From e98264debfe212bb425d95334bd3d66afd2a8f0b Mon Sep 17 00:00:00 2001
From: Dave Syer <dsyer@pivotal.io>
Date: Wed, 4 May 2016 14:00:14 +0100
Subject: [PATCH] Move base configuration class to a separate file

to stop it from being included in the enclosing @Configuration.

That way, if the app is not a web app, then there really is a
client_credentials OAuth2 resource (as claimed in the user guide).

Fixes gh-5735
---
 .../oauth2/client/BaseConfiguration.java      | 39 +++++++++++++++++++
 .../OAuth2RestOperationsConfiguration.java    | 14 -------
 .../oauth2/OAuth2AutoConfigurationTests.java  | 27 ++++++++++++-
 .../src/test/resources/logback-test.xml       |  5 +++
 4 files changed, 70 insertions(+), 15 deletions(-)
 create mode 100644 spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/BaseConfiguration.java
 create mode 100644 spring-boot-autoconfigure/src/test/resources/logback-test.xml

diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/BaseConfiguration.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/BaseConfiguration.java
new file mode 100644
index 00000000000..f81691d3696
--- /dev/null
+++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/BaseConfiguration.java
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2012-2016 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.security.oauth2.client;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
+
+/**
+ * Common base class providing beans for authorization code clients. Does not work if
+ * nested inside a <code>@Configuration</code> class because it is considered as
+ * configuration.
+ */
+abstract class BaseConfiguration {
+
+	@Bean
+	@ConfigurationProperties("security.oauth2.client")
+	@Primary
+	public AuthorizationCodeResourceDetails oauth2RemoteResource() {
+		AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
+		return details;
+	}
+
+}
diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2RestOperationsConfiguration.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2RestOperationsConfiguration.java
index 7f0b7ffabed..36ccdc59204 100644
--- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2RestOperationsConfiguration.java
+++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2RestOperationsConfiguration.java
@@ -50,7 +50,6 @@ import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResour
 import org.springframework.security.oauth2.client.token.AccessTokenRequest;
 import org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest;
 import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
-import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
 import org.springframework.security.oauth2.config.annotation.web.configuration.OAuth2ClientConfiguration;
@@ -78,19 +77,6 @@ public class OAuth2RestOperationsConfiguration {
 		return template;
 	}
 
-	@Configuration
-	protected abstract static class BaseConfiguration {
-
-		@Bean
-		@ConfigurationProperties("security.oauth2.client")
-		@Primary
-		public AuthorizationCodeResourceDetails oauth2RemoteResource() {
-			AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
-			return details;
-		}
-
-	}
-
 	@Configuration
 	@ConditionalOnNotWebApplication
 	protected static class SingletonScopedConfiguration {
diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java
index c90df3a7895..04fb268d0b1 100644
--- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java
+++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java
@@ -38,6 +38,8 @@ import org.springframework.boot.context.embedded.AnnotationConfigEmbeddedWebAppl
 import org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory;
 import org.springframework.boot.test.EnvironmentTestUtils;
 import org.springframework.boot.test.TestRestTemplate;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.annotation.AnnotationConfigApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Import;
@@ -63,6 +65,7 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.crypto.codec.Base64;
 import org.springframework.security.oauth2.client.OAuth2ClientContext;
+import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -183,6 +186,18 @@ public class OAuth2AutoConfigurationTests {
 		assertThat(countBeans(OAuth2ClientContext.class), equalTo(2));
 	}
 
+	@Test
+	public void testClientIsNotAuthCode() {
+		AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext();
+		context.register(MinimalSecureNonWebApplication.class);
+		EnvironmentTestUtils.addEnvironment(context,
+				"security.oauth2.client.clientId=client");
+		context.refresh();
+		assertThat(countBeans(context, ClientCredentialsResourceDetails.class),
+				equalTo(1));
+		context.close();
+	}
+
 	@Test
 	public void testDisablingAuthorizationServer() {
 		this.context = new AnnotationConfigEmbeddedWebApplicationContext();
@@ -363,7 +378,11 @@ public class OAuth2AutoConfigurationTests {
 	}
 
 	private int countBeans(Class<?> type) {
-		return this.context.getBeanNamesForType(type).length;
+		return countBeans(this.context, type);
+	}
+
+	private int countBeans(ApplicationContext context, Class<?> type) {
+		return context.getBeanNamesForType(type).length;
 	}
 
 	@Configuration
@@ -375,6 +394,12 @@ public class OAuth2AutoConfigurationTests {
 
 	}
 
+	@Configuration
+	@Import({ SecurityAutoConfiguration.class, OAuth2AutoConfiguration.class })
+	protected static class MinimalSecureNonWebApplication {
+
+	}
+
 	@Configuration
 	protected static class TestSecurityConfiguration
 			extends WebSecurityConfigurerAdapter {
diff --git a/spring-boot-autoconfigure/src/test/resources/logback-test.xml b/spring-boot-autoconfigure/src/test/resources/logback-test.xml
new file mode 100644
index 00000000000..f93b39360c0
--- /dev/null
+++ b/spring-boot-autoconfigure/src/test/resources/logback-test.xml
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+	<include resource="org/springframework/boot/logging/logback/base.xml"/>
+	<logger name="org.springframework.cloud.zookeeper" level="DEBUG"/>
+</configuration>
\ No newline at end of file