diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java index 6100861..0832fd3 100644 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java +++ b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java @@ -19,6 +19,9 @@ import lombok.Data; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.util.StringUtils; +import org.springframework.validation.Errors; +import org.springframework.validation.Validator; /** * @author Dave Syer @@ -26,27 +29,52 @@ import org.springframework.boot.context.properties.ConfigurationProperties; */ @ConfigurationProperties("oauth2.resource") @Data -public class ResourceServerProperties { +public class ResourceServerProperties implements Validator { private String serviceId = "resource"; + @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.id:}") private String id; - @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientId:}") + @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientId:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.clientId:}}") private String clientId; - @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientSecret:}") + @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientSecret:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.clientSecret:}}") private String clientSecret; - @Value("${vcap.services.${oauth2.resource.serviceId:sso}.credentials.userInfoUri:}") + @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.userInfoUri:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.userInfoUri:}}") private String userInfoUri; - @Value("${vcap.services.${oauth2.resource.serviceId:sso}.credentials.tokenInfoUri:}") + @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.tokenInfoUri:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.tokenInfoUri:}}") private String tokenInfoUri; private boolean preferTokenInfo = true; public String getResourceId() { - return id==null ? clientId : id; + return !StringUtils.hasText(id) ? clientId : id; } + + @Override + public boolean supports(Class clazz) { + return ResourceServerProperties.class.isAssignableFrom(clazz); + } + + @Override + public void validate(Object target, Errors errors) { + ResourceServerProperties resource = (ResourceServerProperties) target; + if (StringUtils.hasText(resource.getClientId())) { + if (!StringUtils.hasText(resource.getClientSecret())) { + if (!StringUtils.hasText(resource.getUserInfoUri())) { + errors.rejectValue("userInfoUri", "missing.userInfoUri", + "Missing userInfoUri (no client secret available)"); + } + } else { + if (!StringUtils.hasText(resource.getTokenInfoUri())) { + errors.rejectValue("tokenInfoUri", "missing.tokenInfoUri", + "Missing tokenInfoUri"); + } + } + } + } + } diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java index 21a0f03..bb2b8d1 100644 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java +++ b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java @@ -206,7 +206,7 @@ public class OAuth2SsoConfiguration { http.logout() .logoutRequestMatcher(new AntPathRequestMatcher(sso.getLogoutPath())) - .addLogoutHandler(logoutHandler()); + .addLogoutHandler(logoutHandler()).permitAll(); http.exceptionHandling().authenticationEntryPoint( new LoginUrlAuthenticationEntryPoint(sso.getLoginPath())); @@ -232,7 +232,7 @@ public class OAuth2SsoConfiguration { response.sendRedirect(sso.getLogoutUri(redirect)); } catch (IOException e) { - throw new IllegalStateException("Cannot logout", e); + throw new IllegalStateException("Cannot logout remote server", e); } } }; diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java index 85d7982..239aba2 100644 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java +++ b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java @@ -64,7 +64,7 @@ public class OAuth2SsoProperties implements Validator { } public String getLogoutUri(String redirectUrl) { - return logoutUri != null ? logoutUri : tokenUri.replace("/oauth/token", + return StringUtils.hasText(logoutUri) ? logoutUri : tokenUri.replace("/oauth/token", "/logout.do?redirect=" + redirectUrl); }