refactor(oauth): allow extension projects to override spinnaker user …

…info token services primary bean, by explicitly disabling it (#1456)
spinnaker · Apr 19, 2021 · 4deb739 · 4deb739
1 parent 9aed84d
commit 4deb739
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/...-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy b/...-oauth2/src/main/groovy/com/netflix/spinnaker/gate/security/oauth2/OAuth2SsoConfig.groovy
@@ -20,6 +20,7 @@ import com.netflix.spinnaker.gate.config.AuthConfig
 import com.netflix.spinnaker.gate.security.SpinnakerAuthConfig
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso
 import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties
 import org.springframework.boot.context.properties.ConfigurationProperties
@@ -68,6 +69,11 @@ class OAuth2SsoConfig extends WebSecurityConfigurerAdapter {
 
   @Primary
   @Bean
+  @ConditionalOnProperty(
+    prefix = 'security.oauth2.resource.spinnaker-user-info-token-services',
+    name = 'enabled',
+    havingValue = 'true',
+    matchIfMissing = true)
   ResourceServerTokenServices spinnakerUserInfoTokenServices() {
     new SpinnakerUserInfoTokenServices()
   }