From a33e58fc45a5c9d2d6acbcf97e31add6191241ce Mon Sep 17 00:00:00 2001
From: Madhura Bhave <mbhave@pivotal.io>
Date: Tue, 28 Aug 2018 15:40:54 -0700
Subject: [PATCH] Deprecate OAuth2 login redirect-uri-template

This property is deprecated in favor of
`spring.security.oauth2.client.registration.login.*.redirect-uri

Closes gh-14226
---
 .../oauth2/client/OAuth2ClientProperties.java | 20 ++++++++++++++-----
 ...entPropertiesEnvironmentPostProcessor.java |  4 ++--
 ...h2ClientPropertiesRegistrationAdapter.java |  2 +-
 ...entPropertiesRegistrationAdapterTests.java |  6 +++---
 .../main/asciidoc/spring-boot-features.adoc   |  6 +++---
 .../src/main/resources/application.yml        |  4 ++--
 .../src/main/resources/application.yml        |  4 ++--
 7 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientProperties.java
index 3c83728e459..267d8220039 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientProperties.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientProperties.java
@@ -106,14 +106,24 @@ public class OAuth2ClientProperties {
 		/**
 		 * Redirect URI. May be left blank when using a pre-defined provider.
 		 */
-		private String redirectUriTemplate;
+		private String redirectUri;
 
-		public String getRedirectUriTemplate() {
-			return this.redirectUriTemplate;
+		public String getRedirectUri() {
+			return this.redirectUri;
 		}
 
-		public void setRedirectUriTemplate(String redirectUriTemplate) {
-			this.redirectUriTemplate = redirectUriTemplate;
+		public void setRedirectUri(String redirectUri) {
+			this.redirectUri = redirectUri;
+		}
+
+		@Deprecated
+		public String getRedirectUriTemplate() {
+			return getRedirectUri();
+		}
+
+		@Deprecated
+		public void setRedirectUriTemplate(String redirectUri) {
+			setRedirectUri(redirectUri);
 		}
 
 	}
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesEnvironmentPostProcessor.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesEnvironmentPostProcessor.java
index 05a1a5ce71c..e25ea4597aa 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesEnvironmentPostProcessor.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesEnvironmentPostProcessor.java
@@ -86,8 +86,8 @@ public class OAuth2ClientPropertiesEnvironmentPostProcessor
 				source);
 		addProperty(registrationId, "client-name", registration::getClientName, map,
 				source);
-		addProperty(registrationId, "redirect-uri-template",
-				registration::getRedirectUriTemplate, map, source);
+		addProperty(registrationId, "redirect-uri-template", registration::getRedirectUri,
+				map, source);
 		addProperty(registrationId, "authorization-grant-type",
 				registration::getAuthorizationGrantType, map, source);
 		addProperty(registrationId, "client-authentication-method",
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java
index 59b433b215b..ee1cd69cbcf 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java
@@ -97,7 +97,7 @@ public final class OAuth2ClientPropertiesRegistrationAdapter {
 			Map<String, Provider> providers) {
 		PropertyMapper map = PropertyMapper.get().alwaysApplyingWhenNonNull();
 		Builder builder = getBuilder(map, registrationId, properties, providers);
-		map.from(properties::getRedirectUriTemplate).to(builder::redirectUriTemplate);
+		map.from(properties::getRedirectUri).to(builder::redirectUriTemplate);
 		return builder.build();
 	}
 
diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java
index 4e6b1cfac80..79d6cd8a6c7 100644
--- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java
+++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java
@@ -78,7 +78,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 		login.setClientSecret("clientSecret");
 		login.setClientAuthenticationMethod("post");
 		login.setAuthorizationGrantType("authorization_code");
-		login.setRedirectUriTemplate("http://example.com/redirect");
+		login.setRedirectUri("http://example.com/redirect");
 		login.setScope(Collections.singleton("scope"));
 		login.setClientName("clientName");
 		properties.getRegistration().getLogin().put("registration", login);
@@ -155,7 +155,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 		login.setClientSecret("clientSecret");
 		login.setClientAuthenticationMethod("post");
 		login.setAuthorizationGrantType("authorization_code");
-		login.setRedirectUriTemplate("http://example.com/redirect");
+		login.setRedirectUri("http://example.com/redirect");
 		login.setScope(Collections.singleton("scope"));
 		login.setClientName("clientName");
 		properties.getRegistration().getLogin().put("registration", login);
@@ -314,7 +314,7 @@ public class OAuth2ClientPropertiesRegistrationAdapterTests {
 		login.setClientId("clientId");
 		login.setClientSecret("clientSecret");
 		login.setClientAuthenticationMethod("post");
-		login.setRedirectUriTemplate("http://example.com/redirect");
+		login.setRedirectUri("http://example.com/redirect");
 		login.setScope(Collections.singleton("user"));
 		Provider provider = new Provider();
 		provider.setIssuerUri(issuer);
diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
index 75c05c006d3..81071b10804 100644
--- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
+++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc
@@ -3267,7 +3267,7 @@ You can register multiple Open ID Connect clients under the
 	spring.security.oauth2.client.registration.login.my-client-1.client-name=Client for user scope
 	spring.security.oauth2.client.registration.login.my-client-1.provider=my-oauth-provider
 	spring.security.oauth2.client.registration.login.my-client-1.scope=user
-	spring.security.oauth2.client.registration.login.my-client-1.redirect-uri-template=http://localhost:8080/login/oauth2/code/my-client-1
+	spring.security.oauth2.client.registration.login.my-client-1.redirect-uri=http://localhost:8080/login/oauth2/code/my-client-1
 	spring.security.oauth2.client.registration.login.my-client-1.client-authentication-method=basic
 	spring.security.oauth2.client.registration.login.my-client-1.authorization-grant-type=authorization_code
 
@@ -3276,13 +3276,13 @@ You can register multiple Open ID Connect clients under the
 	spring.security.oauth2.client.registration.login.my-client-2.client-name=Client for email scope
 	spring.security.oauth2.client.registration.login.my-client-2.provider=my-oauth-provider
 	spring.security.oauth2.client.registration.login.my-client-2.scope=email
-	spring.security.oauth2.client.registration.login.my-client-2.redirect-uri-template=http://localhost:8080/login/oauth2/code/my-client-2
+	spring.security.oauth2.client.registration.login.my-client-2.redirect-uri=http://localhost:8080/login/oauth2/code/my-client-2
 	spring.security.oauth2.client.registration.login.my-client-2.client-authentication-method=basic
 	spring.security.oauth2.client.registration.login.my-client-2.authorization-grant-type=authorization_code
 ----
 
 By default, Spring Security's `OAuth2LoginAuthenticationFilter` only processes URLs
-matching `/login/oauth2/code/*`. If you want to customize the `redirect-uri-template` to
+matching `/login/oauth2/code/*`. If you want to customize the `redirect-uri` to
 use a different pattern, you need to provide configuration to process that custom pattern.
 For example, for servlet applications, you can add your own `WebSecurityConfigurerAdapter` that resembles the
 following:
diff --git a/spring-boot-samples/spring-boot-sample-oauth2-client/src/main/resources/application.yml b/spring-boot-samples/spring-boot-sample-oauth2-client/src/main/resources/application.yml
index f496449922e..070e578fb30 100644
--- a/spring-boot-samples/spring-boot-sample-oauth2-client/src/main/resources/application.yml
+++ b/spring-boot-samples/spring-boot-sample-oauth2-client/src/main/resources/application.yml
@@ -10,14 +10,14 @@ spring:
               client-name: Github user
               provider: github
               scope: user
-              redirect-uri-template: http://localhost:8080/login/oauth2/code/github
+              redirect-uri: http://localhost:8080/login/oauth2/code/github
             github-client-2:
               client-id: ${APP-CLIENT-ID}
               client-secret: ${APP-CLIENT-SECRET}
               client-name: Github email
               provider: github
               scope: user:email
-              redirect-uri-template: http://localhost:8080/login/oauth2/code/github
+              redirect-uri: http://localhost:8080/login/oauth2/code/github
             yahoo-oidc:
               client-id: a
               client-secret: b
diff --git a/spring-boot-samples/spring-boot-sample-reactive-oauth2-client/src/main/resources/application.yml b/spring-boot-samples/spring-boot-sample-reactive-oauth2-client/src/main/resources/application.yml
index abad05db724..77e1608d3eb 100644
--- a/spring-boot-samples/spring-boot-sample-reactive-oauth2-client/src/main/resources/application.yml
+++ b/spring-boot-samples/spring-boot-sample-reactive-oauth2-client/src/main/resources/application.yml
@@ -10,14 +10,14 @@ spring:
               client-name: Github user
               provider: github
               scope: user
-              redirect-uri-template: http://localhost:8080/login/oauth2/code/github
+              redirect-uri: http://localhost:8080/login/oauth2/code/github
             github-client-2:
               client-id: ${APP-CLIENT-ID}
               client-secret: ${APP-CLIENT-SECRET}
               client-name: Github email
               provider: github
               scope: user:email
-              redirect-uri-template: http://localhost:8080/login/oauth2/code/github
+              redirect-uri: http://localhost:8080/login/oauth2/code/github
             yahoo-oidc:
               client-id: ${YAHOO-CLIENT-ID}
               client-secret: ${YAHOO-CLIENT-SECRET}