Skip to content

Commit 2edaedf

Browse files
franticticktickjzheaux
franticticktick
authored and
jzheaux
committed
Improve encapsulation for jwtValidators
1 parent b26f2af commit 2edaedf

File tree

4 files changed

+13
-69
lines changed

4 files changed

+13
-69
lines changed

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/DefaultOidcLogoutTokenValidatorFactory.java

Lines changed: 0 additions & 33 deletions
This file was deleted.

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OidcBackChannelLogoutAuthenticationProvider.java

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
/*
2-
* Copyright 2002-2023 the original author or authors.
2+
* Copyright 2002-2024 the original author or authors.
33
*
44
* Licensed under the Apache License, Version 2.0 (the "License");
55
* you may not use this file except in compliance with the License.
@@ -16,6 +16,8 @@
1616

1717
package org.springframework.security.config.annotation.web.configurers.oauth2.client;
1818

19+
import java.util.function.Function;
20+
1921
import com.nimbusds.jose.JOSEObjectType;
2022
import com.nimbusds.jose.proc.DefaultJOSEObjectTypeVerifier;
2123
import com.nimbusds.jose.proc.JOSEObjectTypeVerifier;
@@ -31,10 +33,12 @@
3133
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
3234
import org.springframework.security.oauth2.core.OAuth2Error;
3335
import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
36+
import org.springframework.security.oauth2.core.OAuth2TokenValidator;
3437
import org.springframework.security.oauth2.jwt.BadJwtException;
3538
import org.springframework.security.oauth2.jwt.Jwt;
3639
import org.springframework.security.oauth2.jwt.JwtDecoder;
3740
import org.springframework.security.oauth2.jwt.JwtDecoderFactory;
41+
import org.springframework.security.oauth2.jwt.JwtValidators;
3842
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
3943
import org.springframework.util.Assert;
4044
import org.springframework.util.StringUtils;
@@ -63,7 +67,8 @@ final class OidcBackChannelLogoutAuthenticationProvider implements Authenticatio
6367
* Construct an {@link OidcBackChannelLogoutAuthenticationProvider}
6468
*/
6569
OidcBackChannelLogoutAuthenticationProvider() {
66-
DefaultOidcLogoutTokenValidatorFactory jwtValidator = new DefaultOidcLogoutTokenValidatorFactory();
70+
Function<ClientRegistration, OAuth2TokenValidator<Jwt>> jwtValidator = (clientRegistration) -> JwtValidators
71+
.createDefaultWithValidators(new OidcBackChannelLogoutTokenValidator(clientRegistration));
6772
this.logoutTokenDecoderFactory = (clientRegistration) -> {
6873
String jwkSetUri = clientRegistration.getProviderDetails().getJwkSetUri();
6974
if (!StringUtils.hasText(jwkSetUri)) {

config/src/main/java/org/springframework/security/config/web/server/DefaultOidcLogoutTokenValidatorFactory.java

Lines changed: 0 additions & 33 deletions
This file was deleted.

config/src/main/java/org/springframework/security/config/web/server/OidcBackChannelLogoutReactiveAuthenticationManager.java

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,8 @@
1616

1717
package org.springframework.security.config.web.server;
1818

19+
import java.util.function.Function;
20+
1921
import com.nimbusds.jose.JOSEObjectType;
2022
import com.nimbusds.jose.proc.DefaultJOSEObjectTypeVerifier;
2123
import com.nimbusds.jose.proc.JOSEObjectTypeVerifier;
@@ -33,11 +35,13 @@
3335
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
3436
import org.springframework.security.oauth2.core.OAuth2Error;
3537
import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
38+
import org.springframework.security.oauth2.core.OAuth2TokenValidator;
3639
import org.springframework.security.oauth2.core.converter.ClaimTypeConverter;
3740
import org.springframework.security.oauth2.jwt.BadJwtException;
3841
import org.springframework.security.oauth2.jwt.Jwt;
3942
import org.springframework.security.oauth2.jwt.JwtDecoder;
4043
import org.springframework.security.oauth2.jwt.JwtDecoderFactory;
44+
import org.springframework.security.oauth2.jwt.JwtValidators;
4145
import org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder;
4246
import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder;
4347
import org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory;
@@ -68,7 +72,8 @@ final class OidcBackChannelLogoutReactiveAuthenticationManager implements Reacti
6872
* Construct an {@link OidcBackChannelLogoutReactiveAuthenticationManager}
6973
*/
7074
OidcBackChannelLogoutReactiveAuthenticationManager() {
71-
DefaultOidcLogoutTokenValidatorFactory jwtValidator = new DefaultOidcLogoutTokenValidatorFactory();
75+
Function<ClientRegistration, OAuth2TokenValidator<Jwt>> jwtValidator = (clientRegistration) -> JwtValidators
76+
.createDefaultWithValidators(new OidcBackChannelLogoutTokenValidator(clientRegistration));
7277
this.logoutTokenDecoderFactory = (clientRegistration) -> {
7378
String jwkSetUri = clientRegistration.getProviderDetails().getJwkSetUri();
7479
if (!StringUtils.hasText(jwkSetUri)) {

0 commit comments

Comments
 (0)