Update to Spring Boot 2.1

.travis.yml

@@ -16,6 +16,9 @@ script:
 after_success:
   - bash <(curl -s https://codecov.io/bash) -f okta-spring-security-starter/target/site/jacoco/jacoco.xml
 
+after_failure:
+  - find integration-tests/oauth2/target/failsafe-reports/ -type f | xargs -I{} sh -c 'echo {}; cat {}'
+
 deploy:
   - provider: pages
     skip_cleanup: true

README.md

@@ -6,7 +6,9 @@
 Okta Spring Boot Starter
 ========================
 
-Okta's Spring Boot Starter will enable your Spring Boot application to work with Okta via OAuth 2.0.  Jump to our [quickstart](https://developer.okta.com/quickstart/#/angular/java/spring) to see how to configure various clients or follow along below to use curl.
+Okta's Spring Boot Starter will enable your Spring Boot application to work with Okta via OAuth 2.0/OIDC.  Jump to our [quickstart](https://developer.okta.com/quickstart/#/angular/java/spring) to see how to configure various clients or follow along below to use curl.
+
+**NOTE:** If you need support for Spring Boot 1.5.x, use version version 0.6.
 
 ## What you need
 
@@ -42,17 +44,15 @@ You can configure your applications properties with environment variables, syste
 | okta.oauth2.issuer     | N/A | [Authorization Server](/docs/how-to/set-up-auth-server.html) issuer URL, i.e.: https://{yourOktaDomain}/oauth2/default |
 | okta.oauth2.clientId   | N/A | The Client Id of your Okta OIDC application |
 | okta.oauth2.audience   | api://default | The audience of your [Authorization Server](/docs/how-to/set-up-auth-server.html) |
-| okta.oauth2.scopeClaim | scp | The scope claim key in the Access Token's JWT |
-| okta.oauth2.rolesClaim | groups | The claim key in the Access Token's JWT that corresponds to an array of the users groups. |
+| okta.oauth2.groupsClaim | groups | The claim key in the Access Token's JWT that corresponds to an array of the users groups. |
 
 ### Create a Controller
 
 The above client makes a request to `/hello-oauth`, you simply need to create a Spring Boot application and `Controller` to handle the response: 
 
 ```java
-@EnableResourceServer
-@SpringBootApplication
 @RestController
+@SpringBootApplication
 public class ExampleApplication {
 
     public static void main(String[] args) {
@@ -63,10 +63,19 @@ public class ExampleApplication {
     public String sayHello(Principal principal) {
         return "Hello, " + principal.getName();
     }
+
+    @Configuration
+    static class OktaOAuth2WebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
+
+        @Override
+        protected void configure(HttpSecurity http) throws Exception {
+            http.oauth2ResourceServer().jwt();
+        }
+    }
 }
 ```
 
-Make sure to mark the application with Spring Security's `@EnableResourceServer` annotation, to enable handling of access tokens.
+Make sure to configure the `WebSecurityConfigurerAdaptor` with `http.oauth2ResourceServer().jwt()` to enable handling of access tokens.
 
 ### That's it!
 
@@ -105,9 +114,8 @@ You can configure your applications properties with environment variables, syste
 Create a minimal Spring Boot application:
 
 ```java
-@EnableOAuth2Sso
-@SpringBootApplication
 @RestController
+@SpringBootApplication
 public class ExampleApplication {
 
     public static void main(String[] args) {
@@ -121,6 +129,22 @@ public class ExampleApplication {
 }
 ```
 
+If you want to allow anonymous access to specific routes you can add a `WebSecurityConfigurerAdapter`:
+
+```java
+@Configuration
+static class WebConfig extends WebSecurityConfigurerAdapter {
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .antMatchers("/my-anon-page").permitAll()
+                .anyRequest().authenticated()
+            .and().oauth2Client()
+            .and().oauth2Login();
+    }
+}
+```
+
 ### That's it!
 
 Open up the this link in your browser: [http://localhost:8080/](http://localhost:8080/)

coverage/pom.xml

@@ -20,18 +20,14 @@
     <parent>
         <groupId>com.okta.spring</groupId>
         <artifactId>okta-spring-boot-parent</artifactId>
-        <version>0.6.2-SNAPSHOT</version>
+        <version>1.0.0-SNAPSHOT</version>
     </parent>
 
     <artifactId>okta-spring-boot-coverage</artifactId>
     <name>Okta Spring Boot :: Coverage</name>
     <packaging>pom</packaging>
 
     <dependencies>
-        <dependency>
-            <groupId>com.okta.spring</groupId>
-            <artifactId>okta-spring-config</artifactId>
-        </dependency>
         <dependency>
             <groupId>com.okta.spring</groupId>
             <artifactId>okta-spring-security-oauth2</artifactId>

examples/config-server/pom.xml

@@ -0,0 +1,40 @@
+<!--
+  ~ Copyright 2018-Present Okta, Inc.
+  ~
+  ~ Licensed under the Apache License, Version 2.0 (the "License");
+  ~ you may not use this file except in compliance with the License.
+  ~ You may obtain a copy of the License at
+  ~
+  ~     http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the License is distributed on an "AS IS" BASIS,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  ~ See the License for the specific language governing permissions and
+  ~ limitations under the License.
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>com.okta.spring.examples</groupId>
+        <artifactId>okta-spring-boot-examples</artifactId>
+        <version>1.0.0-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>okta-spring-boot-cloud-config-example</artifactId>
+    <name>Okta Spring Boot :: Examples :: Hosted Code Flow</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-config-server</artifactId>
+            <version>${spring-cloud.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <defaultGoal>spring-boot:run</defaultGoal>
+    </build>
+</project>

oauth2/src/test/groovy/com/okta/spring/oauth/implicit/StubApp.groovy → examples/config-server/src/main/java/com/okta/example/cloud/configserver/ConfigServerApplication.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 Okta, Inc.
+ * Copyright 2018-Present Okta, Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -13,12 +13,17 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package com.okta.spring.oauth.implicit
+package com.okta.example.cloud.configserver;
 
-import org.springframework.boot.autoconfigure.SpringBootApplication
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cloud.config.server.EnableConfigServer;
 
+@EnableConfigServer
 @SpringBootApplication
-@EnableResourceServer
-class StubApp {
+public class ConfigServerApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(ConfigServerApplication.class, args);
+    }
 }