Class ReactiveJwtDecoders
java.lang.Object
org.springframework.security.oauth2.jwt.ReactiveJwtDecoders
Allows creating a
ReactiveJwtDecoder
from an OpenID
Provider Configuration or
Authorization Server Metadata
Request based on provided issuer and method invoked.- Since:
- 5.1
-
Method Summary
Modifier and TypeMethodDescriptionstatic <T extends ReactiveJwtDecoder>
TfromIssuerLocation
(String issuer) Creates aReactiveJwtDecoder
using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize.static <T extends ReactiveJwtDecoder>
TfromOidcIssuerLocation
(String oidcIssuerLocation) Creates aReactiveJwtDecoder
using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize theReactiveJwtDecoder
.
-
Method Details
-
fromOidcIssuerLocation
Creates aReactiveJwtDecoder
using the provided Issuer by making an OpenID Provider Configuration Request and using the values in the OpenID Provider Configuration Response to initialize theReactiveJwtDecoder
.- Parameters:
oidcIssuerLocation
- the Issuer- Returns:
- a
ReactiveJwtDecoder
that was initialized by the OpenID Provider Configuration.
-
fromIssuerLocation
Creates aReactiveJwtDecoder
using the provided Issuer by querying three different discovery endpoints serially, using the values in the first successful response to initialize. If an endpoint returns anything other than a 200 or a 4xx, the method will exit without attempting subsequent endpoints. The three endpoints are computed as follows, given that theissuer
is composed of ahost
and apath
:host/.well-known/openid-configuration/path
, as defined in RFC 8414's Compatibility Notes.issuer/.well-known/openid-configuration
, as defined in OpenID Provider Configuration.host/.well-known/oauth-authorization-server/path
, as defined in Authorization Server Metadata Request.
fromOidcIssuerLocation(String)
- Parameters:
issuer
- the Issuer- Returns:
- a
ReactiveJwtDecoder
that was initialized by one of the described endpoints
-