Add tests and update examples in docs

Closes gh-1156

Author: Steve Riesenberg

docs/src/docs/asciidoc/examples/src/main/java/sample/gettingStarted/SecurityConfig.java

@@ -116,6 +116,7 @@ public RegisteredClientRepository registeredClientRepository() {
 				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
 				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
 				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
+				.authorizationGrantType(AuthorizationGrantType.DEVICE_CODE)
 				.redirectUri("http://127.0.0.1:8080/login/oauth2/code/messaging-client-oidc")
 				.redirectUri("http://127.0.0.1:8080/authorized")
 				.scope(OidcScopes.OPENID)

docs/src/docs/asciidoc/examples/src/main/java/sample/jpa/entity/authorization/Authorization.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -70,6 +70,20 @@ public class Authorization {
 	@Column(length = 2000)
 	private String oidcIdTokenClaims;
 
+	@Column(length = 4000)
+	private String userCodeValue;
+	private Instant userCodeIssuedAt;
+	private Instant userCodeExpiresAt;
+	@Column(length = 2000)
+	private String userCodeMetadata;
+
+	@Column(length = 4000)
+	private String deviceCodeValue;
+	private Instant deviceCodeIssuedAt;
+	private Instant deviceCodeExpiresAt;
+	@Column(length = 2000)
+	private String deviceCodeMetadata;
+
 	// @fold:on
 	public String getId() {
 		return id;
@@ -278,5 +292,69 @@ public String getOidcIdTokenClaims() {
 	public void setOidcIdTokenClaims(String idTokenClaims) {
 		this.oidcIdTokenClaims = idTokenClaims;
 	}
+
+	public String getUserCodeValue() {
+		return this.userCodeValue;
+	}
+
+	public void setUserCodeValue(String userCodeValue) {
+		this.userCodeValue = userCodeValue;
+	}
+
+	public Instant getUserCodeIssuedAt() {
+		return this.userCodeIssuedAt;
+	}
+
+	public void setUserCodeIssuedAt(Instant userCodeIssuedAt) {
+		this.userCodeIssuedAt = userCodeIssuedAt;
+	}
+
+	public Instant getUserCodeExpiresAt() {
+		return this.userCodeExpiresAt;
+	}
+
+	public void setUserCodeExpiresAt(Instant userCodeExpiresAt) {
+		this.userCodeExpiresAt = userCodeExpiresAt;
+	}
+
+	public String getUserCodeMetadata() {
+		return this.userCodeMetadata;
+	}
+
+	public void setUserCodeMetadata(String userCodeMetadata) {
+		this.userCodeMetadata = userCodeMetadata;
+	}
+
+	public String getDeviceCodeValue() {
+		return this.deviceCodeValue;
+	}
+
+	public void setDeviceCodeValue(String deviceCodeValue) {
+		this.deviceCodeValue = deviceCodeValue;
+	}
+
+	public Instant getDeviceCodeIssuedAt() {
+		return this.deviceCodeIssuedAt;
+	}
+
+	public void setDeviceCodeIssuedAt(Instant deviceCodeIssuedAt) {
+		this.deviceCodeIssuedAt = deviceCodeIssuedAt;
+	}
+
+	public Instant getDeviceCodeExpiresAt() {
+		return this.deviceCodeExpiresAt;
+	}
+
+	public void setDeviceCodeExpiresAt(Instant deviceCodeExpiresAt) {
+		this.deviceCodeExpiresAt = deviceCodeExpiresAt;
+	}
+
+	public String getDeviceCodeMetadata() {
+		return this.deviceCodeMetadata;
+	}
+
+	public void setDeviceCodeMetadata(String deviceCodeMetadata) {
+		this.deviceCodeMetadata = deviceCodeMetadata;
+	}
 	// @fold:off
 }

docs/src/docs/asciidoc/examples/src/main/java/sample/jpa/repository/authorization/AuthorizationRepository.java

@@ -31,11 +31,15 @@ public interface AuthorizationRepository extends JpaRepository<Authorization, St
 	Optional<Authorization> findByAccessTokenValue(String accessToken);
 	Optional<Authorization> findByRefreshTokenValue(String refreshToken);
 	Optional<Authorization> findByOidcIdTokenValue(String idToken);
+	Optional<Authorization> findByUserCodeValue(String userCode);
+	Optional<Authorization> findByDeviceCodeValue(String deviceCode);
 	@Query("select a from Authorization a where a.state = :token" +
 			" or a.authorizationCodeValue = :token" +
 			" or a.accessTokenValue = :token" +
 			" or a.refreshTokenValue = :token" +
-			" or a.oidcIdTokenValue = :token"
+			" or a.oidcIdTokenValue = :token" +
+			" or a.userCodeValue = :token" +
+			" or a.deviceCodeValue = :token"
 	)
-	Optional<Authorization> findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValueOrOidcIdTokenValue(@Param("token") String token);
+	Optional<Authorization> findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValueOrOidcIdTokenValueOrUserCodeValueOrDeviceCodeValue(@Param("token") String token);
 }

docs/src/docs/asciidoc/examples/src/main/java/sample/jpa/service/authorization/JpaOAuth2AuthorizationService.java

@@ -31,8 +31,10 @@
 import org.springframework.security.jackson2.SecurityJackson2Modules;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.security.oauth2.core.OAuth2DeviceCode;
 import org.springframework.security.oauth2.core.OAuth2RefreshToken;
 import org.springframework.security.oauth2.core.OAuth2Token;
+import org.springframework.security.oauth2.core.OAuth2UserCode;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 import org.springframework.security.oauth2.core.oidc.endpoint.OidcParameterNames;
@@ -89,7 +91,7 @@ public OAuth2Authorization findByToken(String token, OAuth2TokenType tokenType)
 
 		Optional<Authorization> result;
 		if (tokenType == null) {
-			result = this.authorizationRepository.findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValueOrOidcIdTokenValue(token);
+			result = this.authorizationRepository.findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValueOrOidcIdTokenValueOrUserCodeValueOrDeviceCodeValue(token);
 		} else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
 			result = this.authorizationRepository.findByState(token);
 		} else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
@@ -100,6 +102,10 @@ public OAuth2Authorization findByToken(String token, OAuth2TokenType tokenType)
 			result = this.authorizationRepository.findByRefreshTokenValue(token);
 		} else if (OidcParameterNames.ID_TOKEN.equals(tokenType.getValue())) {
 			result = this.authorizationRepository.findByOidcIdTokenValue(token);
+		} else if (OAuth2ParameterNames.USER_CODE.equals(tokenType.getValue())) {
+			result = this.authorizationRepository.findByUserCodeValue(token);
+		} else if (OAuth2ParameterNames.DEVICE_CODE.equals(tokenType.getValue())) {
+			result = this.authorizationRepository.findByDeviceCodeValue(token);
 		} else {
 			result = Optional.empty();
 		}
@@ -159,6 +165,22 @@ private OAuth2Authorization toObject(Authorization entity) {
 			builder.token(idToken, metadata -> metadata.putAll(parseMap(entity.getOidcIdTokenMetadata())));
 		}
 
+		if (entity.getUserCodeValue() != null) {
+			OAuth2UserCode userCode = new OAuth2UserCode(
+					entity.getUserCodeValue(),
+					entity.getUserCodeIssuedAt(),
+					entity.getUserCodeExpiresAt());
+			builder.token(userCode, metadata -> metadata.putAll(parseMap(entity.getUserCodeMetadata())));
+		}
+
+		if (entity.getUserCodeValue() != null) {
+			OAuth2DeviceCode deviceCode = new OAuth2DeviceCode(
+					entity.getDeviceCodeValue(),
+					entity.getDeviceCodeIssuedAt(),
+					entity.getDeviceCodeExpiresAt());
+			builder.token(deviceCode, metadata -> metadata.putAll(parseMap(entity.getDeviceCodeMetadata())));
+		}
+
 		return builder.build();
 	}
 
@@ -218,6 +240,26 @@ private Authorization toEntity(OAuth2Authorization authorization) {
 			entity.setOidcIdTokenClaims(writeMap(oidcIdToken.getClaims()));
 		}
 
+		OAuth2Authorization.Token<OAuth2UserCode> userCode =
+				authorization.getToken(OAuth2UserCode.class);
+		setTokenValues(
+				userCode,
+				entity::setUserCodeValue,
+				entity::setUserCodeIssuedAt,
+				entity::setUserCodeExpiresAt,
+				entity::setUserCodeMetadata
+		);
+
+		OAuth2Authorization.Token<OAuth2DeviceCode> deviceCode =
+				authorization.getToken(OAuth2DeviceCode.class);
+		setTokenValues(
+				deviceCode,
+				entity::setDeviceCodeValue,
+				entity::setDeviceCodeIssuedAt,
+				entity::setDeviceCodeExpiresAt,
+				entity::setDeviceCodeMetadata
+		);
+
 		return entity;
 	}
 
@@ -260,6 +302,8 @@ private static AuthorizationGrantType resolveAuthorizationGrantType(String autho
 			return AuthorizationGrantType.CLIENT_CREDENTIALS;
 		} else if (AuthorizationGrantType.REFRESH_TOKEN.getValue().equals(authorizationGrantType)) {
 			return AuthorizationGrantType.REFRESH_TOKEN;
+		} else if (AuthorizationGrantType.DEVICE_CODE.getValue().equals(authorizationGrantType)) {
+			return AuthorizationGrantType.DEVICE_CODE;
 		}
 		return new AuthorizationGrantType(authorizationGrantType);              // Custom authorization grant type
 	}

docs/src/docs/asciidoc/examples/src/test/java/sample/AuthorizationCodeGrantFlow.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2022 the original author or authors.
+ * Copyright 2020-2023 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -109,7 +109,7 @@ public String authorize(RegisteredClient registeredClient) throws Exception {
 	 * Submit consent for the authorization request and obtain an authorization code.
 	 *
 	 * @param registeredClient The registered client
-	 * @param state The state paramter from the authorization request
+	 * @param state The state parameter from the authorization request
 	 * @return An authorization code
 	 */
 	public String submitConsent(RegisteredClient registeredClient, String state) throws Exception {