Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

spring.security.oauth2.resourceserver.jwt.jws-algorithm is ignored when auto-configuring ReactiveJwtDecoder #20681

Closed
wants to merge 3 commits into from
Closed

spring.security.oauth2.resourceserver.jwt.jws-algorithm is ignored when auto-configuring ReactiveJwtDecoder #20681

wants to merge 3 commits into from

Conversation

az1a
Copy link
Contributor

@az1a az1a commented Mar 25, 2020

Problem:
spring.security.oauth2.resourceserver.jwt.jws-algorithm configuration property is ignored in autoconfiguration of reactive application. I've observed this bug during migration of my app to webflux.

@az1a
Use spring.security.oauth2.resourceserver.jwt.jws-algorithm config pr…
b304123 
…operty in ReactiveOAuth2ResourceServerJwkConfiguration
@pivotal-issuemaster
Copy link

@az1a Please sign the Contributor License Agreement!

Click here to manually synchronize the status of this Pull Request.

See the FAQ for frequently asked questions.

@pivotal-issuemaster
Copy link

@az1a Thank you for signing the Contributor License Agreement!

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Mar 25, 2020
@mbhave
Copy link
Contributor

mbhave commented Mar 25, 2020

Thanks for the PR @az1a. I think we'd need to do the same for the public key variant as well. Would you be able to update your PR with that change?

If possible could you also add some tests to verify that the right algorithm is being used in both cases?

@mbhave mbhave added the status: waiting-for-feedback We need additional information before we can continue label Mar 25, 2020
@az1a
Copy link
Contributor Author

az1a commented Mar 26, 2020

Hello @mbhave, I've updated the PR.
I see that Concourse CI build failed but I don't know what's wrong. The project builds successfully on my machine :)

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Mar 26, 2020
@mbhave
Copy link
Contributor

mbhave commented Mar 26, 2020

The build failed due to a formatting violation. We can fix that when we merge. Thanks for updating the PR, looks good to me now.

@mbhave mbhave added type: bug A general bug and removed status: feedback-provided Feedback has been provided status: waiting-for-triage An issue we've not yet triaged labels Mar 26, 2020
@mbhave mbhave added this to the 2.2.x milestone Mar 26, 2020
mbhave pushed a commit that referenced this pull request Mar 26, 2020
@az1a @mbhave
Use jws-algorithm property in ReactiveOAuth2ResourceServerJwkConfigur…
a55c3e4 
…ation

See gh-20681
@mbhave mbhave mentioned this pull request Mar 26, 2020
Closed
@mbhave mbhave closed this in 5b5e61f Mar 26, 2020
@mbhave
Copy link
Contributor

mbhave commented Mar 26, 2020

@az1a Thank you for making your first contribution to Spring Boot. This has been merged into 2.2.x and master.

@mbhave mbhave modified the milestones: 2.2.x, 2.2.7 Mar 26, 2020
@wilkinsona wilkinsona changed the title Use jws-algorithm config property in ReactiveOAuth2ResourceServerJwkConfiguration spring.security.oauth2.resourceserver.jwt.jws-algorithm is ignored when auto-configuring ReactiveJwtDecoder Apr 3, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
type: bug A general bug
Projects
None yet
Milestone
2.2.7
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@az1a @pivotal-issuemaster @mbhave @spring-projects-issues