Home Esplora Aiuto
Registrati Accedi
github
/
spring-security
mirror da https://github.com/spring-projects/spring-security
2
0
Forka 0
File Problemi 0 Wiki
Albero (Tree): d3b143dab6
Rami (Branch) Tag
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
migration
/
reactive.adoc

reactive.adoc 2.2 KB
Cronologia Originale

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. = Reactive
    2. 

  2. 

  3. If you have already performed the xref:migration/index.adoc[initial migration steps] for your Reactive application, you're now ready to perform steps specific to Reactive applications.
    4. 

  4. 

  5. == Validate `typ` Header with `JwtTypeValidator`
    6. 

  6. 

  7. If when following the 6.5 preparatory steps you set `validateTypes` to `false`, you can now remove it.
    8. 

  8. You can also remove explicitly adding `JwtTypeValidator` to the list of defaults.
    9. 

  9. 

  10. For example, change this:
    11. 

  11. 

  12. [tabs]
    13. 

  13. ======
    14. 

  14. Java::
    15. 

  15. +
    16. 

  16. [source,java,role="primary"]
    17. 

  17. ----
    18. 

  18. @Bean
    19. 

  19. JwtDecoder jwtDecoder() {
    20. 

  20. 	NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(location)
    21. 

  21.         .validateTypes(false) <1>
    22. 

  22.         // ... your remaining configuration
    23. 

  23.         .build();
    24. 

  24. 	jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithValidators(
    25. 

  25. 		new JwtIssuerValidator(location), JwtTypeValidator.jwt())); <2>
    26. 

  26. 	return jwtDecoder;
    27. 

  27. }
    28. 

  28. ----
    29. 

  29. 

  30. Kotlin::
    31. 

  31. +
    32. 

  32. [source,kotlin,role="secondary"]
    33. 

  33. ----
    34. 

  34. @Bean
    35. 

  35. fun jwtDecoder(): JwtDecoder {
    36. 

  36.     val jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(location)
    37. 

  37.         .validateTypes(false) <1>
    38. 

  38.         // ... your remaining configuration
    39. 

  39.         .build()
    40. 

  40.     jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithValidators(
    41. 

  41.         JwtIssuerValidator(location), JwtTypeValidator.jwt())) <2>
    42. 

  42.     return jwtDecoder
    43. 

  43. }
    44. 

  44. ----
    45. 

  45. ======
    46. 

  46. <1> - Switch off Nimbus verifying the `typ`
    47. 

  47. <2> - Add the default `typ` validator
    48. 

  48. 

  49. to this:
    50. 

  50. 

  51. [tabs]
    52. 

  52. ======
    53. 

  53. Java::
    54. 

  54. +
    55. 

  55. [source,java,role="primary"]
    56. 

  56. ----
    57. 

  57. @Bean
    58. 

  58. NimbusReactiveJwtDecoder jwtDecoder() {
    59. 

  59. 	NimbusJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(location)
    60. 

  60.         // ... your remaining configuration <1>
    61. 

  61.         .build();
    62. 

  62. 	jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(location)); <2>
    63. 

  63. 	return jwtDecoder;
    64. 

  64. }
    65. 

  65. ----
    66. 

  66. 

  67. Kotlin::
    68. 

  68. +
    69. 

  69. [source,kotlin,role="secondary"]
    70. 

  70. ----
    71. 

  71. @Bean
    72. 

  72. fun jwtDecoder(): NimbusReactiveJwtDecoder {
    73. 

  73.     val jwtDecoder = NimbusReactiveJwtDecoder.withIssuerLocation(location)
    74. 

  74.         // ... your remaining configuration
    75. 

  75.         .build()
    76. 

  76.     jwtDecoder.setJwtValidator(JwtValidators.createDefaultWithIssuer(location)) <2>
    77. 

  77.     return jwtDecoder
    78. 

  78. }
    79. 

  79. ----
    80. 

  80. ======
    81. 

  81. <1> - `validateTypes` now defaults to `false`
    82. 

  82. <2> - `JwtTypeValidator#jwt` is added by all `createDefaultXXX` methods
    83.