From 4a00f905456fea3e6452e61bdcbcf08eaeaf53b1 Mon Sep 17 00:00:00 2001
From: Andy Wilkinson <awilkinson@pivotal.io>
Date: Wed, 3 May 2017 10:00:51 +0100
Subject: [PATCH] Stop throwing checked exception from @PostConstruct in
 ResourceServerProperties

Closes gh-8916
---
 .../resource/ResourceServerProperties.java       | 16 ++++++++++------
 .../resource/ResourceServerPropertiesTests.java  | 10 +++++-----
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerProperties.java b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerProperties.java
index 07d493362c4..952fbdde350 100644
--- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerProperties.java
+++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerProperties.java
@@ -189,7 +189,7 @@ public class ResourceServerProperties implements BeanFactoryAware {
 	}
 
 	@PostConstruct
-	public void validate() throws Exception {
+	public void validate() {
 		if (countBeans(AuthorizationServerEndpointsConfiguration.class) > 0) {
 			// If we are an authorization server we don't need remote resource token
 			// services
@@ -203,9 +203,11 @@ public class ResourceServerProperties implements BeanFactoryAware {
 		if (!StringUtils.hasText(this.clientId)) {
 			return;
 		}
-		BindingResult result = getBindingResult();
-		if (result.hasErrors()) {
-			throw new BindException(result);
+		try {
+			doValidate();
+		}
+		catch (BindException ex) {
+			throw new IllegalStateException(ex);
 		}
 	}
 
@@ -214,7 +216,7 @@ public class ResourceServerProperties implements BeanFactoryAware {
 				true, false).length;
 	}
 
-	private BindingResult getBindingResult() {
+	private void doValidate() throws BindException {
 		BindingResult errors = new BeanPropertyBindingResult(this,
 				"resourceServerProperties");
 		boolean jwtConfigPresent = StringUtils.hasText(this.jwt.getKeyUri())
@@ -239,7 +241,9 @@ public class ResourceServerProperties implements BeanFactoryAware {
 				}
 			}
 		}
-		return errors;
+		if (errors.hasErrors()) {
+			throw new BindException(errors);
+		}
 	}
 
 	public class Jwt {
diff --git a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerPropertiesTests.java b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerPropertiesTests.java
index 9ca41fa384f..58f15d4c1f4 100644
--- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerPropertiesTests.java
+++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerPropertiesTests.java
@@ -77,7 +77,7 @@ public class ResourceServerPropertiesTests {
 		this.properties.getJwk().setKeySetUri("http://my-auth-server/token_keys");
 		this.properties.getJwt().setKeyUri("http://my-auth-server/token_key");
 		setListableBeanFactory();
-		this.thrown.expect(BindException.class);
+		this.thrown.expect(IllegalStateException.class);
 		this.thrown.expect(getMatcher("Only one of jwt.keyUri (or jwt.keyValue) "
 				+ "and jwk.keySetUri should be configured.", null));
 		this.properties.validate();
@@ -89,7 +89,7 @@ public class ResourceServerPropertiesTests {
 		this.properties.getJwk().setKeySetUri("http://my-auth-server/token_keys");
 		this.properties.getJwt().setKeyValue("my-key");
 		setListableBeanFactory();
-		this.thrown.expect(BindException.class);
+		this.thrown.expect(IllegalStateException.class);
 		this.thrown.expect(getMatcher("Only one of jwt.keyUri (or jwt.keyValue) "
 				+ "and jwk.keySetUri should be configured.", null));
 		this.properties.validate();
@@ -125,7 +125,7 @@ public class ResourceServerPropertiesTests {
 	public void validateWhenKeyConfigAbsentAndInfoUrisNotConfiguredShouldFail()
 			throws Exception {
 		setListableBeanFactory();
-		this.thrown.expect(BindException.class);
+		this.thrown.expect(IllegalStateException.class);
 		this.thrown.expect(getMatcher("Missing tokenInfoUri and userInfoUri and there"
 				+ " is no JWT verifier key", "tokenInfoUri"));
 		this.properties.validate();
@@ -154,7 +154,7 @@ public class ResourceServerPropertiesTests {
 		this.properties.setTokenInfoUri("http://my-auth-server/check_token");
 		this.properties.setUserInfoUri("http://my-auth-server/userinfo");
 		setListableBeanFactory();
-		this.thrown.expect(BindException.class);
+		this.thrown.expect(IllegalStateException.class);
 		this.thrown.expect(getMatcher("Missing client secret", "clientSecret"));
 		this.properties.validate();
 	}
@@ -208,7 +208,7 @@ public class ResourceServerPropertiesTests {
 
 			@Override
 			public boolean matches(Object item) {
-				BindException ex = (BindException) item;
+				BindException ex = (BindException) ((Exception) item).getCause();
 				ObjectError error = ex.getAllErrors().get(0);
 				boolean messageMatches = message.equals(error.getDefaultMessage());
 				if (field == null) {