Expose property to configure OAuth2 provider configurationMetadata

Closes gh-21375

Author: mbhave

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientProperties.java

@@ -17,6 +17,7 @@
 package org.springframework.boot.autoconfigure.security.oauth2.client;
 
 import java.util.HashMap;
+import java.util.LinkedHashMap;
 import java.util.Map;
 import java.util.Set;
 
@@ -219,6 +220,11 @@ public static class Provider {
 		 */
 		private String issuerUri;
 
+		/**
+		 * Additional metadata describing the provider's configuration.
+		 */
+		private Map<String, Object> configurationMetadata = new LinkedHashMap<>();
+
 		public String getAuthorizationUri() {
 			return this.authorizationUri;
 		}
@@ -275,6 +281,10 @@ public void setIssuerUri(String issuerUri) {
 			this.issuerUri = issuerUri;
 		}
 
+		public Map<String, Object> getConfigurationMetadata() {
+			return this.configurationMetadata;
+		}
+
 	}
 
 }

spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapter.java

@@ -116,6 +116,7 @@ private static Builder getBuilder(Builder builder, Provider provider) {
 				.to(builder::userInfoAuthenticationMethod);
 		map.from(provider::getJwkSetUri).to(builder::jwkSetUri);
 		map.from(provider::getUserNameAttribute).to(builder::userNameAttributeName);
+		map.from(provider::getConfigurationMetadata).to(builder::providerConfigurationMetadata);
 		return builder;
 	}
 

spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/client/OAuth2ClientPropertiesRegistrationAdapterTests.java

@@ -238,6 +238,20 @@ void issuerUriConfigurationTriesOAuthMetadataUriThird() throws Exception {
 		testIssuerConfiguration(login, "okta", 2, 3);
 	}
 
+	@Test
+	void configurationMetadataFromProviderIsAdapted() {
+		Provider provider = createProvider();
+		provider.getConfigurationMetadata().put("end_session_endpoint", "https://myendsessionendpoint");
+		OAuth2ClientProperties.Registration registration = createRegistration("my-oauth-provider");
+		OAuth2ClientProperties properties = new OAuth2ClientProperties();
+		properties.getRegistration().put("registration", registration);
+		properties.getProvider().put("my-oauth-provider", provider);
+		Map<String, ClientRegistration> registrations = OAuth2ClientPropertiesRegistrationAdapter
+				.getClientRegistrations(properties);
+		assertThat(registrations.get("registration").getProviderDetails().getConfigurationMetadata()
+				.get("end_session_endpoint")).isEqualTo("https://myendsessionendpoint");
+	}
+
 	@Test
 	void oidcProviderConfigurationWithCustomConfigurationOverridesProviderDefaults() throws Exception {
 		this.server = new MockWebServer();

spring-boot-project/spring-boot-docs/src/main/asciidoc/spring-boot-features.adoc

@@ -3219,6 +3219,7 @@ You can register multiple OAuth2 clients and providers under the `spring.securit
 	spring.security.oauth2.client.provider.my-oauth-provider.user-info-authentication-method=header
 	spring.security.oauth2.client.provider.my-oauth-provider.jwk-set-uri=https://my-auth-server/token_keys
 	spring.security.oauth2.client.provider.my-oauth-provider.user-name-attribute=name
+	spring.security.oauth2.client.provider.my-oauth-provider.configuration-metadata.end_session_endpoint=https://my-end-session-endpoint
 ----
 
 For OpenID Connect providers that support https://openid.net/specs/openid-connect-discovery-1_0.html[OpenID Connect discovery], the configuration can be further simplified.