diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc index 2957ec7e2a..dcbb7431d7 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc @@ -606,7 +606,7 @@ Or, exposing a `JwtDecoder` `@Bean` has the same effect as `decoder()`: ```java @Bean public JwtDecoder jwtDecoder() { - return new NimbusJwtDecoderJwkSupport(jwkSetUri); + return new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).build()); } ``` @@ -719,7 +719,7 @@ Resource Server uses `JwtTimestampValidator` to verify a token's validity window ```java @Bean JwtDecoder jwtDecoder() { - NimbusJwtDecoderJwkSupport jwtDecoder = (NimbusJwtDecoderJwkSupport) + NimbusJwtDecoder jwtDecoder = (NimbusJwtDecoder) JwtDecoders.withOidcIssuerLocation(issuerUri); OAuth2TokenValidator withClockSkew = new DelegatingOAuth2TokenValidator<>( @@ -759,7 +759,7 @@ Then, to add into a resource server, it's a matter of specifying the `JwtDecoder ```java @Bean JwtDecoder jwtDecoder() { - NimbusJwtDecoderJwkSupport jwtDecoder = (NimbusJwtDecoderJwkSupport) + NimbusJwtDecoder jwtDecoder = (NimbusJwtDecoder) JwtDecoders.withOidcIssuerLocation(issuerUri); OAuth2TokenValidator audienceValidator = new AudienceValidator(); @@ -807,11 +807,11 @@ An individual claim's conversion strategy can be configured using `MappedJwtClai ```java @Bean JwtDecoder jwtDecoder() { - NimbusJwtDecoderJwkSupport jwtDecoder = new NimbusJwtDecoderJwkSupport(jwkSetUri); + NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).build()); MappedJwtClaimSetConverter converter = MappedJwtClaimSetConverter .withDefaults(Collections.singletonMap("sub", this::lookupUserIdBySub)); - jwtDecoder.setJwtClaimSetConverter(converter); + jwtDecoder.setClaimSetConverter(converter); return jwtDecoder; } @@ -862,8 +862,8 @@ And then, the instance can be supplied like normal: ```java @Bean JwtDecoder jwtDecoder() { - NimbusJwtDecoderJwkSupport jwtDecoder = new NimbusJwtDecoderJwkSupport(jwkSetUri); - jwtDecoder.setJwtClaimSetConverter(new UsernameSubClaimAdapter()); + NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).build()); + jwtDecoder.setClaimSetConverter(new UsernameSubClaimAdapter()); return jwtDecoder; } ``` @@ -876,7 +876,7 @@ By default, Resource Server uses connection and socket timeouts of 30 seconds ea This may be too short in some scenarios. Further, it doesn't take into account more sophisticated patterns like back-off and discovery. -To adjust the way in which Resource Server connects to the authorization server, `NimbusJwtDecoderJwkSupport` accepts an instance of `RestOperations`: +To adjust the way in which Resource Server connects to the authorization server, `NimbusJwtDecoder` accepts an instance of `RestOperations`: ```java @Bean @@ -886,8 +886,7 @@ public JwtDecoder jwtDecoder(RestTemplateBuilder builder) { .setReadTimeout(60000) .build(); - NimbusJwtDecoderJwkSupport jwtDecoder = new NimbusJwtDecoderJwkSupport(jwkSetUri); - jwtDecoder.setRestOperations(rest); + NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(JwtProcessors.withJwkSetUri(jwkSetUri).restOperations(rest).build()); return jwtDecoder; } ```