java.lang.Object

org.springframework.security.oauth2.jwt.NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

Enclosing class:: NimbusJwtDecoder

public static final class NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder extends Object

A builder for creating NimbusJwtDecoder instances based on a JWK Set uri.

Method Summary

Modifier and Type

Method

Description

NimbusJwtDecoder

build()

Build the configured NimbusJwtDecoder.

NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

cache(org.springframework.cache.Cache cache)

Use the given Cache to store JWK Set.

NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

jwsAlgorithm(SignatureAlgorithm signatureAlgorithm)

Append the given signing algorithm to the set of algorithms to use.

NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

jwsAlgorithms(Consumer<Set<SignatureAlgorithm>> signatureAlgorithmsConsumer)

Configure the list of algorithms to use with the given Consumer.

NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

jwtProcessorCustomizer(Consumer<com.nimbusds.jwt.proc.ConfigurableJWTProcessor<com.nimbusds.jose.proc.SecurityContext>> jwtProcessorCustomizer)

Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusJwtDecoder.

NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

restOperations(org.springframework.web.client.RestOperations restOperations)

Use the given RestOperations to coordinate with the authorization servers indicated in the JWK Set uri as well as the Issuer.

NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

validateType(boolean shouldValidateTypHeader)

Whether to use Nimbus's typ header verification.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details
- validateType
  
  public NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder validateType(boolean shouldValidateTypHeader)
  
  Whether to use Nimbus's typ header verification. This is true by default, however it may change to false in a future major release.
  By turning off this feature, NimbusJwtDecoder expects applications to check the typ header themselves in order to determine what kind of validation is needed
  
  This is done for you when you use JwtValidators to construct a validator.
  That means that this: NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(issuer).build(); jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(issuer);
  Is equivalent to this: NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(issuer) .validateType(false) .build(); jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithValidators( new JwtIssuerValidator(issuer), JwtTypeValidator.jwt());
  The difference is that by setting this to false, it allows you to provide validation by type, like for at+jwt: NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(issuer) .validateType(false) .build(); jwtDecoder.setJwtValidator(new MyAtJwtValidator());
  
  Parameters:
  
  shouldValidateTypHeader - whether Nimbus should validate the typ header or not
  
  Returns:
  
  a NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder for further configurations
  
  Since:
  
  6.5
- jwsAlgorithm
  
  public NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder jwsAlgorithm(SignatureAlgorithm signatureAlgorithm)
  
  Append the given signing algorithm to the set of algorithms to use.
  
  Parameters:
  
  signatureAlgorithm - the algorithm to use
  
  Returns:
  
  a NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder for further configurations
- jwsAlgorithms
  
  public NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder jwsAlgorithms(Consumer<Set<SignatureAlgorithm>> signatureAlgorithmsConsumer)
  
  Configure the list of algorithms to use with the given Consumer.
  
  Parameters:
  
  signatureAlgorithmsConsumer - a Consumer for further configuring the algorithm list
  
  Returns:
  
  a NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder for further configurations
- restOperations
  
  public NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder restOperations(org.springframework.web.client.RestOperations restOperations)
  
  Use the given RestOperations to coordinate with the authorization servers indicated in the JWK Set uri as well as the Issuer.
  
  Parameters:
  
  restOperations - the RestOperations instance to use
  
  Returns:
  
  a NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder for further configurations
- cache
  
  public NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder cache(org.springframework.cache.Cache cache)
  
  Use the given Cache to store JWK Set.
  
  Parameters:
  
  cache - the Cache to be used to store JWK Set
  
  Returns:
  
  a NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder for further configurations
  
  Since:
  
  5.4
- jwtProcessorCustomizer
  
  public NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder jwtProcessorCustomizer(Consumer<com.nimbusds.jwt.proc.ConfigurableJWTProcessor<com.nimbusds.jose.proc.SecurityContext>> jwtProcessorCustomizer)
  
  Use the given Consumer to customize the ConfigurableJWTProcessor before passing it to the build NimbusJwtDecoder.
  
  Parameters:
  
  jwtProcessorCustomizer - the callback used to alter the processor
  
  Returns:
  
  a NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder for further configurations
  
  Since:
  
  5.4
- build
  
  public NimbusJwtDecoder build()
  
  Build the configured NimbusJwtDecoder.
  
  Returns:
  
  the configured NimbusJwtDecoder

Class NimbusJwtDecoder.JwkSetUriJwtDecoderBuilder

Method Summary

Methods inherited from class java.lang.Object

Method Details

validateType

jwsAlgorithm

jwsAlgorithms

restOperations

cache

jwtProcessorCustomizer

build