Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Certificate-Bound (POP) JWT Access Token Validation (Reactive) #14887

Closed
jgrandja opened this issue Apr 11, 2024 · 2 comments
Closed

Support Certificate-Bound (POP) JWT Access Token Validation (Reactive) #14887

jgrandja opened this issue Apr 11, 2024 · 2 comments
Assignees
@jgrandja
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: invalid An issue that we don't feel is valid type: enhancement A general enhancement

Comments

@jgrandja
Copy link
Contributor

This issue is for the Reactive implementation of gh-10538.
@jgrandja jgrandja added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 11, 2024
@jgrandja jgrandja mentioned this issue Apr 11, 2024
Closed
@franticticktick
Copy link
Contributor

Hi @jgrandja! What specific support is required? I see that ReactiveJwtDecoders has a method withProviderConfiguration:

private static ReactiveJwtDecoder withProviderConfiguration(Map<String, Object> configuration, String issuer) {
		JwtDecoderProviderConfigurationUtils.validateIssuer(configuration, issuer);
		OAuth2TokenValidator<Jwt> jwtValidator = JwtValidators.createDefaultWithIssuer(issuer);
		String jwkSetUri = configuration.get("jwks_uri").toString();
		NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withJwkSetUri(jwkSetUri)
			.jwtProcessorCustomizer(ReactiveJwtDecoderProviderConfigurationUtils::addJWSAlgorithms)
			.build();
		jwtDecoder.setJwtValidator(jwtValidator);
		return jwtDecoder;
	}

It creates a ReactiveJwtDecoder by invocation JwtValidators.createDefaultWithIssuer, all default validators are already created there.

@jgrandja
Copy link
Contributor Author

@CrazyParanoid

It creates a ReactiveJwtDecoder by invocation JwtValidators.createDefaultWithIssuer, all default validators are already created there.

Yes, you are right. I missed that. I'll close this.

@jgrandja jgrandja self-assigned this Apr 16, 2024
@jgrandja jgrandja added the status: invalid An issue that we don't feel is valid label Apr 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: invalid An issue that we don't feel is valid type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgrandja @franticticktick