From 08f68c9122dfbc2bd60dc438d2f01b884f665e91 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Thu, 5 Sep 2019 16:15:55 -0600 Subject: [PATCH] Update JwtAuthenticationConverter Docs Replaced usage of deprecated API Fixes gh-7062 --- .../servlet/preface/java-configuration.adoc | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc index 79653ec2a8..37fa1b5eb9 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/preface/java-configuration.adoc @@ -706,17 +706,24 @@ public class DirectlyConfiguredJwkSetUri extends WebSecurityConfigurerAdapter { } Converter grantedAuthoritiesExtractor() { - return new GrantedAuthoritiesExtractor(); + JwtAuthenticationConverter jwtAuthenticationConverter = + new JwtAuthenticationConverter(); + jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter + (new GrantedAuthoritiesExtractor()); + return jwtAuthenticationConveter; } ``` which is responsible for converting a `Jwt` into an `Authentication`. +As part of its configuration, we can supply a subsidiary converter to go from `Jwt` to a `Collection` of `GrantedAuthority`s. -We can override this quite simply to alter the way granted authorities are derived: +That final converter might be something like `GrantedAuthoritiesExtractor` below: ```java -static class GrantedAuthoritiesExtractor extends JwtAuthenticationConverter { - protected Collection extractAuthorities(Jwt jwt) { +static class GrantedAuthoritiesExtractor + implements Converter> { + + public Collection convert(Jwt jwt) { Collection authorities = (Collection) jwt.getClaims().get("mycustomclaim");