Hello John,
I have an Angular SPA which authenticates, then obtains an access token to call my Spring boot API.
This code is of the filter on the API, where I wanted to add my own roles and authorities and other information which I retrieve from my DB. I use the new JWT just to rebuild the token stored in the SecurityContext as it is immutable.
Kind regards
Malcolm