Skip to content

Commit 835d6c1

Browse files
jzheauxjzheaux
committed
Add Issuer Validation to withIssuerLocation Snippets
Closes gh-19000 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 parent 95b2cdf commit 835d6c1

2 files changed

Lines changed: 48 additions & 16 deletions

File tree

  • docs/modules/ROOT/pages

docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc

Lines changed: 24 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -376,7 +376,9 @@ Java::
376376
----
377377
@Bean
378378
public ReactiveJwtDecoder jwtDecoder() {
379-
return NimbusReactiveJwtDecoder.withIssuerLocation(issuer).build();
379+
NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(issuer).build();
380+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(issuer));
381+
return jwtDecoder;
380382
}
381383
----
382384
@@ -386,7 +388,9 @@ Kotlin::
386388
----
387389
@Bean
388390
fun jwtDecoder(): ReactiveJwtDecoder {
389-
return NimbusReactiveJwtDecoder.withIssuerLocation(issuer).build()
391+
val jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(issuer).build()
392+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(issuer))
393+
return jwtDecoder
390394
}
391395
----
392396
======
@@ -452,8 +456,10 @@ Java::
452456
----
453457
@Bean
454458
ReactiveJwtDecoder jwtDecoder() {
455-
return NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
459+
NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
456460
.jwsAlgorithm(RS512).build();
461+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer));
462+
return jwtDecoder;
457463
}
458464
----
459465
@@ -463,8 +469,10 @@ Kotlin::
463469
----
464470
@Bean
465471
fun jwtDecoder(): ReactiveJwtDecoder {
466-
return NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
472+
val jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
467473
.jwsAlgorithm(RS512).build()
474+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer))
475+
return jwtDecoder
468476
}
469477
----
470478
======
@@ -479,8 +487,10 @@ Java::
479487
----
480488
@Bean
481489
ReactiveJwtDecoder jwtDecoder() {
482-
return NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
490+
NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
483491
.jwsAlgorithm(RS512).jwsAlgorithm(ES512).build();
492+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer));
493+
return jwtDecoder;
484494
}
485495
----
486496
@@ -490,8 +500,10 @@ Kotlin::
490500
----
491501
@Bean
492502
fun jwtDecoder(): ReactiveJwtDecoder {
493-
return NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
503+
val jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
494504
.jwsAlgorithm(RS512).jwsAlgorithm(ES512).build()
505+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer))
506+
return jwtDecoder
495507
}
496508
----
497509
======
@@ -506,11 +518,13 @@ Java::
506518
----
507519
@Bean
508520
ReactiveJwtDecoder jwtDecoder() {
509-
return NimbusReactiveJwtDecoder.withIssuerLocation(this.jwkSetUri)
521+
NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
510522
.jwsAlgorithms(algorithms -> {
511523
algorithms.add(RS512);
512524
algorithms.add(ES512);
513525
}).build();
526+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer));
527+
return jwtDecoder;
514528
}
515529
----
516530
@@ -520,12 +534,14 @@ Kotlin::
520534
----
521535
@Bean
522536
fun jwtDecoder(): ReactiveJwtDecoder {
523-
return NimbusReactiveJwtDecoder.withIssuerLocation(this.jwkSetUri)
537+
val jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(this.issuer)
524538
.jwsAlgorithms {
525539
it.add(RS512)
526540
it.add(ES512)
527541
}
528542
.build()
543+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer))
544+
return jwtDecoder
529545
}
530546
----
531547
======

docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc

Lines changed: 24 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -519,7 +519,9 @@ Java::
519519
----
520520
@Bean
521521
public JwtDecoder jwtDecoder() {
522-
return NimbusJwtDecoder.withIssuerLocation(issuer).build();
522+
NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(issuer).build();
523+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(issuer));
524+
return jwtDecoder;
523525
}
524526
----
525527
@@ -529,7 +531,9 @@ Kotlin::
529531
----
530532
@Bean
531533
fun jwtDecoder(): JwtDecoder {
532-
return NimbusJwtDecoder.withIssuerLocation(issuer).build()
534+
val jwtDecoder = NimbusJwtDecoder.withIssuerLocation(issuer).build()
535+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(issuer))
536+
return jwtDecoder
533537
}
534538
----
535539
======
@@ -595,8 +599,10 @@ Java::
595599
----
596600
@Bean
597601
JwtDecoder jwtDecoder() {
598-
return NimbusJwtDecoder.withIssuerLocation(this.issuer)
602+
NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(this.issuer)
599603
.jwsAlgorithm(RS512).build();
604+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer));
605+
return jwtDecoder;
600606
}
601607
----
602608
@@ -606,8 +612,10 @@ Kotlin::
606612
----
607613
@Bean
608614
fun jwtDecoder(): JwtDecoder {
609-
return NimbusJwtDecoder.withIssuerLocation(this.issuer)
615+
val jwtDecoder = NimbusJwtDecoder.withIssuerLocation(this.issuer)
610616
.jwsAlgorithm(RS512).build()
617+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer))
618+
return jwtDecoder
611619
}
612620
----
613621
======
@@ -622,8 +630,10 @@ Java::
622630
----
623631
@Bean
624632
JwtDecoder jwtDecoder() {
625-
return NimbusJwtDecoder.withIssuerLocation(this.issuer)
633+
NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(this.issuer)
626634
.jwsAlgorithm(RS512).jwsAlgorithm(ES512).build();
635+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer));
636+
return jwtDecoder;
627637
}
628638
----
629639
@@ -633,8 +643,10 @@ Kotlin::
633643
----
634644
@Bean
635645
fun jwtDecoder(): JwtDecoder {
636-
return NimbusJwtDecoder.withIssuerLocation(this.issuer)
646+
val jwtDecoder = NimbusJwtDecoder.withIssuerLocation(this.issuer)
637647
.jwsAlgorithm(RS512).jwsAlgorithm(ES512).build()
648+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer))
649+
return jwtDecoder
638650
}
639651
----
640652
======
@@ -649,11 +661,13 @@ Java::
649661
----
650662
@Bean
651663
JwtDecoder jwtDecoder() {
652-
return NimbusJwtDecoder.withIssuerLocation(this.issuer)
664+
NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(this.issuer)
653665
.jwsAlgorithms(algorithms -> {
654666
algorithms.add(RS512);
655667
algorithms.add(ES512);
656668
}).build();
669+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer));
670+
return jwtDecoder;
657671
}
658672
----
659673
@@ -663,11 +677,13 @@ Kotlin::
663677
----
664678
@Bean
665679
fun jwtDecoder(): JwtDecoder {
666-
return NimbusJwtDecoder.withIssuerLocation(this.issuer)
680+
val jwtDecoder = NimbusJwtDecoder.withIssuerLocation(this.issuer)
667681
.jwsAlgorithms {
668682
it.add(RS512)
669683
it.add(ES512)
670684
}.build()
685+
jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(this.issuer))
686+
return jwtDecoder
671687
}
672688
----
673689
======

0 commit comments

Comments
 (0)