diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java index 4e2ef7062a..e28f27e2f7 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java @@ -123,6 +123,7 @@ import static org.springframework.security.oauth2.jwt.NimbusJwtDecoder.withJwkSe * * * @author Josh Cummings + * @author Evgeniy Cheban * @since 5.1 * @see BearerTokenAuthenticationFilter * @see JwtAuthenticationProvider @@ -280,8 +281,7 @@ public final class OAuth2ResourceServerConfigurer jwtAuthenticationConverter = - new JwtAuthenticationConverter(); + private Converter jwtAuthenticationConverter; JwtConfigurer(ApplicationContext context) { this.context = context; @@ -315,6 +315,14 @@ public final class OAuth2ResourceServerConfigurer getJwtAuthenticationConverter() { + if (this.jwtAuthenticationConverter == null) { + if (this.context.getBeanNamesForType(JwtAuthenticationConverter.class).length > 0) { + this.jwtAuthenticationConverter = this.context.getBean(JwtAuthenticationConverter.class); + } else { + this.jwtAuthenticationConverter = new JwtAuthenticationConverter(); + } + } + return this.jwtAuthenticationConverter; } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java index 51c64141c3..cf552a6ece 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java @@ -160,6 +160,7 @@ import static org.springframework.web.bind.annotation.RequestMethod.POST; * Tests for {@link OAuth2ResourceServerConfigurer} * * @author Josh Cummings + * @author Evgeniy Cheban */ public class OAuth2ResourceServerConfigurerTests { private static final String JWT_TOKEN = "token"; @@ -1452,6 +1453,80 @@ public class OAuth2ResourceServerConfigurerTests { .hasMessageContaining("authenticationManagerResolver"); } + @Test + public void getJwtAuthenticationConverterWhenNoConverterSpecifiedThenTheDefaultIsUsed() { + ApplicationContext context = + this.spring.context(new GenericWebApplicationContext()).getContext(); + + OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = + new OAuth2ResourceServerConfigurer(context).jwt(); + + assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isInstanceOf(JwtAuthenticationConverter.class); + } + + @Test + public void getJwtAuthenticationConverterWhenConverterBeanSpecified() { + JwtAuthenticationConverter converterBean = new JwtAuthenticationConverter(); + + GenericWebApplicationContext context = new GenericWebApplicationContext(); + context.registerBean(JwtAuthenticationConverter.class, () -> converterBean); + this.spring.context(context).autowire(); + + OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = + new OAuth2ResourceServerConfigurer(context).jwt(); + + assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isEqualTo(converterBean); + } + + @Test + public void getJwtAuthenticationConverterWhenConverterBeanAndAnotherOnTheDslThenTheDslOneIsUsed() { + JwtAuthenticationConverter converter = new JwtAuthenticationConverter(); + JwtAuthenticationConverter converterBean = new JwtAuthenticationConverter(); + + GenericWebApplicationContext context = new GenericWebApplicationContext(); + context.registerBean(JwtAuthenticationConverter.class, () -> converterBean); + this.spring.context(context).autowire(); + + OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = + new OAuth2ResourceServerConfigurer(context).jwt(); + jwtConfigurer.jwtAuthenticationConverter(converter); + + assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isEqualTo(converter); + } + + @Test + public void getJwtAuthenticationConverterWhenDuplicateConverterBeansAndAnotherOnTheDslThenTheDslOneIsUsed() { + JwtAuthenticationConverter converter = new JwtAuthenticationConverter(); + JwtAuthenticationConverter converterBean = new JwtAuthenticationConverter(); + + GenericWebApplicationContext context = new GenericWebApplicationContext(); + context.registerBean("converterOne", JwtAuthenticationConverter.class, () -> converterBean); + context.registerBean("converterTwo", JwtAuthenticationConverter.class, () -> converterBean); + this.spring.context(context).autowire(); + + OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = + new OAuth2ResourceServerConfigurer(context).jwt(); + jwtConfigurer.jwtAuthenticationConverter(converter); + + assertThat(jwtConfigurer.getJwtAuthenticationConverter()).isEqualTo(converter); + } + + @Test + public void getJwtAuthenticationConverterWhenDuplicateConverterBeansThenThrowsException() { + JwtAuthenticationConverter converterBean = new JwtAuthenticationConverter(); + + GenericWebApplicationContext context = new GenericWebApplicationContext(); + context.registerBean("converterOne", JwtAuthenticationConverter.class, () -> converterBean); + context.registerBean("converterTwo", JwtAuthenticationConverter.class, () -> converterBean); + this.spring.context(context).autowire(); + + OAuth2ResourceServerConfigurer.JwtConfigurer jwtConfigurer = + new OAuth2ResourceServerConfigurer(context).jwt(); + + assertThatCode(jwtConfigurer::getJwtAuthenticationConverter) + .isInstanceOf(NoUniqueBeanDefinitionException.class); + } + // -- support @EnableWebSecurity diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationConverter.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationConverter.java index e7199d8dc9..4b8171e8cb 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationConverter.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 the original author or authors. + * Copyright 2002-2020 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.