I'm creating an application with Spring Security. I need to use JWT with JwtAccessTokenConverter and JwtTokenStore was drepreciated. When I import, it shows that it is depreciated. What can be used instead?
package com.devsuperior.dscatalog.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration
public class AppConfig {
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(); // return a instance
}
// Objects can access a token JWT: ready, write, create, etc
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter tokenConverter = new JwtAccessTokenConverter();
tokenConverter.setSigningKey("MY-JWT-SECRET");
return tokenConverter;
}
@Bean
public JwtTokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
}
CodePudding user response:
Actually, the entire Spring Security OAuth project is deprecated. I assume that you want an alternative for the Authorization Server. If this case, you could try using Spring Authorization Server
The Spring Authorization Server project, led by the Spring Security team, is focused on delivering OAuth 2.1 Authorization Server support to the Spring community.
It now supported lots of features and you can wait for the fully supported OIDC implementation in the next release.
CodePudding user response:
I adjusted pom.xml to that dependency:
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>