From 00e1c8e305ebe9095348862934d263bd2b488420 Mon Sep 17 00:00:00 2001
From: Rujun Chen <Rujun.Chen@microsoft.com>
Date: Thu, 21 Jan 2021 13:34:05 +0800
Subject: [PATCH] Fix bug: OAuth2AuthorizedClient not saved for
 ClientNeedConsentWhenLogin (#18715)

---
 .../AADOAuth2AuthorizedClientRepository.java     | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/sdk/spring/azure-spring-boot/src/main/java/com/azure/spring/aad/webapp/AADOAuth2AuthorizedClientRepository.java b/sdk/spring/azure-spring-boot/src/main/java/com/azure/spring/aad/webapp/AADOAuth2AuthorizedClientRepository.java
index 089e0a07819f6..0594b47efa49f 100644
--- a/sdk/spring/azure-spring-boot/src/main/java/com/azure/spring/aad/webapp/AADOAuth2AuthorizedClientRepository.java
+++ b/sdk/spring/azure-spring-boot/src/main/java/com/azure/spring/aad/webapp/AADOAuth2AuthorizedClientRepository.java
@@ -4,6 +4,8 @@
 package com.azure.spring.aad.webapp;
 
 import com.azure.spring.aad.AADClientRegistrationRepository;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.oauth2.client.OAuth2AuthorizationContext;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
@@ -11,6 +13,8 @@
 import org.springframework.security.oauth2.client.RefreshTokenOAuth2AuthorizedClientProvider;
 import org.springframework.security.oauth2.client.web.OAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -24,6 +28,8 @@
  */
 public class AADOAuth2AuthorizedClientRepository implements OAuth2AuthorizedClientRepository {
 
+    private static final Logger LOGGER = LoggerFactory.getLogger(AADOAuth2AuthorizedClientRepository.class);
+
     private final AADWebAppClientRegistrationRepository repo;
     private final OAuth2AuthorizedClientRepository delegate;
     private final OAuth2AuthorizedClientProvider provider;
@@ -73,7 +79,15 @@ public <T extends OAuth2AuthorizedClient> T loadAuthorizedClient(String id,
                 .principal(principal)
                 .attributes(getAttributesConsumer(scopes))
                 .build();
-            return (T) provider.authorize(context);
+            OAuth2AuthorizedClient clientGotByRefreshToken = provider.authorize(context);
+            try {
+                ServletRequestAttributes attributes =
+                    (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
+                delegate.saveAuthorizedClient(clientGotByRefreshToken, principal, request, attributes.getResponse());
+            } catch (IllegalStateException exception) {
+                LOGGER.warn("Can not save OAuth2AuthorizedClient.", exception);
+            }
+            return (T) clientGotByRefreshToken;
         }
         return null;
     }