Skip to content

Cannot configure cache lifespan of RemoteJWKSet  #8261

New issue
New issue
Closed
Closed
Cannot configure cache lifespan of RemoteJWKSet #8261
Assignees
jzheaux
Labels
in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)status: duplicateA duplicate of another issue
@alan-kan-dragon

Description

@alan-kan-dragon
alan-kan-dragon
opened on Apr 1, 2020

Summary

Module: spring-security-oauth2-jose
There is no way to configure the RemoteJWKSet cache lifespan even it actually allows a DefaultJWKSetCache to be passed in because JwkSetUriJwtDecoderBuilder class is final.

Actual Behavior

Currently, the way to build a JwtDecoder from a JWK set URI is:

NimbusJwtDecoder.withJwkSetUri(uri)
                .jwsAlgorithms(algo)
                .restOperations(restTemplate)
                .build()

So, it means it is only flexible to the algorithm and the HTTP client and that's all.

Expected Behavior

I would like to know if it can be open by any chance so that I can inherit it and override the processor() method for customization

Version

5.2.2.RELEASE

Metadata

Metadata

Assignees

Labels

in: oauth2An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)status: duplicateA duplicate of another issue

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions