From 82e4abdd323fea146aa376f1f9d0da1542705e0b Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Tue, 29 May 2018 21:29:33 -0400
Subject: [PATCH] OAuth2ClientArgumentResolver uses AnnotatedElementUtils

Fixes gh-5335
---
 .../web/method/annotation/OAuth2ClientArgumentResolver.java | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2ClientArgumentResolver.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2ClientArgumentResolver.java
index 1c0b99d95a..695af81b54 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2ClientArgumentResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/method/annotation/OAuth2ClientArgumentResolver.java
@@ -16,6 +16,7 @@
 package org.springframework.security.oauth2.client.web.method.annotation;
 
 import org.springframework.core.MethodParameter;
+import org.springframework.core.annotation.AnnotatedElementUtils;
 import org.springframework.lang.NonNull;
 import org.springframework.lang.Nullable;
 import org.springframework.security.core.Authentication;
@@ -90,7 +91,7 @@ public final class OAuth2ClientArgumentResolver implements HandlerMethodArgument
 		return ((OAuth2AccessToken.class.isAssignableFrom(parameterType) ||
 				OAuth2AuthorizedClient.class.isAssignableFrom(parameterType) ||
 				ClientRegistration.class.isAssignableFrom(parameterType)) &&
-				(parameter.hasParameterAnnotation(OAuth2Client.class)));
+				(AnnotatedElementUtils.findMergedAnnotation(parameter.getParameter(), OAuth2Client.class) != null));
 	}
 
 	@NonNull
@@ -100,7 +101,8 @@ public final class OAuth2ClientArgumentResolver implements HandlerMethodArgument
 									NativeWebRequest webRequest,
 									@Nullable WebDataBinderFactory binderFactory) throws Exception {
 
-		OAuth2Client oauth2ClientAnnotation = parameter.getParameterAnnotation(OAuth2Client.class);
+		OAuth2Client oauth2ClientAnnotation = AnnotatedElementUtils.findMergedAnnotation(
+				parameter.getParameter(), OAuth2Client.class);
 		Authentication principal = SecurityContextHolder.getContext().getAuthentication();
 
 		String clientRegistrationId = null;