From 67810abd9e58cfab42cb0ecb17c9834a674ac2ba Mon Sep 17 00:00:00 2001 From: Madhura Bhave Date: Tue, 21 Feb 2017 12:02:49 -0800 Subject: [PATCH] Match ResourceServerCondition if JWK config present Closes gh-8350 --- .../resource/OAuth2ResourceServerConfiguration.java | 4 ++++ .../security/oauth2/OAuth2AutoConfigurationTests.java | 10 ++++++++++ 2 files changed, 14 insertions(+) diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerConfiguration.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerConfiguration.java index 97b0b4f460..99a5d25fd6 100644 --- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerConfiguration.java +++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerConfiguration.java @@ -161,6 +161,10 @@ public class OAuth2ResourceServerConfiguration { return ConditionOutcome .match(message.foundExactly("JWT resource configuration")); } + if (!resolver.getSubProperties("jwk").isEmpty()) { + return ConditionOutcome + .match(message.foundExactly("JWK resource configuration")); + } if (StringUtils.hasText(resolver.getProperty("user-info-uri"))) { return ConditionOutcome .match(message.foundExactly("user-info-uri property")); diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java index 5c9c04c246..0f41c99c62 100644 --- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java +++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/OAuth2AutoConfigurationTests.java @@ -389,6 +389,16 @@ public class OAuth2AutoConfigurationTests { .isEqualTo(PrePostAnnotationSecurityMetadataSource.class.getName()); } + @Test + public void resourceServerConditionWhenJwkConfigurationPresentShouldMatch() throws Exception { + this.context = new AnnotationConfigEmbeddedWebApplicationContext(); + EnvironmentTestUtils.addEnvironment(this.context, + "security.oauth2.resource.jwk.key-set-uri:http://my-auth-server/token_keys"); + this.context.register(ResourceServerConfiguration.class, MinimalSecureWebApplication.class); + this.context.refresh(); + assertThat(countBeans(RESOURCE_SERVER_CONFIG)).isEqualTo(1); + } + /** * Connect to the oauth service, get a token, and then attempt some operations using * it.