mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-26 22:02:41 +00:00
Revise document to replace outdated NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
This commit is contained in:
parent
68ea952d5a
commit
ce5a12b2f7
@ -3,9 +3,8 @@
|
||||
[[webflux-oauth2resourceserver-opaque-minimaldependencies]]
|
||||
== Minimal Dependencies for Introspection
|
||||
As described in xref:servlet/oauth2/resource-server/jwt.adoc#oauth2resourceserver-jwt-minimaldependencies[Minimal Dependencies for JWT], most Resource Server support is collected in `spring-security-oauth2-resource-server`.
|
||||
However, unless you provide a custom <<webflux-oauth2resourceserver-opaque-introspector-bean,`ReactiveOpaqueTokenIntrospector`>>, the Resource Server falls back to `ReactiveOpaqueTokenIntrospector`.
|
||||
This means that both `spring-security-oauth2-resource-server` and `oauth2-oidc-sdk` are necessary to have a working minimal Resource Server that supports opaque Bearer Tokens.
|
||||
See `spring-security-oauth2-resource-server` in order to determine the correct version for `oauth2-oidc-sdk`.
|
||||
However, unless you provide a custom <<webflux-oauth2resourceserver-opaque-introspector-bean,`ReactiveOpaqueTokenIntrospector`>>, the Resource Server falls back to `SpringReactiveOpaqueTokenIntrospector`.
|
||||
This means that only `spring-security-oauth2-resource-server` is necessary to have a working minimal Resource Server that supports opaque Bearer Tokens.
|
||||
|
||||
[[webflux-oauth2resourceserver-opaque-minimalconfiguration]]
|
||||
== Minimal Configuration for Introspection
|
||||
|
@ -4,9 +4,8 @@
|
||||
[[oauth2resourceserver-opaque-minimaldependencies]]
|
||||
== Minimal Dependencies for Introspection
|
||||
As described in xref:servlet/oauth2/resource-server/jwt.adoc#oauth2resourceserver-jwt-minimaldependencies[Minimal Dependencies for JWT] most of Resource Server support is collected in `spring-security-oauth2-resource-server`.
|
||||
However unless a custom <<oauth2resourceserver-opaque-introspector,`OpaqueTokenIntrospector`>> is provided, the Resource Server will fallback to NimbusOpaqueTokenIntrospector.
|
||||
Meaning that both `spring-security-oauth2-resource-server` and `oauth2-oidc-sdk` are necessary in order to have a working minimal Resource Server that supports opaque Bearer Tokens.
|
||||
Please refer to `spring-security-oauth2-resource-server` in order to determine the correct version for `oauth2-oidc-sdk`.
|
||||
However unless a custom <<oauth2resourceserver-opaque-introspector,`OpaqueTokenIntrospector`>> is provided, the Resource Server will fallback to `SpringOpaqueTokenIntrospector`.
|
||||
This means that only `spring-security-oauth2-resource-server` is necessary in order to have a working minimal Resource Server that supports opaque Bearer Tokens.
|
||||
|
||||
[[oauth2resourceserver-opaque-minimalconfiguration]]
|
||||
== Minimal Configuration for Introspection
|
||||
@ -361,7 +360,7 @@ Xml::
|
||||
[source,xml,role="primary"]
|
||||
----
|
||||
<bean id="opaqueTokenIntrospector"
|
||||
class="org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector">
|
||||
class="org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector">
|
||||
<constructor-arg value="${spring.security.oauth2.resourceserver.opaquetoken.introspection_uri}"/>
|
||||
<constructor-arg value="${spring.security.oauth2.resourceserver.opaquetoken.client_id}"/>
|
||||
<constructor-arg value="${spring.security.oauth2.resourceserver.opaquetoken.client_secret}"/>
|
||||
@ -445,7 +444,7 @@ Xml::
|
||||
[source,xml,role="secondary"]
|
||||
----
|
||||
<bean id="opaqueTokenIntrospector"
|
||||
class="org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector">
|
||||
class="org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector">
|
||||
<constructor-arg value="https://idp.example.com/introspect"/>
|
||||
<constructor-arg value="client"/>
|
||||
<constructor-arg value="secret"/>
|
||||
@ -740,7 +739,7 @@ By default, Resource Server uses connection and socket timeouts of 30 seconds ea
|
||||
This may be too short in some scenarios.
|
||||
Further, it doesn't take into account more sophisticated patterns like back-off and discovery.
|
||||
|
||||
To adjust the way in which Resource Server connects to the authorization server, `NimbusOpaqueTokenIntrospector` accepts an instance of `RestOperations`:
|
||||
To adjust the way in which Resource Server connects to the authorization server, `SpringOpaqueTokenIntrospector` accepts an instance of `RestOperations`:
|
||||
|
||||
[tabs]
|
||||
======
|
||||
|
Loading…
x
Reference in New Issue
Block a user