Skip to content

Commit

Permalink
Disable ResourceServerTokenRelayAutoConfiguration when property secur…
Browse files Browse the repository at this point in the history 
…ity.oauth2.client.grant_type=client_credentials

Fixes spring-atticGH-125
  • Loading branch information
klubianka committed Jun 13, 2017
1 parent e8e406a commit f0af670
Showing 1 changed file with 23 additions and 4 deletions.
27 changes: 23 additions & 4 deletions ...ringframework/cloud/security/oauth2/client/ResourceServerTokenRelayAutoConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,10 @@

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.AllNestedConditions;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.condition.*;
import org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration;
import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoTokenServices;
import org.springframework.cloud.security.oauth2.client.ResourceServerTokenRelayAutoConfiguration.ConditionalOnNoClientCredentialsInResourceServer;
import org.springframework.cloud.security.oauth2.client.ResourceServerTokenRelayAutoConfiguration.ConditionalOnOAuth2ClientInResourceServer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
Expand Down Expand Up @@ -62,6 +60,7 @@
*/
@Configuration
@AutoConfigureAfter(OAuth2AutoConfiguration.class)
@ConditionalOnNoClientCredentialsInResourceServer
@ConditionalOnOAuth2ClientInResourceServer
@ConditionalOnClass(ResourceServerConfiguration.class)
@ConditionalOnWebApplication
Expand Down Expand Up @@ -121,4 +120,24 @@ static class Client {

}

@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Conditional(NoClientCredentialsCondition.class)
@interface ConditionalOnNoClientCredentialsInResourceServer {

}

private static class NoClientCredentialsCondition extends NoneNestedConditions {

NoClientCredentialsCondition() {
super(ConfigurationPhase.PARSE_CONFIGURATION);
}

@ConditionalOnProperty(prefix = "security.oauth2.client", name = "grant-type", havingValue = "client_credentials", matchIfMissing = false)
static class ClientCredentialsActivated {
}

}

}

0 comments on commit f0af670

Please sign in to comment.