Skip to content
Discussion options

You must be logged in to vote

For posterity, here's a custom TokenValidator that handles AWS's EC256 keys:

@Singleton
public class AwsAlbOidcTokenValidator implements TokenValidator {
  private static final Logger LOG = Loggers.build();
  private final HttpClient httpClient;
  private final SecurityConfig securityConfig;

  @Inject
  public AwsAlbOidcTokenValidator(HttpClient httpClient, SecurityConfig securityConfig) {
    this.httpClient = httpClient;
    this.securityConfig = securityConfig;
  }

  @Override
  public Publisher<Authentication> validateToken(String token) {
    throw new IllegalStateException("deprecated");
  }

  @Override
  public Publisher<Authentication> validateToken(String token, @Nullable Http…

Replies: 2 comments

Comment options

You must be logged in to vote
0 replies
Answer selected by rferreira
Comment options

You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants