diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/JwtClaimsSet.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/JwtClaimsSet.java index d19f2de..360d41d 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/JwtClaimsSet.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/jwt/JwtClaimsSet.java @@ -17,7 +17,6 @@ package org.springframework.security.oauth2.jwt; import org.springframework.util.Assert; -import java.net.URL; import java.time.Instant; import java.util.Collections; import java.util.LinkedHashMap; @@ -94,7 +93,7 @@ public final class JwtClaimsSet implements JwtClaimAccessor { * @param issuer the issuer identifier * @return the {@link Builder} */ - public Builder issuer(URL issuer) { + public Builder issuer(String issuer) { return claim(ISS, issuer); } diff --git a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIssuerUtil.java b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIssuerUtil.java index fd81e06..f3bf3fb 100644 --- a/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIssuerUtil.java +++ b/oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/authentication/OAuth2TokenIssuerUtil.java @@ -26,9 +26,6 @@ import org.springframework.security.oauth2.jwt.Jwt; import org.springframework.security.oauth2.jwt.JwtClaimsSet; import org.springframework.security.oauth2.jwt.JwtEncoder; -import java.net.MalformedURLException; -import java.net.URI; -import java.net.URL; import java.time.Duration; import java.time.Instant; import java.time.temporal.ChronoUnit; @@ -47,12 +44,7 @@ class OAuth2TokenIssuerUtil { static Jwt issueJwtAccessToken(JwtEncoder jwtEncoder, String subject, String audience, Set scopes) { JoseHeader joseHeader = JoseHeader.withAlgorithm(SignatureAlgorithm.RS256).build(); - // TODO Allow configuration for issuer claim - URL issuer = null; - try { - issuer = URI.create("https://oauth2.provider.com").toURL(); - } catch (MalformedURLException e) { } - + String issuer = "https://oauth2.provider.com"; // TODO Allow configuration for issuer claim Instant issuedAt = Instant.now(); Instant expiresAt = issuedAt.plus(1, ChronoUnit.HOURS); // TODO Allow configuration for access token time-to-live diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/JwtClaimsSetTests.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/JwtClaimsSetTests.java index 12340c0..2f23fe6 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/JwtClaimsSetTests.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/JwtClaimsSetTests.java @@ -39,7 +39,7 @@ public class JwtClaimsSetTests { JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build(); JwtClaimsSet jwtClaimsSet = JwtClaimsSet.withClaims() - .issuer(expectedJwtClaimsSet.getIssuer()) + .issuer(expectedJwtClaimsSet.getIssuer().toExternalForm()) .subject(expectedJwtClaimsSet.getSubject()) .audience(expectedJwtClaimsSet.getAudience()) .issuedAt(expectedJwtClaimsSet.getIssuedAt()) diff --git a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/TestJwtClaimsSets.java b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/TestJwtClaimsSets.java index 42cb13e..16a425c 100644 --- a/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/TestJwtClaimsSets.java +++ b/oauth2-authorization-server/src/test/java/org/springframework/security/oauth2/jwt/TestJwtClaimsSets.java @@ -15,9 +15,6 @@ */ package org.springframework.security.oauth2.jwt; -import java.net.MalformedURLException; -import java.net.URI; -import java.net.URL; import java.time.Instant; import java.time.temporal.ChronoUnit; import java.util.Collections; @@ -29,11 +26,7 @@ import java.util.UUID; public class TestJwtClaimsSets { public static JwtClaimsSet.Builder jwtClaimsSet() { - URL issuer = null; - try { - issuer = URI.create("https://provider.com").toURL(); - } catch (MalformedURLException e) { } - + String issuer = "https://provider.com"; Instant issuedAt = Instant.now(); Instant expiresAt = issuedAt.plus(1, ChronoUnit.HOURS);