4 년 전 · f36e2fca59
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2020 the original author or authors.
			
 
				+ * Copyright 2002-2021 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -42,6 +42,7 @@ import com.nimbusds.jose.jwk.source.RemoteJWKSet;
 
				 import com.nimbusds.jose.proc.JWSKeySelector;
			
 
				 import com.nimbusds.jose.proc.JWSVerificationKeySelector;
			
 
				 import com.nimbusds.jose.proc.SecurityContext;
			
 
				+import com.nimbusds.jose.proc.SingleKeyJWSKeySelector;
			
 
				 import com.nimbusds.jose.util.Resource;
			
 
				 import com.nimbusds.jose.util.ResourceRetriever;
			
 
				 import com.nimbusds.jwt.JWT;
			
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusReactiveJwtDecoder.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusReactiveJwtDecoder.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2020 the original author or authors.
			
 
				+ * Copyright 2002-2021 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -42,6 +42,7 @@ import com.nimbusds.jose.proc.JWKSecurityContext;
 
				 import com.nimbusds.jose.proc.JWSKeySelector;
			
 
				 import com.nimbusds.jose.proc.JWSVerificationKeySelector;
			
 
				 import com.nimbusds.jose.proc.SecurityContext;
			
 
				+import com.nimbusds.jose.proc.SingleKeyJWSKeySelector;
			
 
				 import com.nimbusds.jwt.JWT;
			
 
				 import com.nimbusds.jwt.JWTClaimsSet;
			
 
				 import com.nimbusds.jwt.JWTParser;
			
--- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/SingleKeyJWSKeySelector.java
+++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/SingleKeyJWSKeySelector.java
@@ -1,57 +0,0 @@
 
				-/*
			
 
				- * Copyright 2002-2020 the original author or authors.
			
 
				- *
			
 
				- * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				- * you may not use this file except in compliance with the License.
			
 
				- * You may obtain a copy of the License at
			
 
				- *
			
 
				- *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				- *
			
 
				- * Unless required by applicable law or agreed to in writing, software
			
 
				- * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				- * See the License for the specific language governing permissions and
			
 
				- * limitations under the License.
			
 
				- */
			
 
				-
			
 
				-package org.springframework.security.oauth2.jwt;
			
 
				-
			
 
				-import java.security.Key;
			
 
				-import java.util.Arrays;
			
 
				-import java.util.List;
			
 
				-
			
 
				-import com.nimbusds.jose.JWSAlgorithm;
			
 
				-import com.nimbusds.jose.JWSHeader;
			
 
				-import com.nimbusds.jose.proc.JWSKeySelector;
			
 
				-import com.nimbusds.jose.proc.SecurityContext;
			
 
				-
			
 
				-import org.springframework.util.Assert;
			
 
				-
			
 
				-/**
			
 
				- * An internal implementation of {@link JWSKeySelector} that always returns the same key
			
 
				- *
			
 
				- * @author Josh Cummings
			
 
				- * @since 5.2
			
 
				- */
			
 
				-final class SingleKeyJWSKeySelector<C extends SecurityContext> implements JWSKeySelector<C> {
			
 
				-
			
 
				-	private final List<Key> keySet;
			
 
				-
			
 
				-	private final JWSAlgorithm expectedJwsAlgorithm;
			
 
				-
			
 
				-	SingleKeyJWSKeySelector(JWSAlgorithm expectedJwsAlgorithm, Key key) {
			
 
				-		Assert.notNull(expectedJwsAlgorithm, "expectedJwsAlgorithm cannot be null");
			
 
				-		Assert.notNull(key, "key cannot be null");
			
 
				-		this.keySet = Arrays.asList(key);
			
 
				-		this.expectedJwsAlgorithm = expectedJwsAlgorithm;
			
 
				-	}
			
 
				-
			
 
				-	@Override
			
 
				-	public List<? extends Key> selectJWSKeys(JWSHeader header, C context) {
			
 
				-		if (!this.expectedJwsAlgorithm.equals(header.getAlgorithm())) {
			
 
				-			throw new BadJwtException("Unsupported algorithm of " + header.getAlgorithm());
			
 
				-		}
			
 
				-		return this.keySet;
			
 
				-	}
			
 
				-
			
 
				-}
			
--- a/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java
+++ b/oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2020 the original author or authors.
			
 
				+ * Copyright 2002-2021 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -503,8 +503,7 @@ public class NimbusJwtDecoderTests {
 
				 				.macAlgorithm(MacAlgorithm.HS512)
			
 
				 				.build();
			
 
				 		assertThatExceptionOfType(BadJwtException.class)
			
 
				-				.isThrownBy(() -> decoder.decode(signedJWT.serialize()))
			
 
				-				.withMessageContaining("Unsupported algorithm of HS256");
			
 
				+				.isThrownBy(() -> decoder.decode(signedJWT.serialize()));
			
 
				 		// @formatter:on
			
 
				 	}