From 6381b88736d060c10b5d2a8c9ba25f5436e05a16 Mon Sep 17 00:00:00 2001 From: Madhura Bhave Date: Mon, 17 Jul 2017 16:51:16 -0700 Subject: [PATCH] Create Jwk and Jwt token store beans conditionally Closes gh-9777 --- ...ourceServerTokenServicesConfiguration.java | 10 +++-- ...ServerTokenServicesConfigurationTests.java | 42 +++++++++++++++++++ 2 files changed, 48 insertions(+), 4 deletions(-) diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java index 16ce76ca01b..2f5d1d0ae8b 100644 --- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java +++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java @@ -223,13 +223,14 @@ public class ResourceServerTokenServicesConfiguration { @Bean @ConditionalOnMissingBean(ResourceServerTokenServices.class) - public DefaultTokenServices jwkTokenServices() { + public DefaultTokenServices jwkTokenServices(TokenStore jwkTokenStore) { DefaultTokenServices services = new DefaultTokenServices(); - services.setTokenStore(jwkTokenStore()); + services.setTokenStore(jwkTokenStore); return services; } @Bean + @ConditionalOnMissingBean(TokenStore.class) public TokenStore jwkTokenStore() { return new JwkTokenStore(this.resource.getJwk().getKeySetUri()); } @@ -255,13 +256,14 @@ public class ResourceServerTokenServicesConfiguration { @Bean @ConditionalOnMissingBean(ResourceServerTokenServices.class) - public DefaultTokenServices jwtTokenServices() { + public DefaultTokenServices jwtTokenServices(TokenStore jwtTokenStore) { DefaultTokenServices services = new DefaultTokenServices(); - services.setTokenStore(jwtTokenStore()); + services.setTokenStore(jwtTokenStore); return services; } @Bean + @ConditionalOnMissingBean(TokenStore.class) public TokenStore jwtTokenStore() { return new JwtTokenStore(jwtTokenEnhancer()); } diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfigurationTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfigurationTests.java index 04630ab6281..10b27330706 100644 --- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfigurationTests.java +++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfigurationTests.java @@ -57,7 +57,10 @@ import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails; import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.RemoteTokenServices; +import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; +import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; +import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore; import org.springframework.social.connect.ConnectionFactoryLocator; import org.springframework.stereotype.Component; import org.springframework.web.client.RestTemplate; @@ -256,6 +259,25 @@ public class ResourceServerTokenServicesConfigurationTests { assertThat(this.context.getBeansOfType(JwtAccessTokenConverter.class)).hasSize(1); } + @Test + public void jwkTokenStoreShouldBeConditionalOnMissingBean() throws Exception { + EnvironmentTestUtils.addEnvironment(this.environment, + "security.oauth2.resource.jwk.key-set-uri=http://my-auth-server/token_keys"); + this.context = new SpringApplicationBuilder(JwkTokenStoreConfiguration.class, + ResourceConfiguration.class) + .environment(this.environment).web(false).run(); + assertThat(this.context.getBeansOfType(JwkTokenStore.class)).hasSize(1); + } + + @Test + public void jwtTokenStoreShouldBeConditionalOnMissingBean() throws Exception { + EnvironmentTestUtils.addEnvironment(this.environment, + "security.oauth2.resource.jwt.keyValue=" + PUBLIC_KEY); + this.context = new SpringApplicationBuilder(JwtTokenStoreConfiguration.class, ResourceConfiguration.class) + .environment(this.environment).web(false).run(); + assertThat(this.context.getBeansOfType(JwtTokenStore.class)).hasSize(1); + } + @Configuration @Import({ ResourceServerTokenServicesConfiguration.class, ResourceServerPropertiesConfiguration.class, @@ -380,6 +402,26 @@ public class ResourceServerTokenServicesConfigurationTests { } + @Configuration + static class JwtTokenStoreConfiguration { + + @Bean + public TokenStore tokenStore(JwtAccessTokenConverter jwtTokenEnhancer) { + return new JwtTokenStore(jwtTokenEnhancer); + } + + } + + @Configuration + static class JwkTokenStoreConfiguration { + + @Bean + public TokenStore tokenStore() { + return new JwkTokenStore("http://my.key-set.uri"); + } + + } + private static class MockRestCallCustomizer implements JwtAccessTokenConverterRestTemplateCustomizer {