Add auto-configuration support for Spring Framework's HTTP Service
clients, supporting both `RestClient` and `WebClient` client types.
Configuration properties are provided under `spring.http.client.service`
and `spring.http.reactiveclient.service` names. Group specific
properties are available under `....service.group.<name>.`.
Auto-configuration support includes automatic registration of user
defined `HttpServiceGroupConfigurer` beans. `RestClientCustomizer` and
`WebClientCustomizer` beans are also supported.
Closes gh-31337
Co-authored-by: Rossen Stoyanchev <rossen.stoyanchev@broadcom.com>
Co-authored-by: Phillip Webb <phil.webb@broadcom.com>
Replace hint API calls with updated version and fix tests that
relied on previous JSON files.
See gh-45487
Co-authored-by: Phillip Webb <phil.webb@broadcom.com>
Update `IgnoredCloudFoundryPathsWebSecurityConfiguration` to use a
`SecurityFilterChain` and `permit...` methods rather than
`ignoring()` which is no longer recommended.
Fixes gh-32622
Previously, OAuth2 client auto-configuration was managed by a single
class:
- OAuth2ClientAutoConfiguration for servlet apps
- ReactiveOAuth2ClientAutoConfiguration for reactive apps
OAuth2ClientAutoConfiguration being for servlet apps meant that
a blocking OAuth2 client was not availabile in a non-web application.
The auto-configuration classes did two things:
- Auto-configured beans that are specific to server-side web security
that uses an OAuth2 client
- Auto-configured OAuth2 client beans that may be used client- or
server-side
Combining these two things into a single auto-configuration class
meant that you could not choose to use one or the other. For example,
you may want to make use of an OAuth2 client in a web application
without also using OAuth2 client-based web security.
This commit restructures the auto-configuration to address these
problems. There are now two auto-configurations for non-reactive apps:
- OAuth2ClientAutoConfiguration
- OAuth2ClientWebSecurityAutoConfiguration
and two auto-configurations for reactive apps:
- ReactiveOAuth2ClientAutoConfiguration
- ReactiveOAuth2ClientWebSecurityAutoConfiguration
This separation allows one to be used without the other. Furthermore,
the conditions have been updated so that, for example, the blocking
OAuth2 client is available in a non-web application.
Closes gh-40997
Closes gh-44906
Co-authored-by: Moritz Halbritter <moritz.halbritter@broadcom.com>
This commit updates the conditions in Neo4jReactiveDataAutoConfiguration
so that it gracefully backs off if certain beans are not present, rather
than assuming its sibling Neo4jDataAutoConfiguration has run.
Closes gh-44930
Prior to this commit, certain rules, like BeanPostProcessor,
did not work with external classes. This commit ensures that
ArchRules are executed within a context ClassLoader that includes
all classes from the compile classpath.
See gh-45202
Signed-off-by: Dmytro Nosan <dimanosan@gmail.com>
This commit updates jOOQ's DefaultExceptionTranslatorExecuteListener to
fallback on Spring Framework's default if no dbName is available.
See gh-44954
Signed-off-by: Dennis Melzer <dennis.melzer@de.bosch.com>
Refine `RestClientAutoConfiguration` conditional so that it
applies in reactive web applications if virtual threads are
active and a task executor is configured.
See gh-44952
Signed-off-by: Dmitry Sulman <dmitry.sulman@gmail.com>
Prior to this commit, RestClientSsl always used the
default settings from ClientHttpRequestFactorySettings, overriding any
user-defined settings (e.g., HttpClientProperties).
With this commit, RestClientSsl now respects and uses
ClientHttpRequestFactorySettings when they are provided.
See gh-44979
Signed-off-by: Dmytro Nosan <dimanosan@gmail.com>
Update auto-configured `IntegrationMBeanExporter` to be created from
a static method since it's a post-processor. Relevant injection now
occurs by overriding the `afterSingletonsInstantiated()` method.
Closes gh-45186
Prior to this change, introspection of the auto-configuration could
fail due to insufficient protection against missing classes.
This commit introduces an extra class-level check for Nimbus's
JWKSource which ensures that the auto-configuration backs off if
nimbus-jose-jwt has been excluded. It also introduces an inner-class
for the case where spring-security-oauth2-jose is not on the
classpath. This ensures that the method defining the jwtDecoder bean
does not cause an introspection failure when JwtDecoder is missing.
Closes gh-45177
Phillip Webb
Olga Maciaszek-Sharma
Stéphane Nicoll
Yanming Zhou
Andy Wilkinson
Moritz Halbritter
Johnny Lim
Dmytro Nosan
Dennis Melzer
Dmitry Sulman
Tran Ngoc Nhan