Skip to content

Commit 5830fda

Browse files
jgrandjajgrandja
committed
Introduce JwtEncoder
Closes gh-9208
1 parent 339a053 commit 5830fda

File tree

18 files changed

+1069
-457
lines changed

18 files changed

+1069
-457
lines changed

etc/checkstyle/checkstyle-suppressions.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,4 +52,5 @@
5252
<suppress files="WebSecurityConfigurationTests\.java" checks="SpringMethodVisibility"/>
5353
<suppress files="WithSecurityContextTestExecutionListenerTests\.java" checks="SpringMethodVisibility"/>
5454
<suppress files="AbstractOAuth2AuthorizationGrantRequestEntityConverter\.java" checks="SpringMethodVisibility"/>
55+
<suppress files="JoseHeader\.java" checks="SpringMethodVisibility"/>
5556
</suppressions>

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/NimbusJwtClientAuthenticationParametersConverter.java

Lines changed: 13 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,12 @@
4040
import org.springframework.security.oauth2.jose.jws.JwsAlgorithm;
4141
import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
4242
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
43+
import org.springframework.security.oauth2.jwt.JwsHeader;
4344
import org.springframework.security.oauth2.jwt.Jwt;
45+
import org.springframework.security.oauth2.jwt.JwtClaimsSet;
46+
import org.springframework.security.oauth2.jwt.JwtEncoder;
47+
import org.springframework.security.oauth2.jwt.JwtEncoderParameters;
48+
import org.springframework.security.oauth2.jwt.NimbusJwtEncoder;
4449
import org.springframework.util.Assert;
4550
import org.springframework.util.LinkedMultiValueMap;
4651
import org.springframework.util.MultiValueMap;
@@ -122,7 +127,7 @@ public MultiValueMap<String, String> convert(T authorizationGrantRequest) {
122127
throw new OAuth2AuthorizationException(oauth2Error);
123128
}
124129

125-
JoseHeader.Builder headersBuilder = JoseHeader.withAlgorithm(jwsAlgorithm);
130+
JwsHeader.Builder headersBuilder = JwsHeader.with(jwsAlgorithm);
126131

127132
Instant issuedAt = Instant.now();
128133
Instant expiresAt = issuedAt.plus(Duration.ofSeconds(60));
@@ -137,7 +142,7 @@ public MultiValueMap<String, String> convert(T authorizationGrantRequest) {
137142
.expiresAt(expiresAt);
138143
// @formatter:on
139144

140-
JoseHeader joseHeader = headersBuilder.build();
145+
JwsHeader jwsHeader = headersBuilder.build();
141146
JwtClaimsSet jwtClaimsSet = claimsBuilder.build();
142147

143148
JwsEncoderHolder jwsEncoderHolder = this.jwsEncoders.compute(clientRegistration.getRegistrationId(),
@@ -146,11 +151,11 @@ public MultiValueMap<String, String> convert(T authorizationGrantRequest) {
146151
return currentJwsEncoderHolder;
147152
}
148153
JWKSource<SecurityContext> jwkSource = new ImmutableJWKSet<>(new JWKSet(jwk));
149-
return new JwsEncoderHolder(new NimbusJwsEncoder(jwkSource), jwk);
154+
return new JwsEncoderHolder(new NimbusJwtEncoder(jwkSource), jwk);
150155
});
151156

152-
NimbusJwsEncoder jwsEncoder = jwsEncoderHolder.getJwsEncoder();
153-
Jwt jws = jwsEncoder.encode(joseHeader, jwtClaimsSet);
157+
JwtEncoder jwsEncoder = jwsEncoderHolder.getJwsEncoder();
158+
Jwt jws = jwsEncoder.encode(JwtEncoderParameters.from(jwsHeader, jwtClaimsSet));
154159

155160
MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
156161
parameters.set(OAuth2ParameterNames.CLIENT_ASSERTION_TYPE, CLIENT_ASSERTION_TYPE_VALUE);
@@ -186,16 +191,16 @@ else if (KeyType.OCT.equals(jwk.getKeyType())) {
186191

187192
private static final class JwsEncoderHolder {
188193

189-
private final NimbusJwsEncoder jwsEncoder;
194+
private final JwtEncoder jwsEncoder;
190195

191196
private final JWK jwk;
192197

193-
private JwsEncoderHolder(NimbusJwsEncoder jwsEncoder, JWK jwk) {
198+
private JwsEncoderHolder(JwtEncoder jwsEncoder, JWK jwk) {
194199
this.jwsEncoder = jwsEncoder;
195200
this.jwk = jwk;
196201
}
197202

198-
private NimbusJwsEncoder getJwsEncoder() {
203+
private JwtEncoder getJwsEncoder() {
199204
return this.jwsEncoder;
200205
}
201206

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/JoseHeaderTests.java

Lines changed: 0 additions & 123 deletions
This file was deleted.

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/endpoint/NimbusJwtClientAuthenticationParametersConverterTests.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@
3838
import org.springframework.security.oauth2.jose.TestJwks;
3939
import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
4040
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
41+
import org.springframework.security.oauth2.jwt.JoseHeaderNames;
4142
import org.springframework.security.oauth2.jwt.Jwt;
4243
import org.springframework.security.oauth2.jwt.JwtClaimNames;
4344
import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;

0 commit comments

Comments
 (0)