how can I inject a configuration dynamic in the spring boot security context ?
the object look like:
ClientRegistration clientRegistration = ClientRegistration
.withRegistrationId(realmName)
.clientId(keycloak.getClientGlbId())
.clientSecret(keycloak.getClientGlbSecret())
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUri(keycloak.getClientGlbRedirectUri())
.issuerUri(keycloak.getClientGlbIssuerUri().concat(realmName))
.authorizationUri(keycloak.getHost().concat("realms").concat(realmName).concat("/protocol/openid-connect/auth"))
.userInfoUri(keycloak.getHost().concat("realms").concat(realmName).concat("/protocol/openid-connect/userinfo"))
.tokenUri(keycloak.getHost().concat("realms").concat(realmName).concat("/protocol/openid-connect/token"))
.build();
on runtime this is working
@Bean
public ReactiveClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryReactiveClientRegistrationRepository(this.googleClientRegistration());
}
private ClientRegistration googleClientRegistration() {
return ClientRegistration.withRegistrationId("google")
.clientId("google-client-id")
.clientSecret("google-client-secret")
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.redirectUriTemplate("{baseUrl}/login/oauth2/code/{registrationId}")
.scope("openid", "profile", "email", "address", "phone")
.authorizationUri("https://accounts.google.com/o/oauth2/v2/auth")
.tokenUri("https://www.googleapis.com/oauth2/v4/token")
.userInfoUri("https://www.googleapis.com/oauth2/v3/userinfo")
.userNameAttributeName(IdTokenClaimNames.SUB)
.jwkSetUri("https://www.googleapis.com/oauth2/v3/certs")
.clientName("Google")
.build();
}
also discovered after analyzing on the source code of org.springframework.boot.autoconfigure.security.oauth2.client ClientsConfiguredCondition that the env spring.security.oauth2.client.registration is keeping all the oauth2 configs.
private static final Bindable<Map<String, OAuth2ClientProperties.Registration>> STRING_REGISTRATION_MAP = Bindable
.mapOf(String.class, OAuth2ClientProperties.Registration.class);
@Override
public ConditionOutcome getMatchOutcome(ConditionContext context, AnnotatedTypeMetadata metadata) {
ConditionMessage.Builder message = ConditionMessage.forCondition("OAuth2 Clients Configured Condition");
Map<String, OAuth2ClientProperties.Registration> registrations = getRegistrations(context.getEnvironment());
if (!registrations.isEmpty()) {
return ConditionOutcome.match(message.foundExactly("registered clients " + registrations.values().stream()
.map(OAuth2ClientProperties.Registration::getClientId).collect(Collectors.joining(", "))));
}
return ConditionOutcome.noMatch(message.notAvailable("registered clients"));
}
private Map<String, OAuth2ClientProperties.Registration> getRegistrations(Environment environment) {
return Binder.get(environment).bind("spring.security.oauth2.client.registration", STRING_REGISTRATION_MAP)
.orElse(Collections.emptyMap());
}
The question is: how to inject/add oauth2 providers/configurations dynamically ?
