Skip to content

Commit dbe1d96

Browse files
committed
Add auto-config for spring-security-oauth2-client
Closes gh-10497
1 parent 494b79c commit dbe1d96

24 files changed

+1706
-1
lines changed

spring-boot-autoconfigure/pom.xml

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
<?xml version="1.0" encoding="UTF-8"?>
2-
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
2+
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
34
<modelVersion>4.0.0</modelVersion>
45
<parent>
56
<groupId>org.springframework.boot</groupId>
@@ -532,6 +533,16 @@
532533
<artifactId>spring-security-webflux</artifactId>
533534
<optional>true</optional>
534535
</dependency>
536+
<dependency>
537+
<groupId>org.springframework.security</groupId>
538+
<artifactId>spring-security-jwt-jose</artifactId>
539+
<optional>true</optional>
540+
</dependency>
541+
<dependency>
542+
<groupId>org.springframework.security</groupId>
543+
<artifactId>spring-security-oauth2-client</artifactId>
544+
<optional>true</optional>
545+
</dependency>
535546
<dependency>
536547
<groupId>org.springframework.session</groupId>
537548
<artifactId>spring-session-core</artifactId>
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
/*
2+
* Copyright 2012-2017 the original author or authors.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package org.springframework.boot.autoconfigure.security.oauth2.client;
18+
19+
/**
20+
* OAuth 2.0 authorization grant types supported by Spring Boot.
21+
*
22+
* @author Madhura Bhave
23+
* @author Phillip Webb
24+
* @since 2.0.0
25+
*/
26+
public enum AuthorizationGrantType {
27+
28+
/**
29+
* An {@code "authorization_code"} grant type.
30+
*/
31+
AUTHORIZATION_CODE(
32+
org.springframework.security.oauth2.core.AuthorizationGrantType.AUTHORIZATION_CODE);
33+
34+
private final org.springframework.security.oauth2.core.AuthorizationGrantType type;
35+
36+
AuthorizationGrantType(
37+
org.springframework.security.oauth2.core.AuthorizationGrantType type) {
38+
this.type = type;
39+
}
40+
41+
org.springframework.security.oauth2.core.AuthorizationGrantType getType() {
42+
return this.type;
43+
}
44+
45+
}
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
/*
2+
* Copyright 2012-2017 the original author or authors.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package org.springframework.boot.autoconfigure.security.oauth2.client;
18+
19+
/**
20+
* OAuth 2.0 client authentication methods supported by Spring Boot.
21+
*
22+
* @author Madhura Bhave
23+
* @author Phillip Webb
24+
* @since 2.0.0
25+
* @see org.springframework.security.oauth2.core.ClientAuthenticationMethod
26+
*/
27+
public enum ClientAuthenticationMethod {
28+
29+
/**
30+
* HTTP BASIC client authentication.
31+
*/
32+
BASIC(org.springframework.security.oauth2.core.ClientAuthenticationMethod.BASIC),
33+
34+
/**
35+
* HTTP POST client authentication.
36+
*/
37+
POST(org.springframework.security.oauth2.core.ClientAuthenticationMethod.POST);
38+
39+
private final org.springframework.security.oauth2.core.ClientAuthenticationMethod method;
40+
41+
ClientAuthenticationMethod(
42+
org.springframework.security.oauth2.core.ClientAuthenticationMethod method) {
43+
this.method = method;
44+
}
45+
46+
org.springframework.security.oauth2.core.ClientAuthenticationMethod getMethod() {
47+
return this.method;
48+
}
49+
50+
}
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,118 @@
1+
/*
2+
* Copyright 2012-2017 the original author or authors.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package org.springframework.boot.autoconfigure.security.oauth2.client;
18+
19+
import org.springframework.security.oauth2.client.registration.ClientRegistration;
20+
import org.springframework.security.oauth2.client.registration.ClientRegistration.Builder;
21+
import org.springframework.security.oauth2.core.AuthorizationGrantType;
22+
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
23+
24+
/**
25+
* Common OAuth2 Providers that can be used to create
26+
* {@link org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
27+
* builders} pre-configured with sensible defaults.
28+
*
29+
* @author Phillip Webb
30+
* @since 2.0.0
31+
*/
32+
public enum CommonOAuth2Provider {
33+
34+
GOOGLE {
35+
36+
@Override
37+
public Builder getBuilder(String registrationId) {
38+
ClientRegistration.Builder builder = getBuilder(registrationId,
39+
ClientAuthenticationMethod.BASIC, DEFAULT_REDIRECT_URL);
40+
builder.scope("openid", "profile", "email", "address", "phone");
41+
builder.authorizationUri("https://accounts.google.com/o/oauth2/v2/auth");
42+
builder.tokenUri("https://www.googleapis.com/oauth2/v4/token");
43+
builder.jwkSetUri("https://www.googleapis.com/oauth2/v3/certs");
44+
builder.userInfoUri("https://www.googleapis.com/oauth2/v3/userinfo");
45+
builder.clientName("Google");
46+
return builder;
47+
}
48+
49+
},
50+
51+
GITHUB {
52+
53+
@Override
54+
public Builder getBuilder(String registrationId) {
55+
ClientRegistration.Builder builder = getBuilder(registrationId,
56+
ClientAuthenticationMethod.BASIC, DEFAULT_REDIRECT_URL);
57+
builder.scope("user");
58+
builder.authorizationUri("https://github.com/login/oauth/authorize");
59+
builder.tokenUri("https://github.com/login/oauth/access_token");
60+
builder.userInfoUri("https://api.github.com/user");
61+
builder.userNameAttributeName("name");
62+
builder.clientName("GitHub");
63+
return builder;
64+
}
65+
66+
},
67+
68+
FACEBOOK {
69+
70+
@Override
71+
public Builder getBuilder(String registrationId) {
72+
ClientRegistration.Builder builder = getBuilder(registrationId,
73+
ClientAuthenticationMethod.POST, DEFAULT_REDIRECT_URL);
74+
builder.scope("public_profile", "email");
75+
builder.authorizationUri("https://www.facebook.com/v2.8/dialog/oauth");
76+
builder.tokenUri("https://graph.facebook.com/v2.8/oauth/access_token");
77+
builder.userInfoUri("https://graph.facebook.com/me");
78+
builder.userNameAttributeName("name");
79+
builder.clientName("Facebook");
80+
return builder;
81+
}
82+
83+
},
84+
85+
OKTA {
86+
87+
@Override
88+
public Builder getBuilder(String registrationId) {
89+
ClientRegistration.Builder builder = getBuilder(registrationId,
90+
ClientAuthenticationMethod.BASIC, DEFAULT_REDIRECT_URL);
91+
builder.scope("openid", "profile", "email", "address", "phone");
92+
builder.clientName("Okta");
93+
return builder;
94+
}
95+
96+
};
97+
98+
private static final String DEFAULT_REDIRECT_URL = "{scheme}://{serverName}:{serverPort}{contextPath}/oauth2/authorize/code/{clientAlias}";
99+
100+
protected final ClientRegistration.Builder getBuilder(String registrationId,
101+
ClientAuthenticationMethod method, String redirectUri) {
102+
ClientRegistration.Builder builder = new ClientRegistration.Builder(registrationId);
103+
builder.clientAuthenticationMethod(method);
104+
builder.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE);
105+
builder.redirectUri(redirectUri);
106+
return builder;
107+
}
108+
109+
/**
110+
* Create a new
111+
* {@link org.springframework.security.oauth2.client.registration.ClientRegistration.Builder
112+
* ClientRegistration.Builder} pre-initialized with the provider settings.
113+
* @param registrationId the registration-id used with the new builder
114+
* @return a builder instance
115+
*/
116+
public abstract ClientRegistration.Builder getBuilder(String registrationId);
117+
118+
}
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
/*
2+
* Copyright 2012-2017 the original author or authors.
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
17+
package org.springframework.boot.autoconfigure.security.oauth2.client;
18+
19+
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
20+
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
21+
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
22+
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
23+
import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
24+
import org.springframework.context.annotation.Configuration;
25+
import org.springframework.context.annotation.Import;
26+
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
27+
import org.springframework.security.oauth2.client.registration.ClientRegistration;
28+
29+
/**
30+
* {@link EnableAutoConfiguration Auto-configuration} for OAuth client support.
31+
*
32+
* @author Madhura Bhave
33+
* @author Phillip Webb
34+
* @since 2.0.0
35+
*/
36+
@Configuration
37+
@AutoConfigureBefore(SecurityAutoConfiguration.class)
38+
@ConditionalOnClass({ EnableWebSecurity.class, ClientRegistration.class })
39+
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
40+
@Import({ OAuth2ClientRegistrationRepositoryConfiguration.class,
41+
OAuth2WebSecurityConfiguration.class })
42+
public class OAuth2ClientAutoConfiguration {
43+
44+
}
45+

0 commit comments

Comments
 (0)