Polish OAuth2LoginConfigurer

Fixes gh-4747

config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java

@@ -926,7 +926,7 @@ public final class HttpSecurity extends
 	 * {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository}.
 	 * An instance of {@link org.springframework.security.oauth2.client.registration.ClientRegistrationRepository} is <b>required</b>
 	 * and may be supplied via the {@link ApplicationContext} or configured using
-	 * {@link OAuth2LoginConfigurer#clients(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)}.
+	 * {@link OAuth2LoginConfigurer#clientRegistrationRepository(org.springframework.security.oauth2.client.registration.ClientRegistrationRepository)}.
 	 * <br>
 	 * <br>
 	 *
@@ -989,7 +989,7 @@ public final class HttpSecurity extends
 	 * 				.anyRequest().authenticated()
 	 * 				.and()
 	 * 			.oauth2Login()
-	 * 				.clients(this.clientRegistrationRepository())
+	 * 				.clientRegistrationRepository(this.clientRegistrationRepository())
 	 * 				.authorizationRequestUriBuilder(this.authorizationRequestUriBuilder())
 	 * 				.accessTokenResponseClient(this.accessTokenResponseClient())
 	 * 				.userInfoEndpoint()

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java

@@ -71,7 +71,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 		super();
 	}
 
-	public OAuth2LoginConfigurer<B> clients(ClientRegistrationRepository clientRegistrationRepository) {
+	public OAuth2LoginConfigurer<B> clientRegistrationRepository(ClientRegistrationRepository clientRegistrationRepository) {
 		Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
 		this.getBuilder().setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository);
 		return this;
@@ -123,7 +123,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 
 	public class TokenEndpointConfig {
 		private OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient;
-		private JwtDecoderRegistry jwtDecoderRegistry;
 
 		private TokenEndpointConfig() {
 		}
@@ -136,12 +135,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 			return this;
 		}
 
-		public TokenEndpointConfig jwtDecoderRegistry(JwtDecoderRegistry jwtDecoderRegistry) {
-			Assert.notNull(jwtDecoderRegistry, "jwtDecoderRegistry cannot be null");
-			this.jwtDecoderRegistry = jwtDecoderRegistry;
-			return this;
-		}
-
 		public OAuth2LoginConfigurer<B> and() {
 			return OAuth2LoginConfigurer.this;
 		}
@@ -234,10 +227,6 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 			}
 		}
 
-		JwtDecoderRegistry jwtDecoderRegistry = this.tokenEndpointConfig.jwtDecoderRegistry;
-		if (jwtDecoderRegistry == null) {
-			jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
-		}
 
 		OAuth2LoginAuthenticationProvider oauth2LoginAuthenticationProvider =
 			new OAuth2LoginAuthenticationProvider(accessTokenResponseClient, oauth2UserService);
@@ -248,6 +237,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>> exten
 		http.authenticationProvider(this.postProcess(oauth2LoginAuthenticationProvider));
 
 		OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService = new OidcUserService();
+		JwtDecoderRegistry jwtDecoderRegistry = new NimbusJwtDecoderRegistry();
 		OidcAuthorizationCodeAuthenticationProvider oidcAuthorizationCodeAuthenticationProvider =
 			new OidcAuthorizationCodeAuthenticationProvider(
 				accessTokenResponseClient, oidcUserService, jwtDecoderRegistry);

samples/boot/oauth2login/src/main/java/sample/config/OAuth2LoginConfig.java

@@ -17,7 +17,9 @@ package sample.config;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
@@ -25,12 +27,23 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 /**
  * @author Joe Grandja
  */
-@Configuration
-public class OAuth2LoginConfig {
+@EnableWebSecurity
+public class OAuth2LoginConfig extends WebSecurityConfigurerAdapter {
 
 	@Autowired
 	private ClientRegistrationRepository clientRegistrationRepository;
 
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.authorizeRequests()
+				.anyRequest().authenticated()
+				.and()
+			.oauth2Login()
+				.clientRegistrationRepository(this.clientRegistrationRepository)
+				.authorizedClientService(this.authorizedClientService());
+	}
+
 	@Bean
 	public OAuth2AuthorizedClientService authorizedClientService() {
 		return new InMemoryOAuth2AuthorizedClientService(this.clientRegistrationRepository);