Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish OAuth2LoginConfigurer 

Fixes gh-4747
This commit is contained in:
Joe Grandja 2017-10-29 20:49:18 -04:00
parent 3d065b5afd
commit a261c9a047
3 changed files with 20 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
View File

@ -926,7 +926,7 @@ public final class HttpSecurity extends
* {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository}.
* An instance of {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository} is <b>required</b>
* and may be supplied via the {@link ApplicationContext} or configured using
* {@link OAuth2LoginConfigurer#clients(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)}.
* {@link OAuth2LoginConfigurer#clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)}.
* <br>
* <br>
*
@ -989,7 +989,7 @@ public final class HttpSecurity extends
* .anyRequest().authenticated()
* .and()
* .oauth2Login()
* .clients(this.clientRegistrationRepository())
* .clientRegistrationRepository(this.clientRegistrationRepository())
* .authorizationRequestUriBuilder(this.authorizationRequestUriBuilder())
* .accessTokenResponseClient(this.accessTokenResponseClient())
* .userInfoEndpoint()

14
config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
View File

@ -71,7 +71,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
super();
}
public OAuth2LoginConfigurer<B> clients(ClientRegistrationRepository clientRegistrationRepository) {
public OAuth2LoginConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) {
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
this.getBuilder().setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository);
return this;
@ -123,7 +123,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
public class TokenEndpointConfig {
private OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient;
private JwtDecoderRegistry jwtDecoderRegistry;
private TokenEndpointConfig() {
}
@ -136,12 +135,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
return this;
}
public TokenEndpointConfig jwtDecoderRegistry(JwtDecoderRegistry jwtDecoderRegistry) {
Assert.notNull(jwtDecoderRegistry, "jwtDecoderRegistry cannot be null");
this.jwtDecoderRegistry = jwtDecoderRegistry;
return this;
}
public OAuth2LoginConfigurer<B> and() {
return OAuth2LoginConfigurer.this;
}
@ -234,10 +227,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
}
}
JwtDecoderRegistry jwtDecoderRegistry = this.tokenEndpointConfig.jwtDecoderRegistry;
if (jwtDecoderRegistry == null) {
jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
}
OAuth2LoginAuthenticationProvider oauth2LoginAuthenticationProvider =
new OAuth2LoginAuthenticationProvider(accessTokenResponseClient, oauth2UserService);
@ -248,6 +237,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
http.authenticationProvider(this.postProcess(oauth2LoginAuthenticationProvider));
OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService = new OidcUserService();
JwtDecoderRegistry jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
OidcAuthorizationCodeAuthenticationProvider oidcAuthorizationCodeAuthenticationProvider =
new OidcAuthorizationCodeAuthenticationProvider(
accessTokenResponseClient, oidcUserService, jwtDecoderRegistry);

19
samples/boot/oauth2login/src/main/java/sample/config/OAuth2LoginConfig.java
View File

@ -17,7 +17,9 @@ package sample.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@ -25,12 +27,23 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
/**
* @author Joe Grandja
*/
@Configuration
public class OAuth2LoginConfig {
@EnableWebSecurity
public class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
@Autowired
private ClientRegistrationRepository clientRegistrationRepository;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()
.clientRegistrationRepository(this.clientRegistrationRepository)
.authorizedClientService(this.authorizedClientService());
}
@Bean
public OAuth2AuthorizedClientService authorizedClientService() {
return new InMemoryOAuth2AuthorizedClientService(this.clientRegistrationRepository);