Skip to content

Commit f808740

Browse files
jgrandjajgrandja
committed
Update reference manual to use NimbusJwtDecoder
Fixes gh-6188
1 parent b8f038e commit f808740

File tree

1 file changed

+9
-10
lines changed

1 file changed

+9
-10
lines changed

docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc

Lines changed: 9 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -606,7 +606,7 @@ Or, exposing a `JwtDecoder` `@Bean` has the same effect as `decoder()`:
606606
```java
607607
@Bean
608608
public JwtDecoder jwtDecoder() {
609-
return new NimbusJwtDecoderJwkSupport(jwkSetUri);
609+
return new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).build());
610610
}
611611
```
612612

@@ -719,7 +719,7 @@ Resource Server uses `JwtTimestampValidator` to verify a token's validity window
719719
```java
720720
@Bean
721721
JwtDecoder jwtDecoder() {
722-
NimbusJwtDecoderJwkSupport jwtDecoder = (NimbusJwtDecoderJwkSupport)
722+
NimbusJwtDecoder jwtDecoder = (NimbusJwtDecoder)
723723
JwtDecoders.withOidcIssuerLocation(issuerUri);
724724

725725
OAuth2TokenValidator<Jwt> withClockSkew = new DelegatingOAuth2TokenValidator<>(
@@ -759,7 +759,7 @@ Then, to add into a resource server, it's a matter of specifying the `JwtDecoder
759759
```java
760760
@Bean
761761
JwtDecoder jwtDecoder() {
762-
NimbusJwtDecoderJwkSupport jwtDecoder = (NimbusJwtDecoderJwkSupport)
762+
NimbusJwtDecoder jwtDecoder = (NimbusJwtDecoder)
763763
JwtDecoders.withOidcIssuerLocation(issuerUri);
764764

765765
OAuth2TokenValidator<Jwt> audienceValidator = new AudienceValidator();
@@ -807,11 +807,11 @@ An individual claim's conversion strategy can be configured using `MappedJwtClai
807807
```java
808808
@Bean
809809
JwtDecoder jwtDecoder() {
810-
NimbusJwtDecoderJwkSupport jwtDecoder = new NimbusJwtDecoderJwkSupport(jwkSetUri);
810+
NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).build());
811811

812812
MappedJwtClaimSetConverter converter = MappedJwtClaimSetConverter
813813
.withDefaults(Collections.singletonMap("sub", this::lookupUserIdBySub));
814-
jwtDecoder.setJwtClaimSetConverter(converter);
814+
jwtDecoder.setClaimSetConverter(converter);
815815

816816
return jwtDecoder;
817817
}
@@ -862,8 +862,8 @@ And then, the instance can be supplied like normal:
862862
```java
863863
@Bean
864864
JwtDecoder jwtDecoder() {
865-
NimbusJwtDecoderJwkSupport jwtDecoder = new NimbusJwtDecoderJwkSupport(jwkSetUri);
866-
jwtDecoder.setJwtClaimSetConverter(new UsernameSubClaimAdapter());
865+
NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).build());
866+
jwtDecoder.setClaimSetConverter(new UsernameSubClaimAdapter());
867867
return jwtDecoder;
868868
}
869869
```
@@ -876,7 +876,7 @@ By default, Resource Server uses connection and socket timeouts of 30 seconds ea
876876
This may be too short in some scenarios.
877877
Further, it doesn't take into account more sophisticated patterns like back-off and discovery.
878878

879-
To adjust the way in which Resource Server connects to the authorization server, `NimbusJwtDecoderJwkSupport` accepts an instance of `RestOperations`:
879+
To adjust the way in which Resource Server connects to the authorization server, `NimbusJwtDecoder` accepts an instance of `RestOperations`:
880880

881881
```java
882882
@Bean
@@ -886,8 +886,7 @@ public JwtDecoder jwtDecoder(RestTemplateBuilder builder) {
886886
.setReadTimeout(60000)
887887
.build();
888888

889-
NimbusJwtDecoderJwkSupport jwtDecoder = new NimbusJwtDecoderJwkSupport(jwkSetUri);
890-
jwtDecoder.setRestOperations(rest);
889+
NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).restOperations(rest).build());
891890
return jwtDecoder;
892891
}
893892
```

0 commit comments

Comments
 (0)