001/* 002 * Copyright 2012-2018 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016 017package org.springframework.boot.autoconfigure.security.oauth2.client; 018 019import java.util.HashMap; 020import java.util.Map; 021import java.util.Set; 022 023import javax.annotation.PostConstruct; 024 025import org.springframework.boot.context.properties.ConfigurationProperties; 026import org.springframework.util.StringUtils; 027 028/** 029 * OAuth 2.0 client properties. 030 * 031 * @author Madhura Bhave 032 * @author Phillip Webb 033 * @author Artsiom Yudovin 034 * @author MyeongHyeon Lee 035 */ 036@ConfigurationProperties(prefix = "spring.security.oauth2.client") 037public class OAuth2ClientProperties { 038 039 /** 040 * OAuth provider details. 041 */ 042 private final Map<String, Provider> provider = new HashMap<>(); 043 044 /** 045 * OAuth client registrations. 046 */ 047 private final Map<String, Registration> registration = new HashMap<>(); 048 049 public Map<String, Provider> getProvider() { 050 return this.provider; 051 } 052 053 public Map<String, Registration> getRegistration() { 054 return this.registration; 055 } 056 057 @PostConstruct 058 public void validate() { 059 this.getRegistration().values().forEach(this::validateRegistration); 060 } 061 062 private void validateRegistration(Registration registration) { 063 if (!StringUtils.hasText(registration.getClientId())) { 064 throw new IllegalStateException("Client id must not be empty."); 065 } 066 } 067 068 /** 069 * A single client registration. 070 */ 071 public static class Registration { 072 073 /** 074 * Reference to the OAuth 2.0 provider to use. May reference an element from the 075 * 'provider' property or used one of the commonly used providers (google, github, 076 * facebook, okta). 077 */ 078 private String provider; 079 080 /** 081 * Client ID for the registration. 082 */ 083 private String clientId; 084 085 /** 086 * Client secret of the registration. 087 */ 088 private String clientSecret; 089 090 /** 091 * Client authentication method. May be left blank when using a pre-defined 092 * provider. 093 */ 094 private String clientAuthenticationMethod; 095 096 /** 097 * Authorization grant type. May be left blank when using a pre-defined provider. 098 */ 099 private String authorizationGrantType; 100 101 /** 102 * Redirect URI. May be left blank when using a pre-defined provider. 103 */ 104 private String redirectUri; 105 106 /** 107 * Authorization scopes. May be left blank when using a pre-defined provider. 108 */ 109 private Set<String> scope; 110 111 /** 112 * Client name. May be left blank when using a pre-defined provider. 113 */ 114 private String clientName; 115 116 public String getProvider() { 117 return this.provider; 118 } 119 120 public void setProvider(String provider) { 121 this.provider = provider; 122 } 123 124 public String getClientId() { 125 return this.clientId; 126 } 127 128 public void setClientId(String clientId) { 129 this.clientId = clientId; 130 } 131 132 public String getClientSecret() { 133 return this.clientSecret; 134 } 135 136 public void setClientSecret(String clientSecret) { 137 this.clientSecret = clientSecret; 138 } 139 140 public String getClientAuthenticationMethod() { 141 return this.clientAuthenticationMethod; 142 } 143 144 public void setClientAuthenticationMethod(String clientAuthenticationMethod) { 145 this.clientAuthenticationMethod = clientAuthenticationMethod; 146 } 147 148 public String getAuthorizationGrantType() { 149 return this.authorizationGrantType; 150 } 151 152 public void setAuthorizationGrantType(String authorizationGrantType) { 153 this.authorizationGrantType = authorizationGrantType; 154 } 155 156 public String getRedirectUri() { 157 return this.redirectUri; 158 } 159 160 public void setRedirectUri(String redirectUri) { 161 this.redirectUri = redirectUri; 162 } 163 164 @Deprecated 165 public String getRedirectUriTemplate() { 166 return getRedirectUri(); 167 } 168 169 @Deprecated 170 public void setRedirectUriTemplate(String redirectUri) { 171 setRedirectUri(redirectUri); 172 } 173 174 public Set<String> getScope() { 175 return this.scope; 176 } 177 178 public void setScope(Set<String> scope) { 179 this.scope = scope; 180 } 181 182 public String getClientName() { 183 return this.clientName; 184 } 185 186 public void setClientName(String clientName) { 187 this.clientName = clientName; 188 } 189 190 } 191 192 public static class Provider { 193 194 /** 195 * Authorization URI for the provider. 196 */ 197 private String authorizationUri; 198 199 /** 200 * Token URI for the provider. 201 */ 202 private String tokenUri; 203 204 /** 205 * User info URI for the provider. 206 */ 207 private String userInfoUri; 208 209 /** 210 * User info authentication method for the provider. 211 */ 212 private String userInfoAuthenticationMethod; 213 214 /** 215 * Name of the attribute that will be used to extract the username from the call 216 * to 'userInfoUri'. 217 */ 218 private String userNameAttribute; 219 220 /** 221 * JWK set URI for the provider. 222 */ 223 private String jwkSetUri; 224 225 /** 226 * URI that an OpenID Connect Provider asserts as its Issuer Identifier. 227 */ 228 private String issuerUri; 229 230 public String getAuthorizationUri() { 231 return this.authorizationUri; 232 } 233 234 public void setAuthorizationUri(String authorizationUri) { 235 this.authorizationUri = authorizationUri; 236 } 237 238 public String getTokenUri() { 239 return this.tokenUri; 240 } 241 242 public void setTokenUri(String tokenUri) { 243 this.tokenUri = tokenUri; 244 } 245 246 public String getUserInfoUri() { 247 return this.userInfoUri; 248 } 249 250 public void setUserInfoUri(String userInfoUri) { 251 this.userInfoUri = userInfoUri; 252 } 253 254 public String getUserInfoAuthenticationMethod() { 255 return this.userInfoAuthenticationMethod; 256 } 257 258 public void setUserInfoAuthenticationMethod(String userInfoAuthenticationMethod) { 259 this.userInfoAuthenticationMethod = userInfoAuthenticationMethod; 260 } 261 262 public String getUserNameAttribute() { 263 return this.userNameAttribute; 264 } 265 266 public void setUserNameAttribute(String userNameAttribute) { 267 this.userNameAttribute = userNameAttribute; 268 } 269 270 public String getJwkSetUri() { 271 return this.jwkSetUri; 272 } 273 274 public void setJwkSetUri(String jwkSetUri) { 275 this.jwkSetUri = jwkSetUri; 276 } 277 278 public String getIssuerUri() { 279 return this.issuerUri; 280 } 281 282 public void setIssuerUri(String issuerUri) { 283 this.issuerUri = issuerUri; 284 } 285 286 } 287 288}