diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
index df8ba29059..9374cdb210 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
@@ -926,7 +926,7 @@ public final class HttpSecurity extends
* {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository}.
* An instance of {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository} is required
* and may be supplied via the {@link ApplicationContext} or configured using
- * {@link OAuth2LoginConfigurer#clients(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)}.
+ * {@link OAuth2LoginConfigurer#clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)}.
*
*
*
@@ -989,7 +989,7 @@ public final class HttpSecurity extends
* .anyRequest().authenticated()
* .and()
* .oauth2Login()
- * .clients(this.clientRegistrationRepository())
+ * .clientRegistrationRepository(this.clientRegistrationRepository())
* .authorizationRequestUriBuilder(this.authorizationRequestUriBuilder())
* .accessTokenResponseClient(this.accessTokenResponseClient())
* .userInfoEndpoint()
diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
index 5b4172b778..61b8254d81 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java
@@ -71,7 +71,7 @@ public final class OAuth2LoginConfigurer> exten
super();
}
- public OAuth2LoginConfigurer clients(ClientRegistrationRepository clientRegistrationRepository) {
+ public OAuth2LoginConfigurer clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) {
Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
this.getBuilder().setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository);
return this;
@@ -123,7 +123,6 @@ public final class OAuth2LoginConfigurer> exten
public class TokenEndpointConfig {
private OAuth2AccessTokenResponseClient accessTokenResponseClient;
- private JwtDecoderRegistry jwtDecoderRegistry;
private TokenEndpointConfig() {
}
@@ -136,12 +135,6 @@ public final class OAuth2LoginConfigurer> exten
return this;
}
- public TokenEndpointConfig jwtDecoderRegistry(JwtDecoderRegistry jwtDecoderRegistry) {
- Assert.notNull(jwtDecoderRegistry, "jwtDecoderRegistry cannot be null");
- this.jwtDecoderRegistry = jwtDecoderRegistry;
- return this;
- }
-
public OAuth2LoginConfigurer and() {
return OAuth2LoginConfigurer.this;
}
@@ -234,10 +227,6 @@ public final class OAuth2LoginConfigurer> exten
}
}
- JwtDecoderRegistry jwtDecoderRegistry = this.tokenEndpointConfig.jwtDecoderRegistry;
- if (jwtDecoderRegistry == null) {
- jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
- }
OAuth2LoginAuthenticationProvider oauth2LoginAuthenticationProvider =
new OAuth2LoginAuthenticationProvider(accessTokenResponseClient, oauth2UserService);
@@ -248,6 +237,7 @@ public final class OAuth2LoginConfigurer> exten
http.authenticationProvider(this.postProcess(oauth2LoginAuthenticationProvider));
OAuth2UserService oidcUserService = new OidcUserService();
+ JwtDecoderRegistry jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
OidcAuthorizationCodeAuthenticationProvider oidcAuthorizationCodeAuthenticationProvider =
new OidcAuthorizationCodeAuthenticationProvider(
accessTokenResponseClient, oidcUserService, jwtDecoderRegistry);
diff --git a/samples/boot/oauth2login/src/main/java/sample/config/OAuth2LoginConfig.java b/samples/boot/oauth2login/src/main/java/sample/config/OAuth2LoginConfig.java
index d541e2544e..14d30632cf 100644
--- a/samples/boot/oauth2login/src/main/java/sample/config/OAuth2LoginConfig.java
+++ b/samples/boot/oauth2login/src/main/java/sample/config/OAuth2LoginConfig.java
@@ -17,7 +17,9 @@ package sample.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@@ -25,12 +27,23 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
/**
* @author Joe Grandja
*/
-@Configuration
-public class OAuth2LoginConfig {
+@EnableWebSecurity
+public class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
@Autowired
private ClientRegistrationRepository clientRegistrationRepository;
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest().authenticated()
+ .and()
+ .oauth2Login()
+ .clientRegistrationRepository(this.clientRegistrationRepository)
+ .authorizedClientService(this.authorizedClientService());
+ }
+
@Bean
public OAuth2AuthorizedClientService authorizedClientService() {
return new InMemoryOAuth2AuthorizedClientService(this.clientRegistrationRepository);