Class JwtDecoders
java.lang.Object
org.springframework.security.oauth2.jwt.JwtDecoders
Allows creating a
JwtDecoder from an OpenID
Provider Configuration or
Authorization Server Metadata
Request based on provided issuer and method invoked.- Since:
- 5.1
-
Method Summary
Modifier and TypeMethodDescriptionstatic <T extends JwtDecoder>
TfromIssuerLocation(String issuer) Creates aJwtDecoderusing the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize.static <T extends JwtDecoder>
TfromOidcIssuerLocation(String oidcIssuerLocation) Creates aJwtDecoderusing the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize theJwtDecoder.
-
Method Details
-
fromOidcIssuerLocation
Creates aJwtDecoderusing the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize theJwtDecoder.- Parameters:
oidcIssuerLocation- the Issuer- Returns:
- a
JwtDecoderthat was initialized by the OpenID Provider Configuration.
-
fromIssuerLocation
Creates aJwtDecoderusing the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize. If an endpoint returns anything other than a 200 or a 4xx, the method will exit without attempting subsequent endpoints. The three endpoints are computed as follows, given that theissueris composed of ahostand apath:host/.well-known/openid-configuration/path, as defined in RFC 8414's Compatibility Notes.issuer/.well-known/openid-configuration, as defined in OpenID Provider Configuration.host/.well-known/oauth-authorization-server/path, as defined in Authorization Server Metadata Request.
fromOidcIssuerLocation(String)- Parameters:
issuer- the Issuer- Returns:
- a
JwtDecoderthat was initialized by one of the described endpoints
-