diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java index edaf54d1ea..0a8a4529e5 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java @@ -24,7 +24,6 @@ import java.util.Base64; import java.util.Collections; import java.util.List; import java.util.Set; -import java.util.function.Supplier; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; @@ -83,8 +82,8 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { .jwsAlgorithms(this::jwsAlgorithms) .build(); String issuerUri = this.properties.getIssuerUri(); - Supplier> defaultValidator = (issuerUri != null) - ? () -> JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators::createDefault; + OAuth2TokenValidator defaultValidator = (issuerUri != null) + ? JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators.createDefault(); nimbusReactiveJwtDecoder.setJwtValidator(getValidators(defaultValidator)); return nimbusReactiveJwtDecoder; } @@ -95,14 +94,13 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { } } - private OAuth2TokenValidator getValidators(Supplier> defaultValidator) { - OAuth2TokenValidator defaultValidators = defaultValidator.get(); + private OAuth2TokenValidator getValidators(OAuth2TokenValidator defaultValidator) { List audiences = this.properties.getAudiences(); if (CollectionUtils.isEmpty(audiences)) { - return defaultValidators; + return defaultValidator; } List> validators = new ArrayList<>(); - validators.add(defaultValidators); + validators.add(defaultValidator); validators.add(new JwtClaimValidator>(JwtClaimNames.AUD, (aud) -> aud != null && !Collections.disjoint(aud, audiences))); return new DelegatingOAuth2TokenValidator<>(validators); @@ -116,7 +114,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withPublicKey(publicKey) .signatureAlgorithm(SignatureAlgorithm.from(exactlyOneAlgorithm())) .build(); - jwtDecoder.setJwtValidator(getValidators(JwtValidators::createDefault)); + jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefault())); return jwtDecoder; } @@ -143,7 +141,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { NimbusReactiveJwtDecoder jwtDecoder = (NimbusReactiveJwtDecoder) ReactiveJwtDecoders .fromIssuerLocation(this.properties.getIssuerUri()); jwtDecoder.setJwtValidator( - getValidators(() -> JwtValidators.createDefaultWithIssuer(this.properties.getIssuerUri()))); + getValidators(JwtValidators.createDefaultWithIssuer(this.properties.getIssuerUri()))); return jwtDecoder; }); } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java index b03ac8212a..821967d578 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java @@ -24,7 +24,6 @@ import java.util.Base64; import java.util.Collections; import java.util.List; import java.util.Set; -import java.util.function.Supplier; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; @@ -82,8 +81,8 @@ class OAuth2ResourceServerJwtConfiguration { .jwsAlgorithms(this::jwsAlgorithms) .build(); String issuerUri = this.properties.getIssuerUri(); - Supplier> defaultValidator = (issuerUri != null) - ? () -> JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators::createDefault; + OAuth2TokenValidator defaultValidator = (issuerUri != null) + ? JwtValidators.createDefaultWithIssuer(issuerUri) : JwtValidators.createDefault(); nimbusJwtDecoder.setJwtValidator(getValidators(defaultValidator)); return nimbusJwtDecoder; } @@ -94,14 +93,13 @@ class OAuth2ResourceServerJwtConfiguration { } } - private OAuth2TokenValidator getValidators(Supplier> defaultValidator) { - OAuth2TokenValidator defaultValidators = defaultValidator.get(); + private OAuth2TokenValidator getValidators(OAuth2TokenValidator defaultValidator) { List audiences = this.properties.getAudiences(); if (CollectionUtils.isEmpty(audiences)) { - return defaultValidators; + return defaultValidator; } List> validators = new ArrayList<>(); - validators.add(defaultValidators); + validators.add(defaultValidator); validators.add(new JwtClaimValidator>(JwtClaimNames.AUD, (aud) -> aud != null && !Collections.disjoint(aud, audiences))); return new DelegatingOAuth2TokenValidator<>(validators); @@ -115,7 +113,7 @@ class OAuth2ResourceServerJwtConfiguration { NimbusJwtDecoder jwtDecoder = NimbusJwtDecoder.withPublicKey(publicKey) .signatureAlgorithm(SignatureAlgorithm.from(exactlyOneAlgorithm())) .build(); - jwtDecoder.setJwtValidator(getValidators(JwtValidators::createDefault)); + jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefault())); return jwtDecoder; } @@ -141,7 +139,7 @@ class OAuth2ResourceServerJwtConfiguration { return new SupplierJwtDecoder(() -> { String issuerUri = this.properties.getIssuerUri(); NimbusJwtDecoder jwtDecoder = JwtDecoders.fromIssuerLocation(issuerUri); - jwtDecoder.setJwtValidator(getValidators(() -> JwtValidators.createDefaultWithIssuer(issuerUri))); + jwtDecoder.setJwtValidator(getValidators(JwtValidators.createDefaultWithIssuer(issuerUri))); return jwtDecoder; }); }