mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-15 01:07:30 +08:00
Move base configuration class to a separate file
to stop it from being included in the enclosing @Configuration. That way, if the app is not a web app, then there really is a client_credentials OAuth2 resource (as claimed in the user guide). Fixes gh-5735
This commit is contained in:
parent
42af5ebc2c
commit
e98264debf
@ -0,0 +1,39 @@
|
||||
/*
|
||||
* Copyright 2012-2016 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.client;
|
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
|
||||
|
||||
/**
|
||||
* Common base class providing beans for authorization code clients. Does not work if
|
||||
* nested inside a <code>@Configuration</code> class because it is considered as
|
||||
* configuration.
|
||||
*/
|
||||
abstract class BaseConfiguration {
|
||||
|
||||
@Bean
|
||||
@ConfigurationProperties("security.oauth2.client")
|
||||
@Primary
|
||||
public AuthorizationCodeResourceDetails oauth2RemoteResource() {
|
||||
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
|
||||
return details;
|
||||
}
|
||||
|
||||
}
|
@ -50,7 +50,6 @@ import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResour
|
||||
import org.springframework.security.oauth2.client.token.AccessTokenRequest;
|
||||
import org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest;
|
||||
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
|
||||
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
|
||||
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.OAuth2ClientConfiguration;
|
||||
@ -78,19 +77,6 @@ public class OAuth2RestOperationsConfiguration {
|
||||
return template;
|
||||
}
|
||||
|
||||
@Configuration
|
||||
protected abstract static class BaseConfiguration {
|
||||
|
||||
@Bean
|
||||
@ConfigurationProperties("security.oauth2.client")
|
||||
@Primary
|
||||
public AuthorizationCodeResourceDetails oauth2RemoteResource() {
|
||||
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
|
||||
return details;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@ConditionalOnNotWebApplication
|
||||
protected static class SingletonScopedConfiguration {
|
||||
|
@ -38,6 +38,8 @@ import org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebAppl
|
||||
import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
|
||||
import org.springframework.boot.test.EnvironmentTestUtils;
|
||||
import org.springframework.boot.test.TestRestTemplate;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Import;
|
||||
@ -63,6 +65,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.crypto.codec.Base64;
|
||||
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
||||
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
|
||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||
@ -183,6 +186,18 @@ public class OAuth2AutoConfigurationTests {
|
||||
assertThat(countBeans(OAuth2ClientContext.class), equalTo(2));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testClientIsNotAuthCode() {
|
||||
AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext();
|
||||
context.register(MinimalSecureNonWebApplication.class);
|
||||
EnvironmentTestUtils.addEnvironment(context,
|
||||
"security.oauth2.client.clientId=client");
|
||||
context.refresh();
|
||||
assertThat(countBeans(context, ClientCredentialsResourceDetails.class),
|
||||
equalTo(1));
|
||||
context.close();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testDisablingAuthorizationServer() {
|
||||
this.context = new AnnotationConfigEmbeddedWebApplicationContext();
|
||||
@ -363,7 +378,11 @@ public class OAuth2AutoConfigurationTests {
|
||||
}
|
||||
|
||||
private int countBeans(Class<?> type) {
|
||||
return this.context.getBeanNamesForType(type).length;
|
||||
return countBeans(this.context, type);
|
||||
}
|
||||
|
||||
private int countBeans(ApplicationContext context, Class<?> type) {
|
||||
return context.getBeanNamesForType(type).length;
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@ -375,6 +394,12 @@ public class OAuth2AutoConfigurationTests {
|
||||
|
||||
}
|
||||
|
||||
@Configuration
|
||||
@Import({ SecurityAutoConfiguration.class, OAuth2AutoConfiguration.class })
|
||||
protected static class MinimalSecureNonWebApplication {
|
||||
|
||||
}
|
||||
|
||||
@Configuration
|
||||
protected static class TestSecurityConfiguration
|
||||
extends WebSecurityConfigurerAdapter {
|
||||
|
@ -0,0 +1,5 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<configuration>
|
||||
<include resource="org/springframework/boot/logging/logback/base.xml"/>
|
||||
<logger name="org.springframework.cloud.zookeeper" level="DEBUG"/>
|
||||
</configuration>
|
Loading…
Reference in New Issue
Block a user