spring-boot spring-security spring-security-oauth2 java-11

Unable to read properties from application.yml while customizing/overriding ClientRegistrationRepository

I am trying to implement customized client repository as mentioned in this document.

https://docs.spring.io/spring-security/site/docs/5.0.x/reference/html/jc.html#jc-oauth2login-completely-override-autoconfiguration

As per the documentaion , properties are hardcoded in code , I am trying to read those properties from application.yml. However, properties are not available when it's needed to be set.

Any pointer how this can be achieved? How to make application.yml properties available here.

Application.yml:

sso:
  enabled: true
  registrationId: myApp
  clientName: myApp
  .....

POJO corresponding to sso properties

@Data
@ConfigurationProperties("sso")
public class SsoPropertiesConfig {
    private boolean enabled;
    private String clientName;
    private String registrationId;
    ....

Websecurity Configuration

@Slf4j
@Configuration
@EnableWebSecurity
@RequiredArgsConstructor
public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {

    SsoPropertiesConfig ssoPropertiesConfig = new SsoPropertiesConfig();

    private final PasswordResolver passwordResolver;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                    .anyRequest().authenticated()
                    .and()
                .oauth2Login();
    }


    @Bean
    public ClientRegistrationRepository clientRegistrationRepository() {
        return new InMemoryClientRegistrationRepository(this.myClientRegistration());
    }

    private ClientRegistration myClientRegistration() {
        log.info("ssoPropertiesConfig :{}",ssoPropertiesConfig);

// all properties of ssoPropertiesConfig are coming as NULL

        return ClientRegistration.withRegistrationId(ssoPropertiesConfig.getRegistrationId())
                .clientName(ssoPropertiesConfig.getClientName())
                ....
                .build();
    }
}

Solution

you are creating the properties yourself using new and not letting spring manage them using dependency injection.

your code:

SsoPropertiesConfig ssoPropertiesConfig = new SsoPropertiesConfig();

You can just remove the new declaration since you have annotated your class with @RequiredArgsConstructor

so just keep:

private SsoPropertiesConfig ssoPropertiesConfig;