azure active directory – Spring ResourceServer azuread jwt validation
I want to validate the jwt from azuread (login.live.com) with spring resource server. What are the application.yaml properties in that case?
I couldn’t find an example / the properties on the official spring doc neither on the azuread docs
current application:yaml
spring:
application:
name: test
security:
oauth2:
resourceserver:
jwt:
issuer-uri: unknown
jwk-set-uri: unknown
Security Config:
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorize ->
authorize
.requestMatchers("/auth/**").authenticated()
.anyRequest().permitAll()
)
.csrf(AbstractHttpConfigurer::disable)
.sessionManagement(httpSecuritySessionManagementConfigurer ->
httpSecuritySessionManagementConfigurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
.oauth2ResourceServer((oauth2) ->
oauth2.jwt(Customizer.withDefaults()));
return http.build();
}
Read more here: Source link