[BAEL-1410] Spring Boot OAuth2 Support (#3409)

* initial setup with spring boot/ spring data jpa/ flyway * BAEL-1315 - added flyway test extensions for spring * BAEL-1315 - added flyway test extensions for spring * BAEL-1315 - created multiple migration scripts and locations * BAEL-1315 - test insert after schema creation * cleanup * BAEL-1315 - test data changes by a migration * [BAEL-1410] Spring Boot Security Auto-Configuration * [BAEL-1410] Added some tests for incorrect credentials use case * [BAEL-1410] Added readme and some code improvements * [BAEL-1410] removed form based auth config because is redundant added oauth2 server auto-configuration sample with test * [BAEL-1410] added custom Authorization Server Config * [BAEL-1410] update README * [BAEL-1410]refactor tests * [BAEL-1410]oauth2 resource server * [BAEL-1410]oauth2 sso sample with facebook * [BAEL-1410]remove spring-flyway
2018-01-15 23:05:19 +02:00 · 2018-01-15 23:05:19 +02:00 · f993bc0435
parent 293968321e
commit f993bc0435
17 changed files with 270 additions and 162 deletions
--- a/spring-boot-security/README.md
+++ b/spring-boot-security/README.md
@ -1,6 +1,8 @@
 ### Spring Boot Security Auto-Configuration

 - mvn clean install 
- uncomment in application.properties spring.profiles.active=basic # for basic auth config
- uncomment in application.properties spring.profiles.active=form # for form based auth config
- uncomment actuator dependency simultaneously with the line from main class
+- uncomment actuator dependency simultaneously with the line from basic auth main class
+- uncomment security properties for easy testing. If not random will be generated.
+
+### CURL commands
+- curl -X POST -u baeldung-admin:baeldung -d grant_type=client_credentials -d username=baeldung-admin -d password=baeldung http://localhost:8080/oauth/token
--- a/spring-boot-security/pom.xml
+++ b/spring-boot-security/pom.xml
@ -43,6 +43,10 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security.oauth</groupId>
+			<artifactId>spring-security-oauth2</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/basic_auth/SpringBootSecurityApplication.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/basic_auth/SpringBootSecurityApplication.java
@ -1,4 +1,4 @@
-package com.baeldung.springbootsecurity;
+package com.baeldung.springbootsecurity.basic_auth;

 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
@ -7,7 +7,7 @@ import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
@SpringBootApplication(exclude = {
  SecurityAutoConfiguration.class
  //    ,ManagementWebSecurityAutoConfiguration.class
-})
+}, scanBasePackages = "com.baeldung.springbootsecurity.basic_auth")
 public class SpringBootSecurityApplication {

    public static void main(String[] args) {
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/basic_auth/config/BasicAuthConfiguration.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/basic_auth/config/BasicAuthConfiguration.java
@ -1,7 +1,6 @@
-package com.baeldung.springbootsecurity.config;
+package com.baeldung.springbootsecurity.basic_auth.config;

 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@ -9,8 +8,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur

@Configuration
@EnableWebSecurity
-@Profile("basic")
-public class BasicConfiguration extends WebSecurityConfigurerAdapter {
+public class BasicAuthConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/config/FormLoginConfiguration.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/config/FormLoginConfiguration.java
@ -1,39 +0,0 @@
-package com.baeldung.springbootsecurity.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
-@Configuration
-@EnableWebSecurity
-@Profile("form")
-public class FormLoginConfiguration extends WebSecurityConfigurerAdapter {
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth
-          .inMemoryAuthentication()
-          .withUser("user")
-          .password("password")
-          .roles("USER")
-          .and()
-          .withUser("admin")
-          .password("password")
-          .roles("USER", "ADMIN");
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http
-          .authorizeRequests()
-          .anyRequest()
-          .authenticated()
-          .and()
-          .formLogin()
-          .and()
-          .httpBasic();
-    }
-}
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2resource/SpringBootOAuth2ResourceApplication.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2resource/SpringBootOAuth2ResourceApplication.java
@ -0,0 +1,30 @@
+package com.baeldung.springbootsecurity.oauth2resource;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@EnableResourceServer
+@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2resource")
+public class SpringBootOAuth2ResourceApplication {
+
+    public static void main(String[] args) {
+        new SpringApplicationBuilder()
+          .profiles("resource")
+          .sources(SpringBootOAuth2ResourceApplication.class)
+          .build()
+          .run(args);
+    }
+
+    @RestController
+    class SecuredResourceController {
+
+        @GetMapping("/securedResource")
+        public String securedResource() {
+            return "Baeldung Secured Resource OK";
+        }
+
+    }
+}
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/SpringBootAuthorizationServerApplication.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/SpringBootAuthorizationServerApplication.java
@ -0,0 +1,30 @@
+package com.baeldung.springbootsecurity.oauth2server;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.security.Principal;
+
+@EnableResourceServer
+@EnableAuthorizationServer
+@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2server")
+public class SpringBootAuthorizationServerApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringBootAuthorizationServerApplication.class, args);
+    }
+
+    @RestController
+    class UserController {
+
+        @GetMapping("/user")
+        public Principal user(Principal user) {
+            return user;
+        }
+
+    }
+}
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/config/AuthorizationServerConfig.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2server/config/AuthorizationServerConfig.java
@ -0,0 +1,39 @@
+package com.baeldung.springbootsecurity.oauth2server.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+
+@Configuration
+@Profile("authz")
+public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+        endpoints.authenticationManager(authenticationManager);
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients
+          .inMemory()
+          .withClient("baeldung")
+          .secret("baeldung")
+          .authorizedGrantTypes("client_credentials", "password", "authorization_code")
+          .scopes("openid", "read")
+          .autoApprove(true)
+          .and()
+          .withClient("baeldung-admin")
+          .secret("baeldung")
+          .authorizedGrantTypes("authorization_code", "client_credentials", "refresh_token")
+          .scopes("read", "write")
+          .autoApprove(true);
+    }
+}
--- a/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2sso/SpringBootOAuth2SsoApplication.java
+++ b/spring-boot-security/src/main/java/com/baeldung/springbootsecurity/oauth2sso/SpringBootOAuth2SsoApplication.java
@ -0,0 +1,18 @@
+package com.baeldung.springbootsecurity.oauth2sso;
+
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+
+@EnableOAuth2Sso
+@SpringBootApplication(scanBasePackages = "com.baeldung.springbootsecurity.oauth2sso")
+public class SpringBootOAuth2SsoApplication {
+
+    public static void main(String[] args) {
+        new SpringApplicationBuilder()
+          .profiles("sso")
+          .sources(SpringBootOAuth2SsoApplication.class)
+          .build()
+          .run(args);
+    }
+}
--- a/spring-boot-security/src/main/resources/application-authz.properties
+++ b/spring-boot-security/src/main/resources/application-authz.properties
@ -0,0 +1,3 @@
+security.user.password=password
+security.oauth2.client.client-id=client
+security.oauth2.client.client-secret=secret
--- a/spring-boot-security/src/main/resources/application-resource.properties
+++ b/spring-boot-security/src/main/resources/application-resource.properties
@ -0,0 +1,2 @@
+server.port=8081
+security.oauth2.resource.userInfoUri=http://localhost:8080/user
--- a/spring-boot-security/src/main/resources/application-sso.properties
+++ b/spring-boot-security/src/main/resources/application-sso.properties
@ -0,0 +1,9 @@
+server.port=8082
+security.oauth2.client.clientId=<generated_app_id>
+security.oauth2.client.clientSecret=<app_secret>
+security.oauth2.client.accessTokenUri=https://graph.facebook.com/oauth/access_token
+security.oauth2.client.userAuthorizationUri=https://www.facebook.com/dialog/oauth
+security.oauth2.client.tokenName=oauth_token
+security.oauth2.client.authenticationScheme=query
+security.oauth2.client.clientAuthenticationScheme=form
+security.oauth2.resource.userInfoUri=https://graph.facebook.com/me
--- a/spring-boot-security/src/main/resources/application.properties
+++ b/spring-boot-security/src/main/resources/application.properties
@ -1,4 +1,4 @@
 #spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
-#spring.profiles.active=form
-#spring.profiles.active=basic
 #security.user.password=password
+#security.oauth2.client.client-id=client
+#security.oauth2.client.client-secret=secret
--- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/FormConfigurationIntegrationTest.java
+++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/FormConfigurationIntegrationTest.java
@ -1,106 +0,0 @@
-package com.baeldung.springbootsecurity;
-
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.context.embedded.LocalServerPort;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.web.client.TestRestTemplate;
-import org.springframework.http.*;
-import org.springframework.test.context.ActiveProfiles;
-import org.springframework.test.context.junit4.SpringRunner;
-import org.springframework.util.LinkedMultiValueMap;
-import org.springframework.util.MultiValueMap;
-
-import java.util.Collections;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import static org.junit.Assert.*;
-import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
-
-@RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = RANDOM_PORT)
-@ActiveProfiles("form")
-public class FormConfigurationIntegrationTest {
-
-    @Autowired TestRestTemplate restTemplate;
-    @LocalServerPort int port;
-
-    @Test
-    public void whenLoginPageIsRequested_ThenSuccess() {
-        HttpHeaders httpHeaders = new HttpHeaders();
-        httpHeaders.setAccept(Collections.singletonList(MediaType.TEXT_HTML));
-        ResponseEntity<String> responseEntity = restTemplate.exchange("/login", HttpMethod.GET, new HttpEntity<Void>(httpHeaders), String.class);
-        assertEquals(HttpStatus.OK, responseEntity.getStatusCode());
-        assertTrue(responseEntity
-          .getBody()
-          .contains("_csrf"));
-    }
-
-    @Test
-    public void whenTryingToLoginWithCorrectCredentials_ThenAuthenticateWithSuccess() {
-        HttpHeaders httpHeaders = getHeaders();
-        httpHeaders.setAccept(Collections.singletonList(MediaType.TEXT_HTML));
-        httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
-        MultiValueMap<String, String> form = getFormSubmitCorrectCredentials();
-        ResponseEntity<String> responseEntity = this.restTemplate.exchange("/login", HttpMethod.POST, new HttpEntity<>(form, httpHeaders), String.class);
-        assertEquals(responseEntity.getStatusCode(), HttpStatus.FOUND);
-        assertTrue(responseEntity
-          .getHeaders()
-          .getLocation()
-          .toString()
-          .endsWith(this.port + "/"));
-        assertNotNull(responseEntity
-          .getHeaders()
-          .get("Set-Cookie"));
-    }
-
-    @Test
-    public void whenTryingToLoginWithInorrectCredentials_ThenAuthenticationFailed() {
-        HttpHeaders httpHeaders = getHeaders();
-        httpHeaders.setAccept(Collections.singletonList(MediaType.TEXT_HTML));
-        httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
-        MultiValueMap<String, String> form = getFormSubmitIncorrectCredentials();
-        ResponseEntity<String> responseEntity = this.restTemplate.exchange("/login", HttpMethod.POST, new HttpEntity<>(form, httpHeaders), String.class);
-        assertEquals(responseEntity.getStatusCode(), HttpStatus.FOUND);
-        assertTrue(responseEntity
-          .getHeaders()
-          .getLocation()
-          .toString()
-          .endsWith(this.port + "/login?error"));
-        assertNull(responseEntity
-          .getHeaders()
-          .get("Set-Cookie"));
-    }
-
-    private MultiValueMap<String, String> getFormSubmitCorrectCredentials() {
-        MultiValueMap<String, String> form = new LinkedMultiValueMap<>();
-        form.set("username", "user");
-        form.set("password", "password");
-        return form;
-    }
-
-    private MultiValueMap<String, String> getFormSubmitIncorrectCredentials() {
-        MultiValueMap<String, String> form = new LinkedMultiValueMap<>();
-        form.set("username", "user");
-        form.set("password", "wrongpassword");
-        return form;
-    }
-
-    private HttpHeaders getHeaders() {
-        HttpHeaders headers = new HttpHeaders();
-        ResponseEntity<String> page = this.restTemplate.getForEntity("/login", String.class);
-        assertEquals(page.getStatusCode(), HttpStatus.OK);
-        String cookie = page
-          .getHeaders()
-          .getFirst("Set-Cookie");
-        headers.set("Cookie", cookie);
-        Pattern pattern = Pattern.compile("(?s).*name=\"_csrf\".*?value=\"([^\"]+).*");
-        Matcher matcher = pattern.matcher(page.getBody());
-        assertTrue(matcher.matches());
-        headers.set("X-CSRF-TOKEN", matcher.group(1));
-        return headers;
-    }
-
-}
--- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/basic_auth/BasicAuthConfigurationIntegrationTest.java
+++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/basic_auth/BasicAuthConfigurationIntegrationTest.java
@ -1,5 +1,6 @@
-package com.baeldung.springbootsecurity;
+package com.baeldung.springbootsecurity.basic_auth;

+import com.baeldung.springbootsecurity.basic_auth.SpringBootSecurityApplication;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@ -8,7 +9,6 @@ import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.web.client.TestRestTemplate;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.junit4.SpringRunner;

 import java.io.IOException;
@ -20,9 +20,8 @@ import static org.junit.Assert.assertTrue;
 import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;

@RunWith(SpringRunner.class)
-@SpringBootTest(webEnvironment = RANDOM_PORT)
-@ActiveProfiles("basic")
-public class BasicConfigurationIntegrationTest {
+@SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootSecurityApplication.class)
+public class BasicAuthConfigurationIntegrationTest {

    TestRestTemplate restTemplate;
    URL base;
--- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/CustomConfigAuthorizationServerIntegrationTest.java
+++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/CustomConfigAuthorizationServerIntegrationTest.java
@ -0,0 +1,75 @@
+package com.baeldung.springbootsecurity.oauth2server;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
+import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException;
+import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.test.context.ActiveProfiles;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import static java.lang.String.format;
+import static java.util.Collections.singletonList;
+import static org.junit.Assert.assertNotNull;
+import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootAuthorizationServerApplication.class)
+@ActiveProfiles("authz")
+public class CustomConfigAuthorizationServerIntegrationTest {
+
+    @Value("${local.server.port}") protected int port;
+
+    @Test
+    public void whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() {
+        ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails();
+        resourceDetails.setClientId("baeldung");
+        resourceDetails.setClientSecret("baeldung");
+        resourceDetails.setScope(singletonList("read"));
+        DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
+        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
+        restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
+        OAuth2AccessToken accessToken = restTemplate.getAccessToken();
+        assertNotNull(accessToken);
+
+    }
+
+    @Test(expected = OAuth2AccessDeniedException.class)
+    public void whenAccessTokenIsRequestedWithInvalidException_ThenExceptionIsThrown() {
+        ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails();
+        resourceDetails.setClientId("baeldung");
+        resourceDetails.setClientSecret("baeldung");
+        resourceDetails.setScope(singletonList("write"));
+        DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
+        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
+        restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
+        restTemplate.getAccessToken();
+    }
+
+    @Test
+    public void whenAccessTokenIsRequestedByClientWithWriteScope_ThenAccessTokenIsNotNull() {
+        ClientCredentialsResourceDetails resourceDetails = getClientCredentialsResourceDetails();
+        resourceDetails.setClientId("baeldung-admin");
+        resourceDetails.setClientSecret("baeldung");
+        resourceDetails.setScope(singletonList("write"));
+        DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
+        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
+        restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
+        OAuth2AccessToken accessToken = restTemplate.getAccessToken();
+        assertNotNull(accessToken);
+    }
+
+    private ClientCredentialsResourceDetails getClientCredentialsResourceDetails() {
+        ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
+        resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port));
+        resourceDetails.setGrantType("client_credentials");
+        return resourceDetails;
+    }
+
+}
+
--- a/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/DefaultConfigAuthorizationServerIntegrationTest.java
+++ b/spring-boot-security/src/test/java/com/baeldung/springbootsecurity/oauth2server/DefaultConfigAuthorizationServerIntegrationTest.java
@ -0,0 +1,44 @@
+package com.baeldung.springbootsecurity.oauth2server;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
+import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import static java.lang.String.format;
+import static java.util.Arrays.asList;
+import static java.util.Collections.singletonList;
+import static org.junit.Assert.assertNotNull;
+import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = RANDOM_PORT, classes = SpringBootAuthorizationServerApplication.class,
+                properties = { "security.oauth2.client.client-id=client", "security.oauth2.client.client-secret=secret" })
+public class DefaultConfigAuthorizationServerIntegrationTest {
+
+    @Value("${local.server.port}") protected int port;
+
+    @Test
+    public void whenAccessTokenIsRequested_ThenAccessTokenValueIsNotNull() {
+        ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
+        resourceDetails.setAccessTokenUri(format("http://localhost:%d/oauth/token", port));
+        resourceDetails.setClientId("client");
+        resourceDetails.setClientSecret("secret");
+        resourceDetails.setGrantType("client_credentials");
+        resourceDetails.setScope(asList("read", "write"));
+        DefaultOAuth2ClientContext clientContext = new DefaultOAuth2ClientContext();
+        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resourceDetails, clientContext);
+        restTemplate.setMessageConverters(singletonList(new MappingJackson2HttpMessageConverter()));
+        OAuth2AccessToken accessToken = restTemplate.getAccessToken();
+        assertNotNull(accessToken);
+
+    }
+
+}
+