Temporarily fix integration tests

jgrandja · jgrandja · commit 35f41f87d120 · 2025-09-12T16:20:44.000-04:00
Issue gh-17880
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2ClientCredentialsGrantTests.java
@@ -114,6 +114,7 @@
 import org.springframework.security.web.authentication.AuthenticationConverter;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.security.web.authentication.WebAuthenticationDetails;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
 
@@ -363,6 +364,7 @@ public void requestWhenTokenEndpointCustomizedThenUsed() throws Exception {
 				Instant.now(), Instant.now().plus(Duration.ofHours(1)));
 		OAuth2AccessTokenAuthenticationToken accessTokenAuthentication = new OAuth2AccessTokenAuthenticationToken(
 				registeredClient, clientPrincipal, accessToken);
+		accessTokenAuthentication.setDetails(new WebAuthenticationDetails("remoteAddress", "sessionId"));
 		given(authenticationProvider.supports(eq(OAuth2ClientCredentialsAuthenticationToken.class))).willReturn(true);
 		given(authenticationProvider.authenticate(any())).willReturn(accessTokenAuthentication);
 
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/authorization/OAuth2RefreshTokenGrantTests.java
@@ -624,7 +624,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 				throwInvalidClient("authentication_method");
 			}
 
-			return new PublicClientRefreshTokenAuthenticationToken(registeredClient);
+			PublicClientRefreshTokenAuthenticationToken publicClientRefreshTokenAuthenticationResult = new PublicClientRefreshTokenAuthenticationToken(
+					registeredClient);
+			publicClientRefreshTokenAuthenticationResult.setDetails(publicClientAuthentication.getDetails());
+			return publicClientRefreshTokenAuthenticationResult;
 		}
 
 		@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/ClientSecretAuthenticationProvider.java
@@ -155,8 +155,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated client secret");
 		}
 
-		return new OAuth2ClientAuthenticationToken(registeredClient,
-				clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials());
+		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
+				registeredClient, clientAuthentication.getClientAuthenticationMethod(),
+				clientAuthentication.getCredentials());
+		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
+		return clientAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/JwtClientAssertionAuthenticationProvider.java
@@ -138,7 +138,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated client assertion");
 		}
 
-		return new OAuth2ClientAuthenticationToken(registeredClient, clientAuthenticationMethod, jwtAssertion);
+		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
+				registeredClient, clientAuthenticationMethod, jwtAssertion);
+		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
+		return clientAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeAuthenticationProvider.java
@@ -312,8 +312,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated token request");
 		}
 
-		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken,
-				additionalParameters);
+		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
+				registeredClient, clientPrincipal, accessToken, refreshToken, additionalParameters);
+		accessTokenAuthenticationResult.setDetails(authorizationCodeAuthentication.getDetails());
+		return accessTokenAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationCodeRequestAuthenticationProvider.java
@@ -167,11 +167,13 @@ public Authentication authenticate(Authentication authentication) throws Authent
 						authorizationCodeRequestAuthentication, null);
 			}
 
+			Object authenticationDetails = authorizationCodeRequestAuthentication.getDetails();
 			authorizationCodeRequestAuthentication = new OAuth2AuthorizationCodeRequestAuthenticationToken(
 					authorizationCodeRequestAuthentication.getAuthorizationUri(), authorizationRequest.getClientId(),
 					(Authentication) authorizationCodeRequestAuthentication.getPrincipal(),
 					authorizationRequest.getRedirectUri(), authorizationRequest.getState(),
 					authorizationRequest.getScopes(), authorizationRequest.getAdditionalParameters());
+			authorizationCodeRequestAuthentication.setDetails(authenticationDetails);
 		}
 
 		RegisteredClient registeredClient = this.registeredClientRepository
@@ -283,8 +285,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			Set<String> currentAuthorizedScopes = (currentAuthorizationConsent != null)
 					? currentAuthorizationConsent.getScopes() : null;
 
-			return new OAuth2AuthorizationConsentAuthenticationToken(authorizationRequest.getAuthorizationUri(),
-					registeredClient.getClientId(), principal, state, currentAuthorizedScopes, null);
+			OAuth2AuthorizationConsentAuthenticationToken authorizationConsentAuthentication = new OAuth2AuthorizationConsentAuthenticationToken(
+					authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal, state,
+					currentAuthorizedScopes, null);
+			authorizationConsentAuthentication.setDetails(authorizationCodeRequestAuthentication.getDetails());
+			return authorizationConsentAuthentication;
 		}
 
 		OAuth2TokenContext tokenContext = createAuthorizationCodeTokenContext(authorizationCodeRequestAuthentication,
@@ -327,9 +332,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated authorization code request");
 		}
 
-		return new OAuth2AuthorizationCodeRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(),
-				registeredClient.getClientId(), principal, authorizationCode, redirectUri,
-				authorizationRequest.getState(), authorizationRequest.getScopes());
+		OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken(
+				authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal,
+				authorizationCode, redirectUri, authorizationRequest.getState(), authorizationRequest.getScopes());
+		authorizationCodeRequestAuthenticationResult.setDetails(authorizationCodeRequestAuthentication.getDetails());
+		return authorizationCodeRequestAuthenticationResult;
 	}
 
 	@Override
@@ -481,6 +488,7 @@ private static void throwError(OAuth2Error error, String parameterName,
 				(Authentication) authorizationCodeRequestAuthentication.getPrincipal(), redirectUri,
 				authorizationCodeRequestAuthentication.getState(), authorizationCodeRequestAuthentication.getScopes(),
 				authorizationCodeRequestAuthentication.getAdditionalParameters());
+		authorizationCodeRequestAuthenticationResult.setDetails(authorizationCodeRequestAuthentication.getDetails());
 
 		throw new OAuth2AuthorizationCodeRequestAuthenticationException(error,
 				authorizationCodeRequestAuthenticationResult);
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2AuthorizationConsentAuthenticationProvider.java
@@ -260,9 +260,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated authorization consent request");
 		}
 
-		return new OAuth2AuthorizationCodeRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(),
-				registeredClient.getClientId(), principal, authorizationCode, redirectUri,
-				authorizationRequest.getState(), authorizedScopes);
+		OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthenticationResult = new OAuth2AuthorizationCodeRequestAuthenticationToken(
+				authorizationRequest.getAuthorizationUri(), registeredClient.getClientId(), principal,
+				authorizationCode, redirectUri, authorizationRequest.getState(), authorizedScopes);
+		authorizationCodeRequestAuthenticationResult.setDetails(authorizationConsentAuthentication.getDetails());
+		return authorizationCodeRequestAuthenticationResult;
 	}
 
 	@Override
@@ -362,6 +364,7 @@ private static void throwError(OAuth2Error error, String parameterName,
 				authorizationConsentAuthentication.getClientId(),
 				(Authentication) authorizationConsentAuthentication.getPrincipal(), redirectUri, state, requestedScopes,
 				null);
+		authorizationCodeRequestAuthenticationResult.setDetails(authorizationConsentAuthentication.getDetails());
 
 		throw new OAuth2AuthorizationCodeRequestAuthenticationException(error,
 				authorizationCodeRequestAuthenticationResult);
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2ClientCredentialsAuthenticationProvider.java
@@ -170,7 +170,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated token request");
 		}
 
-		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken);
+		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
+				registeredClient, clientPrincipal, accessToken);
+		accessTokenAuthenticationResult.setDetails(clientCredentialsAuthentication.getDetails());
+		return accessTokenAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceAuthorizationRequestAuthenticationProvider.java
@@ -181,8 +181,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated device authorization request");
 		}
 
-		return new OAuth2DeviceAuthorizationRequestAuthenticationToken(clientPrincipal, requestedScopes, deviceCode,
-				userCode);
+		OAuth2DeviceAuthorizationRequestAuthenticationToken deviceAuthorizationRequestAuthenticationResult = new OAuth2DeviceAuthorizationRequestAuthenticationToken(
+				clientPrincipal, requestedScopes, deviceCode, userCode);
+		deviceAuthorizationRequestAuthenticationResult
+			.setDetails(deviceAuthorizationRequestAuthentication.getDetails());
+		return deviceAuthorizationRequestAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceCodeAuthenticationProvider.java
@@ -260,7 +260,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated device token request");
 		}
 
-		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken);
+		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
+				registeredClient, clientPrincipal, accessToken, refreshToken);
+		accessTokenAuthenticationResult.setDetails(deviceCodeAuthentication.getDetails());
+		return accessTokenAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2DeviceVerificationAuthenticationProvider.java
@@ -171,9 +171,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 				.getAuthorizationServerSettings();
 			String deviceVerificationUri = authorizationServerSettings.getDeviceVerificationEndpoint();
 
-			return new OAuth2DeviceAuthorizationConsentAuthenticationToken(deviceVerificationUri,
-					registeredClient.getClientId(), principal, deviceVerificationAuthentication.getUserCode(), state,
-					requestedScopes, currentAuthorizedScopes);
+			OAuth2DeviceAuthorizationConsentAuthenticationToken deviceAuthorizationConsentAuthenticationResult = new OAuth2DeviceAuthorizationConsentAuthenticationToken(
+					deviceVerificationUri, registeredClient.getClientId(), principal,
+					deviceVerificationAuthentication.getUserCode(), state, requestedScopes, currentAuthorizedScopes);
+			deviceAuthorizationConsentAuthenticationResult.setDetails(deviceVerificationAuthentication.getDetails());
+			return deviceAuthorizationConsentAuthenticationResult;
 		}
 
 		// @formatter:off
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2PushedAuthorizationRequestAuthenticationProvider.java
@@ -138,10 +138,14 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated pushed authorization request");
 		}
 
-		return new OAuth2PushedAuthorizationRequestAuthenticationToken(authorizationRequest.getAuthorizationUri(),
-				authorizationRequest.getClientId(), clientPrincipal, pushedAuthorizationRequestUri.getRequestUri(),
-				pushedAuthorizationRequestUri.getExpiresAt(), authorizationRequest.getRedirectUri(),
-				authorizationRequest.getState(), authorizationRequest.getScopes());
+		OAuth2PushedAuthorizationRequestAuthenticationToken pushedAuthorizationRequestAuthenticationResult = new OAuth2PushedAuthorizationRequestAuthenticationToken(
+				authorizationRequest.getAuthorizationUri(), authorizationRequest.getClientId(), clientPrincipal,
+				pushedAuthorizationRequestUri.getRequestUri(), pushedAuthorizationRequestUri.getExpiresAt(),
+				authorizationRequest.getRedirectUri(), authorizationRequest.getState(),
+				authorizationRequest.getScopes());
+		pushedAuthorizationRequestAuthenticationResult
+			.setDetails(pushedAuthorizationRequestAuthentication.getDetails());
+		return pushedAuthorizationRequestAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2RefreshTokenAuthenticationProvider.java
@@ -283,8 +283,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated token request");
 		}
 
-		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken,
-				currentRefreshToken, additionalParameters);
+		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
+				registeredClient, clientPrincipal, accessToken, currentRefreshToken, additionalParameters);
+		accessTokenAuthenticationResult.setDetails(refreshTokenAuthentication.getDetails());
+		return accessTokenAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenExchangeAuthenticationProvider.java
@@ -268,8 +268,10 @@ else if (!CollectionUtils.isEmpty(subjectAuthorization.getAuthorizedScopes())) {
 			this.logger.trace("Authenticated token request");
 		}
 
-		return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, null,
-				additionalParameters);
+		OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(
+				registeredClient, clientPrincipal, accessToken, null, additionalParameters);
+		accessTokenAuthenticationResult.setDetails(tokenExchangeAuthentication.getDetails());
+		return accessTokenAuthenticationResult;
 	}
 
 	private static boolean isValidTokenType(String tokenType, OAuth2Authorization.Token<OAuth2Token> token) {
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIntrospectionAuthenticationProvider.java
@@ -118,8 +118,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated token introspection request");
 		}
 
-		return new OAuth2TokenIntrospectionAuthenticationToken(authorizedToken.getToken().getTokenValue(),
-				clientPrincipal, tokenClaims);
+		OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthenticationResult = new OAuth2TokenIntrospectionAuthenticationToken(
+				authorizedToken.getToken().getTokenValue(), clientPrincipal, tokenClaims);
+		tokenIntrospectionAuthenticationResult.setDetails(tokenIntrospectionAuthentication.getDetails());
+		return tokenIntrospectionAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenRevocationAuthenticationProvider.java
@@ -89,7 +89,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated token revocation request");
 		}
 
-		return new OAuth2TokenRevocationAuthenticationToken(token.getToken(), clientPrincipal);
+		OAuth2TokenRevocationAuthenticationToken tokenRevocationAuthenticationResult = new OAuth2TokenRevocationAuthenticationToken(
+				token.getToken(), clientPrincipal);
+		tokenRevocationAuthenticationResult.setDetails(tokenRevocationAuthentication.getDetails());
+		return tokenRevocationAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/PublicClientAuthenticationProvider.java
@@ -103,8 +103,10 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated public client");
 		}
 
-		return new OAuth2ClientAuthenticationToken(registeredClient,
-				clientAuthentication.getClientAuthenticationMethod(), null);
+		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
+				registeredClient, clientAuthentication.getClientAuthenticationMethod(), null);
+		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
+		return clientAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/X509ClientCertificateAuthenticationProvider.java
@@ -125,8 +125,11 @@ public Authentication authenticate(Authentication authentication) throws Authent
 			this.logger.trace("Authenticated client X509Certificate");
 		}
 
-		return new OAuth2ClientAuthenticationToken(registeredClient,
-				clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials());
+		OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(
+				registeredClient, clientAuthentication.getClientAuthenticationMethod(),
+				clientAuthentication.getCredentials());
+		clientAuthenticationResult.setDetails(clientAuthentication.getDetails());
+		return clientAuthenticationResult;
 	}
 
 	@Override
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientConfigurationAuthenticationProvider.java
@@ -169,8 +169,10 @@ private OidcClientRegistrationAuthenticationToken findRegistration(
 			this.logger.trace("Authenticated client configuration request");
 		}
 
-		return new OidcClientRegistrationAuthenticationToken(
+		OidcClientRegistrationAuthenticationToken clientRegistrationAuthenticationResult = new OidcClientRegistrationAuthenticationToken(
 				(Authentication) clientRegistrationAuthentication.getPrincipal(), clientRegistration);
+		clientRegistrationAuthenticationResult.setDetails(clientRegistrationAuthentication.getDetails());
+		return clientRegistrationAuthenticationResult;
 	}
 
 	@SuppressWarnings("unchecked")
diff --git a/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java b/oauth2/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/oidc/authentication/OidcClientRegistrationAuthenticationProvider.java
@@ -279,8 +279,10 @@ private OidcClientRegistrationAuthenticationToken registerClient(
 			this.logger.trace("Authenticated client registration request");
 		}
 
-		return new OidcClientRegistrationAuthenticationToken(
+		OidcClientRegistrationAuthenticationToken clientRegistrationAuthenticationResult = new OidcClientRegistrationAuthenticationToken(
 				(Authentication) clientRegistrationAuthentication.getPrincipal(), clientRegistration);
+		clientRegistrationAuthenticationResult.setDetails(clientRegistrationAuthentication.getDetails());
+		return clientRegistrationAuthenticationResult;
 	}
 
 	private OAuth2Authorization registerAccessToken(RegisteredClient registeredClient) {

Original file line number	Diff line number	Diff line change
`@@ -624,7 +624,10 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`624`	`624`	`throwInvalidClient("authentication_method");`
`625`	`625`	`}`
`626`	`626`
`627`		`- return new PublicClientRefreshTokenAuthenticationToken(registeredClient);`
	`627`	`+ PublicClientRefreshTokenAuthenticationToken publicClientRefreshTokenAuthenticationResult = new PublicClientRefreshTokenAuthenticationToken(`
	`628`	`+ registeredClient);`
	`629`	`+ publicClientRefreshTokenAuthenticationResult.setDetails(publicClientAuthentication.getDetails());`
	`630`	`+ return publicClientRefreshTokenAuthenticationResult;`
`628`	`631`	`}`
`629`	`632`
`630`	`633`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -155,8 +155,11 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`155`	`155`	`this.logger.trace("Authenticated client secret");`
`156`	`156`	`}`
`157`	`157`
`158`		`- return new OAuth2ClientAuthenticationToken(registeredClient,`
`159`		`- clientAuthentication.getClientAuthenticationMethod(), clientAuthentication.getCredentials());`
	`158`	`+ OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(`
	`159`	`+ registeredClient, clientAuthentication.getClientAuthenticationMethod(),`
	`160`	`+ clientAuthentication.getCredentials());`
	`161`	`+ clientAuthenticationResult.setDetails(clientAuthentication.getDetails());`
	`162`	`+ return clientAuthenticationResult;`
`160`	`163`	`}`
`161`	`164`
`162`	`165`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -138,7 +138,10 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`138`	`138`	`this.logger.trace("Authenticated client assertion");`
`139`	`139`	`}`
`140`	`140`
`141`		`- return new OAuth2ClientAuthenticationToken(registeredClient, clientAuthenticationMethod, jwtAssertion);`
	`141`	`+ OAuth2ClientAuthenticationToken clientAuthenticationResult = new OAuth2ClientAuthenticationToken(`
	`142`	`+ registeredClient, clientAuthenticationMethod, jwtAssertion);`
	`143`	`+ clientAuthenticationResult.setDetails(clientAuthentication.getDetails());`
	`144`	`+ return clientAuthenticationResult;`
`142`	`145`	`}`
`143`	`146`
`144`	`147`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -312,8 +312,10 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`312`	`312`	`this.logger.trace("Authenticated token request");`
`313`	`313`	`}`
`314`	`314`
`315`		`- return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken,`
`316`		`- additionalParameters);`
	`315`	`+ OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(`
	`316`	`+ registeredClient, clientPrincipal, accessToken, refreshToken, additionalParameters);`
	`317`	`+ accessTokenAuthenticationResult.setDetails(authorizationCodeAuthentication.getDetails());`
	`318`	`+ return accessTokenAuthenticationResult;`
`317`	`319`	`}`
`318`	`320`
`319`	`321`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -170,7 +170,10 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`170`	`170`	`this.logger.trace("Authenticated token request");`
`171`	`171`	`}`
`172`	`172`
`173`		`- return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken);`
	`173`	`+ OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(`
	`174`	`+ registeredClient, clientPrincipal, accessToken);`
	`175`	`+ accessTokenAuthenticationResult.setDetails(clientCredentialsAuthentication.getDetails());`
	`176`	`+ return accessTokenAuthenticationResult;`
`174`	`177`	`}`
`175`	`178`
`176`	`179`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -181,8 +181,11 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`181`	`181`	`this.logger.trace("Authenticated device authorization request");`
`182`	`182`	`}`
`183`	`183`
`184`		`- return new OAuth2DeviceAuthorizationRequestAuthenticationToken(clientPrincipal, requestedScopes, deviceCode,`
`185`		`- userCode);`
	`184`	`+ OAuth2DeviceAuthorizationRequestAuthenticationToken deviceAuthorizationRequestAuthenticationResult = new OAuth2DeviceAuthorizationRequestAuthenticationToken(`
	`185`	`+ clientPrincipal, requestedScopes, deviceCode, userCode);`
	`186`	`+ deviceAuthorizationRequestAuthenticationResult`
	`187`	`+ .setDetails(deviceAuthorizationRequestAuthentication.getDetails());`
	`188`	`+ return deviceAuthorizationRequestAuthenticationResult;`
`186`	`189`	`}`
`187`	`190`
`188`	`191`	`@Override`
Original file line number	Diff line number	Diff line change
`@@ -260,7 +260,10 @@ public Authentication authenticate(Authentication authentication) throws Authent`
`260`	`260`	`this.logger.trace("Authenticated device token request");`
`261`	`261`	`}`
`262`	`262`
`263`		`- return new OAuth2AccessTokenAuthenticationToken(registeredClient, clientPrincipal, accessToken, refreshToken);`
	`263`	`+ OAuth2AccessTokenAuthenticationToken accessTokenAuthenticationResult = new OAuth2AccessTokenAuthenticationToken(`
	`264`	`+ registeredClient, clientPrincipal, accessToken, refreshToken);`
	`265`	`+ accessTokenAuthenticationResult.setDetails(deviceCodeAuthentication.getDetails());`
	`266`	`+ return accessTokenAuthenticationResult;`
`264`	`267`	`}`
`265`	`268`
`266`	`269`	`@Override`