Class JwtDecoders
java.lang.Object
org.springframework.security.oauth2.jwt.JwtDecoders
Allows creating a
JwtDecoder
from an OpenID
Provider Configuration or
Authorization Server Metadata
Request based on provided issuer and method invoked.- Since:
- 5.1
-
Method Summary
Modifier and TypeMethodDescriptionstatic <T extends JwtDecoder>
TfromIssuerLocation
(String issuer) Creates aJwtDecoder
using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize.static <T extends JwtDecoder>
TfromOidcIssuerLocation
(String oidcIssuerLocation) Creates aJwtDecoder
using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize theJwtDecoder
.
-
Method Details
-
fromOidcIssuerLocation
Creates aJwtDecoder
using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize theJwtDecoder
.- Parameters:
oidcIssuerLocation
- the Issuer- Returns:
- a
JwtDecoder
that was initialized by the OpenID Provider Configuration.
-
fromIssuerLocation
Creates aJwtDecoder
using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize. If an endpoint returns anything other than a 200 or a 4xx, the method will exit without attempting subsequent endpoints. The three endpoints are computed as follows, given that theissuer
is composed of ahost
and apath
:host/.well-known/openid-configuration/path
, as defined in RFC 8414's Compatibility Notes.issuer/.well-known/openid-configuration
, as defined in OpenID Provider Configuration.host/.well-known/oauth-authorization-server/path
, as defined in Authorization Server Metadata Request.
fromOidcIssuerLocation(String)
- Parameters:
issuer
- the Issuer- Returns:
- a
JwtDecoder
that was initialized by one of the described endpoints
-