Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove Deprecated Usages of RemoteJWKSet #16251

Open
jzheaux opened this issue Dec 9, 2024 · 5 comments · May be fixed by #16296
Open

Remove Deprecated Usages of RemoteJWKSet #16251

jzheaux opened this issue Dec 9, 2024 · 5 comments · May be fixed by #16296
Assignees
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Dec 9, 2024

Nimbus has deprecated RemoteJWKSet in favor of using JWKSourceBuilder

By association, JWKSetCache is also deprecated. Since Spring Security has a custom implementation of JWKSetCache, refactoring to wrap a UrlBasedJWKSetSource may be more appropriate than using JWKSourceBuilder.

@jzheaux jzheaux added type: enhancement A general enhancement status: ideal-for-contribution An issue that we actively are looking for someone to help us with in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Dec 9, 2024
@kwondh5217
Copy link

Hi, @jzheaux

I’d like to work on this issue as my first contribution to Spring Security. Would it be alright if I take this on?

Thank you!

@franticticktick
Copy link
Contributor

Duplicate.

@kwondh5217
Copy link

Hi @franticticktick

I noticed that this issue is marked as a duplicate of #15866. I’d like to clarify: should I continue working on this issue, or would it be better to focus on the original issue (#15866)?

If this issue is still valid, I’d be happy to contribute and help resolve it. Please let me know how I can proceed.

Thank you!

@franticticktick
Copy link
Contributor

Hi @kwondh5217, i marked this as a duplicate so that contributors will pay attention to 15866, as there may be nuances that are worth considering. Nothing more :)

@kwondh5217
Copy link

Hi @franticticktick,
Thank you for explaining! I’ll give it a try.
Thanks again!

@jzheaux jzheaux removed the status: ideal-for-contribution An issue that we actively are looking for someone to help us with label Dec 16, 2024
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 17, 2024
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 17, 2024
@kwondh5217 kwondh5217 linked a pull request Dec 17, 2024 that will close this issue
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 18, 2024
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 18, 2024
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 18, 2024
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 18, 2024
kwondh5217 added a commit to kwondh5217/spring-security that referenced this issue Dec 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants