- fix beans instantiation

src/modules/rest/impl/src/main/java/it/geosolutions/geostore/services/rest/security/oauth2/GeoStoreOAuthRestTemplate.java

@@ -59,7 +59,8 @@ public GeoStoreOAuthRestTemplate(
     public GeoStoreOAuthRestTemplate(
             OAuth2ProtectedResourceDetails resource, OAuth2ClientContext context, OAuth2Configuration configuration, String idTokenParam) {
         super(resource, context);
-        this.store = new JwkTokenStore(configuration.getIdTokenUri());
+        if (configuration.getIdTokenUri() != null)
+            this.store = new JwkTokenStore(configuration.getIdTokenUri());
         this.idTokenParam = idTokenParam;
     }
 

src/modules/rest/impl/src/main/java/it/geosolutions/geostore/services/rest/security/oauth2/openid_connect/OpenIdConnectFilter.java

@@ -34,18 +34,11 @@
 import it.geosolutions.geostore.services.rest.security.oauth2.OAuth2GeoStoreAuthenticationFilter;
 import it.geosolutions.geostore.services.rest.security.oauth2.openid_connect.enancher.ClientSecretRequestEnhancer;
 import it.geosolutions.geostore.services.rest.security.oauth2.openid_connect.enancher.PKCERequestEnhancer;
-import org.springframework.security.oauth2.client.token.AccessTokenProvider;
-import org.springframework.security.oauth2.client.token.AccessTokenProviderChain;
 import org.springframework.security.oauth2.client.token.DefaultRequestEnhancer;
-import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider;
 import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider;
-import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitAccessTokenProvider;
-import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
 import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
 import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;
 
-import java.util.Arrays;
-
 /**
  * OpenId Connect filter implementation.
  */
@@ -70,15 +63,6 @@ else if (idConfig.isSendClientSecret())
             authorizationAccessTokenProvider.setTokenRequestEnhancer(new ClientSecretRequestEnhancer());
         else authorizationAccessTokenProvider.setTokenRequestEnhancer(new DefaultRequestEnhancer());
 
-        AccessTokenProvider accessTokenProviderChain =
-                new AccessTokenProviderChain(
-                        Arrays.<AccessTokenProvider>asList(
-                                authorizationAccessTokenProvider,
-                                new ImplicitAccessTokenProvider(),
-                                new ResourceOwnerPasswordAccessTokenProvider(),
-                                new ClientCredentialsAccessTokenProvider()));
-
-        oAuth2RestTemplate.setAccessTokenProvider(accessTokenProviderChain);
         if (idConfig.getJwkURI() != null && !"".equals(idConfig.getJwkURI())) {
             oAuth2RestTemplate.setTokenStore(new JwkTokenStore(idConfig.getJwkURI()));
         }

src/modules/rest/impl/src/main/java/it/geosolutions/geostore/services/rest/security/oauth2/openid_connect/OpenIdConnectSecurityConfiguration.java

@@ -45,6 +45,8 @@
 import org.springframework.security.oauth2.client.token.grant.implicit.ImplicitAccessTokenProvider;
 import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
+import org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStore;
+import org.springframework.web.context.WebApplicationContext;
 
 import java.util.Arrays;
 
@@ -78,7 +80,7 @@ public OAuth2Configuration configuration() {
      */
     @Override
     @Bean(value = "oidcOpenIdRestTemplate")
-    @Scope(value = "request", proxyMode = ScopedProxyMode.TARGET_CLASS)
+    @Scope(value = WebApplicationContext.SCOPE_REQUEST, proxyMode = ScopedProxyMode.TARGET_CLASS)
     public GeoStoreOAuthRestTemplate oauth2RestTemplate() {
         GeoStoreOAuthRestTemplate oAuth2RestTemplate = restTemplate();
         setJacksonConverter(oAuth2RestTemplate);
@@ -92,9 +94,17 @@ public GeoStoreOAuthRestTemplate oauth2RestTemplate() {
                                 new ClientCredentialsAccessTokenProvider()));
 
         oAuth2RestTemplate.setAccessTokenProvider(accessTokenProviderChain);
+
+        OpenIdConnectConfiguration idConfig = (OpenIdConnectConfiguration) configuration();
+        if (idConfig.getJwkURI() != null && !"".equals(idConfig.getJwkURI())) {
+            oAuth2RestTemplate.setTokenStore(new JwkTokenStore(idConfig.getJwkURI()));
+        }
+
         return oAuth2RestTemplate;
     }
 
+    @Bean(name = "authorizationAccessTokenProvider")
+    @Scope(value = "prototype")
     public AuthorizationCodeAccessTokenProvider authorizationAccessTokenProvider() {
         AuthorizationCodeAccessTokenProvider authorizationCodeAccessTokenProvider =
                 new AuthorizationCodeAccessTokenProvider();