- edited description
NimbusReactiveJwtDecoder : with oidcs | BadJOSEException: JOSE header "typ" (type) "at+jwt" not allowed
Issue #480
resolved
Hi ,
My outh2 oidc provider uses jwt token type as "at+jwt" .
The NimbusReactiveJwtDecoder
is not supporting this type of token.
I am using spring-security-oauth2-jose-5.7.2 with spring cloud gateway version 2021.0.0
,spring security 5.6 resource server.
Is there a way to customise DefaultJOSEObjectTypeVerifier
as provided below (reactive version of decoder) .
https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/366/caused-by
Thanks and Regards
Deepak
Comments (2)
-
reporter -
reporter - changed status to resolved
Can be achieved using below
NimbusReactiveJwtDecoder .withJwkSetUri(jwkuri) .jwtProcessorCustomizer(processor -> processor.setJWSTypeVerifier( new DefaultJOSEObjectTypeVerifier<>(new JOSEObjectType("at+jwt")))) .webClient(webClient()) .jwsAlgorithm(SignatureAlgorithm.RS256) .build();
- Log in to comment