

wilkinsona · wilkinsona · commit 4eb755870701 · 2023-04-18T19:34:13.000+01:00
See gh-34957
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerProperties.java
@@ -459,7 +459,7 @@ public static class Token {
 		/**
 		 * Time-to-live for a device code.
 		 */
-		private Duration deviceCodeTimeToLive;
+		private Duration deviceCodeTimeToLive = Duration.ofMinutes(5);
 
 		/**
 		 * Whether refresh tokens are reused or a new refresh token is issued when
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerPropertiesMapperTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerPropertiesMapperTests.java
@@ -66,6 +66,7 @@ void getRegisteredClientsWhenValidParametersShouldAdapt() {
 		assertThat(registeredClient.getTokenSettings().getAccessTokenFormat()).isEqualTo(OAuth2TokenFormat.REFERENCE);
 		assertThat(registeredClient.getTokenSettings().getAccessTokenTimeToLive()).isEqualTo(Duration.ofSeconds(300));
 		assertThat(registeredClient.getTokenSettings().getRefreshTokenTimeToLive()).isEqualTo(Duration.ofHours(24));
+		assertThat(registeredClient.getTokenSettings().getDeviceCodeTimeToLive()).isEqualTo(Duration.ofMinutes(30));
 		assertThat(registeredClient.getTokenSettings().isReuseRefreshTokens()).isEqualTo(true);
 		assertThat(registeredClient.getTokenSettings().getIdTokenSignatureAlgorithm())
 			.isEqualTo(SignatureAlgorithm.RS512);
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerPropertiesTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerPropertiesTests.java
@@ -18,6 +18,9 @@
 
 import org.junit.jupiter.api.Test;
 
+import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
+
+import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
 
 /**
@@ -69,4 +72,10 @@ void authorizationGrantTypesEmptyThrowsException() {
 			.withMessage("Authorization grant types must not be empty.");
 	}
 
+	@Test
+	void defaultDeviceCodeTimeToLiveMatchesBuilderDefault() {
+		assertThat(new OAuth2AuthorizationServerProperties.Client().getToken().getDeviceCodeTimeToLive())
+			.isEqualTo(TokenSettings.builder().build().getDeviceCodeTimeToLive());
+	}
+
 }
