Merge branch '1.5.x'

Author: mbhave

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java

@@ -222,13 +222,14 @@ public JwkTokenStoreConfiguration(ResourceServerProperties resource) {
 
 		@Bean
 		@ConditionalOnMissingBean(ResourceServerTokenServices.class)
-		public DefaultTokenServices jwkTokenServices() {
+		public DefaultTokenServices jwkTokenServices(TokenStore jwkTokenStore) {
 			DefaultTokenServices services = new DefaultTokenServices();
-			services.setTokenStore(jwkTokenStore());
+			services.setTokenStore(jwkTokenStore);
 			return services;
 		}
 
 		@Bean
+		@ConditionalOnMissingBean(TokenStore.class)
 		public TokenStore jwkTokenStore() {
 			return new JwkTokenStore(this.resource.getJwk().getKeySetUri());
 		}
@@ -254,13 +255,14 @@ public JwtTokenServicesConfiguration(ResourceServerProperties resource,
 
 		@Bean
 		@ConditionalOnMissingBean(ResourceServerTokenServices.class)
-		public DefaultTokenServices jwtTokenServices() {
+		public DefaultTokenServices jwtTokenServices(TokenStore jwtTokenStore) {
 			DefaultTokenServices services = new DefaultTokenServices();
-			services.setTokenStore(jwtTokenStore());
+			services.setTokenStore(jwtTokenStore);
 			return services;
 		}
 
 		@Bean
+		@ConditionalOnMissingBean(TokenStore.class)
 		public TokenStore jwtTokenStore() {
 			return new JwtTokenStore(jwtTokenEnhancer());
 		}

spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfigurationTests.java

@@ -58,7 +58,10 @@
 import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
+import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
+import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.stereotype.Component;
 import org.springframework.web.client.RestTemplate;
@@ -261,6 +264,27 @@ public void jwtAccessTokenConverterIsConfiguredWhenKeyUriIsProvided() {
 		assertThat(this.context.getBeansOfType(JwtAccessTokenConverter.class)).hasSize(1);
 	}
 
+	@Test
+	public void jwkTokenStoreShouldBeConditionalOnMissingBean() throws Exception {
+		TestPropertyValues
+				.of("security.oauth2.resource.jwk.key-set-uri=http://my-auth-server/token_keys")
+				.applyTo(this.environment);
+		this.context = new SpringApplicationBuilder(JwkTokenStoreConfiguration.class,
+				ResourceConfiguration.class)
+				.environment(this.environment).web(false).run();
+		assertThat(this.context.getBeansOfType(JwkTokenStore.class)).hasSize(1);
+	}
+
+	@Test
+	public void jwtTokenStoreShouldBeConditionalOnMissingBean() throws Exception {
+		TestPropertyValues
+				.of("security.oauth2.resource.jwt.keyValue=" + PUBLIC_KEY)
+				.applyTo(this.environment);
+		this.context = new SpringApplicationBuilder(JwtTokenStoreConfiguration.class, ResourceConfiguration.class)
+				.environment(this.environment).web(false).run();
+		assertThat(this.context.getBeansOfType(JwtTokenStore.class)).hasSize(1);
+	}
+
 	@Configuration
 	@Import({ ResourceServerTokenServicesConfiguration.class,
 			ResourceServerPropertiesConfiguration.class,
@@ -385,6 +409,26 @@ public JwtAccessTokenConverterRestTemplateCustomizer restTemplateCustomizer() {
 
 	}
 
+	@Configuration
+	static class JwtTokenStoreConfiguration {
+
+		@Bean
+		public TokenStore tokenStore(JwtAccessTokenConverter jwtTokenEnhancer) {
+			return new JwtTokenStore(jwtTokenEnhancer);
+		}
+
+	}
+
+	@Configuration
+	static class JwkTokenStoreConfiguration {
+
+		@Bean
+		public TokenStore tokenStore() {
+			return new JwkTokenStore("http://my.key-set.uri");
+		}
+
+	}
+
 	private static class MockRestCallCustomizer
 			implements JwtAccessTokenConverterRestTemplateCustomizer {