diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
index 6e5b4c8281..cffdad7824 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
@@ -2059,6 +2059,41 @@ public final class HttpSecurity extends
return configurer;
}
+ /**
+ * Configures OAuth 2.0 Client support.
+ *
+ * Example Configuration
+ *
+ * The following example demonstrates how to enable OAuth 2.0 Client support for all endpoints.
+ *
+ *
+ * @Configuration
+ * @EnableWebSecurity
+ * public class OAuth2ClientSecurityConfig extends WebSecurityConfigurerAdapter {
+ * @Override
+ * protected void configure(HttpSecurity http) throws Exception {
+ * http
+ * .authorizeRequests(authorizeRequests ->
+ * authorizeRequests
+ * .anyRequest().authenticated()
+ * )
+ * .oauth2Client(withDefaults());
+ * }
+ * }
+ *
+ *
+ * @see OAuth 2.0 Authorization Framework
+ *
+ * @param oauth2ClientCustomizer the {@link Customizer} to provide more options for
+ * the {@link OAuth2ClientConfigurer}
+ * @return the {@link HttpSecurity} for further customizations
+ * @throws Exception
+ */
+ public HttpSecurity oauth2Client(Customizer> oauth2ClientCustomizer) throws Exception {
+ oauth2ClientCustomizer.customize(getOrApply(new OAuth2ClientConfigurer<>()));
+ return HttpSecurity.this;
+ }
+
/**
* Configures OAuth 2.0 Resource Server support.
*
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java
index f4a5c2c366..066ca0c692 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2002-2018 the original author or authors.
+ * Copyright 2002-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
package org.springframework.security.config.annotation.web.configurers.oauth2.client;
import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.HttpSecurityBuilder;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
@@ -135,6 +136,20 @@ public final class OAuth2ClientConfigurer> exte
return this.authorizationCodeGrantConfigurer;
}
+ /**
+ * Configures the OAuth 2.0 Authorization Code Grant.
+ *
+ * @param authorizationCodeGrantCustomizer the {@link Customizer} to provide more options for
+ * the {@link AuthorizationCodeGrantConfigurer}
+ * @return the {@link OAuth2ClientConfigurer} for further customizations
+ * @throws Exception
+ */
+ public OAuth2ClientConfigurer authorizationCodeGrant(Customizer authorizationCodeGrantCustomizer)
+ throws Exception {
+ authorizationCodeGrantCustomizer.customize(this.authorizationCodeGrantConfigurer);
+ return this;
+ }
+
/**
* Configuration options for the OAuth 2.0 Authorization Code Grant.
*/
diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java
index 269641783f..5a231dc28a 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerTests.java
@@ -65,6 +65,7 @@ import java.util.Map;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.*;
+import static org.springframework.security.config.Customizer.withDefaults;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.authentication;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
@@ -141,6 +142,19 @@ public class OAuth2ClientConfigurerTests {
"redirect_uri=http://localhost/client-1");
}
+ @Test
+ public void configureWhenOauth2ClientInLambdaThenRedirectForAuthorization() throws Exception {
+ this.spring.register(OAuth2ClientInLambdaConfig.class).autowire();
+
+ MvcResult mvcResult = this.mockMvc.perform(get("/oauth2/authorization/registration-1"))
+ .andExpect(status().is3xxRedirection())
+ .andReturn();
+ assertThat(mvcResult.getResponse().getRedirectedUrl()).matches("https://provider.com/oauth2/authorize\\?" +
+ "response_type=code&client_id=client-1&" +
+ "scope=user&state=.{15,}&" +
+ "redirect_uri=http://localhost/client-1");
+ }
+
@Test
public void configureWhenAuthorizationCodeResponseSuccessThenAuthorizedClientSaved() throws Exception {
this.spring.register(OAuth2ClientConfig.class).autowire();
@@ -248,4 +262,30 @@ public class OAuth2ClientConfigurerTests {
}
}
}
+
+ @EnableWebSecurity
+ @EnableWebMvc
+ static class OAuth2ClientInLambdaConfig extends WebSecurityConfigurerAdapter {
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ // @formatter:off
+ http
+ .authorizeRequests(authorizeRequests ->
+ authorizeRequests
+ .anyRequest().authenticated()
+ )
+ .oauth2Client(withDefaults());
+ // @formatter:on
+ }
+
+ @Bean
+ public ClientRegistrationRepository clientRegistrationRepository() {
+ return clientRegistrationRepository;
+ }
+
+ @Bean
+ public OAuth2AuthorizedClientRepository authorizedClientRepository() {
+ return authorizedClientRepository;
+ }
+ }
}