Update Boot samples to 2.0.0.M1

Fixes gh-4339

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/DefaultStateGenerator.java

@@ -50,6 +50,6 @@ public class DefaultStateGenerator implements StringKeyGenerator {
 
 	@Override
 	public String generateKey() {
-		return new String(Base64.getEncoder().encode(keyGenerator.generateKey()));
+		return new String(Base64.getUrlEncoder().encode(keyGenerator.generateKey()));
 	}
 }

samples/boot/gradle/dependency-management.gradle

@@ -1,96 +0,0 @@
-dependencyManagement {
-        dependencies {
-                dependency 'aopalliance:aopalliance:1.0'
-                dependency 'ch.qos.logback:logback-classic:1.1.11'
-                dependency 'ch.qos.logback:logback-core:1.1.11'
-                dependency 'com.fasterxml.jackson.core:jackson-annotations:2.8.0'
-                dependency 'com.fasterxml.jackson.core:jackson-core:2.8.8'
-                dependency 'com.fasterxml.jackson.core:jackson-databind:2.8.7'
-                dependency 'com.fasterxml:classmate:1.3.3'
-                dependency 'com.github.stephenc.jcip:jcip-annotations:1.0-1'
-                dependency 'com.jayway.jsonpath:json-path:2.2.0'
-                dependency 'com.nimbusds:lang-tag:1.4.3'
-                dependency 'com.nimbusds:nimbus-jose-jwt:4.34.1'
-                dependency 'com.nimbusds:oauth2-oidc-sdk:5.21'
-                dependency 'com.vaadin.external.google:android-json:0.0.20131108.vaadin1'
-                dependency 'commons-codec:commons-codec:1.10'
-                dependency 'commons-io:commons-io:2.5'
-                dependency 'javax.activation:activation:1.1.1'
-                dependency 'javax.mail:mail:1.4.7'
-                dependency 'javax.validation:validation-api:1.1.0.Final'
-                dependency 'junit:junit:4.12'
-                dependency 'net.minidev:accessors-smart:1.1'
-                dependency 'net.minidev:json-smart:2.2.1'
-                dependency 'net.sourceforge.cssparser:cssparser:0.9.18'
-                dependency 'net.sourceforge.htmlunit:htmlunit-core-js:2.17'
-                dependency 'net.sourceforge.htmlunit:htmlunit:2.21'
-                dependency 'net.sourceforge.htmlunit:neko-htmlunit:2.21'
-                dependency 'nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect:1.4.0'
-                dependency 'ognl:ognl:3.0.8'
-                dependency 'org.apache.commons:commons-collections4:4.1'
-                dependency 'org.apache.commons:commons-lang3:3.5'
-                dependency 'org.apache.httpcomponents:httpclient:4.5.3'
-                dependency 'org.apache.httpcomponents:httpcore:4.4.6'
-                dependency 'org.apache.httpcomponents:httpmime:4.5.3'
-                dependency 'org.apache.tomcat.embed:tomcat-embed-core:8.5.14'
-                dependency 'org.apache.tomcat.embed:tomcat-embed-el:8.5.14'
-                dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:8.5.14'
-                dependency 'org.assertj:assertj-core:2.6.0'
-                dependency 'org.bouncycastle:bcpkix-jdk15on:1.56'
-                dependency 'org.bouncycastle:bcprov-jdk15on:1.56'
-                dependency 'org.codehaus.groovy:groovy:2.4.10'
-                dependency 'org.eclipse.jetty.websocket:websocket-api:9.4.4.v20170414'
-                dependency 'org.eclipse.jetty.websocket:websocket-client:9.4.4.v20170414'
-                dependency 'org.eclipse.jetty.websocket:websocket-common:9.4.4.v20170414'
-                dependency 'org.eclipse.jetty:jetty-client:9.4.4.v20170414'
-                dependency 'org.eclipse.jetty:jetty-http:9.4.4.v20170414'
-                dependency 'org.eclipse.jetty:jetty-io:9.4.4.v20170414'
-                dependency 'org.eclipse.jetty:jetty-util:9.4.4.v20170414'
-                dependency 'org.hamcrest:hamcrest-core:1.3'
-                dependency 'org.hamcrest:hamcrest-library:1.3'
-                dependency 'org.hibernate:hibernate-validator:5.3.5.Final'
-                dependency 'org.javassist:javassist:3.21.0-GA'
-                dependency 'org.jboss.logging:jboss-logging:3.3.1.Final'
-                dependency 'org.mockito:mockito-core:1.10.19'
-                dependency 'org.objenesis:objenesis:2.5.1'
-                dependency 'org.ow2.asm:asm:5.0.3'
-                dependency 'org.skyscreamer:jsonassert:1.4.0'
-                dependency 'org.slf4j:jcl-over-slf4j:1.7.25'
-                dependency 'org.slf4j:jul-to-slf4j:1.7.25'
-                dependency 'org.slf4j:log4j-over-slf4j:1.7.25'
-                dependency 'org.slf4j:slf4j-api:1.7.25'
-                dependency 'org.springframework.boot:spring-boot-autoconfigure:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter-logging:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter-security:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter-test:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter-thymeleaf:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter-tomcat:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter-web:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-starter:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-test-autoconfigure:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot-test:1.5.3.RELEASE'
-                dependency 'org.springframework.boot:spring-boot:1.5.3.RELEASE'
-                dependency 'org.springframework.security:spring-security-config:5.0.0.BUILD-SNAPSHOT'
-                dependency 'org.springframework.security:spring-security-web:5.0.0.BUILD-SNAPSHOT'
-                dependency 'org.springframework:spring-aop:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-beans:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-context:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-core:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-expression:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-test:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-web:4.3.8.RELEASE'
-                dependency 'org.springframework:spring-webmvc:4.3.8.RELEASE'
-                dependency 'org.thymeleaf.extras:thymeleaf-extras-springsecurity4:2.1.3.RELEASE'
-                dependency 'org.thymeleaf:thymeleaf-spring4:2.1.5.RELEASE'
-                dependency 'org.thymeleaf:thymeleaf:2.1.5.RELEASE'
-                dependency 'org.unbescape:unbescape:1.1.0.RELEASE'
-                dependency 'org.w3c.css:sac:1.3'
-                dependency 'org.yaml:snakeyaml:1.17'
-                dependency 'xalan:serializer:2.7.2'
-                dependency 'xalan:xalan:2.7.2'
-                dependency 'xerces:xercesImpl:2.11.0'
-                dependency 'xml-apis:xml-apis:1.4.01'
-        }
-}
-
-

samples/boot/oauth2login/spring-security-samples-boot-oauth2login.gradle

@@ -3,8 +3,6 @@ apply plugin: 'io.spring.convention.spring-sample-boot'
 dependencies {
 	compile project(':spring-security-config')
 	compile project(':spring-security-oauth2-client')
-	compile project(':spring-security-web')
-	compile 'org.springframework.boot:spring-boot-starter-security'
 	compile 'org.springframework.boot:spring-boot-starter-thymeleaf'
 	compile 'org.springframework.boot:spring-boot-starter-web'
 	compile 'org.thymeleaf.extras:thymeleaf-extras-springsecurity4'

samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/ClientRegistrationAutoConfiguration.java

@@ -19,8 +19,9 @@ import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
 import org.springframework.boot.autoconfigure.AutoConfigureBefore;
 import org.springframework.boot.autoconfigure.condition.*;
 import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
-import org.springframework.boot.bind.PropertySourcesBinder;
-import org.springframework.boot.bind.RelaxedPropertyResolver;
+import org.springframework.boot.context.properties.bind.BindResult;
+import org.springframework.boot.context.properties.bind.Bindable;
+import org.springframework.boot.context.properties.bind.Binder;
 import org.springframework.context.annotation.*;
 import org.springframework.core.env.ConfigurableEnvironment;
 import org.springframework.core.env.Environment;
@@ -48,7 +49,7 @@ import java.util.stream.Collectors;
 public class ClientRegistrationAutoConfiguration {
 	private static final String CLIENT_ID_PROPERTY = "client-id";
 	private static final String CLIENTS_DEFAULTS_RESOURCE = "META-INF/oauth2-clients-defaults.yml";
-	static final String CLIENT_PROPERTY_PREFIX = "security.oauth2.client.";
+	static final String CLIENT_PROPERTY_PREFIX = "security.oauth2.client";
 
 	@Configuration
 	@Conditional(ClientPropertiesAvailableCondition.class)
@@ -66,18 +67,16 @@ public class ClientRegistrationAutoConfiguration {
 			if (clientsDefaultProperties != null) {
 				propertySources.addLast(new PropertiesPropertySource("oauth2ClientsDefaults", clientsDefaultProperties));
 			}
-			PropertySourcesBinder binder = new PropertySourcesBinder(propertySources);
-			RelaxedPropertyResolver resolver = new RelaxedPropertyResolver(this.environment, CLIENT_PROPERTY_PREFIX);
-
+			Binder binder = Binder.get(this.environment);
 			List<ClientRegistration> clientRegistrations = new ArrayList<>();
-
 			Set<String> clientPropertyKeys = resolveClientPropertyKeys(this.environment);
 			for (String clientPropertyKey : clientPropertyKeys) {
-				if (!resolver.containsProperty(clientPropertyKey + "." + CLIENT_ID_PROPERTY)) {
+				String fullClientPropertyKey = CLIENT_PROPERTY_PREFIX + "." + clientPropertyKey;
+				if (!this.environment.containsProperty(fullClientPropertyKey + "." + CLIENT_ID_PROPERTY)) {
 					continue;
 				}
-				ClientRegistrationProperties clientRegistrationProperties = new ClientRegistrationProperties();
-				binder.bindTo(CLIENT_PROPERTY_PREFIX + clientPropertyKey, clientRegistrationProperties);
+				ClientRegistrationProperties clientRegistrationProperties = binder.bind(
+					fullClientPropertyKey, Bindable.of(ClientRegistrationProperties.class)).get();
 				ClientRegistration clientRegistration = new ClientRegistration.Builder(clientRegistrationProperties).build();
 				clientRegistrations.add(clientRegistration);
 			}
@@ -97,15 +96,10 @@ public class ClientRegistrationAutoConfiguration {
 	}
 
 	static Set<String> resolveClientPropertyKeys(Environment environment) {
-		Set<String> clientPropertyKeys = new LinkedHashSet<>();
-		RelaxedPropertyResolver resolver = new RelaxedPropertyResolver(environment, CLIENT_PROPERTY_PREFIX);
-		resolver.getSubProperties("").keySet().forEach(key -> {
-			int endIndex = key.indexOf('.');
-			if (endIndex != -1) {
-				clientPropertyKeys.add(key.substring(0, endIndex));
-			}
-		});
-		return clientPropertyKeys;
+		Binder binder = Binder.get(environment);
+		BindResult<Map<String, Object>> result = binder.bind(
+			CLIENT_PROPERTY_PREFIX, Bindable.mapOf(String.class, Object.class));
+		return result.get().keySet();
 	}
 
 	private static class ClientPropertiesAvailableCondition extends SpringBootCondition implements ConfigurationCondition {

samples/boot/oauth2login/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2LoginAutoConfiguration.java

@@ -83,9 +83,9 @@ public class OAuth2LoginAutoConfiguration {
 		private void registerUserInfoTypeConverters(OAuth2LoginConfigurer<HttpSecurity> oauth2LoginConfigurer) throws Exception {
 			Set<String> clientPropertyKeys = resolveClientPropertyKeys(this.environment);
 			for (String clientPropertyKey : clientPropertyKeys) {
-				String fullClientPropertyKey = CLIENT_PROPERTY_PREFIX + clientPropertyKey + ".";
-				String userInfoUriValue = this.environment.getProperty(fullClientPropertyKey + USER_INFO_URI_PROPERTY);
-				String userInfoConverterTypeValue = this.environment.getProperty(fullClientPropertyKey + USER_INFO_CONVERTER_PROPERTY);
+				String fullClientPropertyKey = CLIENT_PROPERTY_PREFIX + "." + clientPropertyKey;
+				String userInfoUriValue = this.environment.getProperty(fullClientPropertyKey + "." + USER_INFO_URI_PROPERTY);
+				String userInfoConverterTypeValue = this.environment.getProperty(fullClientPropertyKey + "." + USER_INFO_CONVERTER_PROPERTY);
 				if (userInfoUriValue != null && userInfoConverterTypeValue != null) {
 					Class<? extends Converter> userInfoConverterType = ClassUtils.resolveClassName(
 						userInfoConverterTypeValue, this.getClass().getClassLoader()).asSubclass(Converter.class);
@@ -93,7 +93,7 @@ public class OAuth2LoginAutoConfiguration {
 					if (AbstractOAuth2UserConverter.class.isAssignableFrom(userInfoConverterType)) {
 						Constructor<? extends Converter> oauth2UserConverterConstructor = ClassUtils.getConstructorIfAvailable(userInfoConverterType, String.class);
 						if (oauth2UserConverterConstructor != null) {
-							String userInfoNameAttributeKey = this.environment.getProperty(fullClientPropertyKey + USER_INFO_NAME_ATTR_KEY_PROPERTY);
+							String userInfoNameAttributeKey = this.environment.getProperty(fullClientPropertyKey + "." + USER_INFO_NAME_ATTR_KEY_PROPERTY);
 							userInfoConverter = (Converter<ClientHttpResponse, ? extends OAuth2User>)oauth2UserConverterConstructor.newInstance(userInfoNameAttributeKey);
 						}
 					}