Update oauth2-vanilla to Boot 2

Issue spring-guides#179

oauth2-vanilla/authserver/pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.6.RELEASE</version>
+		<version>2.3.4.RELEASE</version>
 		<relativePath /> <!-- lookup parent from repository -->
 	</parent>
 
@@ -28,8 +28,13 @@
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.security.oauth</groupId>
-			<artifactId>spring-security-oauth2</artifactId>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security.experimental</groupId>
+			<artifactId>spring-security-oauth2-authorization-server</artifactId>
+			<version>0.0.2</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>

oauth2-vanilla/authserver/src/main/java/demo/AuthorizationServerConfiguration.java

@@ -0,0 +1,89 @@
+/*
+ * Copyright 2016-2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package demo;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Import;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.keys.KeyManager;
+import org.springframework.security.crypto.keys.StaticKeyGeneratingKeyManager;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
+import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
+import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
+
+import java.util.UUID;
+
+import static org.springframework.security.config.Customizer.withDefaults;
+
+@EnableWebSecurity
+@Import(OAuth2AuthorizationServerConfiguration.class)
+public class AuthorizationServerConfiguration {
+
+    @Configuration
+    @Order(1)
+    public static class UserSecurityConfiguration extends WebSecurityConfigurerAdapter {
+        @Override
+        protected void configure(HttpSecurity http) throws Exception {
+            http
+                    .antMatcher("/user")
+                    .authorizeRequests(authorize -> authorize
+                            .anyRequest().authenticated()
+                    )
+                    .oauth2ResourceServer(auth -> auth
+                            .jwt(jwt -> jwt
+                                    .jwkSetUri("http://localhost:9999/uaa/oauth2/jwks")
+                            )
+                    );
+        }
+    }
+
+    @Configuration
+    public static class AuthServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
+        @Override
+        protected void configure(HttpSecurity http) throws Exception {
+            http
+                    .authorizeRequests(authorize -> authorize
+                            .anyRequest().authenticated()
+                    )
+                    .formLogin(withDefaults())
+                    .httpBasic(withDefaults());
+        }
+    }
+
+    @Bean
+    public RegisteredClientRepository registeredClientRepository() {
+        RegisteredClient pilotClient = RegisteredClient.withId(UUID.randomUUID().toString())
+                .clientId("acme")
+                .clientSecret("acmesecret")
+                .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
+                .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
+                .redirectUri("http://localhost:8080/login/oauth2/code/spring")
+                .build();
+        return new InMemoryRegisteredClientRepository(pilotClient);
+    }
+
+    @Bean
+    public KeyManager keyManager() {
+        return new StaticKeyGeneratingKeyManager();
+    }
+}

oauth2-vanilla/authserver/src/main/java/demo/AuthserverApplication.java

@@ -4,15 +4,11 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 @SpringBootApplication
 @RestController
-@EnableResourceServer
-@EnableAuthorizationServer
 public class AuthserverApplication {
 
 	@RequestMapping("/user")

oauth2-vanilla/authserver/src/main/resources/application.properties

@@ -1,10 +1,3 @@
-server.port: 9999
-server.contextPath: /uaa
-security.user.password: password
-security.sessions: if-required
-security.oauth2.client.clientId: acme
-security.oauth2.client.clientSecret: acmesecret
-security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password
-security.oauth2.client.scope: openid
-#security.oauth2.client.accessTokenValiditySeconds: 10
-logging.level.org.springframework.security: DEBUG
+server.port=9999
+server.servlet.context-path=/uaa
+spring.security.user.password=password

oauth2-vanilla/authserver/src/test/java/demo/ApplicationTests.java

@@ -5,45 +5,42 @@
 
 import org.junit.Test;
 import org.junit.runner.RunWith;
-import org.springframework.boot.context.embedded.LocalServerPort;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.boot.test.web.client.TestRestTemplate;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.test.context.junit4.SpringRunner;
 
+import java.util.Map;
+
 @RunWith(SpringRunner.class)
 @SpringBootTest(webEnvironment=WebEnvironment.RANDOM_PORT)
 public class ApplicationTests {
 
-	@LocalServerPort
-	private int port;
-
-	private TestRestTemplate template = new TestRestTemplate();
+	@Autowired
+	private TestRestTemplate rest;
 
 	@Test
 	public void homePageProtected() {
-		ResponseEntity<String> response = template.getForEntity("http://localhost:"
-				+ port + "/uaa/", String.class);
+		ResponseEntity<Map> response = rest.getForEntity("/", Map.class);
 		assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
 		String auth = response.getHeaders().getFirst("WWW-Authenticate");
-		assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
+		assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));
 	}
 
 	@Test
 	public void userEndpointProtected() {
-		ResponseEntity<String> response = template.getForEntity("http://localhost:"
-				+ port + "/uaa/user", String.class);
+		ResponseEntity<Map> response = rest.getForEntity("/user", Map.class);
 		assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
 		String auth = response.getHeaders().getFirst("WWW-Authenticate");
-		assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
+		assertTrue("Wrong header: " + auth, auth.startsWith("Bearer"));
 	}
 
 	@Test
 	public void authorizationRedirects() {
-		ResponseEntity<String> response = template.getForEntity("http://localhost:"
-				+ port + "/uaa/oauth/authorize", String.class);
+		ResponseEntity<Map> response = rest.getForEntity("/oauth/authorize", Map.class);
 		assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
 		String auth = response.getHeaders().getFirst("WWW-Authenticate");
 		assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));

oauth2-vanilla/resource/pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.6.RELEASE</version>
+		<version>2.3.4.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 
@@ -28,8 +28,8 @@
 			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.security.oauth</groupId>
-			<artifactId>spring-security-oauth2</artifactId>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>

oauth2-vanilla/resource/src/main/java/demo/ResourceApplication.java

@@ -4,13 +4,11 @@
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 @SpringBootApplication
 @RestController
-@EnableResourceServer
 public class ResourceApplication {
 
 	@RequestMapping("/")

oauth2-vanilla/resource/src/main/resources/application.properties

@@ -1,3 +1,3 @@
-server.port: 9000
-server.address: 127.0.0.1
-security.oauth2.resource.userInfoUri: http://localhost:9999/uaa/user
+server.port=9000
+server.address=127.0.0.1
+spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://localhost:9999/uaa/oauth2/jwks

oauth2-vanilla/resource/src/test/java/demo/ApplicationTests.java

@@ -5,7 +5,7 @@
 
 import org.junit.Test;
 import org.junit.runner.RunWith;
-import org.springframework.boot.context.embedded.LocalServerPort;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.boot.test.web.client.TestRestTemplate;
@@ -17,14 +17,12 @@
 @SpringBootTest(webEnvironment=WebEnvironment.RANDOM_PORT)
 public class ApplicationTests {
 
-	@LocalServerPort
-	private int port;
-
-	private TestRestTemplate template = new TestRestTemplate();
+	@Autowired
+	private TestRestTemplate rest;
 
 	@Test
 	public void resourceLoads() {
-		ResponseEntity<String> response = template.getForEntity("http://localhost:{port}/", String.class, port);
+		ResponseEntity<String> response = rest.getForEntity("/", String.class);
 		assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
 		String auth = response.getHeaders().getFirst("WWW-Authenticate");
 		assertTrue("Wrong header: " + auth , auth.startsWith("Bearer"));

oauth2-vanilla/ui/.editorconfig

@@ -11,3 +11,6 @@ trim_trailing_whitespace = true
 [*.md]
 max_line_length = off
 trim_trailing_whitespace = false
+
+[*.java]
+indent_size = 4