mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-09-03 04:26:12 +08:00
Polish "Enable customization of RestTemplate that retrieves JwtAccessTokenConverter's key"
See gh-8268 See gh-5859
This commit is contained in:
Andy Wilkinson
parent
dc9ff73805
commit
9e9f006720
@ -16,18 +16,22 @@
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.resource;
|
||||
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
/**
|
||||
* Callback for customizing the rest template used to fetch the token key.
|
||||
* Callback for customizing the {@link RestTemplate} that is used to fetch the keys used
|
||||
* by {@link JwtAccessTokenConverter}.
|
||||
*
|
||||
* @author Eddú Meléndez
|
||||
* @since 1.5.2
|
||||
* @see JwtAccessTokenConverter#setSigningKey(String)
|
||||
* @see JwtAccessTokenConverter#setVerifierKey(String)
|
||||
*/
|
||||
public interface JwtAccessTokenConverterRestTemplateCustomizer {
|
||||
|
||||
/**
|
||||
* Customize the rest template before it is initialized.
|
||||
* Customize the {@code template} before it is initialized.
|
||||
* @param template the rest template
|
||||
*/
|
||||
void customize(RestTemplate template);
|
||||
|
||||
@ -303,8 +303,10 @@ public class ResourceServerTokenServicesConfiguration {
|
||||
|
||||
private String getKeyFromServer() {
|
||||
RestTemplate keyUriRestTemplate = new RestTemplate();
|
||||
for (JwtAccessTokenConverterRestTemplateCustomizer customizer : this.customizers) {
|
||||
customizer.customize(keyUriRestTemplate);
|
||||
if (!CollectionUtils.isEmpty(this.customizers)) {
|
||||
for (JwtAccessTokenConverterRestTemplateCustomizer customizer : this.customizers) {
|
||||
customizer.customize(keyUriRestTemplate);
|
||||
}
|
||||
}
|
||||
HttpHeaders headers = new HttpHeaders();
|
||||
String username = this.resource.getClientId();
|
||||
|
||||
@ -54,12 +54,15 @@ import org.springframework.security.oauth2.client.OAuth2RestTemplate;
|
||||
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
|
||||
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
|
||||
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||
import org.springframework.social.connect.ConnectionFactoryLocator;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
/**
|
||||
* Tests for {@link ResourceServerTokenServicesConfiguration}.
|
||||
@ -243,20 +246,24 @@ public class ResourceServerTokenServicesConfigurationTests {
|
||||
}
|
||||
|
||||
@Test
|
||||
public void customRestTemplate() {
|
||||
public void jwtAccessTokenConverterIsConfiguredWhenKeyUriIsProvided() {
|
||||
EnvironmentTestUtils.addEnvironment(this.environment,
|
||||
"security.oauth2.resource.userInfoUri:http://example.com",
|
||||
"security.oauth2.resource.tokenInfoUri:http://example.com",
|
||||
"security.oauth2.resource.preferTokenInfo:false");
|
||||
"security.oauth2.resource.jwt.key-uri=http://localhost:12345/banana");
|
||||
this.context = new SpringApplicationBuilder(ResourceConfiguration.class)
|
||||
.environment(this.environment).web(false).run();
|
||||
assertThat(this.context.getBeansOfType(JwtAccessTokenConverter.class)).hasSize(1);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void jwtAccessTokenConverterRestTemplateCanBeCustomized() {
|
||||
EnvironmentTestUtils.addEnvironment(this.environment,
|
||||
"security.oauth2.resource.jwt.key-uri=http://localhost:12345/banana");
|
||||
this.context = new SpringApplicationBuilder(ResourceConfiguration.class,
|
||||
RestTemplateCustomizer.class).environment(this.environment).web(false)
|
||||
.run();
|
||||
String[] restTemplateCustomizers = this.context
|
||||
.getBeanNamesForType(JwtAccessTokenConverterRestTemplateCustomizer.class);
|
||||
UserInfoTokenServices services = this.context
|
||||
.getBean(UserInfoTokenServices.class);
|
||||
assertThat(restTemplateCustomizers).hasSize(1);
|
||||
assertThat(services).isNotNull();
|
||||
JwtAccessTokenConverterRestTemplateCustomizerConfiguration.class)
|
||||
.environment(this.environment).web(false).run();
|
||||
JwtAccessTokenConverterRestTemplateCustomizer customizer = this.context
|
||||
.getBean(JwtAccessTokenConverterRestTemplateCustomizer.class);
|
||||
verify(customizer).customize(any(RestTemplate.class));
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@ -373,22 +380,14 @@ public class ResourceServerTokenServicesConfigurationTests {
|
||||
|
||||
}
|
||||
|
||||
@Component
|
||||
protected static class RestTemplateCustomizer
|
||||
implements JwtAccessTokenConverterRestTemplateCustomizer {
|
||||
@Configuration
|
||||
static class JwtAccessTokenConverterRestTemplateCustomizerConfiguration {
|
||||
|
||||
@Override
|
||||
public void customize(RestTemplate template) {
|
||||
template.getInterceptors().add(new ClientHttpRequestInterceptor() {
|
||||
|
||||
@Override
|
||||
public ClientHttpResponse intercept(HttpRequest request, byte[] body,
|
||||
ClientHttpRequestExecution execution) throws IOException {
|
||||
return execution.execute(request, body);
|
||||
}
|
||||
|
||||
});
|
||||
@Bean
|
||||
public JwtAccessTokenConverterRestTemplateCustomizer restTemplateCustomizer() {
|
||||
return mock(JwtAccessTokenConverterRestTemplateCustomizer.class);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user