Flatten ServerHttpSecurity.oauth2()

Fixes: gh-5712

config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java

@@ -207,7 +207,9 @@ public class ServerHttpSecurity {
 
 	private OAuth2LoginSpec oauth2Login;
 
-	private OAuth2Spec oauth2;
+	private OAuth2ResourceServerSpec resourceServer;
+
+	private OAuth2ClientSpec client;
 
 	private LogoutSpec logout = new LogoutSpec();
 
@@ -572,41 +574,6 @@ public class ServerHttpSecurity {
 		private OAuth2LoginSpec() {}
 	}
 
-	/**
-	 * Configures OAuth2 support. An example configuration is provided below:
-	 *
-	 * <pre class="code">
-	 *  &#064;Bean
-	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
-	 *      http
-	 *          // ...
-	 *          .oauth2()
-	 *              .resourceServer()
-	 *                  .jwt()
-	 *                      .jwkSetUri(jwkSetUri);
-	 *      return http.build();
-	 *  }
-	 * </pre>
-	 *
-	 * @return the {@link HttpBasicSpec} to customize
-	 */
-	public OAuth2Spec oauth2() {
-		if (this.oauth2 == null) {
-			this.oauth2 = new OAuth2Spec();
-		}
-		return this.oauth2;
-	}
-
-	/**
-	 * Configures OAuth2 Support
-	 *
-	 * @since 5.1
-	 */
-	public class OAuth2Spec {
-		private OAuth2ResourceServerSpec resourceServer;
-
-		private OAuth2ClientSpec client;
-
 	/**
 	 * Configures the OAuth2 client.
 	 *
@@ -615,8 +582,7 @@ public class ServerHttpSecurity {
 	 *  public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	 *      http
 	 *          // ...
-		 *          .oauth2()
+	 *          .oauth2Client()
-		 *              .client()
 	 *              .clientRegistrationRepository(clientRegistrationRepository)
 	 *              .authorizedClientRepository(authorizedClientRepository);
 	 *      return http.build();
@@ -626,7 +592,7 @@ public class ServerHttpSecurity {
 	 *
 	 * @return the {@link OAuth2ClientSpec} to customize
 	 */
-		public OAuth2ClientSpec client() {
+	public OAuth2ClientSpec oauth2Client() {
 		if (this.client == null) {
 			this.client = new OAuth2ClientSpec();
 		}
@@ -705,7 +671,7 @@ public class ServerHttpSecurity {
 		private OAuth2ClientSpec() {}
 	}
 
-		public OAuth2ResourceServerSpec resourceServer() {
+	public OAuth2ResourceServerSpec oauth2ResourceServer() {
 		if (this.resourceServer == null) {
 			this.resourceServer = new OAuth2ResourceServerSpec();
 		}
@@ -788,25 +754,9 @@ public class ServerHttpSecurity {
 			}
 		}
 
-			public OAuth2Spec and() {
-				return OAuth2Spec.this;
-			}
-		}
-
 		public ServerHttpSecurity and() {
 			return ServerHttpSecurity.this;
 		}
-
-		protected void configure(ServerHttpSecurity http) {
-			if (this.resourceServer != null) {
-				this.resourceServer.configure(http);
-			}
-			if (this.client != null) {
-				this.client.configure(http);
-			}
-		}
-
-		private OAuth2Spec() {}
 	}
 
 	/**
@@ -1009,8 +959,11 @@ public class ServerHttpSecurity {
 		if (this.oauth2Login != null) {
 			this.oauth2Login.configure(this);
 		}
-		if (this.oauth2 != null) {
+		if (this.resourceServer != null) {
-			this.oauth2.configure(this);
+			this.resourceServer.configure(this);
+		}
+		if (this.client != null) {
+			this.client.configure(this);
 		}
 		this.loginPage.configure(this);
 		if(this.logout != null) {

config/src/test/java/org/springframework/security/config/web/server/OAuth2ClientSpecTests.java

@@ -95,8 +95,7 @@ public class OAuth2ClientSpecTests {
 		@Bean
 		SecurityWebFilterChain springSecurity(ServerHttpSecurity http) {
 			http
-				.oauth2()
+				.oauth2Client();
-					.client();
 			return http.build();
 		}
 

samples/boot/authcodegrant-webflux/src/main/java/sample/config/SecurityConfig.java

@@ -40,8 +40,7 @@ public class SecurityConfig {
 				.and()
 			.formLogin()
 				.and()
-			.oauth2()
+			.oauth2Client();
-				.client();
 		return http.build();
 	}
 

samples/boot/oauth2resourceserver-webflux/src/main/java/sample/SecurityConfig.java

@@ -45,8 +45,7 @@ public class SecurityConfig {
 			.authorizeExchange()
 				.anyExchange().authenticated()
 				.and()
-			.oauth2()
+			.oauth2ResourceServer()
-				.resourceServer()
 				.jwt()
 					.jwkSetUri(jwkSetUri);
 		return http.build();
@@ -59,8 +58,7 @@ public class SecurityConfig {
 			.authorizeExchange()
 				.anyExchange().authenticated()
 				.and()
-			.oauth2()
+			.oauth2ResourceServer()
-				.resourceServer()
 				.jwt()
 					.publicKey(publicKey());
 		return http.build();