ch4mpy · ch4mpy · Aug 16, 2023 · Aug 15, 2023
diff --git a/...m/c4_soft/springaddons/security/oidc/starter/reactive/client/ReactiveSpringAddonsAop.java b/...m/c4_soft/springaddons/security/oidc/starter/reactive/client/ReactiveSpringAddonsAop.java
@@ -60,38 +60,43 @@ public void logout() {
 		public void afterSaveAuthorizedClient(JoinPoint jp) {
 			var authorizedClient = (OAuth2AuthorizedClient) jp.getArgs()[0];
 			var exchange = (ServerWebExchange) jp.getArgs()[2];
-			exchange.getSession().subscribe(session -> {
-				final var registrationId = authorizedClient.getClientRegistration().getRegistrationId();
-				final var name = authorizedClient.getPrincipalName();
-				OAuth2PrincipalSupport.add(session, registrationId, name);
-				this.authorizedSessionRepository.map(r -> r.save(new OAuth2AuthorizedClientId(registrationId, name), session.getId())).orElse(Mono.empty());
-			});
+			exchange
+					.getSession()
+					.flatMap(session -> {
+						final var registrationId = authorizedClient.getClientRegistration().getRegistrationId();
+						final var name = authorizedClient.getPrincipalName();
+						OAuth2PrincipalSupport.add(session, registrationId, name);
+						return Mono.justOrEmpty(authorizedSessionRepository)
+								.flatMap(r -> r.save(new OAuth2AuthorizedClientId(registrationId, name), session.getId()));
+					})
+					.subscribe();
 		}
 
 		@Before("removeAuthorizedClient()")
 		public void beforeRemoveAuthorizedClient(JoinPoint jp) {
 			var registrationId = (String) jp.getArgs()[0];
 			var principal = (Authentication) jp.getArgs()[1];
 			var exchange = (ServerWebExchange) jp.getArgs()[2];
-			exchange.getSession().subscribe(session -> {
-				OAuth2PrincipalSupport.add(session, registrationId, principal.getName());
-				this.authorizedSessionRepository.map(r -> r.save(new OAuth2AuthorizedClientId(registrationId, principal.getName()), session.getId()))
-						.orElse(Mono.empty());
-			});
+			exchange
+					.getSession()
+					.flatMap(session -> {
+						OAuth2PrincipalSupport.add(session, registrationId, principal.getName());
+						return Mono.justOrEmpty(authorizedSessionRepository)
+								.flatMap(r -> r.save(new OAuth2AuthorizedClientId(registrationId, principal.getName()), session.getId()));
+					})
+					.subscribe();
 		}
 
 		@Before("logout()")
 		public void beforeServerLogoutHandlerLogout(JoinPoint jp) {
 			var exchange = (WebFilterExchange) jp.getArgs()[0];
 			var authentication = (Authentication) jp.getArgs()[1];
 			if (authentication instanceof OAuth2AuthenticationToken oauth) {
-				exchange.getExchange().getSession().subscribe(session -> {
-					OAuth2PrincipalSupport.getName(session, oauth.getAuthorizedClientRegistrationId()).ifPresent(name -> {
-						authorizedClientRepo
-								.removeAuthorizedClient(oauth.getAuthorizedClientRegistrationId(), new StubAuthentication(name), exchange.getExchange())
-								.subscribe();
-					});
-				});
+				exchange.getExchange()
+						.getSession()
+						.flatMap(session -> Mono.justOrEmpty(OAuth2PrincipalSupport.getName(session, oauth.getAuthorizedClientRegistrationId())))
+						.flatMap(name -> authorizedClientRepo.removeAuthorizedClient(oauth.getAuthorizedClientRegistrationId(), new StubAuthentication(name), exchange.getExchange()))
+						.subscribe();
 			}
 		}
 	}

diff --git a/...ons/security/oidc/starter/reactive/client/ReactiveSpringAddonsBackChannelLogoutBeans.java b/...ons/security/oidc/starter/reactive/client/ReactiveSpringAddonsBackChannelLogoutBeans.java
@@ -55,6 +55,7 @@
 import com.c4_soft.springaddons.security.oidc.starter.reactive.ReactiveSpringAddonsOidcBeans;
 
 import lombok.RequiredArgsConstructor;
+import reactor.core.publisher.Flux;
 import reactor.core.publisher.Mono;
 
 /**
@@ -212,11 +213,11 @@ public void deleteById() {
 
 		@AfterReturning(value = "createSession()", returning = "session")
 		public void afterSessionCreated(Mono<? extends Session> session) {
-			session.doOnSuccess(s -> {
-				listeners.forEach(l -> {
-					l.sessionCreated(s);
-				});
-			});
+			session
+					.flatMap(s -> Flux.fromIterable(listeners)
+							.doOnNext(l -> l.sessionCreated(s))
+							.then(Mono.just(s)))
+					.subscribe();
 		}
 
 		@Before(value = "deleteById()")

diff --git a/...ity/oidc/starter/reactive/resourceserver/ReactiveSpringAddonsOidcResourceServerBeans.java b/...ity/oidc/starter/reactive/resourceserver/ReactiveSpringAddonsOidcResourceServerBeans.java
@@ -222,7 +222,7 @@ ReactiveAuthenticationManagerResolver<ServerWebExchange> authenticationManagerRe
 			Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>> jwtAuthenticationConverter) {
 		final var jwtProps = Optional.ofNullable(auth2ResourceServerProperties).map(OAuth2ResourceServerProperties::getJwt);
 		// @formatter:off
-		Optional.ofNullable(jwtProps.map(OAuth2ResourceServerProperties.Jwt::getIssuerUri)).orElse(jwtProps.map(OAuth2ResourceServerProperties.Jwt::getJwkSetUri))
+		Optional.ofNullable(jwtProps.map(OAuth2ResourceServerProperties.Jwt::getIssuerUri).orElse(jwtProps.map(OAuth2ResourceServerProperties.Jwt::getJwkSetUri).orElse(null)))
 		    .filter(StringUtils::hasLength)
 		    .ifPresent(jwtConf -> {
 				log.warn("spring.security.oauth2.resourceserver configuration will be ignored in favor of com.c4-soft.springaddons.oidc");
@@ -294,4 +294,4 @@ WebFilter csrfCookieWebFilter() {
 			}).then(chain.filter(exchange));
 		};
 	}
-}
+}
diff --git a/...t/springaddons/security/oidc/starter/synchronised/client/AuthorizedSessionRepository.java b/...t/springaddons/security/oidc/starter/synchronised/client/AuthorizedSessionRepository.java
@@ -17,13 +17,13 @@
  */
 public interface AuthorizedSessionRepository extends HttpSessionListener, HttpSessionIdListener {
 
-	public abstract HttpSession save(OAuth2AuthorizedClientId authorizedClientId, HttpSession session);
+	HttpSession save(OAuth2AuthorizedClientId authorizedClientId, HttpSession session);
 
-	public abstract Optional<HttpSession> delete(OAuth2AuthorizedClientId authorizedClientId);
+	Optional<HttpSession> delete(OAuth2AuthorizedClientId authorizedClientId);
 
-	public abstract Optional<HttpSession> findById(OAuth2AuthorizedClientId authorizedClientId);
+	Optional<HttpSession> findById(OAuth2AuthorizedClientId authorizedClientId);
 
-	public abstract Collection<OAuth2AuthorizedClientId> findAuthorizedClientIdsBySessionId(String sessionId);
+	Collection<OAuth2AuthorizedClientId> findAuthorizedClientIdsBySessionId(String sessionId);
 
 	@Override
 	default void sessionIdChanged(HttpSessionEvent event, String oldSessionId) {
@@ -43,8 +43,8 @@ default void sessionDestroyed(HttpSessionEvent se) {
 	// FIXME: remove once https://github.com/spring-projects/spring-security/pull/13648 is merged
 	@Data
 	@AllArgsConstructor
-	public static class OAuth2AuthorizedClientId {
+	class OAuth2AuthorizedClientId {
 		private final String clientRegistrationId;
 		private final String principalName;
 	}
-}
+}