From 6c13e1848371b4a8016687d24714313b7d1d70a8 Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Wed, 30 May 2018 11:29:28 -0400
Subject: [PATCH] Simplify oauth2login sample

Fixes gh-5384
---
 ...g-security-samples-boot-oauth2login.gradle |  2 -
 .../samples/OAuth2LoginApplicationTests.java  |  3 --
 .../java/sample/OAuth2LoginApplication.java   |  6 +--
 .../src/main/java/sample/WebClientConfig.java | 37 ------------------
 .../sample/web/OAuth2LoginController.java     | 39 ++++---------------
 .../src/main/resources/templates/index.html   |  7 +++-
 .../main/resources/templates/userinfo.html    | 19 ---------
 7 files changed, 14 insertions(+), 99 deletions(-)
 delete mode 100644 samples/boot/oauth2login/src/main/java/sample/WebClientConfig.java
 delete mode 100644 samples/boot/oauth2login/src/main/resources/templates/userinfo.html

diff --git a/samples/boot/oauth2login/spring-security-samples-boot-oauth2login.gradle b/samples/boot/oauth2login/spring-security-samples-boot-oauth2login.gradle
index beee079bd4..01bce8a118 100644
--- a/samples/boot/oauth2login/spring-security-samples-boot-oauth2login.gradle
+++ b/samples/boot/oauth2login/spring-security-samples-boot-oauth2login.gradle
@@ -6,11 +6,9 @@ dependencies {
 	compile project(':spring-security-config')
 	compile project(':spring-security-oauth2-client')
 	compile project(':spring-security-oauth2-jose')
-	compile 'org.springframework:spring-webflux'
 	compile 'org.springframework.boot:spring-boot-starter-thymeleaf'
 	compile 'org.springframework.boot:spring-boot-starter-web'
 	compile 'org.thymeleaf.extras:thymeleaf-extras-springsecurity4'
-	compile 'io.projectreactor.ipc:reactor-netty'
 
 	testCompile project(':spring-security-test')
 	testCompile 'net.sourceforge.htmlunit:htmlunit'
diff --git a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
index 612e3583c9..1c722da290 100644
--- a/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
+++ b/samples/boot/oauth2login/src/integration-test/java/org/springframework/security/samples/OAuth2LoginApplicationTests.java
@@ -32,7 +32,6 @@ import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMock
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
-import org.springframework.context.annotation.Import;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -58,7 +57,6 @@ import org.springframework.security.oauth2.core.user.OAuth2UserAuthority;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
-import sample.WebClientConfig;
 
 import java.net.URI;
 import java.net.URL;
@@ -403,7 +401,6 @@ public class OAuth2LoginApplicationTests {
 	@SpringBootConfiguration
 	@EnableAutoConfiguration
 	@ComponentScan(basePackages = "sample.web")
-	@Import(WebClientConfig.class)
 	public static class SpringBootApplicationTestConfig {
 
 		@Autowired
diff --git a/samples/boot/oauth2login/src/main/java/sample/OAuth2LoginApplication.java b/samples/boot/oauth2login/src/main/java/sample/OAuth2LoginApplication.java
index 7ec72679fe..14b247827f 100644
--- a/samples/boot/oauth2login/src/main/java/sample/OAuth2LoginApplication.java
+++ b/samples/boot/oauth2login/src/main/java/sample/OAuth2LoginApplication.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2017 the original author or authors.
+ * Copyright 2002-2018 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -24,11 +24,7 @@ import org.springframework.boot.autoconfigure.SpringBootApplication;
 @SpringBootApplication
 public class OAuth2LoginApplication {
 
-	public OAuth2LoginApplication() {
-	}
-
 	public static void main(String[] args) {
 		SpringApplication.run(OAuth2LoginApplication.class, args);
 	}
-
 }
diff --git a/samples/boot/oauth2login/src/main/java/sample/WebClientConfig.java b/samples/boot/oauth2login/src/main/java/sample/WebClientConfig.java
deleted file mode 100644
index b5a96fe648..0000000000
--- a/samples/boot/oauth2login/src/main/java/sample/WebClientConfig.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package sample;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.oauth2.client.web.reactive.function.client.OAuth2AuthorizedClientExchangeFilterFunction;
-import org.springframework.web.reactive.function.client.WebClient;
-
-/**
- * @author Rob Winch
- * @since 5.1
- */
-@Configuration
-public class WebClientConfig {
-
-	@Bean
-	WebClient webClient() {
-		return WebClient.builder()
-				.filter(new OAuth2AuthorizedClientExchangeFilterFunction())
-				.build();
-	}
-}
diff --git a/samples/boot/oauth2login/src/main/java/sample/web/OAuth2LoginController.java b/samples/boot/oauth2login/src/main/java/sample/web/OAuth2LoginController.java
index 5c29e84dae..867cd3703b 100644
--- a/samples/boot/oauth2login/src/main/java/sample/web/OAuth2LoginController.java
+++ b/samples/boot/oauth2login/src/main/java/sample/web/OAuth2LoginController.java
@@ -15,18 +15,13 @@
  */
 package sample.web;
 
-import static org.springframework.security.oauth2.client.web.reactive.function.client.OAuth2AuthorizedClientExchangeFilterFunction.oauth2AuthorizedClient;
-
-import java.util.Collections;
-import java.util.Map;
-
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 import org.springframework.security.oauth2.client.annotation.OAuth2Client;
+import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
-import org.springframework.util.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.reactive.function.client.WebClient;
 
 /**
  * @author Joe Grandja
@@ -34,34 +29,14 @@ import org.springframework.web.reactive.function.client.WebClient;
  */
 @Controller
 public class OAuth2LoginController {
-	private final WebClient webClient;
-
-	public OAuth2LoginController(WebClient webClient) {
-		this.webClient = webClient;
-	}
 
 	@GetMapping("/")
-	public String index(Model model, @OAuth2Client OAuth2AuthorizedClient authorizedClient) {
-		model.addAttribute("userName", authorizedClient.getPrincipalName());
+	public String index(Model model,
+						@OAuth2Client OAuth2AuthorizedClient authorizedClient,
+						@AuthenticationPrincipal OAuth2User oauth2User) {
+		model.addAttribute("userName", oauth2User.getName());
 		model.addAttribute("clientName", authorizedClient.getClientRegistration().getClientName());
+		model.addAttribute("userAttributes", oauth2User.getAttributes());
 		return "index";
 	}
-
-	@GetMapping("/userinfo")
-	public String userinfo(Model model, @OAuth2Client OAuth2AuthorizedClient authorizedClient) {
-		Map userAttributes = Collections.emptyMap();
-		String userInfoEndpointUri = authorizedClient.getClientRegistration()
-			.getProviderDetails().getUserInfoEndpoint().getUri();
-		if (!StringUtils.isEmpty(userInfoEndpointUri)) {	// userInfoEndpointUri is optional for OIDC Clients
-			userAttributes = this.webClient
-				.get()
-				.uri(userInfoEndpointUri)
-				.attributes(oauth2AuthorizedClient(authorizedClient))
-				.retrieve()
-				.bodyToMono(Map.class)
-				.block();
-		}
-		model.addAttribute("userAttributes", userAttributes);
-		return "userinfo";
-	}
 }
diff --git a/samples/boot/oauth2login/src/main/resources/templates/index.html b/samples/boot/oauth2login/src/main/resources/templates/index.html
index c30b73de69..c5a54504d8 100644
--- a/samples/boot/oauth2login/src/main/resources/templates/index.html
+++ b/samples/boot/oauth2login/src/main/resources/templates/index.html
@@ -23,7 +23,12 @@
 </div>
 <div>&nbsp;</div>
 <div>
-	<a href="/userinfo" th:href="@{/userinfo}">Display User Info</a>
+	<span style="font-weight:bold">User Attributes:</span>
+	<ul>
+		<li th:each="userAttribute : ${userAttributes}">
+			<span style="font-weight:bold" th:text="${userAttribute.key}"></span>: <span th:text="${userAttribute.value}"></span>
+		</li>
+	</ul>
 </div>
 </body>
 </html>
diff --git a/samples/boot/oauth2login/src/main/resources/templates/userinfo.html b/samples/boot/oauth2login/src/main/resources/templates/userinfo.html
deleted file mode 100644
index 2f7102469b..0000000000
--- a/samples/boot/oauth2login/src/main/resources/templates/userinfo.html
+++ /dev/null
@@ -1,19 +0,0 @@
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
-<head>
-	<title>Spring Security - OAuth 2.0 User Info</title>
-	<meta charset="utf-8" />
-</head>
-<body>
-<div th:substituteby="index::logout"></div>
-<h1>OAuth 2.0 User Info</h1>
-<div>
-	<span style="font-weight:bold">User Attributes:</span>
-	<ul>
-		<li th:each="userAttribute : ${userAttributes}">
-			<span style="font-weight:bold" th:text="${userAttribute.key}"></span>: <span th:text="${userAttribute.value}"></span>
-		</li>
-	</ul>
-</div>
-</body>
-</html>