Add OAuth2 support

Author: oliemansm

README.md

@@ -1 +1,45 @@
-# graphql-spring-webclient
+# GraphQL Spring Webclient
+
+Reactive GraphQL client for consuming GraphQL APIs from a Spring Boot application.
+Provides OAuth2 authorization through configuration.
+
+## Getting started
+
+Add the starter to your project.
+
+When using Maven:
+```xml
+<dependency>
+  <groupId>com.graphql-java-kickstart</groupId>
+  <artifactId>graphql-webclient-spring-boot-starter</artifactId>
+  <version>1.0.0-SNAPSHOT</version>
+</dependency>
+```
+
+When using gradle:
+```groovy
+implementation "com.graphql-java-kickstart:graphql-webclient-spring-boot-starter:1.0.0-SNAPSHOT"
+```
+
+Configure at least the URL of the GraphQL API to consume:
+```yaml
+graphql:
+  client:
+    url: https://graphql.github.com/graphql
+```
+
+## Configuration
+
+The following tables list the configurable properties of the GraphQL Spring Webclient and their default values.
+These properties are configured with the prefix `graphql.client`, e.g. the property listed in the table as `url` 
+should be defined as `graphql.client.url` in your Spring Boot configuration files.
+
+| Property | Description |
+|----------|-------------|
+| url | Full URL of the GraphQL API to connect to, e.g. https://graphql.github.com/graphql |
+| oauth2.client-id | OAuth2 client id |
+| oauth2.client-secret | OAuth2 client secret |
+| oauth2.token-uri | Token URI of the identity provider |
+| oauth2.authorization-grant-type | By default the grant type `client_credentials` is used |
+ 
+

build.gradle

@@ -66,7 +66,7 @@ subprojects {
 
     java {
         withSourcesJar()
-        withJavadocJar()
+//        withJavadocJar()
     }
 
     publishing {

graphql-webclient-spring-boot-autoconfigure/build.gradle

@@ -1,6 +1,7 @@
 dependencies {
-    implementation(project(':graphql-webclient'))
+    api(project(':graphql-webclient'))
 
     implementation "org.springframework.boot:spring-boot-autoconfigure"
     implementation "org.springframework.boot:spring-boot-starter-webflux"
+    implementation "org.springframework.security:spring-security-oauth2-client"
 }

graphql-webclient-spring-boot-autoconfigure/src/main/java/graphql/kickstart/spring/webclient/boot/GraphQLClientProperties.java

@@ -0,0 +1,12 @@
+package graphql.kickstart.spring.webclient.boot;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@Data
+@ConfigurationProperties("graphql.client")
+class GraphQLClientProperties {
+
+  private String url;
+
+}

graphql-webclient-spring-boot-autoconfigure/src/main/java/graphql/kickstart/spring/webclient/boot/GraphQLWebClientAutoConfiguration.java

@@ -1,25 +1,47 @@
 package graphql.kickstart.spring.webclient.boot;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
+import org.springframework.boot.autoconfigure.security.oauth2.client.servlet.OAuth2ClientAutoConfiguration;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
+import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
+import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
 import org.springframework.web.reactive.function.client.WebClient;
 
 @Slf4j
 @Configuration
-@AutoConfigureAfter(JacksonAutoConfiguration.class)
+@RequiredArgsConstructor
+@AutoConfigureAfter({JacksonAutoConfiguration.class, OAuth2ClientAutoConfiguration.class})
+@EnableConfigurationProperties(GraphQLClientProperties.class)
 @ComponentScan(basePackageClasses = GraphQLWebClientImpl.class)
 public class GraphQLWebClientAutoConfiguration {
 
+  private final GraphQLClientProperties graphqlClientProperties;
+
   @Bean
   @ConditionalOnMissingBean
-  public WebClient webClient() {
-    return WebClient.builder().build();
+  public WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations) {
+    WebClient.Builder clientBuilder = WebClient.builder()
+        .baseUrl(graphqlClientProperties.getUrl());
+
+    if (clientRegistrations.findByRegistrationId("graphql").blockOptional().isPresent()) {
+      ServerOAuth2AuthorizedClientExchangeFilterFunction oauth =
+          new ServerOAuth2AuthorizedClientExchangeFilterFunction(
+              clientRegistrations,
+              new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
+      oauth.setDefaultClientRegistrationId("graphql");
+      clientBuilder.filter(oauth);
+    }
+
+    return clientBuilder.build();
   }
 
   @Bean

graphql-webclient-spring-boot-autoconfigure/src/main/java/graphql/kickstart/spring/webclient/boot/OAuth2ClientRegistrationProperties.java

@@ -0,0 +1,63 @@
+package graphql.kickstart.spring.webclient.boot;
+
+import static java.util.Optional.ofNullable;
+
+import java.util.Set;
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.core.AuthenticationMethod;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
+
+@Data
+@Primary
+@ConfigurationProperties(prefix = "graphql.client.oauth2")
+class OAuth2ClientRegistrationProperties {
+
+  private String provider;
+  private String clientId;
+  private String clientSecret;
+  private String clientAuthenticationMethod;
+  private String authorizationGrantType = "client_credentials";
+  private String redirectUri;
+  private Set<String> scope;
+  private String clientName;
+
+  private String authorizationUri;
+  private String tokenUri;
+  private String userInfoUri;
+  private String userInfoAuthenticationMethod;
+  private String userNameAttribute;
+  private String jwkSetUri;
+  private String issuerUri;
+
+  ClientRegistration getClientRegistration() {
+    ClientRegistration.Builder builder = ClientRegistration.withRegistrationId("graphql")
+        .clientId(getClientId())
+        .clientSecret(getClientSecret())
+        .redirectUriTemplate(getRedirectUri())
+        .scope(getScope())
+        .clientName(getClientName())
+        .authorizationUri(getAuthorizationUri())
+        .tokenUri(getTokenUri())
+        .userInfoUri(getUserInfoUri())
+        .jwkSetUri(getJwkSetUri());
+
+    ofNullable(getClientAuthenticationMethod())
+        .map(ClientAuthenticationMethod::new)
+        .ifPresent(builder::clientAuthenticationMethod);
+
+    ofNullable(getAuthorizationGrantType())
+        .map(AuthorizationGrantType::new)
+        .ifPresent(builder::authorizationGrantType);
+
+    ofNullable(getUserInfoAuthenticationMethod())
+        .map(AuthenticationMethod::new)
+        .ifPresent(builder::userInfoAuthenticationMethod);
+
+    return builder.build();
+  }
+
+}

graphql-webclient-spring-boot-autoconfigure/src/main/java/graphql/kickstart/spring/webclient/boot/OAuth2ClientRegistrationRepositoryConfiguration.java

@@ -0,0 +1,25 @@
+package graphql.kickstart.spring.webclient.boot;
+
+import static java.util.Collections.singletonList;
+
+import java.util.List;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
+
+@Configuration
+@EnableConfigurationProperties(OAuth2ClientRegistrationProperties.class)
+class OAuth2ClientRegistrationRepositoryConfiguration {
+
+  @Bean
+  @ConditionalOnMissingBean({ClientRegistrationRepository.class})
+  InMemoryReactiveClientRegistrationRepository clientRegistrationRepository(OAuth2ClientRegistrationProperties properties) {
+    List<ClientRegistration> registrations = singletonList(properties.getClientRegistration());
+    return new InMemoryReactiveClientRegistrationRepository(registrations);
+  }
+
+}

graphql-webclient-spring-boot-autoconfigure/src/main/resources/META-INF/spring.factories

@@ -1,2 +1,3 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
-graphql.kickstart.spring.webclient.boot.GraphQLWebClientAutoConfiguration
+graphql.kickstart.spring.webclient.boot.GraphQLWebClientAutoConfiguration,\
+graphql.kickstart.spring.webclient.boot.OAuth2ClientRegistrationProperties

graphql-webclient-spring-boot-starter/build.gradle

@@ -0,0 +1,3 @@
+dependencies {
+    api(project(':graphql-webclient-spring-boot-autoconfigure'))
+}

graphql-webclient/src/main/java/graphql/kickstart/spring/webclient/boot/GraphQLClientException.java

@@ -0,0 +1,7 @@
+package graphql.kickstart.spring.webclient.boot;
+
+public class GraphQLClientException extends RuntimeException {
+
+
+
+}