From 7d2947da0b8267b6a749c505ed83a11495c3f0d2 Mon Sep 17 00:00:00 2001 From: Anjee Date: Fri, 1 Oct 2021 13:22:37 -0700 Subject: [PATCH 1/4] JwtSupplierDecoder Uri Issuer return Supplier --- .../OAuth2ResourceServerJwtConfiguration.java | 8 +++++--- .../OAuth2ResourceServerAutoConfigurationTests.java | 13 +++++++------ .../spring-boot-dependencies/build.gradle | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java index 8706d09d733b..393aa6f152d5 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java @@ -20,6 +20,7 @@ import java.security.interfaces.RSAPublicKey; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; +import java.util.function.Supplier; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; @@ -39,6 +40,7 @@ import org.springframework.security.oauth2.jwt.JwtDecoders; import org.springframework.security.oauth2.jwt.JwtValidators; import org.springframework.security.oauth2.jwt.NimbusJwtDecoder; +import org.springframework.security.oauth2.jwt.SupplierJwtDecoder; import org.springframework.security.web.SecurityFilterChain; /** @@ -54,7 +56,7 @@ class OAuth2ResourceServerJwtConfiguration { @Configuration(proxyBeanMethods = false) - @ConditionalOnMissingBean(JwtDecoder.class) + @ConditionalOnMissingBean(SupplierJwtDecoder.class) static class JwtDecoderConfiguration { private final OAuth2ResourceServerProperties.Jwt properties; @@ -91,8 +93,8 @@ private byte[] getKeySpec(String keyValue) { @Bean @Conditional(IssuerUriCondition.class) - JwtDecoder jwtDecoderByIssuerUri() { - return JwtDecoders.fromIssuerLocation(this.properties.getIssuerUri()); + SupplierJwtDecoder jwtDecoderByIssuerUri() { + return new SupplierJwtDecoder(() -> JwtDecoders.fromIssuerLocation(this.properties.getIssuerUri())); } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java index 288832babfbf..52f343dfdac7 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java @@ -49,6 +49,7 @@ import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.jwt.JwtDecoder; import org.springframework.security.oauth2.jwt.JwtIssuerValidator; +import org.springframework.security.oauth2.jwt.SupplierJwtDecoder; import org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider; import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector; @@ -136,11 +137,11 @@ void autoConfigurationShouldConfigureResourceServerUsingOidcIssuerUri() throws E setupMockResponse(cleanIssuerPath); this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { - assertThat(context).hasSingleBean(JwtDecoder.class); + assertThat(context).hasSingleBean(SupplierJwtDecoder.class); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(2); + assertThat(this.server.getRequestCount()).isEqualTo(0); } @Test @@ -153,11 +154,11 @@ void autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri() t setupMockResponsesWithErrors(cleanIssuerPath, 1); this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { - assertThat(context).hasSingleBean(JwtDecoder.class); + assertThat(context).hasSingleBean(SupplierJwtDecoder.class); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(3); + assertThat(this.server.getRequestCount()).isEqualTo(0); } @Test @@ -170,11 +171,11 @@ void autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri() throws setupMockResponsesWithErrors(cleanIssuerPath, 2); this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { - assertThat(context).hasSingleBean(JwtDecoder.class); + assertThat(context).hasSingleBean(SupplierJwtDecoder.class); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(4); + assertThat(this.server.getRequestCount()).isEqualTo(0); } @Test diff --git a/spring-boot-project/spring-boot-dependencies/build.gradle b/spring-boot-project/spring-boot-dependencies/build.gradle index 4c666f34d57b..cb4724831a2b 100644 --- a/spring-boot-project/spring-boot-dependencies/build.gradle +++ b/spring-boot-project/spring-boot-dependencies/build.gradle @@ -1693,7 +1693,7 @@ bom { ] } } - library("Spring Security", "5.6.0-M3") { + library("Spring Security", "5.6.0-SNAPSHOT") { group("org.springframework.security") { imports = [ "spring-security-bom" From c4be1e83f327f4fec29d2b1d9f1b7124878e70e2 Mon Sep 17 00:00:00 2001 From: Anjee Date: Fri, 1 Oct 2021 13:39:43 -0700 Subject: [PATCH 2/4] remove config --- .../resource/servlet/OAuth2ResourceServerJwtConfiguration.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java index 393aa6f152d5..340e568197d1 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java @@ -20,7 +20,6 @@ import java.security.interfaces.RSAPublicKey; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; -import java.util.function.Supplier; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; @@ -56,7 +55,7 @@ class OAuth2ResourceServerJwtConfiguration { @Configuration(proxyBeanMethods = false) - @ConditionalOnMissingBean(SupplierJwtDecoder.class) + @ConditionalOnMissingBean(JwtDecoderConfiguration.class) static class JwtDecoderConfiguration { private final OAuth2ResourceServerProperties.Jwt properties; From 0d6e69a0ca1bcbd489a9585e98c78777ff5f045b Mon Sep 17 00:00:00 2001 From: Anjee Date: Fri, 1 Oct 2021 15:02:35 -0700 Subject: [PATCH 3/4] Return JwtSupplierDecoder when jwt issuer uri bean is instantiated --- .../OAuth2ResourceServerJwtConfiguration.java | 2 +- ...2ResourceServerAutoConfigurationTests.java | 23 ++++++++++++++++--- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java index 340e568197d1..b9ca979124c6 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerJwtConfiguration.java @@ -55,7 +55,7 @@ class OAuth2ResourceServerJwtConfiguration { @Configuration(proxyBeanMethods = false) - @ConditionalOnMissingBean(JwtDecoderConfiguration.class) + @ConditionalOnMissingBean(JwtDecoder.class) static class JwtDecoderConfiguration { private final OAuth2ResourceServerProperties.Jwt properties; diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java index 52f343dfdac7..e0a2beb50322 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/servlet/OAuth2ResourceServerAutoConfigurationTests.java @@ -21,6 +21,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.function.Supplier; import javax.servlet.Filter; @@ -128,6 +129,7 @@ void autoConfigurationShouldConfigureResourceServerWithJwsAlgorithm() { } @Test + @SuppressWarnings("unchecked") void autoConfigurationShouldConfigureResourceServerUsingOidcIssuerUri() throws Exception { this.server = new MockWebServer(); this.server.start(); @@ -139,12 +141,17 @@ void autoConfigurationShouldConfigureResourceServerUsingOidcIssuerUri() throws E + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { assertThat(context).hasSingleBean(SupplierJwtDecoder.class); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); + SupplierJwtDecoder supplierJwtDecoderBean = context.getBean(SupplierJwtDecoder.class); + Supplier jwtDecoderSupplier = (Supplier) ReflectionTestUtils + .getField(supplierJwtDecoderBean, "jwtDecoderSupplier"); + JwtDecoder jwtDecoder = jwtDecoderSupplier.get(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(0); + assertThat(this.server.getRequestCount()).isEqualTo(2); } @Test + @SuppressWarnings("unchecked") void autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri() throws Exception { this.server = new MockWebServer(); this.server.start(); @@ -156,12 +163,17 @@ void autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri() t + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { assertThat(context).hasSingleBean(SupplierJwtDecoder.class); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); + SupplierJwtDecoder supplierJwtDecoderBean = context.getBean(SupplierJwtDecoder.class); + Supplier jwtDecoderSupplier = (Supplier) ReflectionTestUtils + .getField(supplierJwtDecoderBean, "jwtDecoderSupplier"); + JwtDecoder jwtDecoder = jwtDecoderSupplier.get(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(0); + assertThat(this.server.getRequestCount()).isEqualTo(3); } @Test + @SuppressWarnings("unchecked") void autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri() throws Exception { this.server = new MockWebServer(); this.server.start(); @@ -169,13 +181,18 @@ void autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri() throws String issuer = this.server.url(path).toString(); String cleanIssuerPath = cleanIssuerPath(issuer); setupMockResponsesWithErrors(cleanIssuerPath, 2); + this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { assertThat(context).hasSingleBean(SupplierJwtDecoder.class); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); + SupplierJwtDecoder supplierJwtDecoderBean = context.getBean(SupplierJwtDecoder.class); + Supplier jwtDecoderSupplier = (Supplier) ReflectionTestUtils + .getField(supplierJwtDecoderBean, "jwtDecoderSupplier"); + JwtDecoder jwtDecoder = jwtDecoderSupplier.get(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(0); + assertThat(this.server.getRequestCount()).isEqualTo(4); } @Test From 4f5ca22eb4a19647710ccf6d582f25c3a735ea95 Mon Sep 17 00:00:00 2001 From: Anjee Date: Fri, 1 Oct 2021 17:31:40 -0700 Subject: [PATCH 4/4] Reactive supplier changes --- ...eOAuth2ResourceServerJwkConfiguration.java | 5 ++-- ...2ResourceServerAutoConfigurationTests.java | 30 ++++++++++++++----- 2 files changed, 26 insertions(+), 9 deletions(-) diff --git a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java index 03c7a34bc31f..e4e7c077473a 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java @@ -37,6 +37,7 @@ import org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder; import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; import org.springframework.security.oauth2.jwt.ReactiveJwtDecoders; +import org.springframework.security.oauth2.jwt.SupplierReactiveJwtDecoder; import org.springframework.security.web.server.SecurityWebFilterChain; /** @@ -91,8 +92,8 @@ private byte[] getKeySpec(String keyValue) { @Bean @Conditional(IssuerUriCondition.class) - ReactiveJwtDecoder jwtDecoderByIssuerUri() { - return ReactiveJwtDecoders.fromIssuerLocation(this.properties.getIssuerUri()); + SupplierReactiveJwtDecoder jwtDecoderByIssuerUri() { + return new SupplierReactiveJwtDecoder(() -> ReactiveJwtDecoders.fromIssuerLocation(this.properties.getIssuerUri())); } } diff --git a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java index 4fc7b29b8214..094403c5b075 100644 --- a/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java +++ b/spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/oauth2/resource/reactive/ReactiveOAuth2ResourceServerAutoConfigurationTests.java @@ -22,6 +22,7 @@ import java.util.HashMap; import java.util.Map; import java.util.Set; +import java.util.function.Supplier; import java.util.stream.Stream; import com.fasterxml.jackson.core.JsonProcessingException; @@ -31,6 +32,7 @@ import okhttp3.mockwebserver.MockWebServer; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.Test; +import reactor.core.publisher.Mono; import org.springframework.boot.autoconfigure.AutoConfigurations; import org.springframework.boot.test.context.FilteredClassLoader; @@ -49,9 +51,11 @@ import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator; import org.springframework.security.oauth2.core.OAuth2TokenValidator; import org.springframework.security.oauth2.jwt.Jwt; +import org.springframework.security.oauth2.jwt.JwtDecoder; import org.springframework.security.oauth2.jwt.JwtIssuerValidator; import org.springframework.security.oauth2.jwt.NimbusReactiveJwtDecoder; import org.springframework.security.oauth2.jwt.ReactiveJwtDecoder; +import org.springframework.security.oauth2.jwt.SupplierReactiveJwtDecoder; import org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken; import org.springframework.security.oauth2.server.resource.authentication.JwtReactiveAuthenticationManager; import org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenReactiveAuthenticationManager; @@ -129,6 +133,7 @@ void autoConfigurationUsingPublicKeyValueShouldConfigureResourceServerUsingJwsAl } @Test + @SuppressWarnings("unchecked") void autoConfigurationShouldConfigureResourceServerUsingOidcIssuerUri() throws IOException { this.server = new MockWebServer(); this.server.start(); @@ -138,15 +143,19 @@ void autoConfigurationShouldConfigureResourceServerUsingOidcIssuerUri() throws I setupMockResponse(cleanIssuerPath); this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort() + "/" + path).run((context) -> { - assertThat(context).hasSingleBean(NimbusReactiveJwtDecoder.class); + assertThat(context).hasSingleBean(SupplierReactiveJwtDecoder.class); assertFilterConfiguredWithJwtAuthenticationManager(context); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); + SupplierReactiveJwtDecoder supplierReactiveJwtDecoder = context.getBean(SupplierReactiveJwtDecoder.class); + Mono reactiveJwtDecoderSupplier = (Mono) ReflectionTestUtils.getField(supplierReactiveJwtDecoder, "jwtDecoderMono"); + ReactiveJwtDecoder reactiveJwtDecoder = reactiveJwtDecoderSupplier.block(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(2); + assertThat(this.server.getRequestCount()).isEqualTo(1); } @Test + @SuppressWarnings("unchecked") void autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri() throws Exception { this.server = new MockWebServer(); this.server.start(); @@ -155,15 +164,19 @@ void autoConfigurationShouldConfigureResourceServerUsingOidcRfc8414IssuerUri() t setupMockResponsesWithErrors(cleanIssuerPath, 1); this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort()).run((context) -> { - assertThat(context).hasSingleBean(NimbusReactiveJwtDecoder.class); + assertThat(context).hasSingleBean(SupplierReactiveJwtDecoder.class); assertFilterConfiguredWithJwtAuthenticationManager(context); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); + SupplierReactiveJwtDecoder supplierReactiveJwtDecoder = context.getBean(SupplierReactiveJwtDecoder.class); + Mono reactiveJwtDecoderSupplier = (Mono) ReflectionTestUtils.getField(supplierReactiveJwtDecoder, "jwtDecoderMono"); + ReactiveJwtDecoder reactiveJwtDecoder = reactiveJwtDecoderSupplier.block(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(3); + assertThat(this.server.getRequestCount()).isEqualTo(2); } @Test + @SuppressWarnings("unchecked") void autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri() throws Exception { this.server = new MockWebServer(); this.server.start(); @@ -172,12 +185,15 @@ void autoConfigurationShouldConfigureResourceServerUsingOAuthIssuerUri() throws setupMockResponsesWithErrors(cleanIssuerPath, 2); this.contextRunner.withPropertyValues("spring.security.oauth2.resourceserver.jwt.issuer-uri=http://" + this.server.getHostName() + ":" + this.server.getPort()).run((context) -> { - assertThat(context).hasSingleBean(NimbusReactiveJwtDecoder.class); + assertThat(context).hasSingleBean(SupplierReactiveJwtDecoder.class); assertFilterConfiguredWithJwtAuthenticationManager(context); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); + SupplierReactiveJwtDecoder supplierReactiveJwtDecoder = context.getBean(SupplierReactiveJwtDecoder.class); + Mono reactiveJwtDecoderSupplier = (Mono) ReflectionTestUtils.getField(supplierReactiveJwtDecoder, "jwtDecoderMono"); + ReactiveJwtDecoder reactiveJwtDecoder = reactiveJwtDecoderSupplier.block(); }); // The last request is to the JWK Set endpoint to look up the algorithm - assertThat(this.server.getRequestCount()).isEqualTo(4); + assertThat(this.server.getRequestCount()).isEqualTo(3); } @Test @@ -228,7 +244,7 @@ void autoConfigurationWhenKeyLocationAndIssuerUriPresentShouldUseIssuerUri() thr + this.server.getPort(), "spring.security.oauth2.resourceserver.jwt.public-key-location=classpath:public-key-location") .run((context) -> { - assertThat(context).hasSingleBean(NimbusReactiveJwtDecoder.class); + assertThat(context).hasSingleBean(SupplierReactiveJwtDecoder.class); assertFilterConfiguredWithJwtAuthenticationManager(context); assertThat(context.containsBean("jwtDecoderByIssuerUri")).isTrue(); });