mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-05 00:56:58 +08:00
Merge branch '3.0.x'
Closes gh-35789
This commit is contained in:
commit
b9f7df6cc2
|
@ -24,7 +24,6 @@ import java.util.Base64;
|
|||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
import org.springframework.beans.factory.ObjectProvider;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
|
@ -85,8 +84,8 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
|
|||
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
|
||||
NimbusReactiveJwtDecoder nimbusReactiveJwtDecoder = builder.build();
|
||||
String issuerUri = this.properties.getIssuerUri();
|
||||
Supplier<OAuth2TokenValidator<Jwt>> defaultValidator = (issuerUri != null)
|
||||
? () -> JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators::createDefault;
|
||||
OAuth2TokenValidator<Jwt> defaultValidator = (issuerUri != null)
|
||||
? JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators.createDefault();
|
||||
nimbusReactiveJwtDecoder.setJwtValidator(getValidators(defaultValidator));
|
||||
return nimbusReactiveJwtDecoder;
|
||||
}
|
||||
|
@ -97,14 +96,13 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
|
|||
}
|
||||
}
|
||||
|
||||
private OAuth2TokenValidator<Jwt> getValidators(Supplier<OAuth2TokenValidator<Jwt>> defaultValidator) {
|
||||
OAuth2TokenValidator<Jwt> defaultValidators = defaultValidator.get();
|
||||
private OAuth2TokenValidator<Jwt> getValidators(OAuth2TokenValidator<Jwt> defaultValidator) {
|
||||
List<String> audiences = this.properties.getAudiences();
|
||||
if (CollectionUtils.isEmpty(audiences)) {
|
||||
return defaultValidators;
|
||||
return defaultValidator;
|
||||
}
|
||||
List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
|
||||
validators.add(defaultValidators);
|
||||
validators.add(defaultValidator);
|
||||
validators.add(new JwtClaimValidator<List<String>>(JwtClaimNames.AUD,
|
||||
(aud) -> aud != null && !Collections.disjoint(aud, audiences)));
|
||||
return new DelegatingOAuth2TokenValidator<>(validators);
|
||||
|
@ -118,7 +116,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
|
|||
NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withPublicKey(publicKey)
|
||||
.signatureAlgorithm(SignatureAlgorithm.from(exactlyOneAlgorithm()))
|
||||
.build();
|
||||
jwtDecoder.setJwtValidator(getValidators(JwtValidators::createDefault));
|
||||
jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefault()));
|
||||
return jwtDecoder;
|
||||
}
|
||||
|
||||
|
@ -148,7 +146,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration {
|
|||
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
|
||||
NimbusReactiveJwtDecoder jwtDecoder = builder.build();
|
||||
jwtDecoder.setJwtValidator(
|
||||
getValidators(() -> JwtValidators.createDefaultWithIssuer(this.properties.getIssuerUri())));
|
||||
getValidators(JwtValidators.createDefaultWithIssuer(this.properties.getIssuerUri())));
|
||||
return jwtDecoder;
|
||||
});
|
||||
}
|
||||
|
|
|
@ -24,7 +24,6 @@ import java.util.Base64;
|
|||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
import org.springframework.beans.factory.ObjectProvider;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
|
||||
|
@ -85,8 +84,8 @@ class OAuth2ResourceServerJwtConfiguration {
|
|||
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
|
||||
NimbusJwtDecoder nimbusJwtDecoder = builder.build();
|
||||
String issuerUri = this.properties.getIssuerUri();
|
||||
Supplier<OAuth2TokenValidator<Jwt>> defaultValidator = (issuerUri != null)
|
||||
? () -> JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators::createDefault;
|
||||
OAuth2TokenValidator<Jwt> defaultValidator = (issuerUri != null)
|
||||
? JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators.createDefault();
|
||||
nimbusJwtDecoder.setJwtValidator(getValidators(defaultValidator));
|
||||
return nimbusJwtDecoder;
|
||||
}
|
||||
|
@ -97,14 +96,13 @@ class OAuth2ResourceServerJwtConfiguration {
|
|||
}
|
||||
}
|
||||
|
||||
private OAuth2TokenValidator<Jwt> getValidators(Supplier<OAuth2TokenValidator<Jwt>> defaultValidator) {
|
||||
OAuth2TokenValidator<Jwt> defaultValidators = defaultValidator.get();
|
||||
private OAuth2TokenValidator<Jwt> getValidators(OAuth2TokenValidator<Jwt> defaultValidator) {
|
||||
List<String> audiences = this.properties.getAudiences();
|
||||
if (CollectionUtils.isEmpty(audiences)) {
|
||||
return defaultValidators;
|
||||
return defaultValidator;
|
||||
}
|
||||
List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
|
||||
validators.add(defaultValidators);
|
||||
validators.add(defaultValidator);
|
||||
validators.add(new JwtClaimValidator<List<String>>(JwtClaimNames.AUD,
|
||||
(aud) -> aud != null && !Collections.disjoint(aud, audiences)));
|
||||
return new DelegatingOAuth2TokenValidator<>(validators);
|
||||
|
@ -118,7 +116,7 @@ class OAuth2ResourceServerJwtConfiguration {
|
|||
NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withPublicKey(publicKey)
|
||||
.signatureAlgorithm(SignatureAlgorithm.from(exactlyOneAlgorithm()))
|
||||
.build();
|
||||
jwtDecoder.setJwtValidator(getValidators(JwtValidators::createDefault));
|
||||
jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefault()));
|
||||
return jwtDecoder;
|
||||
}
|
||||
|
||||
|
@ -146,7 +144,7 @@ class OAuth2ResourceServerJwtConfiguration {
|
|||
JwkSetUriJwtDecoderBuilder builder = NimbusJwtDecoder.withIssuerLocation(issuerUri);
|
||||
customizers.orderedStream().forEach((customizer) -> customizer.customize(builder));
|
||||
NimbusJwtDecoder jwtDecoder = builder.build();
|
||||
jwtDecoder.setJwtValidator(getValidators(() -> JwtValidators.createDefaultWithIssuer(issuerUri)));
|
||||
jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefaultWithIssuer(issuerUri)));
|
||||
return jwtDecoder;
|
||||
});
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user