Add support for customizing claims in JWT Client Assertion
Closes gh-9855
This commit is contained in:
Steve Riesenberg
@@ -149,3 +149,35 @@ tokenResponseClient.addParametersConverter(
|
||||
)
|
||||
----
|
||||
====
|
||||
|
||||
=== Customizing the JWT assertion
|
||||
|
||||
The JWT produced by `NimbusJwtClientAuthenticationParametersConverter` contains the `iss`, `sub`, `aud`, `jti`, `iat` and `exp` claims by default. You can customize the headers and/or claims by providing a `Consumer<NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext<T>>` to `setJwtClientAssertionCustomizer()`. The following example shows how to customize claims of the JWT:
|
||||
|
||||
====
|
||||
.Java
|
||||
[source,java,role="primary"]
|
||||
----
|
||||
Function<ClientRegistration, JWK> jwkResolver = ...
|
||||
|
||||
NimbusJwtClientAuthenticationParametersConverter<OAuth2ClientCredentialsGrantRequest> converter =
|
||||
new NimbusJwtClientAuthenticationParametersConverter<>(jwkResolver);
|
||||
converter.setJwtClientAssertionCustomizer((context) -> {
|
||||
context.getHeaders().header("custom-header", "header-value");
|
||||
context.getClaims().claim("custom-claim", "claim-value");
|
||||
});
|
||||
----
|
||||
|
||||
.Kotlin
|
||||
[source,kotlin,role="secondary"]
|
||||
----
|
||||
val jwkResolver = ...
|
||||
|
||||
val converter: NimbusJwtClientAuthenticationParametersConverter<OAuth2ClientCredentialsGrantRequest> =
|
||||
NimbusJwtClientAuthenticationParametersConverter(jwkResolver)
|
||||
converter.setJwtClientAssertionCustomizer { context ->
|
||||
context.headers.header("custom-header", "header-value")
|
||||
context.claims.claim("custom-claim", "claim-value")
|
||||
}
|
||||
----
|
||||
====
|
||||
|
||||
@@ -163,3 +163,35 @@ val tokenResponseClient = DefaultClientCredentialsTokenResponseClient()
|
||||
tokenResponseClient.setRequestEntityConverter(requestEntityConverter)
|
||||
----
|
||||
====
|
||||
|
||||
=== Customizing the JWT assertion
|
||||
|
||||
The JWT produced by `NimbusJwtClientAuthenticationParametersConverter` contains the `iss`, `sub`, `aud`, `jti`, `iat` and `exp` claims by default. You can customize the headers and/or claims by providing a `Consumer<NimbusJwtClientAuthenticationParametersConverter.JwtClientAuthenticationContext<T>>` to `setJwtClientAssertionCustomizer()`. The following example shows how to customize claims of the JWT:
|
||||
|
||||
====
|
||||
.Java
|
||||
[source,java,role="primary"]
|
||||
----
|
||||
Function<ClientRegistration, JWK> jwkResolver = ...
|
||||
|
||||
NimbusJwtClientAuthenticationParametersConverter<OAuth2ClientCredentialsGrantRequest> converter =
|
||||
new NimbusJwtClientAuthenticationParametersConverter<>(jwkResolver);
|
||||
converter.setJwtClientAssertionCustomizer((context) -> {
|
||||
context.getHeaders().header("custom-header", "header-value");
|
||||
context.getClaims().claim("custom-claim", "claim-value");
|
||||
});
|
||||
----
|
||||
|
||||
.Kotlin
|
||||
[source,kotlin,role="secondary"]
|
||||
----
|
||||
val jwkResolver = ...
|
||||
|
||||
val converter: NimbusJwtClientAuthenticationParametersConverter<OAuth2ClientCredentialsGrantRequest> =
|
||||
NimbusJwtClientAuthenticationParametersConverter(jwkResolver)
|
||||
converter.setJwtClientAssertionCustomizer { context ->
|
||||
context.headers.header("custom-header", "header-value")
|
||||
context.claims.claim("custom-claim", "claim-value")
|
||||
}
|
||||
----
|
||||
====
|
||||
|
||||
Reference in New Issue
Block a user