Spring Multi JWK Sources

Provide multiple JWKs to Spring security

License

License

Categories

Categories

Ant Build Tools Net Security
GroupId

GroupId

net.savantly.security
ArtifactId

ArtifactId

spring-multi-jwk-source
Last Version

Last Version

0.0.1.RELEASE
Release Date

Release Date

Type

Type

jar
Description

Description

Spring Multi JWK Sources
Provide multiple JWKs to Spring security
Project URL

Project URL

https://github.com/savantly-net/spring-multi-jwk-source
Source Code Management

Source Code Management

http://github.com/savantly-net/spring-multi-jwk-source/tree/master

Download spring-multi-jwk-source

How to add to project

<!-- https://jarcasting.com/artifacts/net.savantly.security/spring-multi-jwk-source/ -->
<dependency>
    <groupId>net.savantly.security</groupId>
    <artifactId>spring-multi-jwk-source</artifactId>
    <version>0.0.1.RELEASE</version>
</dependency>
// https://jarcasting.com/artifacts/net.savantly.security/spring-multi-jwk-source/
implementation 'net.savantly.security:spring-multi-jwk-source:0.0.1.RELEASE'
// https://jarcasting.com/artifacts/net.savantly.security/spring-multi-jwk-source/
implementation ("net.savantly.security:spring-multi-jwk-source:0.0.1.RELEASE")
'net.savantly.security:spring-multi-jwk-source:jar:0.0.1.RELEASE'
<dependency org="net.savantly.security" name="spring-multi-jwk-source" rev="0.0.1.RELEASE">
  <artifact name="spring-multi-jwk-source" type="jar" />
</dependency>
@Grapes(
@Grab(group='net.savantly.security', module='spring-multi-jwk-source', version='0.0.1.RELEASE')
)
libraryDependencies += "net.savantly.security" % "spring-multi-jwk-source" % "0.0.1.RELEASE"
[net.savantly.security/spring-multi-jwk-source "0.0.1.RELEASE"]

Dependencies

compile (5)

Group / Artifact Type Version
com.nimbusds : nimbus-jose-jwt jar 8.5
org.springframework.security : spring-security-oauth2-client jar
org.springframework.security : spring-security-oauth2-jose jar
org.springframework.security : spring-security-oauth2-resource-server jar
com.fasterxml.jackson.core : jackson-databind jar

runtime (1)

Group / Artifact Type Version
org.springframework : spring-webflux jar

test (8)

Group / Artifact Type Version
org.junit.jupiter : junit-jupiter-engine jar
org.junit.jupiter : junit-jupiter-api jar
org.junit.jupiter : junit-jupiter-params jar
org.springframework.boot : spring-boot jar
org.springframework.security : spring-security-test jar
org.springframework.boot : spring-boot-test jar
org.springframework.boot : spring-boot-starter-webflux jar
org.springframework.cloud : spring-cloud-starter-security jar

Project Modules

There are no modules declared in this project.

Spring Multi JWK sources

Currently only Webflux is support.
Gladly accepting PRs!

Quick start

gradle

compile 'net.savantly.security:spring-multi-jwk-source:0.0.1.RELEASE'

Maven

<dependency>
  <groupId>net.savantly.security</groupId>
  <artifactId>spring-multi-jwk-source</artifactId>
  <version>0.0.1.RELEASE</version>
</dependency>

Example Usage

@SpringBootApplication(exclude = {ReactiveOAuth2ResourceServerAutoConfiguration.class})
@Controller
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
public class TestReactiveApplication {

	private String oidcIssuerLocation = "https://dev-931599.okta.com/oauth2/default/v1/keys";
	private JwtService jwtService;
	
	public TestReactiveApplication() throws IOException, JOSEException, ParseException {
		// Use our custom Jwt Service to sign 
		// our Jwt service has it's own key pair, that we'll use in addition to the external OIDC
		this.jwtService = new JwtService(new ClassPathResource("test-rsa"));
	}
    
    @Bean
    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
        http
            .authorizeExchange()
                .anyExchange().permitAll()
                .and()
                .csrf().disable()
                .oauth2Login().and()
            .oauth2ResourceServer()
                .jwt().jwtDecoder(jwtDecoder());
        return http.build();
    }
    
    @Bean
    public ReactiveMultiJwtDecoder jwtDecoder() {
    	// pass multiple JWK sources into the constructor
    	ReactiveMultiJwtDecoder jwtDecoder = new ReactiveMultiJwtDecoder(oidcIssuerLocation, jwtService.getRsaPublicJWK());
		return jwtDecoder;
    }
}
net.savantly.security

Savantly

Savantly custom software solutions for your business

Versions

Version
0.0.1.RELEASE