diff --git a/pom.xml b/pom.xml
index c87ae5b..bda823b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -56,17 +56,6 @@
2.3.1
true
-
- org.springframework.security.oauth
- spring-security-oauth2
- 2.0.3.RELEASE
- true
-
-
- org.springframework.social
- spring-social-core
- true
-
org.projectlombok
lombok
@@ -77,11 +66,6 @@
eureka-core
true
-
- com.netflix.zuul
- zuul-core
- true
-
org.springframework.boot
spring-boot-starter-test
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java
deleted file mode 100644
index c3f6e45..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.oauth2;
-
-import java.io.IOException;
-import java.util.Arrays;
-
-import javax.annotation.Resource;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.boot.context.embedded.FilterRegistrationBean;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Scope;
-import org.springframework.context.annotation.ScopedProxyMode;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpRequest;
-import org.springframework.http.MediaType;
-import org.springframework.http.client.ClientHttpRequestExecution;
-import org.springframework.http.client.ClientHttpRequestInterceptor;
-import org.springframework.http.client.ClientHttpResponse;
-import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
-import org.springframework.security.oauth2.client.OAuth2ClientContext;
-import org.springframework.security.oauth2.client.OAuth2RestOperations;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
-import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
-import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
-import org.springframework.security.oauth2.client.token.AccessTokenRequest;
-import org.springframework.security.oauth2.client.token.RequestEnhancer;
-import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider;
-import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
-import org.springframework.util.MultiValueMap;
-
-/**
- * @author Dave Syer
- *
- */
-@Configuration
-@EnableOAuth2Client
-@EnableConfigurationProperties(OAuth2ClientProperties.class)
-public class ClientConfiguration {
-
- @Autowired
- private OAuth2ClientProperties sso;
-
- @Resource
- @Qualifier("accessTokenRequest")
- private AccessTokenRequest accessTokenRequest;
-
- @Bean
- public FilterRegistrationBean oauth2ClientFilterRegistration(
- OAuth2ClientContextFilter filter) {
- FilterRegistrationBean registration = new FilterRegistrationBean();
- registration.setFilter(filter);
- registration.setOrder(0);
- return registration;
- }
-
- @Bean
- public OAuth2ProtectedResourceDetails oauth2RemoteResource() {
- AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
- // set up resource details, OAuth2 URLs etc.
- details.setClientId(sso.getClientId());
- details.setClientSecret(sso.getClientSecret());
- details.setAccessTokenUri(sso.getTokenUri());
- details.setUserAuthorizationUri(sso.getAuthorizationUri());
- details.setClientAuthenticationScheme(sso.getAuthenticationScheme());
- return details;
- }
-
- @Bean
- public OAuth2RestOperations oauth2RestTemplate() {
- OAuth2RestTemplate template = new OAuth2RestTemplate(oauth2RemoteResource(),
- oauth2ClientContext());
- template.setInterceptors(Arrays
- . asList(new ClientHttpRequestInterceptor() {
- @Override
- public ClientHttpResponse intercept(HttpRequest request, byte[] body,
- ClientHttpRequestExecution execution) throws IOException {
- request.getHeaders().setAccept(
- Arrays.asList(MediaType.APPLICATION_JSON));
- return execution.execute(request, body);
- }
- }));
- AuthorizationCodeAccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider();
- accessTokenProvider.setTokenRequestEnhancer(new RequestEnhancer() {
- @Override
- public void enhance(AccessTokenRequest request,
- OAuth2ProtectedResourceDetails resource,
- MultiValueMap form, HttpHeaders headers) {
- headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
- }
- });
- template.setAccessTokenProvider(accessTokenProvider);
- return template;
- }
-
- @Bean
- @Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
- public OAuth2ClientContext oauth2ClientContext() {
- return new DefaultOAuth2ClientContext(accessTokenRequest);
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java
deleted file mode 100644
index 5bf5651..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java
+++ /dev/null
@@ -1,72 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.oauth2;
-
-import lombok.Data;
-
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.security.oauth2.common.AuthenticationScheme;
-import org.springframework.util.StringUtils;
-import org.springframework.validation.Errors;
-import org.springframework.validation.Validator;
-
-/**
- * @author Dave Syer
- *
- */
-@ConfigurationProperties("oauth2.client")
-@Data
-public class OAuth2ClientProperties implements Validator {
-
- @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.tokenUri:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.tokenUri:}}")
- private String tokenUri;
-
- @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.authorizationUri:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.authorizationUri:}}")
- private String authorizationUri;
-
- @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.clientId:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientId:}}")
- private String clientId;
-
- @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.clientSecret:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientSecret:}}")
- private String clientSecret;
-
- private AuthenticationScheme authenticationScheme = AuthenticationScheme.header;
-
- @Override
- public boolean supports(Class> clazz) {
- return OAuth2ClientProperties.class.isAssignableFrom(clazz);
- }
-
- @Override
- public void validate(Object target, Errors errors) {
- OAuth2ClientProperties sso = (OAuth2ClientProperties) target;
- if (StringUtils.hasText(sso.getClientId())) {
- if (!StringUtils.hasText(sso.getAuthorizationUri())) {
- errors.rejectValue("authorizeUri", "missing.authorizeUri",
- "Missing authorizeUri");
- }
- if (!StringUtils.hasText(sso.getTokenUri())) {
- errors.rejectValue("tokenUri", "missing.tokenUri", "Missing tokenUri");
- }
- if (!StringUtils.hasText(sso.getClientSecret())) {
- errors.rejectValue("clientSecret", "missing.clientSecret",
- "Missing clientSecret");
- }
- }
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java
deleted file mode 100644
index e589cfa..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.oauth2;
-
-import lombok.Data;
-import lombok.RequiredArgsConstructor;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.util.StringUtils;
-import org.springframework.validation.Errors;
-import org.springframework.validation.Validator;
-
-/**
- * @author Dave Syer
- *
- */
-@ConfigurationProperties("oauth2.resource")
-@Data
-@RequiredArgsConstructor(onConstructor = @__(@Autowired))
-public class ResourceServerProperties implements Validator {
-
- private final OAuth2ClientProperties client;
-
- private String serviceId = "resource";
-
- @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.id:}")
- private String id;
-
- @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.userInfoUri:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.userInfoUri:}}")
- private String userInfoUri;
-
- @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.tokenInfoUri:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.tokenInfoUri:}}")
- private String tokenInfoUri;
-
- private boolean preferTokenInfo = true;
-
- public String getResourceId() {
- return id;
- }
-
- @Override
- public boolean supports(Class> clazz) {
- return ResourceServerProperties.class.isAssignableFrom(clazz);
- }
-
- @Override
- public void validate(Object target, Errors errors) {
- ResourceServerProperties resource = (ResourceServerProperties) target;
- if (StringUtils.hasText(client.getClientId())) {
- if (!StringUtils.hasText(client.getClientSecret())) {
- if (!StringUtils.hasText(resource.getUserInfoUri())) {
- errors.rejectValue("userInfoUri", "missing.userInfoUri",
- "Missing userInfoUri (no client secret available)");
- }
- } else {
- if (isPreferTokenInfo() && !StringUtils.hasText(resource.getTokenInfoUri())) {
- errors.rejectValue("tokenInfoUri", "missing.tokenInfoUri",
- "Missing tokenInfoUri");
- }
- }
- }
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java
deleted file mode 100644
index fce767e..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.oauth2;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
-import org.springframework.social.connect.support.OAuth2ConnectionFactory;
-
-/**
- * @author Dave Syer
- *
- */
-@Configuration
-@EnableConfigurationProperties(ResourceServerProperties.class)
-@Import(ClientConfiguration.class)
-public class ResourceServerTokenServicesConfiguration {
-
- @Autowired
- private ResourceServerProperties resource;
-
- @Autowired
- private OAuth2ClientProperties client;
-
- @Bean
- @ConditionalOnMissingBean(ResourceServerTokenServices.class)
- @ConditionalOnExpression("${oauth2.resource.preferTokenInfo:${OAUTH2_RESOURCE_PREFERTOKENINFO:true}}")
- protected RemoteTokenServices remoteTokenServices() {
- RemoteTokenServices services = new RemoteTokenServices();
- services.setCheckTokenEndpointUrl(resource.getTokenInfoUri());
- services.setClientId(client.getClientId());
- services.setClientSecret(client.getClientSecret());
- return services;
- }
-
- @Configuration
- @ConditionalOnClass(OAuth2ConnectionFactory.class)
- @ConditionalOnExpression("!${oauth2.resource.preferTokenInfo:${OAUTH2_RESOURCE_PREFERTOKENINFO:true}}")
- protected static class SocialTokenServicesConfiguration {
-
- @Autowired
- private ResourceServerProperties sso;
-
- @Autowired
- private OAuth2ClientProperties client;
-
- @Autowired(required = false)
- private OAuth2ConnectionFactory> connectionFactory;
-
- @Bean
- @ConditionalOnBean(OAuth2ConnectionFactory.class)
- @ConditionalOnMissingBean(ResourceServerTokenServices.class)
- public SpringSocialTokenServices socialTokenServices() {
- return new SpringSocialTokenServices(connectionFactory, client.getClientId());
- }
-
- @Bean
- @ConditionalOnMissingBean({ OAuth2ConnectionFactory.class,
- ResourceServerTokenServices.class })
- public UserInfoTokenServices userInfoTokenServices() {
- return new UserInfoTokenServices(sso.getUserInfoUri(), client.getClientId());
- }
-
- }
-
- @Configuration
- @ConditionalOnMissingClass(name = "org.springframework.social.connect.support.OAuth2ConnectionFactory")
- @ConditionalOnExpression("!${oauth2.resource.preferTokenInfo:${OAUTH2_RESOURCE_PREFERTOKENINFO:true}}")
- protected static class UserInfoTokenServicesConfiguration {
-
- @Autowired
- private ResourceServerProperties sso;
-
- @Autowired
- private OAuth2ClientProperties client;
-
- @Bean
- @ConditionalOnMissingBean(ResourceServerTokenServices.class)
- public UserInfoTokenServices userInfoTokenServices() {
- return new UserInfoTokenServices(sso.getUserInfoUri(), client.getClientId());
- }
-
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java
deleted file mode 100644
index 49f258c..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.oauth2;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
-import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.OAuth2Request;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
-import org.springframework.social.connect.Connection;
-import org.springframework.social.connect.UserProfile;
-import org.springframework.social.connect.support.OAuth2ConnectionFactory;
-import org.springframework.social.oauth2.AccessGrant;
-
-/**
- * @author Dave Syer
- *
- */
-public class SpringSocialTokenServices implements ResourceServerTokenServices {
-
- protected final Log logger = LogFactory.getLog(getClass());
-
- private OAuth2ConnectionFactory> connectionFactory;
-
- private String clientId;
-
- public SpringSocialTokenServices(OAuth2ConnectionFactory> connectionFactory,
- String clientId) {
- this.connectionFactory = connectionFactory;
- this.clientId = clientId;
- }
-
- @Override
- public OAuth2Authentication loadAuthentication(String accessToken)
- throws AuthenticationException, InvalidTokenException {
-
- Connection> connection = connectionFactory.createConnection(new AccessGrant(
- accessToken));
- UserProfile user = connection.fetchUserProfile();
- return extractAuthentication(user);
- }
-
- private OAuth2Authentication extractAuthentication(UserProfile user) {
- UsernamePasswordAuthenticationToken principal = new UsernamePasswordAuthenticationToken(
- user.getUsername(), "N/A",
- AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
- principal.setDetails(user);
- OAuth2Request request = new OAuth2Request(null, clientId, null, true, null, null,
- null, null, null);
- return new OAuth2Authentication(request, principal);
- }
-
- @Override
- public OAuth2AccessToken readAccessToken(String accessToken) {
- throw new UnsupportedOperationException("Not supported: read access token");
- }
-
-}
\ No newline at end of file
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java
deleted file mode 100644
index 16f5d84..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.oauth2;
-
-import java.util.Map;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
-import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails;
-import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
-import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.OAuth2Request;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
-
-/**
- * @author Dave Syer
- *
- */
-public class UserInfoTokenServices implements ResourceServerTokenServices {
-
- protected final Log logger = LogFactory.getLog(getClass());
-
- private String userInfoEndpointUrl;
-
- private String clientId;
-
- public UserInfoTokenServices(String userInfoEndpointUrl, String clientId) {
- this.userInfoEndpointUrl = userInfoEndpointUrl;
- this.clientId = clientId;
- }
-
- @Override
- public OAuth2Authentication loadAuthentication(String accessToken)
- throws AuthenticationException, InvalidTokenException {
-
- Map map = getMap(userInfoEndpointUrl, accessToken);
-
- if (map.containsKey("error")) {
- logger.debug("userinfo returned error: " + map.get("error"));
- throw new InvalidTokenException(accessToken);
- }
-
- return extractAuthentication(map);
- }
-
- private OAuth2Authentication extractAuthentication(Map map) {
- UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken(
- getPrincipal(map), "N/A",
- AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
- user.setDetails(map);
- OAuth2Request request = new OAuth2Request(null, clientId, null, true, null,
- null, null, null, null);
- return new OAuth2Authentication(request, user);
- }
-
- private Object getPrincipal(Map map) {
- String[] keys = new String[] { "user", "username", "userid", "user_id",
- "login", "id" };
- for (String key : keys) {
- if (map.containsKey(key)) {
- return map.get(key);
- }
- }
- return "unknown";
- }
-
- @Override
- public OAuth2AccessToken readAccessToken(String accessToken) {
- throw new UnsupportedOperationException("Not supported: read access token");
- }
-
- private Map getMap(String path, String accessToken) {
- logger.info("Getting user info from :" + path);
- BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails();
- resource.setClientId(clientId);
- OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resource);
- restTemplate.getOAuth2ClientContext().setAccessToken(new DefaultOAuth2AccessToken(accessToken));
- @SuppressWarnings("rawtypes")
- Map map = restTemplate.getForEntity(path, Map.class).getBody();
- @SuppressWarnings("unchecked")
- Map result = map;
- return result;
- }
-
-}
\ No newline at end of file
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java
deleted file mode 100644
index 461b2e5..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.proxy;
-
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
-import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
-
-import com.netflix.zuul.ZuulFilter;
-
-/**
- * @author Dave Syer
- *
- */
-@Configuration
-@ConditionalOnClass({ ZuulFilter.class, EnableOAuth2Client.class, SecurityProperties.class })
-@ConditionalOnWebApplication
-public class OAuth2ProxyAutoConfiguration {
-
- @Bean
- public OAuth2TokenRelayFilter oauth2TokenRelayFilter() {
- return new OAuth2TokenRelayFilter();
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java b/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java
deleted file mode 100644
index bb01468..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java
+++ /dev/null
@@ -1,46 +0,0 @@
-package org.springframework.cloud.cloudfoundry.proxy;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
-
-import com.netflix.zuul.ZuulFilter;
-import com.netflix.zuul.context.RequestContext;
-
-public class OAuth2TokenRelayFilter extends ZuulFilter {
-
- private static final String ACCESS_TOKEN = "ACCESS_TOKEN";
-
- @Override
- public int filterOrder() {
- return 10;
- }
-
- @Override
- public String filterType() {
- return "pre";
- }
-
- @Override
- public boolean shouldFilter() {
- Authentication auth = SecurityContextHolder.getContext().getAuthentication();
- if (auth instanceof OAuth2Authentication) {
- Object details = auth.getDetails();
- if (details instanceof OAuth2AuthenticationDetails) {
- OAuth2AuthenticationDetails oauth = (OAuth2AuthenticationDetails) details;
- RequestContext ctx = RequestContext.getCurrentContext();
- ctx.set(ACCESS_TOKEN, oauth.getTokenValue());
- return true;
- }
- }
- return false;
- }
-
- @Override
- public Object run() {
- RequestContext ctx = RequestContext.getCurrentContext();
- ctx.addZuulRequestHeader("authorization", "Bearer " + ctx.get(ACCESS_TOKEN));
- return null;
- }
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java b/src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java
deleted file mode 100644
index 23cca3c..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.resource;
-
-import java.lang.annotation.Documented;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-import org.springframework.context.annotation.Import;
-
-/**
- * @author Dave Syer
- *
- */
-@Target(ElementType.TYPE)
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-@Import(OAuth2ResourceConfiguration.class)
-public @interface EnableOAuth2Resource {
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java
deleted file mode 100644
index 318172a..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java
+++ /dev/null
@@ -1,114 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.resource;
-
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.config.BeanPostProcessor;
-import org.springframework.boot.actuate.autoconfigure.ManagementServerProperties;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
-import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.cloud.cloudfoundry.oauth2.ResourceServerProperties;
-import org.springframework.cloud.cloudfoundry.oauth2.ResourceServerTokenServicesConfiguration;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
-import org.springframework.util.ClassUtils;
-
-/**
- * @author Dave Syer
- *
- */
-@Configuration
-@ConditionalOnExpression("'${oauth2.client.clientId:${vcap.services.resource.credentials.clientId:}}'!=''")
-@ConditionalOnClass({ EnableResourceServer.class, SecurityProperties.class })
-@ConditionalOnWebApplication
-@EnableResourceServer
-@Import(ResourceServerTokenServicesConfiguration.class)
-public class OAuth2ResourceConfiguration {
-
- @Autowired
- private ResourceServerProperties resource;
-
- @Bean
- @ConditionalOnMissingBean(ResourceServerConfigurer.class)
- public ResourceServerConfigurer resourceServer() {
- return new ResourceSecurityConfigurer(resource);
- }
-
- protected static class ResourceSecurityConfigurer extends ResourceServerConfigurerAdapter {
-
- private ResourceServerProperties resource;
-
- @Autowired
- public ResourceSecurityConfigurer(ResourceServerProperties resource) {
- this.resource = resource;
- }
-
- @Override
- public void configure(ResourceServerSecurityConfigurer resources)
- throws Exception {
- resources.resourceId(resource.getResourceId());
- }
-
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests().anyRequest().authenticated();
- }
-
- }
-
- @Configuration
- protected static class ResourceServerOrderProcessor implements BeanPostProcessor {
-
- @Override
- public Object postProcessAfterInitialization(Object bean, String beanName)
- throws BeansException {
- if (bean instanceof ResourceServerConfiguration) {
- ResourceServerConfiguration configuration = (ResourceServerConfiguration) bean;
- configuration.setOrder(getOrder());
- }
- return bean;
- }
-
- @Override
- public Object postProcessBeforeInitialization(Object bean, String beanName)
- throws BeansException {
- return bean;
- }
-
- private int getOrder() {
- if (ClassUtils
- .isPresent(
- "org.springframework.boot.actuate.autoconfigure.ManagementServerProperties",
- null)) {
- return ManagementServerProperties.ACCESS_OVERRIDE_ORDER - 10;
- }
- return SecurityProperties.ACCESS_OVERRIDE_ORDER - 10;
- }
-
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java
deleted file mode 100644
index 1a81b9f..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.sso;
-
-import java.lang.annotation.Documented;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-import org.springframework.context.annotation.Import;
-
-/**
- * @author Dave Syer
- *
- */
-@Target(ElementType.TYPE)
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-@Import(OAuth2SsoConfiguration.class)
-public @interface EnableOAuth2Sso {
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java
deleted file mode 100644
index bd687cf..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java
+++ /dev/null
@@ -1,154 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.sso;
-
-import java.io.IOException;
-import java.util.Collections;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
-import org.springframework.boot.actuate.autoconfigure.ManagementServerProperties;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
-import org.springframework.boot.autoconfigure.security.SecurityProperties;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
-import org.springframework.cloud.cloudfoundry.oauth2.ResourceServerTokenServicesConfiguration;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.core.Ordered;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.client.OAuth2RestOperations;
-import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter;
-import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
-import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
-import org.springframework.security.web.authentication.logout.LogoutHandler;
-import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter;
-import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
-import org.springframework.util.ClassUtils;
-
-/**
- * @author Dave Syer
- *
- */
-@Configuration
-@ConditionalOnExpression("'${oauth2.client.clientId:${vcap.services.sso.credentials.clientId:}}'!=''")
-@ConditionalOnClass({ ResourceServerTokenServices.class, SecurityProperties.class })
-@ConditionalOnWebApplication
-@EnableConfigurationProperties(OAuth2SsoProperties.class)
-@Import(ResourceServerTokenServicesConfiguration.class)
-public class OAuth2SsoConfiguration extends WebSecurityConfigurerAdapter implements Ordered {
-
- @Autowired
- private OAuth2ProtectedResourceDetails remote;
-
- @Autowired
- private OAuth2SsoProperties sso;
-
- @Autowired
- private ResourceServerTokenServices tokenServices;
-
- @Autowired
- @Qualifier("oauth2RestTemplate")
- private OAuth2RestOperations restTemplate;
-
- private List configurers = Collections.emptyList();
-
- @Override
- public int getOrder() {
- if (ClassUtils
- .isPresent(
- "org.springframework.boot.actuate.autoconfigure.ManagementServerProperties",
- null)) {
- return ManagementServerProperties.ACCESS_OVERRIDE_ORDER;
- }
- return SecurityProperties.ACCESS_OVERRIDE_ORDER;
- }
-
- /**
- * @param configurers the configurers to set
- */
- @Autowired(required = false)
- public void setConfigurers(List configurers) {
- this.configurers = configurers;
- }
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
-
- http.addFilterAfter(cloudfoundrySsoFilter(),
- AbstractPreAuthenticatedProcessingFilter.class);
-
- for (OAuth2SsoConfigurer configurer : configurers) {
- // Delegates can add authorizeRequests() here
- configurer.configure(http);
- }
- if (configurers.isEmpty()) {
- // Add anyRequest() last as a fall back. Spring Security would replace an
- // existing anyRequest() matcher with this one, so to avoid that we only
- // add it if the user hasn't configured anything.
- ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry requests = http
- .antMatcher("/**").authorizeRequests();
- if (!sso.getHome().isSecure()) {
- requests.antMatchers(sso.getHome().getPath()).permitAll();
- }
- requests.anyRequest().authenticated();
- }
-
- http.logout()
- .logoutRequestMatcher(new AntPathRequestMatcher(sso.getLogoutPath()))
- .addLogoutHandler(logoutHandler()).permitAll();
- http.exceptionHandling().authenticationEntryPoint(
- new LoginUrlAuthenticationEntryPoint(sso.getLoginPath()));
-
- }
-
- protected OAuth2ClientAuthenticationProcessingFilter cloudfoundrySsoFilter() {
- OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(
- sso.getLoginPath());
- filter.setRestTemplate(restTemplate);
- filter.setTokenServices(tokenServices);
- return filter;
- }
-
- private LogoutHandler logoutHandler() {
- LogoutHandler handler = new LogoutHandler() {
- @Override
- public void logout(HttpServletRequest request, HttpServletResponse response,
- Authentication authentication) {
- restTemplate.getOAuth2ClientContext().setAccessToken(null);
- String redirect = request.getRequestURL().toString()
- .replace(sso.getLogoutPath(), sso.getHome().getPath());
- try {
- response.sendRedirect(sso.getLogoutUri(redirect));
- }
- catch (IOException e) {
- throw new IllegalStateException("Cannot logout remote server", e);
- }
- }
- };
- return handler;
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java
deleted file mode 100644
index 07557dc..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.sso;
-
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-
-/**
- * @author Dave Syer
- *
- */
-public interface OAuth2SsoConfigurer {
-
- void configure(HttpSecurity http) throws Exception;
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java
deleted file mode 100644
index 9a9b99f..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.sso;
-
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-
-/**
- * @author Dave Syer
- *
- */
-public class OAuth2SsoConfigurerAdapter implements OAuth2SsoConfigurer {
-
- @Override
- public void configure(HttpSecurity http) {
- }
-
-}
diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java
deleted file mode 100644
index 18735f4..0000000
--- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*
- * Copyright 2013-2014 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.cloud.cloudfoundry.sso;
-
-import lombok.Data;
-import lombok.RequiredArgsConstructor;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.cloud.cloudfoundry.oauth2.OAuth2ClientProperties;
-import org.springframework.util.StringUtils;
-
-/**
- * @author Dave Syer
- *
- */
-@ConfigurationProperties("oauth2.sso")
-@Data
-@RequiredArgsConstructor(onConstructor = @__(@Autowired))
-public class OAuth2SsoProperties {
-
- private final OAuth2ClientProperties client;
-
- private String serviceId = "sso";
-
- private String logoutPath = "/logout";
-
- @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.logoutUri:}")
- private String logoutUri;
-
- private String loginPath = "/login";
-
- private Home home = new Home();
-
- @Data
- public static class Home {
- private String path = "/";
- private boolean secure = true;
- }
-
- public String getLogoutUri(String redirectUrl) {
- return StringUtils.hasText(logoutUri) ? logoutUri : client.getTokenUri().replace("/oauth/token",
- "/logout.do?redirect=" + redirectUrl);
- }
-
-}
diff --git a/src/main/resources/META-INF/spring.factories b/src/main/resources/META-INF/spring.factories
index c001fed..9e386c0 100644
--- a/src/main/resources/META-INF/spring.factories
+++ b/src/main/resources/META-INF/spring.factories
@@ -1,3 +1,2 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-org.springframework.cloud.cloudfoundry.broker.configuration.ServiceBrokerAutoConfiguration,\
-org.springframework.cloud.cloudfoundry.proxy.OAuth2ProxyAutoConfiguration
\ No newline at end of file
+org.springframework.cloud.cloudfoundry.broker.configuration.ServiceBrokerAutoConfiguration
\ No newline at end of file
diff --git a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java
index a38afd4..47cbddc 100644
--- a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java
+++ b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java
@@ -20,13 +20,11 @@ import java.security.Principal;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.Configuration;
-import org.springframework.cloud.cloudfoundry.sso.EnableOAuth2Sso;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@Configuration
@EnableAutoConfiguration
-@EnableOAuth2Sso
@RestController
public class Application {
diff --git a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java
index 4a32347..309fbe6 100644
--- a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java
+++ b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java
@@ -33,8 +33,7 @@ import org.springframework.test.context.web.WebAppConfiguration;
@RunWith(SpringJUnit4ClassRunner.class)
@SpringApplicationConfiguration(classes = Application.class)
@WebAppConfiguration
-@IntegrationTest({ "server.port=0", "security.basic.enabled=false",
- "cloudfoundry.sso.clientId=", "cloudfoundry.resource.clientId=" })
+@IntegrationTest({ "server.port=0"})
public class ApplicationTests {
@Value("${local.server.port}")