Ias xsuaa token exchange (#418)

* support IAS to XSUAA token exchange
* enhance sample manifest.yml with environment variable
* update java docs, remove unnecessary config classes from tests
* rename environment variable
change missing IAS_XSUA_XCHANGE_ENABLED env var behaviour to fallback to previous version

samples/spring-security-xsuaa-usage/manifest.yml

@@ -13,7 +13,7 @@ applications:
   services:
     - xsuaa-authentication
   env:
-    XSUAA_IAS_XCHANGE_ENABLED: true
+    IAS_XSUAA_XCHANGE_ENABLED: true
 
 # Application Router as web server
 - name: approuter-spring-security-xsuaa-usage

spring-xsuaa-it/pom.xml

@@ -103,7 +103,7 @@
 				<artifactId>maven-surefire-plugin</artifactId>
 				<configuration>
 					<environmentVariables>
-						<XSUAA_IAS_XCHANGE_ENABLED>true</XSUAA_IAS_XCHANGE_ENABLED>
+						<IAS_XSUAA_XCHANGE_ENABLED>true</IAS_XSUAA_XCHANGE_ENABLED>
 					</environmentVariables>
 				</configuration>
 			</plugin>

spring-xsuaa/src/main/java/com/sap/cloud/security/xsuaa/extractor/IasXsuaaExchangeBroker.java

@@ -16,15 +16,15 @@
 /**
  * IAS token and XSUAA token exchange and resolution class. Can be used to
  * distinguish between IAS and XSUAA tokens. Controls token exchange between IAS
- * and XSUAA by using XSUAA_IAS_XCHANGE_ENABLED environment variable flag
+ * and XSUAA by using IAS_XSUAA_XCHANGE_ENABLED environment variable flag
  */
 public class IasXsuaaExchangeBroker {
 
 	private static final Logger logger = LoggerFactory.getLogger(IasXsuaaExchangeBroker.class);
 
 	private final XsuaaTokenFlows xsuaaTokenFlows;
 	private final boolean isIasXsuaaXchangeEnabled;
-	private static final String XSUAA_IAS_ENABLED = "XSUAA_IAS_XCHANGE_ENABLED";
+	private static final String IAS_XSUAA_ENABLED = "IAS_XSUAA_XCHANGE_ENABLED";
 
 	public IasXsuaaExchangeBroker(XsuaaTokenFlows xsuaaTokenFlows) {
 		this.xsuaaTokenFlows = xsuaaTokenFlows;
@@ -69,9 +69,9 @@ public String getXsuaaToken(String iasToken) {
 	}
 
 	/**
-	 * Checks value of environment variable 'XSUAA_IAS_XCHANGE_ENABLED'. This value
+	 * Checks value of environment variable 'IAS_XSUAA_XCHANGE_ENABLED'. This value
 	 * determines, whether token exchange between IAS and XSUAA is enabled. If
-	 * XSUAA_IAS_XCHANGE_ENABLED is not provided or with an empty value or with
+	 * IAS_XSUAA_XCHANGE_ENABLED is not provided or with an empty value or with
 	 * value = false, then token exchange is disabled. Any other values are
 	 * interpreted as true.
 	 *
@@ -82,8 +82,8 @@ public boolean isIasXsuaaXchangeEnabled() {
 	}
 
 	private boolean resolveIasToXsuaaEnabledFlag() {
-		String isEnabled = System.getenv(XSUAA_IAS_ENABLED);
-		logger.debug("System environment variable {} is set to {}", XSUAA_IAS_ENABLED, isEnabled);
+		String isEnabled = System.getenv(IAS_XSUAA_ENABLED);
+		logger.debug("System environment variable {} is set to {}", IAS_XSUAA_ENABLED, isEnabled);
 		if (isEnabled != null) {
 			if (!isEnabled.equalsIgnoreCase("false")) {
 				return true;

spring-xsuaa/src/main/java/com/sap/cloud/security/xsuaa/extractor/TokenBrokerResolver.java

@@ -35,7 +35,7 @@
  * AuthenticationInformationExtractor needs to be implemented).
  *
  * Token exchange between IAS and XSUAA is disabled by default. To enable IAS to
- * XSUAA token exchange set the environment variable XSUAA_IAS_XCHANGE_ENABLED
+ * XSUAA token exchange set the environment variable IAS_XSUAA_XCHANGE_ENABLED
  * to any value except false.
  *
  */
@@ -181,7 +181,7 @@ private String getBrokerToken(AuthenticationMethod credentialType, String authHe
 			if (oAuth2token == null) {
 				break;
 			}
-			if (iasXsuaaExchangeBroker.isXsuaaToken(oAuth2token)) {
+			if (iasXsuaaExchangeBroker.isXsuaaToken(oAuth2token) || !iasXsuaaExchangeBroker.isIasXsuaaXchangeEnabled()) {
 				return oAuth2token;
 			} else if (iasXsuaaExchangeBroker.isIasXsuaaXchangeEnabled()) {
 				return iasXsuaaExchangeBroker.getXsuaaToken(oAuth2token);