My old code in Spring Boot 2.6.6 and Tomcat 9
POM.xml
<dependency>
<groupId>com.auth0</groupId>
<artifactId>auth0-spring-security-api</artifactId>
<version>1.5.3</version>
</dependency>
Configuration.java
@Override
protected void configure(final HttpSecurity http) throws Exception {
JwtWebSecurityConfigurer.forRS256("my auth0 audience", "my auth0 domain")
.configure(http)
.authorizeRequests()
.antMatchers("/getAuthor").permitAll()
.antMatchers("/readAuthor").hasAuthority("read:author")
.antMatchers("/writeAuthor").hasAuthority("write:author")
.antMatchers("/deleteAuthor").hasAuthority("delete:author");
}
All the API endpoints works fine when I pass in the Authorization Bearer token in the header.
But after upgrade to Spring Boot 3.0.0 and Tomcat 10. Tomcat 10 uses Jakarta instead of Javax, so my library auth0-spring-security-api stopped working.
Method JwtWebSecurityConfigurer.forRS256() gives me java.lang.NoSuchMethodError: 'javax.servlet.http.HttpServletRequest error.
How to fix my problem in the new environment and how to decode auth0 access token in configure(final HttpSecurity http) method so i can access protected APIs (readAuthor, writeAuthor…). Are there any other libs i can use? Or any examples?
Thanks.