Polish

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java

@@ -21,38 +21,31 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
  * OAuth 2.0 resource server properties.
  *
  * @author Madhura Bhave
+ * @since 2.1.0
  */
 @ConfigurationProperties(prefix = "spring.security.oauth2.resource")
 public class OAuth2ResourceServerProperties {
 
-	private Jwt jwt = new Jwt();
+	private final Jwt jwt = new Jwt();
 
 	public Jwt getJwt() {
 		return this.jwt;
 	}
 
-	public void setJwt(Jwt jwt) {
-		this.jwt = jwt;
-	}
-
 	public static class Jwt {
 
-		private Jwk jwk = new Jwk();
+		private final Jwk jwk = new Jwk();
 
 		public Jwk getJwk() {
 			return this.jwk;
 		}
 
-		public void setJwk(Jwk jwk) {
-			this.jwk = jwk;
-		}
-
 	}
 
 	public static class Jwk {
 
 		/**
-		 * The URI to get verification keys to verify the JWT token.
+		 * JSON Web Key URI to use to verify the JWT token.
 		 */
 		private String setUri;
 

spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc

@@ -530,7 +530,7 @@ content into your application. Rather, pick only the properties that you need.
 	spring.security.oauth2.client.registration.*= # OAuth client registrations.
 
 	# SECURITY OAUTH2 RESOURCE SERVER ({sc-spring-boot-autoconfigure}/security/oauth2/resource/OAuth2ResourceServerProperties.{sc-ext}[OAuth2ResourceServerProperties])
-	spring.security.oauth2.resource.jwt.jwk.set-uri.*= # JWK Set URI
+	spring.security.oauth2.resource.jwt.jwk.set-uri= # JSON Web Key URI to use to verify the JWT token.
 
 	# ----------------------------------------
 	# DATA PROPERTIES

spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc

@@ -3277,18 +3277,18 @@ Provider can be configured with the `issuer-uri`:
 
 [[boot-features-security-oauth2-server]]
 ==== Resource Server
-If you have `spring-security-oauth2-resource-server` on your classpath, you can take advantage of
+If you have `spring-security-oauth2-resource-server` on your classpath, Spring Boot can
-some auto-configuration to make it easy to set up an OAuth2 Resource Server. This configuration
+set up an OAuth2 Resource Server as long as a JWK Set URI is specified, as shown in the
-makes use of the properties under `OAuth2ResourceServerProperties`.
+following example:
-
-For the OAuth2 Resource Server auto-configuration to kick in, you can
-provide a bean of type `JwtDecoder` yourself or configure a JWK Set URI as follows:
 
 [source,properties,indent=0]
 ----
 	spring.security.oauth2.resource.jwt.jwk.set-uri=https://example.com/oauth2/default/v1/keys
 ----
 
+Alternatively, you can define your own `JwtDecoder` bean.
+
+
 
 ==== Authorization Server
 Currently, Spring Security does not provide support for implementing an OAuth 2.0

spring-boot-samples/README.adoc

@@ -134,6 +134,9 @@ The following sample applications are provided:
 | link:spring-boot-sample-metrics-redis[spring-boot-sample-metrics-redis]
 | Exports metrics to Redis
 
+| link:spring-boot-sample-oauth2-resource-server[spring-boot-sample-oauth2-resource-server]
+| Configure an OAuth2 resource server
+
 | link:spring-boot-sample-parent-context[spring-boot-sample-parent-context]
 | Application that uses an `ApplicationContext` with a parent