Startseite Erkunden Hilfe
Registrieren Anmelden
github
/
spring-security
Mirror von https://github.com/spring-projects/spring-security
2
0
Fork 0
Dateien Issues 0 Wiki
Struktur: 37a814bc29
Branches Tags
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
migration
/
servlet
/
oauth2.adoc

oauth2.adoc 2.0 KB
Verlauf Originalformat

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. = OAuth 2.0 Migrations
    2. 

  2. 

  3. == Validate `typ` Header with `JwtTypeValidator`
    4. 

  4. 

  5. If when following the 6.5 preparatory steps you set `validateTypes` to `false`, you can now remove it.
    6. 

  6. You can also remove explicitly adding `JwtTypeValidator` to the list of defaults.
    7. 

  7. 

  8. For example, change this:
    9. 

  9. 

  10. [tabs]
    11. 

  11. ======
    12. 

  12. Java::
    13. 

  13. +
    14. 

  14. [source,java,role="primary"]
    15. 

  15. ----
    16. 

  16. @Bean
    17. 

  17. JwtDecoder jwtDecoder() {
    18. 

  18. 	NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(location)
    19. 

  19.         .validateTypes(false) <1>
    20. 

  20.         // ... your remaining configuration
    21. 

  21.         .build();
    22. 

  22. 	jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithValidators(
    23. 

  23. 		new JwtIssuerValidator(location), JwtTypeValidator.jwt())); <2>
    24. 

  24. 	return jwtDecoder;
    25. 

  25. }
    26. 

  26. ----
    27. 

  27. 

  28. Kotlin::
    29. 

  29. +
    30. 

  30. [source,kotlin,role="secondary"]
    31. 

  31. ----
    32. 

  32. @Bean
    33. 

  33. fun jwtDecoder(): JwtDecoder {
    34. 

  34.     val jwtDecoder = NimbusJwtDecoder.withIssuerLocation(location)
    35. 

  35.         .validateTypes(false) <1>
    36. 

  36.         // ... your remaining configuration
    37. 

  37.         .build()
    38. 

  38.     jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithValidators(
    39. 

  39.         JwtIssuerValidator(location), JwtTypeValidator.jwt())) <2>
    40. 

  40.     return jwtDecoder
    41. 

  41. }
    42. 

  42. ----
    43. 

  43. ======
    44. 

  44. <1> - Switch off Nimbus verifying the `typ`
    45. 

  45. <2> - Add the default `typ` validator
    46. 

  46. 

  47. to this:
    48. 

  48. 

  49. [tabs]
    50. 

  50. ======
    51. 

  51. Java::
    52. 

  52. +
    53. 

  53. [source,java,role="primary"]
    54. 

  54. ----
    55. 

  55. @Bean
    56. 

  56. JwtDecoder jwtDecoder() {
    57. 

  57. 	NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withIssuerLocation(location)
    58. 

  58.         // ... your remaining configuration <1>
    59. 

  59.         .build();
    60. 

  60. 	jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(location)); <2>
    61. 

  61. 	return jwtDecoder;
    62. 

  62. }
    63. 

  63. ----
    64. 

  64. 

  65. Kotlin::
    66. 

  66. +
    67. 

  67. [source,kotlin,role="secondary"]
    68. 

  68. ----
    69. 

  69. @Bean
    70. 

  70. fun jwtDecoder(): JwtDecoder {
    71. 

  71.     val jwtDecoder = NimbusJwtDecoder.withIssuerLocation(location)
    72. 

  72.         // ... your remaining configuration
    73. 

  73.         .build()
    74. 

  74.     jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(location)) <2>
    75. 

  75.     return jwtDecoder
    76. 

  76. }
    77. 

  77. ----
    78. 

  78. ======
    79. 

  79. <1> - `validateTypes` now defaults to `false`
    80. 

  80. <2> - `JwtTypeValidator#jwt` is added by all `createDefaultXXX` methods
    81.