Rename OAuth2 resource server properties

Closes gh-14165

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java

@@ -23,7 +23,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
  * @author Madhura Bhave
  * @since 2.1.0
  */
-@ConfigurationProperties(prefix = "spring.security.oauth2.resource")
+@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver")
 public class OAuth2ResourceServerProperties {
 
 	private final Jwt jwt = new Jwt();
@@ -34,27 +34,17 @@ public class OAuth2ResourceServerProperties {
 
 	public static class Jwt {
 
-		private final Jwk jwk = new Jwk();
-
-		public Jwk getJwk() {
-			return this.jwk;
-		}
-
-	}
-
-	public static class Jwk {
-
 		/**
 		 * JSON Web Key URI to use to verify the JWT token.
 		 */
-		private String setUri;
+		private String jwkSetUri;
 
-		public String getSetUri() {
+		public String getJwkSetUri() {
-			return this.setUri;
+			return this.jwkSetUri;
 		}
 
-		public void setSetUri(String setUri) {
+		public void setJwkSetUri(String jwkSetUri) {
-			this.setUri = setUri;
+			this.jwkSetUri = jwkSetUri;
 		}
 
 	}

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java

@@ -39,11 +39,10 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
 	}
 
 	@Bean
-	@ConditionalOnProperty(name = "spring.security.oauth2.resource.jwt.jwk.set-uri")
+	@ConditionalOnProperty(name = "spring.security.oauth2.resourceserver.jwt.jwk-set-uri")
 	@ConditionalOnMissingBean
 	public ReactiveJwtDecoder jwtDecoder() {
-		return new NimbusReactiveJwtDecoder(
+		return new NimbusReactiveJwtDecoder(this.properties.getJwt().getJwkSetUri());
-				this.properties.getJwt().getJwk().getSetUri());
 	}
 
 }

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwkConfiguration.java

@@ -38,11 +38,10 @@ class OAuth2ResourceServerJwkConfiguration {
 	}
 
 	@Bean
-	@ConditionalOnProperty(name = "spring.security.oauth2.resource.jwt.jwk.set-uri")
+	@ConditionalOnProperty(name = "spring.security.oauth2.resourceserver.jwt.jwk-set-uri")
 	@ConditionalOnMissingBean
 	public JwtDecoder jwtDecoder() {
-		return new NimbusJwtDecoderJwkSupport(
+		return new NimbusJwtDecoderJwkSupport(this.properties.getJwt().getJwkSetUri());
-				this.properties.getJwt().getJwk().getSetUri());
 	}
 
 }

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java

@@ -58,7 +58,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void autoConfigurationShouldConfigureResourceServer() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.run((context) -> {
 					assertThat(context.getBean(ReactiveJwtDecoder.class))
 							.isInstanceOf(NimbusReactiveJwtDecoder.class);
@@ -75,7 +75,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void jwtDecoderBeanIsConditionalOnMissingBean() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.withUserConfiguration(JwtDecoderConfig.class)
 				.run((this::assertFilterConfiguredWithJwtAuthenticationManager));
 	}
@@ -83,7 +83,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void autoConfigurationShouldBeConditionalOnBearerTokenAuthenticationTokenClass() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.withUserConfiguration(JwtDecoderConfig.class)
 				.withClassLoader(
 						new FilteredClassLoader(BearerTokenAuthenticationToken.class))
@@ -94,7 +94,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void autoConfigurationWhenSecurityWebFilterChainConfigPresentShouldNotAddOne() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.withUserConfiguration(SecurityWebFilterChainConfig.class)
 				.run((context) -> {
 					assertThat(context).hasSingleBean(SecurityWebFilterChain.class);

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java

@@ -55,7 +55,7 @@ public class OAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void autoConfigurationShouldConfigureResourceServer() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.run((context) -> {
 					assertThat(context.getBean(JwtDecoder.class))
 							.isInstanceOf(NimbusJwtDecoderJwkSupport.class);
@@ -72,7 +72,7 @@ public class OAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void jwtDecoderBeanIsConditionalOnMissingBean() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.withUserConfiguration(JwtDecoderConfig.class)
 				.run((context) -> assertThat(getBearerTokenFilter(context)).isNotNull());
 	}
@@ -80,7 +80,7 @@ public class OAuth2ResourceServerAutoConfigurationTests {
 	@Test
 	public void autoConfigurationShouldBeConditionalOnJwtAuthenticationTokenClass() {
 		this.contextRunner.withPropertyValues(
-				"spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com")
+				"spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com")
 				.withUserConfiguration(JwtDecoderConfig.class)
 				.withClassLoader(new FilteredClassLoader(JwtAuthenticationToken.class))
 				.run((context) -> assertThat(getBearerTokenFilter(context)).isNull());

spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc

@@ -538,7 +538,7 @@ content into your application. Rather, pick only the properties that you need.
 	spring.security.oauth2.client.registration.*= # OAuth client registrations.
 
 	# SECURITY OAUTH2 RESOURCE SERVER ({sc-spring-boot-autoconfigure}/security/oauth2/resource/OAuth2ResourceServerProperties.{sc-ext}[OAuth2ResourceServerProperties])
-	spring.security.oauth2.resource.jwt.jwk.set-uri= # JSON Web Key URI to use to verify the JWT token.
+	spring.security.oauth2.resourceserver.jwt.jwk-set-uri= # JSON Web Key URI to use to verify the JWT token.
 
 	# ----------------------------------------
 	# DATA PROPERTIES

spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc

@@ -3324,7 +3324,7 @@ following example:
 
 [source,properties,indent=0]
 ----
-	spring.security.oauth2.resource.jwt.jwk.set-uri=https://example.com/oauth2/default/v1/keys
+	spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://example.com/oauth2/default/v1/keys
 ----
 
 The same properties are applicable for both servlet and reactive applications.

spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/main/resources/application.yml

@@ -3,6 +3,5 @@ spring:
     oauth2:
       resource:
         jwt:
-          jwk:
+        # To run the application, replace this with a valid JWK Set URI
-          # To run the application, replace this with a valid JWK Set URI
+          jwk-set-uri: https://example.com/oauth2/default/v1/keys
-            set-uri: https://example.com/oauth2/default/v1/keys

spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleOauth2ResourceServerApplicationTests.java

@@ -57,13 +57,13 @@ public class SampleOauth2ResourceServerApplicationTests {
 		server.start();
 		String url = server.url("/.well-known/jwks.json").toString();
 		server.enqueue(mockResponse());
-		System.setProperty("spring.security.oauth2.resource.jwt.jwk.set-uri", url);
+		System.setProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri", url);
 	}
 
 	@AfterClass
 	public static void shutdown() throws IOException {
 		server.shutdown();
-		System.clearProperty("spring.security.oauth2.resource.jwt.jwk.set-uri");
+		System.clearProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri");
 	}
 
 	@Test

spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/main/resources/application.yml

@@ -1,8 +1,7 @@
 spring:
   security:
     oauth2:
-      resource:
+      resourceserver:
         jwt:
-          jwk:
           # To run the application, replace this with a valid JWK Set URI
-            set-uri: https://example.com/oauth2/default/v1/keys
+          jwk-set-uri: https://example.com/oauth2/default/v1/keys

spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleReactiveOAuth2ResourceServerApplicationTests.java

@@ -50,13 +50,13 @@ public class SampleReactiveOAuth2ResourceServerApplicationTests {
 		server.start();
 		String url = server.url("/.well-known/jwks.json").toString();
 		server.enqueue(mockResponse());
-		System.setProperty("spring.security.oauth2.resource.jwt.jwk.set-uri", url);
+		System.setProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri", url);
 	}
 
 	@AfterClass
 	public static void shutdown() throws Exception {
 		server.shutdown();
-		System.clearProperty("spring.security.oauth2.resource.jwt.jwk.set-uri");
+		System.clearProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri");
 	}
 
 	@Test