001/* 002 * Copyright 2012-2018 the original author or authors. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.springframework.boot.autoconfigure.security.oauth2.client.reactive; 017 018import java.util.ArrayList; 019import java.util.List; 020 021import reactor.core.publisher.Flux; 022 023import org.springframework.boot.autoconfigure.AutoConfigureBefore; 024import org.springframework.boot.autoconfigure.EnableAutoConfiguration; 025import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; 026import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; 027import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; 028import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; 029import org.springframework.boot.autoconfigure.condition.NoneNestedConditions; 030import org.springframework.boot.autoconfigure.security.oauth2.client.ClientsConfiguredCondition; 031import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties; 032import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientPropertiesRegistrationAdapter; 033import org.springframework.boot.autoconfigure.security.reactive.ReactiveSecurityAutoConfiguration; 034import org.springframework.boot.context.properties.EnableConfigurationProperties; 035import org.springframework.context.annotation.Bean; 036import org.springframework.context.annotation.Conditional; 037import org.springframework.context.annotation.Configuration; 038import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; 039import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService; 040import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService; 041import org.springframework.security.oauth2.client.registration.ClientRegistration; 042import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository; 043import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository; 044import org.springframework.security.oauth2.client.web.server.AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository; 045import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository; 046 047/** 048 * {@link EnableAutoConfiguration Auto-configuration} for Spring Security's Reactive 049 * OAuth2 client. 050 * 051 * @author Madhura Bhave 052 * @since 2.1.0 053 */ 054@Configuration 055@AutoConfigureBefore(ReactiveSecurityAutoConfiguration.class) 056@EnableConfigurationProperties(OAuth2ClientProperties.class) 057@Conditional(ReactiveOAuth2ClientAutoConfiguration.NonServletApplicationCondition.class) 058@ConditionalOnClass({ Flux.class, EnableWebFluxSecurity.class, ClientRegistration.class }) 059public class ReactiveOAuth2ClientAutoConfiguration { 060 061 private final OAuth2ClientProperties properties; 062 063 public ReactiveOAuth2ClientAutoConfiguration(OAuth2ClientProperties properties) { 064 this.properties = properties; 065 } 066 067 @Bean 068 @Conditional(ClientsConfiguredCondition.class) 069 @ConditionalOnMissingBean(ReactiveClientRegistrationRepository.class) 070 public InMemoryReactiveClientRegistrationRepository clientRegistrationRepository() { 071 List<ClientRegistration> registrations = new ArrayList<>( 072 OAuth2ClientPropertiesRegistrationAdapter 073 .getClientRegistrations(this.properties).values()); 074 return new InMemoryReactiveClientRegistrationRepository(registrations); 075 } 076 077 @Bean 078 @ConditionalOnBean(ReactiveClientRegistrationRepository.class) 079 @ConditionalOnMissingBean 080 public ReactiveOAuth2AuthorizedClientService authorizedClientService( 081 ReactiveClientRegistrationRepository clientRegistrationRepository) { 082 return new InMemoryReactiveOAuth2AuthorizedClientService( 083 clientRegistrationRepository); 084 } 085 086 @Bean 087 @ConditionalOnBean(ReactiveOAuth2AuthorizedClientService.class) 088 @ConditionalOnMissingBean 089 public ServerOAuth2AuthorizedClientRepository authorizedClientRepository( 090 ReactiveOAuth2AuthorizedClientService authorizedClientService) { 091 return new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository( 092 authorizedClientService); 093 } 094 095 static class NonServletApplicationCondition extends NoneNestedConditions { 096 097 NonServletApplicationCondition() { 098 super(ConfigurationPhase.PARSE_CONFIGURATION); 099 } 100 101 @ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET) 102 static class ServletApplicationCondition { 103 104 } 105 106 } 107 108}