From 4afa21cb1a111c297730bde6d2910b1edee96a67 Mon Sep 17 00:00:00 2001 From: MrJovanovic13 <34819606+MrJovanovic13@users.noreply.github.com> Date: Fri, 12 Apr 2024 01:33:26 +0200 Subject: [PATCH] Add reasonable timeout to JwtDecoderProviderConfigurationUtils and NimbusJwtDecoder --- .../jwt/JwtDecoderProviderConfigurationUtils.java | 10 ++++++++++ .../security/oauth2/jwt/NimbusJwtDecoder.java | 12 +++++++++++- 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java index 47a068dd751..7ca1883ddce 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/JwtDecoderProviderConfigurationUtils.java @@ -39,6 +39,7 @@ import org.springframework.core.ParameterizedTypeReference; import org.springframework.http.RequestEntity; import org.springframework.http.ResponseEntity; +import org.springframework.http.client.SimpleClientHttpRequestFactory; import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm; import org.springframework.util.Assert; import org.springframework.web.client.HttpClientErrorException; @@ -65,6 +66,15 @@ final class JwtDecoderProviderConfigurationUtils { private static final RestTemplate rest = new RestTemplate(); + static { + int connectTimeout = Integer.parseInt(System.getProperty("sun.net.client.defaultConnectTimeout", "30000")); + int readTimeout = Integer.parseInt(System.getProperty("sun.net.client.defaultReadTimeout", "30000")); + SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory(); + requestFactory.setConnectTimeout(connectTimeout); + requestFactory.setReadTimeout(readTimeout); + rest.setRequestFactory(requestFactory); + } + private static final ParameterizedTypeReference> STRING_OBJECT_MAP = new ParameterizedTypeReference>() { }; diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java index 2713ee96b2d..71edd185256 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java @@ -63,6 +63,7 @@ import org.springframework.http.MediaType; import org.springframework.http.RequestEntity; import org.springframework.http.ResponseEntity; +import org.springframework.http.client.SimpleClientHttpRequestFactory; import org.springframework.security.oauth2.core.OAuth2Error; import org.springframework.security.oauth2.core.OAuth2TokenValidator; import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult; @@ -271,7 +272,16 @@ public static final class JwkSetUriJwtDecoderBuilder { private Set signatureAlgorithms = new HashSet<>(); - private RestOperations restOperations = new RestTemplate(); + private RestOperations restOperations = this.buildRestTemplateWithDefaultTimeoutValues(); + + private RestTemplate buildRestTemplateWithDefaultTimeoutValues() { + int connectTimeout = Integer.parseInt(System.getProperty("sun.net.client.defaultConnectTimeout", "30000")); + int readTimeout = Integer.parseInt(System.getProperty("sun.net.client.defaultReadTimeout", "30000")); + SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory(); + requestFactory.setConnectTimeout(connectTimeout); + requestFactory.setReadTimeout(readTimeout); + return new RestTemplate(requestFactory); + } private Cache cache;