Add cognito authentication

[eddumelendez]

No description provided.

[maciejwalkowiak]

Please add reference docs and sample app.

[maciejwalkowiak]

nullability annotations are missing. Each package should have package-info.java marking everything as @NonNull by default, and all nullable fields, method parameters and return values should be marked with @Nullable.

[eddumelendez]

TBH right now I don't see value adding those annotations in configuration properties. I agree if those are added in public apis such as *template

[maciejwalkowiak]

If we don't add them, everything is @NonNull by default. While not such a big deal for Java, when used with Kotlin non-null fields are seen as non-nullable types which can cause very unexpected NPEs in Kotlin Land

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information

[maciejwalkowiak]

As far as I can see, we are missing taking into account spring.cloud.aws.endpoint and a sample. Or it's just not possible to support it?

[eddumelendez]

we are not using the cognito sdk here so the use of spring.cloud.aws.endpoint is not something possible. The only way I see is being explicit with the use of registry-url and issuer-url. About the sample. yes, it is pending.

[eddumelendez]

Closing this due to can be easily autoconfigured using spring boot features

spring.security.oauth2.resourceserver.jwt.issuer-uri=http://127.0.0.1:4566/us-east-1_f865f8979c4d4361b6af703db533dbb4
spring.security.oauth2.resourceserver.jwt.jwk-set-uri=http://127.0.0.1:4566/us-east-1_f865f8979c4d4361b6af703db533dbb4/.well-known/jwks.json

See more here

[maciejwalkowiak]

@eddumelendez so you're saying that beans that we used to create before NimbusJwtDecoder and DelegatingOAuth2TokenValidator are not needed anymore?