JWE in Spring Security OAuth2 JWT

2019-06-22 15:05发布

问题:

Is it possible to use JSON Web Encryption(JWE) with Spring Security OAuth2 JWT ?

Right now I have a following JwtAccessTokenConverter:

@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter() {

        @Override
        public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
            DBUserDetails user = (DBUserDetails) authentication.getUserAuthentication().getPrincipal();
            final Map<String, Object> additionalInfo = new HashMap<>();
            additionalInfo.put("user_id", user.getUser().getId());
            ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
            OAuth2AccessToken enhancedToken = super.enhance(accessToken, authentication);
            return enhancedToken;
        }

    };

    converter.setSigningKey(jwtAccessTokenConverterSigningKey);

    DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
    DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
    userTokenConverter.setUserDetailsService(userDetailsService);
    accessTokenConverter.setUserTokenConverter(userTokenConverter);

    converter.setAccessTokenConverter(accessTokenConverter);

    return converter;
}

How to add JWE support here ?