Remove SingleKeyJWSKeySelector

Closes gh-9348

oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoder.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -42,6 +42,7 @@ import com.nimbusds.jose.jwk.source.RemoteJWKSet;
 import com.nimbusds.jose.proc.JWSKeySelector;
 import com.nimbusds.jose.proc.JWSVerificationKeySelector;
 import com.nimbusds.jose.proc.SecurityContext;
+import com.nimbusds.jose.proc.SingleKeyJWSKeySelector;
 import com.nimbusds.jose.util.Resource;
 import com.nimbusds.jose.util.ResourceRetriever;
 import com.nimbusds.jwt.JWT;

oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/NimbusReactiveJwtDecoder.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -42,6 +42,7 @@ import com.nimbusds.jose.proc.JWKSecurityContext;
 import com.nimbusds.jose.proc.JWSKeySelector;
 import com.nimbusds.jose.proc.JWSVerificationKeySelector;
 import com.nimbusds.jose.proc.SecurityContext;
+import com.nimbusds.jose.proc.SingleKeyJWSKeySelector;
 import com.nimbusds.jwt.JWT;
 import com.nimbusds.jwt.JWTClaimsSet;
 import com.nimbusds.jwt.JWTParser;

oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/SingleKeyJWSKeySelector.java

@@ -1,57 +0,0 @@
-/*
- * Copyright 2002-2020 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.oauth2.jwt;
-
-import java.security.Key;
-import java.util.Arrays;
-import java.util.List;
-
-import com.nimbusds.jose.JWSAlgorithm;
-import com.nimbusds.jose.JWSHeader;
-import com.nimbusds.jose.proc.JWSKeySelector;
-import com.nimbusds.jose.proc.SecurityContext;
-
-import org.springframework.util.Assert;
-
-/**
- * An internal implementation of {@link JWSKeySelector} that always returns the same key
- *
- * @author Josh Cummings
- * @since 5.2
- */
-final class SingleKeyJWSKeySelector<C extends SecurityContext> implements JWSKeySelector<C> {
-
-	private final List<Key> keySet;
-
-	private final JWSAlgorithm expectedJwsAlgorithm;
-
-	SingleKeyJWSKeySelector(JWSAlgorithm expectedJwsAlgorithm, Key key) {
-		Assert.notNull(expectedJwsAlgorithm, "expectedJwsAlgorithm cannot be null");
-		Assert.notNull(key, "key cannot be null");
-		this.keySet = Arrays.asList(key);
-		this.expectedJwsAlgorithm = expectedJwsAlgorithm;
-	}
-
-	@Override
-	public List<? extends Key> selectJWSKeys(JWSHeader header, C context) {
-		if (!this.expectedJwsAlgorithm.equals(header.getAlgorithm())) {
-			throw new BadJwtException("Unsupported algorithm of " + header.getAlgorithm());
-		}
-		return this.keySet;
-	}
-
-}

oauth2/oauth2-jose/src/test/java/org/springframework/security/oauth2/jwt/NimbusJwtDecoderTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2021 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -503,8 +503,7 @@ public class NimbusJwtDecoderTests {
 				.macAlgorithm(MacAlgorithm.HS512)
 				.build();
 		assertThatExceptionOfType(BadJwtException.class)
-				.isThrownBy(() -> decoder.decode(signedJWT.serialize()))
-				.withMessageContaining("Unsupported algorithm of HS256");
+				.isThrownBy(() -> decoder.decode(signedJWT.serialize()));
 		// @formatter:on
 	}