diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java index bf02b208f5..4f6b10721f 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java @@ -23,7 +23,7 @@ import org.springframework.boot.context.properties.ConfigurationProperties; * @author Madhura Bhave * @since 2.1.0 */ -@ConfigurationProperties(prefix = "spring.security.oauth2.resource") +@ConfigurationProperties(prefix = "spring.security.oauth2.resourceserver") public class OAuth2ResourceServerProperties { private final Jwt jwt = new Jwt(); @@ -34,27 +34,17 @@ public class OAuth2ResourceServerProperties { public static class Jwt { - private final Jwk jwk = new Jwk(); - - public Jwk getJwk() { - return this.jwk; - } - - } - - public static class Jwk { - /** * JSON Web Key URI to use to verify the JWT token. */ - private String setUri; + private String jwkSetUri; - public String getSetUri() { - return this.setUri; + public String getJwkSetUri() { + return this.jwkSetUri; } - public void setSetUri(String setUri) { - this.setUri = setUri; + public void setJwkSetUri(String jwkSetUri) { + this.jwkSetUri = jwkSetUri; } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java index e9977b27c7..3a0c0be755 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java @@ -39,11 +39,10 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { } @Bean - @ConditionalOnProperty(name = "spring.security.oauth2.resource.jwt.jwk.set-uri") + @ConditionalOnProperty(name = "spring.security.oauth2.resourceserver.jwt.jwk-set-uri") @ConditionalOnMissingBean public ReactiveJwtDecoder jwtDecoder() { - return new NimbusReactiveJwtDecoder( - this.properties.getJwt().getJwk().getSetUri()); + return new NimbusReactiveJwtDecoder(this.properties.getJwt().getJwkSetUri()); } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwkConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwkConfiguration.java index f6deea3ce5..7c32288488 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwkConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwkConfiguration.java @@ -38,11 +38,10 @@ class OAuth2ResourceServerJwkConfiguration { } @Bean - @ConditionalOnProperty(name = "spring.security.oauth2.resource.jwt.jwk.set-uri") + @ConditionalOnProperty(name = "spring.security.oauth2.resourceserver.jwt.jwk-set-uri") @ConditionalOnMissingBean public JwtDecoder jwtDecoder() { - return new NimbusJwtDecoderJwkSupport( - this.properties.getJwt().getJwk().getSetUri()); + return new NimbusJwtDecoderJwkSupport(this.properties.getJwt().getJwkSetUri()); } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java index fd0095a445..4b3f1571d8 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java @@ -58,7 +58,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests { @Test public void autoConfigurationShouldConfigureResourceServer() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .run((context) -> { assertThat(context.getBean(ReactiveJwtDecoder.class)) .isInstanceOf(NimbusReactiveJwtDecoder.class); @@ -75,7 +75,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests { @Test public void jwtDecoderBeanIsConditionalOnMissingBean() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .withUserConfiguration(JwtDecoderConfig.class) .run((this::assertFilterConfiguredWithJwtAuthenticationManager)); } @@ -83,7 +83,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests { @Test public void autoConfigurationShouldBeConditionalOnBearerTokenAuthenticationTokenClass() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .withUserConfiguration(JwtDecoderConfig.class) .withClassLoader( new FilteredClassLoader(BearerTokenAuthenticationToken.class)) @@ -94,7 +94,7 @@ public class ReactiveOAuth2ResourceServerAutoConfigurationTests { @Test public void autoConfigurationWhenSecurityWebFilterChainConfigPresentShouldNotAddOne() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .withUserConfiguration(SecurityWebFilterChainConfig.class) .run((context) -> { assertThat(context).hasSingleBean(SecurityWebFilterChain.class); diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java index 78ba79f0fe..f4da36bf59 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java @@ -55,7 +55,7 @@ public class OAuth2ResourceServerAutoConfigurationTests { @Test public void autoConfigurationShouldConfigureResourceServer() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .run((context) -> { assertThat(context.getBean(JwtDecoder.class)) .isInstanceOf(NimbusJwtDecoderJwkSupport.class); @@ -72,7 +72,7 @@ public class OAuth2ResourceServerAutoConfigurationTests { @Test public void jwtDecoderBeanIsConditionalOnMissingBean() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .withUserConfiguration(JwtDecoderConfig.class) .run((context) -> assertThat(getBearerTokenFilter(context)).isNotNull()); } @@ -80,7 +80,7 @@ public class OAuth2ResourceServerAutoConfigurationTests { @Test public void autoConfigurationShouldBeConditionalOnJwtAuthenticationTokenClass() { this.contextRunner.withPropertyValues( - "spring.security.oauth2.resource.jwt.jwk.set-uri=http://jwk-set-uri.com") + "spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://jwk-set-uri.com") .withUserConfiguration(JwtDecoderConfig.class) .withClassLoader(new FilteredClassLoader(JwtAuthenticationToken.class)) .run((context) -> assertThat(getBearerTokenFilter(context)).isNull()); diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc index 2ff4350624..10466330bc 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc @@ -538,7 +538,7 @@ content into your application. Rather, pick only the properties that you need. spring.security.oauth2.client.registration.*= # OAuth client registrations. # SECURITY OAUTH2 RESOURCE SERVER ({sc-spring-boot-autoconfigure}/security/oauth2/resource/OAuth2ResourceServerProperties.{sc-ext}[OAuth2ResourceServerProperties]) - spring.security.oauth2.resource.jwt.jwk.set-uri= # JSON Web Key URI to use to verify the JWT token. + spring.security.oauth2.resourceserver.jwt.jwk-set-uri= # JSON Web Key URI to use to verify the JWT token. # ---------------------------------------- # DATA PROPERTIES diff --git a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc index 51da89eaa9..66db2788c2 100644 --- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc +++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc @@ -3324,7 +3324,7 @@ following example: [source,properties,indent=0] ---- - spring.security.oauth2.resource.jwt.jwk.set-uri=https://example.com/oauth2/default/v1/keys + spring.security.oauth2.resourceserver.jwt.jwk-set-uri=https://example.com/oauth2/default/v1/keys ---- The same properties are applicable for both servlet and reactive applications. diff --git a/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/main/resources/application.yml b/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/main/resources/application.yml index 2599bf4091..885202551f 100644 --- a/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/main/resources/application.yml +++ b/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/main/resources/application.yml @@ -3,6 +3,5 @@ spring: oauth2: resource: jwt: - jwk: - # To run the application, replace this with a valid JWK Set URI - set-uri: https://example.com/oauth2/default/v1/keys \ No newline at end of file + # To run the application, replace this with a valid JWK Set URI + jwk-set-uri: https://example.com/oauth2/default/v1/keys \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleOauth2ResourceServerApplicationTests.java b/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleOauth2ResourceServerApplicationTests.java index d1bc8491fc..7feb8d7f72 100644 --- a/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleOauth2ResourceServerApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleOauth2ResourceServerApplicationTests.java @@ -57,13 +57,13 @@ public class SampleOauth2ResourceServerApplicationTests { server.start(); String url = server.url("/.well-known/jwks.json").toString(); server.enqueue(mockResponse()); - System.setProperty("spring.security.oauth2.resource.jwt.jwk.set-uri", url); + System.setProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri", url); } @AfterClass public static void shutdown() throws IOException { server.shutdown(); - System.clearProperty("spring.security.oauth2.resource.jwt.jwk.set-uri"); + System.clearProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri"); } @Test diff --git a/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/main/resources/application.yml b/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/main/resources/application.yml index 2599bf4091..23f8d2ae96 100644 --- a/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/main/resources/application.yml +++ b/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/main/resources/application.yml @@ -1,8 +1,7 @@ spring: security: oauth2: - resource: + resourceserver: jwt: - jwk: # To run the application, replace this with a valid JWK Set URI - set-uri: https://example.com/oauth2/default/v1/keys \ No newline at end of file + jwk-set-uri: https://example.com/oauth2/default/v1/keys \ No newline at end of file diff --git a/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleReactiveOAuth2ResourceServerApplicationTests.java b/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleReactiveOAuth2ResourceServerApplicationTests.java index ed1188f3ab..ce0078fb4f 100644 --- a/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleReactiveOAuth2ResourceServerApplicationTests.java +++ b/spring-boot-samples/spring-boot-sample-reactive-oauth2-resource-server/src/test/java/sample/oauth2/resource/SampleReactiveOAuth2ResourceServerApplicationTests.java @@ -50,13 +50,13 @@ public class SampleReactiveOAuth2ResourceServerApplicationTests { server.start(); String url = server.url("/.well-known/jwks.json").toString(); server.enqueue(mockResponse()); - System.setProperty("spring.security.oauth2.resource.jwt.jwk.set-uri", url); + System.setProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri", url); } @AfterClass public static void shutdown() throws Exception { server.shutdown(); - System.clearProperty("spring.security.oauth2.resource.jwt.jwk.set-uri"); + System.clearProperty("spring.security.oauth2.resourceserver.jwt.jwk-set-uri"); } @Test