Fix auto-configuration with OAuth2 authentication to use the credentials provided in configuration.

This commit is contained in:
Scott Frederick
2018-02-21 18:10:28 -06:00
parent b0284ba1d8
commit 3970f54c3c
9 changed files with 207 additions and 131 deletions

View File

@@ -19,13 +19,11 @@ package org.springframework.credhub.autoconfig;
import org.springframework.beans.factory.DisposableBean;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.credhub.configuration.CredHubTemplateFactory;
import org.springframework.credhub.core.CredHubOperations;
import org.springframework.credhub.core.CredHubProperties;
import org.springframework.credhub.core.CredHubTemplate;
import org.springframework.credhub.support.ClientOptions;
@@ -54,19 +52,6 @@ public class CredHubAutoConfiguration {
return new CredHubProperties();
}
/**
* Create the {@link CredHubTemplate} that the application will use to interact
* with CredHub.
*
* @return the {@link CredHubTemplate} bean
*/
@Bean
@ConditionalOnMissingBean
public CredHubOperations credHubTemplate() {
return credHubTemplateFactory.credHubTemplate(credHubProperties(),
clientHttpRequestFactoryWrapper().getClientHttpRequestFactory());
}
/**
* Create a {@link ClientFactoryWrapper} containing a
* {@link ClientHttpRequestFactory}. {@link ClientHttpRequestFactory} is not exposed
@@ -75,7 +60,7 @@ public class CredHubAutoConfiguration {
* application.
*
* @return the {@link ClientFactoryWrapper} to wrap a {@link ClientHttpRequestFactory}
* instance.
* instance
*/
@Bean
public ClientFactoryWrapper clientHttpRequestFactoryWrapper() {

View File

@@ -1,60 +0,0 @@
package org.springframework.credhub.autoconfig;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.credhub.autoconfig.CredHubAutoConfiguration.ClientFactoryWrapper;
import org.springframework.credhub.autoconfig.security.CredHubCredentialsDetails;
import org.springframework.credhub.configuration.OAuth2CredHubTemplateFactory;
import org.springframework.credhub.core.CredHubOperations;
import org.springframework.credhub.core.CredHubProperties;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
/**
* Auto configure a {@link OAuth2RestTemplate} with
* {@link ClientCredentialsResourceDetails} if spring-security-oauth2 and proper
* properties are available.
*
* @author Daniel Lavoie
*/
@Configuration
@AutoConfigureBefore(CredHubAutoConfiguration.class)
@ConditionalOnProperty("spring.credhub.oauth2.client-id")
@ConditionalOnClass(name = "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails")
public class CredHubOAuth2AutoConfiguration {
public class CredHubOAuth2Configuration {
private final OAuth2CredHubTemplateFactory credHubTemplateFactory = new OAuth2CredHubTemplateFactory();
/**
* Bean that holds OAuth2 credential informations for CredHub.
*
* @return the {@link CredHubCredentialsDetails} bean.
*/
@Bean
public CredHubCredentialsDetails credHubCredentialsDetails() {
return new CredHubCredentialsDetails();
}
/**
* Preconfigured {@link OAuth2RestTemplate} with OAuth2 credentials for CredHub.
*
* @param credHubProperties {@link CredHubProperties} for CredHub
* @param clientFactoryWrapper a {@link ClientFactoryWrapper} to customize CredHub
* http requests.
*
* @return the {@link CredHubOperations} bean.
*/
@Bean
public CredHubOperations oauth2CredHubTemplate(
CredHubProperties credHubProperties,
ClientFactoryWrapper clientFactoryWrapper) {
return credHubTemplateFactory.credHubTemplate(credHubCredentialsDetails(),
credHubProperties,
clientFactoryWrapper.getClientHttpRequestFactory());
}
}
}

View File

@@ -0,0 +1,62 @@
package org.springframework.credhub.autoconfig;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.credhub.autoconfig.CredHubAutoConfiguration.ClientFactoryWrapper;
import org.springframework.credhub.autoconfig.security.CredHubCredentialsDetails;
import org.springframework.credhub.configuration.OAuth2CredHubTemplateFactory;
import org.springframework.credhub.core.CredHubOperations;
import org.springframework.credhub.core.CredHubProperties;
import org.springframework.credhub.core.CredHubTemplate;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
/**
* {@link EnableAutoConfiguration Auto-configuration} for {@link CredHubTemplate} with
* OAuth2 credentials if spring-security-oauth2 and OAuth2 properties are provided.
*
* @author Daniel Lavoie
*/
@Configuration
@AutoConfigureBefore(CredHubTemplateAutoConfiguration.class)
@ConditionalOnProperty("spring.credhub.oauth2.client-id")
@ConditionalOnClass(name = "org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails")
public class CredHubOAuth2TemplateAutoConfiguration {
private final OAuth2CredHubTemplateFactory credHubTemplateFactory = new OAuth2CredHubTemplateFactory();
/**
* Bean that holds OAuth2 credential information for CredHub.
*
* @return the {@link ClientCredentialsResourceDetails} bean
*/
@Bean
@CredHubCredentialsDetails
@ConfigurationProperties("spring.credhub.oauth2")
public ClientCredentialsResourceDetails credHubCredentialsDetails() {
return new ClientCredentialsResourceDetails();
}
/**
* Preconfigured {@link OAuth2RestTemplate} with OAuth2 credentials for CredHub.
*
* @param credHubProperties {@link CredHubProperties} for CredHub
* @param credHubCredentialsDetails OAuth2 credentials for use with the {@link OAuth2RestTemplate}
* @param clientFactoryWrapper a {@link ClientFactoryWrapper} to customize CredHub http requests
*
* @return the {@link CredHubOperations} bean
*/
@Bean
public CredHubOperations credHubTemplate(
CredHubProperties credHubProperties,
@CredHubCredentialsDetails ClientCredentialsResourceDetails credHubCredentialsDetails,
ClientFactoryWrapper clientFactoryWrapper) {
return credHubTemplateFactory.credHubTemplate(credHubCredentialsDetails,
credHubProperties,
clientFactoryWrapper.getClientHttpRequestFactory());
}
}

View File

@@ -0,0 +1,60 @@
/*
* Copyright 2016-2017 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.credhub.autoconfig;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.credhub.autoconfig.CredHubAutoConfiguration.ClientFactoryWrapper;
import org.springframework.credhub.configuration.CredHubTemplateFactory;
import org.springframework.credhub.core.CredHubOperations;
import org.springframework.credhub.core.CredHubProperties;
import org.springframework.credhub.core.CredHubTemplate;
/**
* {@link EnableAutoConfiguration Auto-configuration} for {@link CredHubTemplate}.
*
* @author Scott Frederick
* @author Daniel Lavoie
*/
@Configuration
@AutoConfigureAfter(CredHubOAuth2TemplateAutoConfiguration.class)
@ConditionalOnProperty(value = "spring.credhub.url")
public class CredHubTemplateAutoConfiguration {
private final CredHubTemplateFactory credHubTemplateFactory = new CredHubTemplateFactory();
/**
* Create the {@link CredHubTemplate} that the application will use to interact
* with CredHub.
*
* @param credHubProperties {@link CredHubProperties} for CredHub
* @param clientFactoryWrapper a {@link ClientFactoryWrapper} to customize CredHub
* http requests
* @return the {@link CredHubTemplate} bean
*/
@Bean
@ConditionalOnMissingBean
public CredHubOperations credHubTemplate(CredHubProperties credHubProperties,
ClientFactoryWrapper clientFactoryWrapper) {
return credHubTemplateFactory.credHubTemplate(credHubProperties,
clientFactoryWrapper.getClientHttpRequestFactory());
}
}

View File

@@ -1,16 +1,24 @@
package org.springframework.credhub.autoconfig.security;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
/**
* Provides a {@link ClientCredentialsResourceDetails} for use to a
* {@link OAuth2RestTemplate}.
*
* @author Daniel Lavoie
*/
@ConfigurationProperties("spring.credhub.oauth2")
public class CredHubCredentialsDetails extends ClientCredentialsResourceDetails {
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Inherited;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* Qualifies a {@link ClientCredentialsResourceDetails} used by Spring CredHub.
*
* @author Scott Frederick
*/
@Qualifier
@Target({ ElementType.FIELD, ElementType.METHOD, ElementType.PARAMETER, ElementType.TYPE })
@Retention(RetentionPolicy.RUNTIME)
@Inherited
@Documented
public @interface CredHubCredentialsDetails {
}

View File

@@ -1,3 +1,4 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
org.springframework.credhub.autoconfig.CredHubAutoConfiguration,\
org.springframework.credhub.autoconfig.CredHubOAuth2AutoConfiguration
org.springframework.credhub.autoconfig.CredHubTemplateAutoConfiguration,\
org.springframework.credhub.autoconfig.CredHubOAuth2TemplateAutoConfiguration

View File

@@ -1,38 +0,0 @@
package org.springframework.credhub.configuration;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.credhub.configuration.CredHubOAuth2AutoConfigurationTest.TestConfig;
import org.springframework.credhub.core.CredHubOperations;
import org.springframework.credhub.core.OAuth2CredHubTemplate;
import org.springframework.test.context.junit4.SpringRunner;
/**
* @author Daniel Lavoie
*/
@RunWith(SpringRunner.class)
@SpringBootTest(classes = TestConfig.class, value = {
"spring.credhub.url=https://localhost",
"spring.credhub.oauth2.client-id=test-user", "debug" })
public class CredHubOAuth2AutoConfigurationTest {
@Autowired
private OAuth2CredHubTemplate oauth2CredHubTemplate;
@Autowired
private CredHubOperations credHubOptions;
@Test
public void contextLoads() {
Assert.assertNotNull(oauth2CredHubTemplate);
Assert.assertTrue(credHubOptions instanceof OAuth2CredHubTemplate);
}
@SpringBootApplication
public static class TestConfig {
}
}

View File

@@ -0,0 +1,53 @@
package org.springframework.credhub.configuration;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.credhub.autoconfig.security.CredHubCredentialsDetails;
import org.springframework.credhub.configuration.CredHubOAuth2TemplateAutoConfigurationTest.TestConfig;
import org.springframework.credhub.core.CredHubOperations;
import org.springframework.credhub.core.OAuth2CredHubTemplate;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
import org.springframework.test.context.junit4.SpringRunner;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
/**
* @author Daniel Lavoie
*/
@RunWith(SpringRunner.class)
@SpringBootTest(classes = TestConfig.class, properties = {
"spring.credhub.url=https://localhost",
"spring.credhub.oauth2.client-id=test-user",
"spring.credhub.oauth2.client-secret=test-secret",
"spring.credhub.oauth2.access-token-uri=https://uaa.example.com/oauth/token",
"debug"
})
public class CredHubOAuth2TemplateAutoConfigurationTest {
@Autowired
private CredHubOperations credHubOperations;
@Autowired
@CredHubCredentialsDetails
private ClientCredentialsResourceDetails credentialsDetails;
@Test
public void contextLoads() {
assertNotNull(credHubOperations);
assertThat(credHubOperations instanceof OAuth2CredHubTemplate);
assertNotNull(credentialsDetails);
assertEquals("test-user", credentialsDetails.getClientId());
assertEquals("test-secret", credentialsDetails.getClientSecret());
assertEquals("https://uaa.example.com/oauth/token", credentialsDetails.getAccessTokenUri());
}
@SpringBootApplication
public static class TestConfig {
}
}

View File

@@ -1,22 +1,25 @@
package org.springframework.credhub.configuration;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.credhub.configuration.CredHubAutoConfigurationTest.TestConfig;
import org.springframework.credhub.configuration.CredHubTemplateAutoConfigurationTest.TestConfig;
import org.springframework.credhub.core.CredHubTemplate;
import org.springframework.credhub.core.OAuth2CredHubTemplate;
import org.springframework.test.context.junit4.SpringRunner;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
/**
* @author Daniel Lavoie
*/
@RunWith(SpringRunner.class)
@SpringBootTest(classes = TestConfig.class, value = "spring.credhub.url=http://localhost")
public class CredHubAutoConfigurationTest {
@SpringBootTest(classes = TestConfig.class, properties = "spring.credhub.url=http://localhost")
public class CredHubTemplateAutoConfigurationTest {
@Autowired
private CredHubTemplate credHubTemplate;
@@ -25,8 +28,10 @@ public class CredHubAutoConfigurationTest {
@Test
public void contextLoads() {
Assert.assertNotNull(credHubTemplate);
Assert.assertNull(oauth2CredHubTemplate);
assertNotNull(credHubTemplate);
assertTrue(credHubTemplate instanceof CredHubTemplate);
assertNull(oauth2CredHubTemplate);
}
@SpringBootApplication