Merge branch '1.5.x'

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerConfiguration.java

@@ -86,7 +86,8 @@ public class OAuth2ResourceServerConfiguration {
 		return new ResourceServerFilterChainOrderProcessor(properties);
 	}
 
-	protected static class ResourceSecurityConfigurer extends ResourceServerConfigurerAdapter {
+	protected static class ResourceSecurityConfigurer
+			extends ResourceServerConfigurerAdapter {
 
 		private ResourceServerProperties resource;
 
@@ -95,7 +96,8 @@ public class OAuth2ResourceServerConfiguration {
 		}
 
 		@Override
-		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+		public void configure(ResourceServerSecurityConfigurer resources)
+				throws Exception {
 			resources.resourceId(this.resource.getResourceId());
 		}
 
@@ -110,26 +112,32 @@ public class OAuth2ResourceServerConfiguration {
 			implements BeanPostProcessor, ApplicationContextAware {
 
 		private final ResourceServerProperties properties;
+
 		private ApplicationContext context;
 
-		private ResourceServerFilterChainOrderProcessor(ResourceServerProperties properties) {
+		private ResourceServerFilterChainOrderProcessor(
+				ResourceServerProperties properties) {
 			this.properties = properties;
 		}
 
 		@Override
-		public void setApplicationContext(ApplicationContext context) throws BeansException {
+		public void setApplicationContext(ApplicationContext context)
+				throws BeansException {
 			this.context = context;
 		}
 
 		@Override
-		public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
+		public Object postProcessBeforeInitialization(Object bean, String beanName)
+				throws BeansException {
 			return bean;
 		}
 
 		@Override
-		public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
+		public Object postProcessAfterInitialization(Object bean, String beanName)
+				throws BeansException {
 			if (bean instanceof ResourceServerConfiguration) {
-				if (this.context.getBeanNamesForType(ResourceServerConfiguration.class, false, false).length == 1) {
+				if (this.context.getBeanNamesForType(ResourceServerConfiguration.class,
+						false, false).length == 1) {
 					ResourceServerConfiguration config = (ResourceServerConfiguration) bean;
 					config.setOrder(this.properties.getFilterOrder());
 				}
@@ -139,10 +147,12 @@ public class OAuth2ResourceServerConfiguration {
 
 	}
 
-	protected static class ResourceServerCondition extends SpringBootCondition implements ConfigurationCondition {
+	protected static class ResourceServerCondition extends SpringBootCondition
+			implements ConfigurationCondition {
 
 		private static final String AUTHORIZATION_ANNOTATION = "org.springframework."
-				+ "security.oauth2.config.annotation.web.configuration." + "AuthorizationServerEndpointsConfiguration";
+				+ "security.oauth2.config.annotation.web.configuration."
+				+ "AuthorizationServerEndpointsConfiguration";
 
 		@Override
 		public ConfigurationPhase getConfigurationPhase() {
@@ -150,37 +160,47 @@ public class OAuth2ResourceServerConfiguration {
 		}
 
 		@Override
-		public ConditionOutcome getMatchOutcome(ConditionContext context, AnnotatedTypeMetadata metadata) {
+		public ConditionOutcome getMatchOutcome(ConditionContext context,
-			ConditionMessage.Builder message = ConditionMessage.forCondition("OAuth ResourceServer Condition");
+				AnnotatedTypeMetadata metadata) {
+			ConditionMessage.Builder message = ConditionMessage
+					.forCondition("OAuth ResourceServer Condition");
 			Environment environment = context.getEnvironment();
-			RelaxedPropertyResolver resolver = new RelaxedPropertyResolver(environment, "security.oauth2.resource.");
+			RelaxedPropertyResolver resolver = new RelaxedPropertyResolver(environment,
+					"security.oauth2.resource.");
 			if (hasOAuthClientId(environment)) {
 				return ConditionOutcome.match(message.foundExactly("client-id property"));
 			}
 			if (!resolver.getSubProperties("jwt").isEmpty()) {
-				return ConditionOutcome.match(message.foundExactly("JWT resource configuration"));
+				return ConditionOutcome
+						.match(message.foundExactly("JWT resource configuration"));
 			}
 			if (!resolver.getSubProperties("jwk").isEmpty()) {
 				return ConditionOutcome
 						.match(message.foundExactly("JWK resource configuration"));
 			}
 			if (StringUtils.hasText(resolver.getProperty("user-info-uri"))) {
-				return ConditionOutcome.match(message.foundExactly("user-info-uri property"));
+				return ConditionOutcome
+						.match(message.foundExactly("user-info-uri property"));
 			}
 			if (StringUtils.hasText(resolver.getProperty("token-info-uri"))) {
-				return ConditionOutcome.match(message.foundExactly("token-info-uri property"));
+				return ConditionOutcome
+						.match(message.foundExactly("token-info-uri property"));
 			}
 			if (ClassUtils.isPresent(AUTHORIZATION_ANNOTATION, null)) {
-				if (AuthorizationServerEndpointsConfigurationBeanCondition.matches(context)) {
+				if (AuthorizationServerEndpointsConfigurationBeanCondition
-					return ConditionOutcome.match(message.found("class").items(AUTHORIZATION_ANNOTATION));
+						.matches(context)) {
+					return ConditionOutcome.match(
+							message.found("class").items(AUTHORIZATION_ANNOTATION));
 				}
 			}
-			return ConditionOutcome
+			return ConditionOutcome.noMatch(
-					.noMatch(message.didNotFind("client id, JWT resource or authorization server").atAll());
+					message.didNotFind("client id, JWT resource or authorization server")
+							.atAll());
 		}
 
 		private boolean hasOAuthClientId(Environment environment) {
-			RelaxedPropertyResolver resolver = new RelaxedPropertyResolver(environment, "security.oauth2.client.");
+			RelaxedPropertyResolver resolver = new RelaxedPropertyResolver(environment,
+					"security.oauth2.client.");
 			return StringUtils.hasLength(resolver.getProperty("client-id", ""));
 		}
 
@@ -191,7 +211,8 @@ public class OAuth2ResourceServerConfiguration {
 
 		public static boolean matches(ConditionContext context) {
 			Class<AuthorizationServerEndpointsConfigurationBeanCondition> type = AuthorizationServerEndpointsConfigurationBeanCondition.class;
-			Conditional conditional = AnnotationUtils.findAnnotation(type, Conditional.class);
+			Conditional conditional = AnnotationUtils.findAnnotation(type,
+					Conditional.class);
 			StandardAnnotationMetadata metadata = new StandardAnnotationMetadata(type);
 			for (Class<? extends Condition> conditionType : conditional.value()) {
 				Condition condition = BeanUtils.instantiateClass(conditionType);

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java

@@ -334,7 +334,8 @@ public class ResourceServerTokenServicesConfiguration {
 			}
 			String tokenInfoUri = resolver.getProperty("token-info-uri");
 			String userInfoUri = resolver.getProperty("user-info-uri");
-			if (!StringUtils.hasLength(userInfoUri) && !StringUtils.hasLength(tokenInfoUri)) {
+			if (!StringUtils.hasLength(userInfoUri)
+					&& !StringUtils.hasLength(tokenInfoUri)) {
 				return ConditionOutcome
 						.match(message.didNotFind("user-info-uri property").atAll());
 			}

spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/MultipleResourceServerConfigurationTests.java

@@ -19,43 +19,30 @@ package org.springframework.boot.autoconfigure.security.oauth2.resource;
 import java.util.List;
 
 import org.junit.After;
-import org.junit.Rule;
 import org.junit.Test;
-import org.junit.rules.ExpectedException;
 
+import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
 import org.springframework.boot.autoconfigure.context.PropertyPlaceholderAutoConfiguration;
 import org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration;
-import org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties;
-import org.springframework.boot.builder.SpringApplicationBuilder;
-import org.springframework.boot.context.embedded.EmbeddedServletContainerFactory;
-import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.test.util.EnvironmentTestUtils;
-import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Import;
-import org.springframework.core.env.ConfigurableEnvironment;
-import org.springframework.core.env.StandardEnvironment;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer;
-import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
+import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
 
 /**
- * @author Dave Syer
+ * Tests for {@link OAuth2ResourceServerConfiguration} when there are multiple
+ * {@link ResourceServerConfiguration} beans.
  *
+ * @author Dave Syer
  */
 public class MultipleResourceServerConfigurationTests {
 
-	private ConfigurableApplicationContext context;
+	private AnnotationConfigWebApplicationContext context;
-
-	private ConfigurableEnvironment environment = new StandardEnvironment();
-
-	@Rule
-	public ExpectedException thrown = ExpectedException.none();
 
 	@After
 	public void close() {
@@ -65,26 +52,24 @@ public class MultipleResourceServerConfigurationTests {
 	}
 
 	@Test
-	public void doubleResourceServerConfiguration() {
+	public void orderIsUnchangedWhenThereAreMultipleResourceServerConfigurations() {
-		EnvironmentTestUtils.addEnvironment(this.environment, "debug=true",
+		this.context = new AnnotationConfigWebApplicationContext();
-				"security.oauth2.resource.tokenInfoUri:http://example.com", "security.oauth2.client.clientId=acme");
+		this.context.register(DoubleResourceConfiguration.class);
-		this.context = new SpringApplicationBuilder(DoubleResourceConfiguration.class, MockServletConfiguration.class)
+		EnvironmentTestUtils.addEnvironment(this.context,
-				.environment(this.environment).run();
+				"security.oauth2.resource.tokenInfoUri:http://example.com",
-		RemoteTokenServices services = this.context.getBean(RemoteTokenServices.class);
+				"security.oauth2.client.clientId=acme");
-		assertThat(services).isNotNull();
+		this.context.refresh();
+		assertThat(this.context
+				.getBean("adminResources", ResourceServerConfiguration.class).getOrder())
+						.isEqualTo(3);
+		assertThat(this.context
+				.getBean("otherResources", ResourceServerConfiguration.class).getOrder())
+						.isEqualTo(4);
 	}
 
-	@Configuration
+	@ImportAutoConfiguration({ OAuth2AutoConfiguration.class,
-	@Import({ OAuth2AutoConfiguration.class, PropertyPlaceholderAutoConfiguration.class })
+			PropertyPlaceholderAutoConfiguration.class })
-	@EnableConfigurationProperties(OAuth2ClientProperties.class)
 	@EnableWebSecurity
-	protected static class MockServletConfiguration {
-		@Bean
-		public EmbeddedServletContainerFactory embeddedServletContainerFactory() {
-			return mock(EmbeddedServletContainerFactory.class);
-		}
-	}
-
 	@Configuration
 	protected static class DoubleResourceConfiguration {
 
@@ -93,6 +78,7 @@ public class MultipleResourceServerConfigurationTests {
 
 			ResourceServerConfiguration resource = new ResourceServerConfiguration() {
 				// Switch off the Spring Boot @Autowired configurers
+				@Override
 				public void setConfigurers(List<ResourceServerConfigurer> configurers) {
 					super.setConfigurers(configurers);
 				}
@@ -106,6 +92,7 @@ public class MultipleResourceServerConfigurationTests {
 
 			ResourceServerConfiguration resource = new ResourceServerConfiguration() {
 				// Switch off the Spring Boot @Autowired configurers
+				@Override
 				public void setConfigurers(List<ResourceServerConfigurer> configurers) {
 					super.setConfigurers(configurers);
 				}