From b3a38fb0f6aa34b3b1c8c633c7aa65883e06411a Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Mon, 25 Jun 2018 11:23:50 -0400 Subject: [PATCH] OAuth2ClientWebMvcSecurityConfiguration handles multiple OAuth2AuthorizedClientService @Bean Fixes gh-5321 --- .../OAuth2ClientConfiguration.java | 8 +++- .../OAuth2ClientConfigurationTests.java | 40 +++++++++++++++++++ 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfiguration.java index 86cfdc65f2..28ef942609 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfiguration.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfiguration.java @@ -57,7 +57,6 @@ final class OAuth2ClientConfiguration { @Configuration static class OAuth2ClientWebMvcSecurityConfiguration implements WebMvcConfigurer { - @Autowired(required = false) private OAuth2AuthorizedClientService authorizedClientService; @Override @@ -68,5 +67,12 @@ final class OAuth2ClientConfiguration { argumentResolvers.add(authorizedClientArgumentResolver); } } + + @Autowired(required = false) + public void setAuthorizedClientService(List authorizedClientServices) { + if (authorizedClientServices.size() == 1) { + this.authorizedClientService = authorizedClientServices.get(0); + } + } } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java index e2f84b2d86..c548224549 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java @@ -17,6 +17,7 @@ package org.springframework.security.config.annotation.web.configuration; import org.junit.Rule; import org.junit.Test; +import org.springframework.beans.factory.NoUniqueBeanDefinitionException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.security.config.annotation.web.builders.HttpSecurity; @@ -24,12 +25,14 @@ import org.springframework.security.config.test.SpringTestRule; import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService; import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient; +import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository; import org.springframework.security.oauth2.core.OAuth2AccessToken; import org.springframework.test.web.servlet.MockMvc; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.servlet.config.annotation.EnableWebMvc; +import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.user; @@ -92,4 +95,41 @@ public class OAuth2ClientConfigurationTests { return AUTHORIZED_CLIENT_SERVICE; } } + + // gh-5321 + @Test + public void loadContextWhenOAuth2AuthorizedClientServiceRegisteredTwiceThenThrowNoUniqueBeanDefinitionException() { + assertThatThrownBy(() -> this.spring.register(OAuth2AuthorizedClientServiceRegisteredTwiceConfig.class).autowire()) + .hasRootCauseInstanceOf(NoUniqueBeanDefinitionException.class) + .hasMessageContaining("Only one matching @Bean of type " + OAuth2AuthorizedClientService.class.getName() + " should be registered."); + } + + @EnableWebMvc + @EnableWebSecurity + static class OAuth2AuthorizedClientServiceRegisteredTwiceConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .anyRequest().authenticated() + .and() + .oauth2Login(); + } + + @Bean + public ClientRegistrationRepository clientRegistrationRepository() { + return mock(ClientRegistrationRepository.class); + } + + @Bean + public OAuth2AuthorizedClientService authorizedClientService1() { + return mock(OAuth2AuthorizedClientService.class); + } + + @Bean + public OAuth2AuthorizedClientService authorizedClientService2() { + return mock(OAuth2AuthorizedClientService.class); + } + } }