Enable customization of RestTemplate that retrieves JwtAccessTokenConverter's key

Closes gh-8268
See gh-5859

Author: eddumelendez

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/JwtAccessTokenConverterRestTemplateCustomizer.java

@@ -0,0 +1,35 @@
+/*
+ * Copyright 2012-2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.boot.autoconfigure.security.oauth2.resource;
+
+import org.springframework.web.client.RestTemplate;
+
+/**
+ * Callback for customizing the rest template used to fetch the token key.
+ *
+ * @author Eddú Meléndez
+ * @since 1.5.2
+ */
+public interface JwtAccessTokenConverterRestTemplateCustomizer {
+
+	/**
+	 * Customize the rest template before it is initialized.
+	 * @param template the rest template
+	 */
+	void customize(RestTemplate template);
+
+}

spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration.java

@@ -76,6 +76,7 @@
  *
  * @author Dave Syer
  * @author Madhura Bhave
+ * @author Eddú Meléndez
  * @since 1.3.0
  */
 @Configuration
@@ -245,16 +246,18 @@ public TokenStore jwkTokenStore() {
 	@Conditional(JwtTokenCondition.class)
 	protected static class JwtTokenServicesConfiguration {
 
-		private RestTemplate keyUriRestTemplate = new RestTemplate();
-
 		private final ResourceServerProperties resource;
 
 		private final List<JwtAccessTokenConverterConfigurer> configurers;
 
+		private final List<JwtAccessTokenConverterRestTemplateCustomizer> customizers;
+
 		public JwtTokenServicesConfiguration(ResourceServerProperties resource,
-				ObjectProvider<List<JwtAccessTokenConverterConfigurer>> configurers) {
+				ObjectProvider<List<JwtAccessTokenConverterConfigurer>> configurers,
+				ObjectProvider<List<JwtAccessTokenConverterRestTemplateCustomizer>> customizers) {
 			this.resource = resource;
 			this.configurers = configurers.getIfAvailable();
+			this.customizers = customizers.getIfAvailable();
 		}
 
 		@Bean
@@ -299,6 +302,10 @@ public JwtAccessTokenConverter jwtTokenEnhancer() {
 		}
 
 		private String getKeyFromServer() {
+			RestTemplate keyUriRestTemplate = new RestTemplate();
+			for (JwtAccessTokenConverterRestTemplateCustomizer customizer : this.customizers) {
+				customizer.customize(keyUriRestTemplate);
+			}
 			HttpHeaders headers = new HttpHeaders();
 			String username = this.resource.getClientId();
 			String password = this.resource.getClientSecret();
@@ -308,7 +315,7 @@ private String getKeyFromServer() {
 			}
 			HttpEntity<Void> request = new HttpEntity<Void>(headers);
 			String url = this.resource.getJwt().getKeyUri();
-			return (String) this.keyUriRestTemplate
+			return (String) keyUriRestTemplate
 					.exchange(url, HttpMethod.GET, request, Map.class).getBody()
 					.get("value");
 		}

spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfigurationTests.java

@@ -56,6 +56,7 @@
 import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.stereotype.Component;
+import org.springframework.web.client.RestTemplate;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
@@ -65,6 +66,7 @@
  *
  * @author Dave Syer
  * @author Madhura Bhave
+ * @author Eddú Meléndez
  */
 public class ResourceServerTokenServicesConfigurationTests {
 
@@ -240,6 +242,23 @@ public void customUserInfoRestTemplateFactory() {
 				.isInstanceOf(CustomUserInfoRestTemplateFactory.class);
 	}
 
+	@Test
+	public void customRestTemplate() {
+		EnvironmentTestUtils.addEnvironment(this.environment,
+				"security.oauth2.resource.userInfoUri:http://example.com",
+				"security.oauth2.resource.tokenInfoUri:http://example.com",
+				"security.oauth2.resource.preferTokenInfo:false");
+		this.context = new SpringApplicationBuilder(ResourceConfiguration.class,
+				RestTemplateCustomizer.class).environment(this.environment).web(false)
+						.run();
+		String[] restTemplateCustomizers = this.context
+				.getBeanNamesForType(JwtAccessTokenConverterRestTemplateCustomizer.class);
+		UserInfoTokenServices services = this.context
+				.getBean(UserInfoTokenServices.class);
+		assertThat(restTemplateCustomizers).hasSize(1);
+		assertThat(services).isNotNull();
+	}
+
 	@Configuration
 	@Import({ ResourceServerTokenServicesConfiguration.class,
 			ResourceServerPropertiesConfiguration.class,
@@ -354,4 +373,22 @@ public OAuth2RestTemplate getUserInfoRestTemplate() {
 
 	}
 
+	@Component
+	protected static class RestTemplateCustomizer
+			implements JwtAccessTokenConverterRestTemplateCustomizer {
+
+		@Override
+		public void customize(RestTemplate template) {
+			template.getInterceptors().add(new ClientHttpRequestInterceptor() {
+
+				@Override
+				public ClientHttpResponse intercept(HttpRequest request, byte[] body,
+						ClientHttpRequestExecution execution) throws IOException {
+					return execution.execute(request, body);
+				}
+
+			});
+		}
+	}
+
 }