diff --git a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/X509CertificateThumbprintValidator.java b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/X509CertificateThumbprintValidator.java index 1344d952a43..0c9588cd147 100644 --- a/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/X509CertificateThumbprintValidator.java +++ b/oauth2/oauth2-jose/src/main/java/org/springframework/security/oauth2/jwt/X509CertificateThumbprintValidator.java @@ -50,15 +50,15 @@ * "https://datatracker.ietf.org/doc/html/rfc8705#section-3.1">3.1. JWT Certificate * Thumbprint Confirmation Method */ -final class X509CertificateThumbprintValidator implements OAuth2TokenValidator { +public class X509CertificateThumbprintValidator implements OAuth2TokenValidator { - static final Supplier DEFAULT_X509_CERTIFICATE_SUPPLIER = new DefaultX509CertificateSupplier(); + public static final Supplier DEFAULT_X509_CERTIFICATE_SUPPLIER = new DefaultX509CertificateSupplier(); private final Log logger = LogFactory.getLog(getClass()); private final Supplier x509CertificateSupplier; - X509CertificateThumbprintValidator(Supplier x509CertificateSupplier) { + public X509CertificateThumbprintValidator(Supplier x509CertificateSupplier) { Assert.notNull(x509CertificateSupplier, "x509CertificateSupplier cannot be null"); this.x509CertificateSupplier = x509CertificateSupplier; } @@ -109,7 +109,7 @@ public OAuth2TokenValidatorResult validate(Jwt jwt) { return OAuth2TokenValidatorResult.success(); } - static String computeSHA256Thumbprint(X509Certificate x509Certificate) throws Exception { + public static String computeSHA256Thumbprint(X509Certificate x509Certificate) throws Exception { MessageDigest md = MessageDigest.getInstance("SHA-256"); byte[] digest = md.digest(x509Certificate.getEncoded()); return Base64.getUrlEncoder().withoutPadding().encodeToString(digest);