New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
spring.security.oauth2.resourceserver.jwt.jws-algorithm is ignored when auto-configuring ReactiveJwtDecoder #20681
Conversation
…operty in ReactiveOAuth2ResourceServerJwkConfiguration
@az1a Please sign the Contributor License Agreement! Click here to manually synchronize the status of this Pull Request. See the FAQ for frequently asked questions. |
@az1a Thank you for signing the Contributor License Agreement! |
Thanks for the PR @az1a. I think we'd need to do the same for the public key variant as well. Would you be able to update your PR with that change? If possible could you also add some tests to verify that the right algorithm is being used in both cases? |
…tion using public key
Hello @mbhave, I've updated the PR. |
The build failed due to a formatting violation. We can fix that when we merge. Thanks for updating the PR, looks good to me now. |
@az1a Thank you for making your first contribution to Spring Boot. This has been merged into |
Problem:
spring.security.oauth2.resourceserver.jwt.jws-algorithm
configuration property is ignored in autoconfiguration of reactive application. I've observed this bug during migration of my app to webflux.