Package org.springframework.security.oauth2.client.oidc.authentication

Class ReactiveOidcIdTokenDecoderFactory

java.lang.Object
org.springframework.security.oauth2.client.oidc.authentication.ReactiveOidcIdTokenDecoderFactory
All Implemented Interfaces:
org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration>
public final class ReactiveOidcIdTokenDecoderFactory extends Object implements org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration>
A factory that provides a ReactiveJwtDecoder used for OidcIdToken signature verification. The provided ReactiveJwtDecoder is associated to a specific ClientRegistration.
Since:
5.2
See Also:

  • Constructor Details

    • ReactiveOidcIdTokenDecoderFactory

      public ReactiveOidcIdTokenDecoderFactory()

  • Method Details

    • createDefaultClaimTypeConverters

      public static Map<String,org.springframework.core.convert.converter.Converter<Object,?>> createDefaultClaimTypeConverters()
      Returns the default Converter's used for type conversion of claim values for an OidcIdToken.
      Returns:
      a Map of Converter's keyed by claim name

    • createDecoder

      public org.springframework.security.oauth2.jwt.ReactiveJwtDecoder createDecoder(ClientRegistration clientRegistration)
      Specified by:
      createDecoder in interface org.springframework.security.oauth2.jwt.ReactiveJwtDecoderFactory<ClientRegistration>

    • setJwtValidatorFactory

      public void setJwtValidatorFactory(Function<ClientRegistration,org.springframework.security.oauth2.core.OAuth2TokenValidator<org.springframework.security.oauth2.jwt.Jwt>> jwtValidatorFactory)
      Sets the factory that provides an OAuth2TokenValidator, which is used by the ReactiveJwtDecoder. The default composes JwtTimestampValidator and OidcIdTokenValidator.
      Parameters:
      jwtValidatorFactory - the factory that provides an OAuth2TokenValidator

    • setJwsAlgorithmResolver

      public void setJwsAlgorithmResolver(Function<ClientRegistration,org.springframework.security.oauth2.jose.jws.JwsAlgorithm> jwsAlgorithmResolver)
      Sets the resolver that provides the expected JWS algorithm used for the signature or MAC on the ID Token. The default resolves to RS256 for all clients.
      Parameters:
      jwsAlgorithmResolver - the resolver that provides the expected JWS algorithm for a specific client

    • setClaimTypeConverterFactory

      public void setClaimTypeConverterFactory(Function<ClientRegistration,org.springframework.core.convert.converter.Converter<Map<String,Object>,Map<String,Object>>> claimTypeConverterFactory)
      Sets the factory that provides a Converter used for type conversion of claim values for an OidcIdToken. The default is ClaimTypeConverter for all clients.
      Parameters:
      claimTypeConverterFactory - the factory that provides a Converter used for type conversion of claim values for a specific client