From e91da5959c1409dbb5f794221cda1ca871a2a158 Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Tue, 17 Oct 2017 13:42:54 -0400 Subject: [PATCH] Remove auto-config classes from oauth2Login sample Fixes gh-4638 --- .../ClientRegistrationAutoConfiguration.java | 137 ------------------ .../client/OAuth2LoginAutoConfiguration.java | 58 -------- .../META-INF/oauth2-clients-defaults.yml | 42 ------ .../main/resources/META-INF/spring.factories | 4 - .../src/main/resources/application.yml | 47 +++--- 5 files changed, 26 insertions(+), 262 deletions(-) delete mode 100644 samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/ClientRegistrationAutoConfiguration.java delete mode 100644 samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2LoginAutoConfiguration.java delete mode 100644 samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml delete mode 100644 samples/boot/oauth2login/src/main/resources/META-INF/spring.factories diff --git a/samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/ClientRegistrationAutoConfiguration.java b/samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/ClientRegistrationAutoConfiguration.java deleted file mode 100644 index 6f92c63859..0000000000 --- a/samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/ClientRegistrationAutoConfiguration.java +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright 2012-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.boot.autoconfigure.security.oauth2.client; - -import org.springframework.beans.factory.config.YamlPropertiesFactoryBean; -import org.springframework.boot.autoconfigure.AutoConfigureBefore; -import org.springframework.boot.autoconfigure.condition.ConditionMessage; -import org.springframework.boot.autoconfigure.condition.ConditionOutcome; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; -import org.springframework.boot.autoconfigure.condition.SpringBootCondition; -import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration; -import org.springframework.boot.context.properties.bind.BindResult; -import org.springframework.boot.context.properties.bind.Bindable; -import org.springframework.boot.context.properties.bind.Binder; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.ConditionContext; -import org.springframework.context.annotation.Conditional; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.ConfigurationCondition; -import org.springframework.core.env.ConfigurableEnvironment; -import org.springframework.core.env.Environment; -import org.springframework.core.env.MutablePropertySources; -import org.springframework.core.env.PropertiesPropertySource; -import org.springframework.core.io.ClassPathResource; -import org.springframework.core.type.AnnotatedTypeMetadata; -import org.springframework.security.oauth2.client.registration.ClientRegistration; -import org.springframework.security.oauth2.client.registration.ClientRegistrationProperties; -import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; -import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository; -import org.springframework.util.CollectionUtils; - -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import java.util.Properties; -import java.util.Set; -import java.util.stream.Collectors; - -/** - * @author Joe Grandja - */ -@Configuration -@ConditionalOnWebApplication -@ConditionalOnClass(ClientRegistrationRepository.class) -@ConditionalOnMissingBean(ClientRegistrationRepository.class) -@AutoConfigureBefore(SecurityAutoConfiguration.class) -public class ClientRegistrationAutoConfiguration { - private static final String CLIENTS_DEFAULTS_RESOURCE = "META-INF/oauth2-clients-defaults.yml"; - static final String CLIENT_ID_PROPERTY = "client-id"; - static final String REGISTRATIONS_PROPERTY_PREFIX = "security.oauth2.client.registrations"; - - @Configuration - @Conditional(ClientPropertiesAvailableCondition.class) - protected static class ClientRegistrationConfiguration { - private final Environment environment; - - protected ClientRegistrationConfiguration(Environment environment) { - this.environment = environment; - } - - @Bean - public ClientRegistrationRepository clientRegistrations() { - MutablePropertySources propertySources = ((ConfigurableEnvironment) this.environment).getPropertySources(); - Properties clientsDefaultProperties = this.getClientsDefaultProperties(); - if (clientsDefaultProperties != null) { - propertySources.addLast(new PropertiesPropertySource("oauth2ClientsDefaults", clientsDefaultProperties)); - } - Binder binder = Binder.get(this.environment); - List clientRegistrations = new ArrayList<>(); - Set registrationIds = getRegistrationIds(this.environment); - for (String registrationId : registrationIds) { - String fullRegistrationId = REGISTRATIONS_PROPERTY_PREFIX + "." + registrationId; - if (!this.environment.containsProperty(fullRegistrationId + "." + CLIENT_ID_PROPERTY)) { - continue; - } - ClientRegistrationProperties clientRegistrationProperties = binder.bind( - fullRegistrationId, Bindable.of(ClientRegistrationProperties.class)).get(); - clientRegistrationProperties.setRegistrationId(registrationId); - ClientRegistration clientRegistration = new ClientRegistration.Builder(clientRegistrationProperties).build(); - clientRegistrations.add(clientRegistration); - } - - return new InMemoryClientRegistrationRepository(clientRegistrations); - } - - private Properties getClientsDefaultProperties() { - ClassPathResource clientsDefaultsResource = new ClassPathResource(CLIENTS_DEFAULTS_RESOURCE); - if (!clientsDefaultsResource.exists()) { - return null; - } - YamlPropertiesFactoryBean yamlPropertiesFactory = new YamlPropertiesFactoryBean(); - yamlPropertiesFactory.setResources(clientsDefaultsResource); - return yamlPropertiesFactory.getObject(); - } - } - - static Set getRegistrationIds(Environment environment) { - Binder binder = Binder.get(environment); - BindResult> result = binder.bind( - REGISTRATIONS_PROPERTY_PREFIX, Bindable.mapOf(String.class, Object.class)); - return result.get().keySet(); - } - - private static class ClientPropertiesAvailableCondition extends SpringBootCondition implements ConfigurationCondition { - - @Override - public ConfigurationCondition.ConfigurationPhase getConfigurationPhase() { - return ConfigurationPhase.PARSE_CONFIGURATION; - } - - @Override - public ConditionOutcome getMatchOutcome(ConditionContext context, AnnotatedTypeMetadata metadata) { - ConditionMessage.Builder message = ConditionMessage.forCondition("OAuth2 Client Properties"); - Set registrationIds = getRegistrationIds(context.getEnvironment()); - if (!CollectionUtils.isEmpty(registrationIds)) { - return ConditionOutcome.match(message.foundExactly("OAuth2 Client(s) -> " + - registrationIds.stream().collect(Collectors.joining(", ")))); - } - return ConditionOutcome.noMatch(message.notAvailable("OAuth2 Client(s)")); - } - } -} diff --git a/samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2LoginAutoConfiguration.java b/samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2LoginAutoConfiguration.java deleted file mode 100644 index 02d75cdc7e..0000000000 --- a/samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2LoginAutoConfiguration.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright 2012-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.boot.autoconfigure.security.oauth2.client; - -import org.springframework.boot.autoconfigure.AutoConfigureAfter; -import org.springframework.boot.autoconfigure.AutoConfigureBefore; -import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; -import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; - -/** - * @author Joe Grandja - */ -@Configuration -@ConditionalOnWebApplication -@ConditionalOnClass(EnableWebSecurity.class) -@ConditionalOnMissingBean(WebSecurityConfiguration.class) -@ConditionalOnBean(ClientRegistrationRepository.class) -@AutoConfigureBefore(SecurityAutoConfiguration.class) -@AutoConfigureAfter(ClientRegistrationAutoConfiguration.class) -public class OAuth2LoginAutoConfiguration { - - @EnableWebSecurity - protected static class OAuth2LoginSecurityConfiguration extends WebSecurityConfigurerAdapter { - - // @formatter:off - @Override - protected void configure(HttpSecurity http) throws Exception { - http - .authorizeRequests() - .anyRequest().authenticated() - .and() - .oauth2Login(); - } - // @formatter:on - } -} diff --git a/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml b/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml deleted file mode 100644 index 09ffacb54b..0000000000 --- a/samples/boot/oauth2login/src/main/resources/META-INF/oauth2-clients-defaults.yml +++ /dev/null @@ -1,42 +0,0 @@ -security: - oauth2: - client: - registrations: - google: - client-authentication-method: basic - authorization-grant-type: authorization_code - redirect-uri: "{baseUrl}/oauth2/authorize/code/{registrationId}" - scope: openid, profile, email, address, phone - authorization-uri: "https://accounts.google.com/o/oauth2/v2/auth" - token-uri: "https://www.googleapis.com/oauth2/v4/token" - user-info-uri: "https://www.googleapis.com/oauth2/v3/userinfo" - user-name-attribute-name: "sub" - jwk-set-uri: "https://www.googleapis.com/oauth2/v3/certs" - client-name: Google - github: - client-authentication-method: basic - authorization-grant-type: authorization_code - redirect-uri: "{baseUrl}/oauth2/authorize/code/{registrationId}" - scope: user - authorization-uri: "https://github.com/login/oauth/authorize" - token-uri: "https://github.com/login/oauth/access_token" - user-info-uri: "https://api.github.com/user" - user-name-attribute-name: "name" - client-name: GitHub - facebook: - client-authentication-method: post - authorization-grant-type: authorization_code - redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId}" - scope: public_profile, email - authorization-uri: "https://www.facebook.com/v2.8/dialog/oauth" - token-uri: "https://graph.facebook.com/v2.8/oauth/access_token" - user-info-uri: "https://graph.facebook.com/me" - user-name-attribute-name: "name" - client-name: Facebook - okta: - client-authentication-method: basic - authorization-grant-type: authorization_code - redirect-uri: "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{registrationId}" - scope: openid, profile, email, address, phone - client-name: Okta - user-name-attribute-name: "sub" diff --git a/samples/boot/oauth2login/src/main/resources/META-INF/spring.factories b/samples/boot/oauth2login/src/main/resources/META-INF/spring.factories deleted file mode 100644 index de3be686f9..0000000000 --- a/samples/boot/oauth2login/src/main/resources/META-INF/spring.factories +++ /dev/null @@ -1,4 +0,0 @@ -# Spring Boot Auto Configurations -org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ -org.springframework.boot.autoconfigure.security.oauth2.client.ClientRegistrationAutoConfiguration,\ -org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2LoginAutoConfiguration diff --git a/samples/boot/oauth2login/src/main/resources/application.yml b/samples/boot/oauth2login/src/main/resources/application.yml index 7f7f1b23c4..7e6bfe64c4 100644 --- a/samples/boot/oauth2login/src/main/resources/application.yml +++ b/samples/boot/oauth2login/src/main/resources/application.yml @@ -11,24 +11,29 @@ logging: spring: thymeleaf: cache: false - -security: - oauth2: - client: - registrations: - google: - client-id: your-app-client-id - client-secret: your-app-client-secret - github: - client-id: your-app-client-id - client-secret: your-app-client-secret - facebook: - client-id: your-app-client-id - client-secret: your-app-client-secret - okta: - client-id: your-app-client-id - client-secret: your-app-client-secret - authorization-uri: https://your-subdomain.oktapreview.com/oauth2/v1/authorize - token-uri: https://your-subdomain.oktapreview.com/oauth2/v1/token - user-info-uri: https://your-subdomain.oktapreview.com/oauth2/v1/userinfo - jwk-set-uri: https://your-subdomain.oktapreview.com/oauth2/v1/keys + security: + oauth2: + client: + registration: + google: + provider: google + client-id: your-app-client-id + client-secret: your-app-client-secret + github: + provider: github + client-id: your-app-client-id + client-secret: your-app-client-secret + facebook: + provider: facebook + client-id: your-app-client-id + client-secret: your-app-client-secret + okta: + provider: okta + client-id: your-app-client-id + client-secret: your-app-client-secret + provider: + okta: + authorization-uri: https://your-subdomain.oktapreview.com/oauth2/v1/authorize + token-uri: https://your-subdomain.oktapreview.com/oauth2/v1/token + user-info-uri: https://your-subdomain.oktapreview.com/oauth2/v1/userinfo + jwk-set-uri: https://your-subdomain.oktapreview.com/oauth2/v1/keys