From 59040a4c3d7d6dc4ac3ebec4ab4d87834397c00e Mon Sep 17 00:00:00 2001
From: Daniel Garnier-Moiroux <dgarnier@vmware.com>
Date: Fri, 12 Mar 2021 14:24:15 +0100
Subject: [PATCH] Use nimbus-jose-jwt and oauth2-oidc-sdk versions from
 spring-security

- Spring Security 5.4.5 downgraded nimbus-jose-jwt to 8.+ from 9.+,
  which breaks NimbusJwsEncoder.
- Bump Security to 5.4.5, and Boot to 2.4.3 to match Security

Closes gh-256
---
 gradle.properties                                             | 2 +-
 gradle/dependency-management.gradle                           | 4 +---
 .../springframework/security/oauth2/jwt/NimbusJwsEncoder.java | 3 ++-
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/gradle.properties b/gradle.properties
index d3c64fd..1d3e195 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,5 +1,5 @@
 version=0.1.1-SNAPSHOT
-springBootVersion=2.4.2
+springBootVersion=2.4.3
 org.gradle.jvmargs=-Xmx3g -XX:MaxPermSize=2048m -XX:+HeapDumpOnOutOfMemoryError
 org.gradle.parallel=true
 org.gradle.caching=true
diff --git a/gradle/dependency-management.gradle b/gradle/dependency-management.gradle
index 7e097b5..f2b434a 100644
--- a/gradle/dependency-management.gradle
+++ b/gradle/dependency-management.gradle
@@ -3,7 +3,7 @@ if (!project.hasProperty("springVersion")) {
 }
 
 if (!project.hasProperty("springSecurityVersion")) {
-	ext.springSecurityVersion = "5.4.2"
+	ext.springSecurityVersion = "5.4.5"
 }
 
 if (!project.hasProperty("reactorVersion")) {
@@ -25,8 +25,6 @@ dependencyManagement {
 	}
 
 	dependencies {
-		dependency "com.nimbusds:oauth2-oidc-sdk:8.23.1"
-		dependency "com.nimbusds:nimbus-jose-jwt:9.1.3"
 		dependency "javax.servlet:javax.servlet-api:4.0.1"
 		dependency 'junit:junit:4.13.1'
 		dependency 'org.assertj:assertj-core:3.18.1'
diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwsEncoder.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwsEncoder.java
index 1a66063..6e1da7a 100644
--- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwsEncoder.java
+++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/NimbusJwsEncoder.java
@@ -43,6 +43,7 @@ import com.nimbusds.jose.util.Base64URL;
 import com.nimbusds.jwt.JWTClaimsSet;
 import com.nimbusds.jwt.SignedJWT;
 
+import net.minidev.json.JSONObject;
 import org.springframework.core.convert.converter.Converter;
 import org.springframework.util.Assert;
 import org.springframework.util.CollectionUtils;
@@ -197,7 +198,7 @@ public final class NimbusJwsEncoder implements JwtEncoder {
 			Map<String, Object> jwk = headers.getJwk();
 			if (!CollectionUtils.isEmpty(jwk)) {
 				try {
-					builder.jwk(JWK.parse(jwk));
+					builder.jwk(JWK.parse(new JSONObject(jwk)));
 				}
 				catch (Exception ex) {
 					throw new JwtEncodingException(String.format(ENCODING_ERROR_MESSAGE_TEMPLATE,