Spring Security Add Bearer Token header in NimbusJwtDecoder retrieveResource method

I'm trying to do an offline validation of a JWT Token, so my Authorization Server exposes the following URL: https://myauthserver.com/rsa/

This URL will return the JWK but it requires to pass an Authorization Bearer token in header, but looking at NimbusJwtDecor just 1 header is passed:

@Override
            public Resource retrieveResource(URL url) throws IOException {
                HttpHeaders headers = new HttpHeaders();
                headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON, APPLICATION_JWK_SET_JSON));

My suggestion is to expose some way to add customer headers or a flag to NimbusJwtDecoder knows that a JWT token should be generated to call the URL.

Comment From: jzheaux

@rlanhellas thanks for reaching out about this.

When building a NimbusJwtDecoder, you can supply a RestOperations:

RestTemplate rest = new RestTemplate();
rest.getInterceptors().add((request, body, execution) -> {
        request.getHeaders().setBearerAuth(myJwt);
        return execution.execute(request, body);
}));
return NimbusJwtDecoder.withJwkSetUri("https://myauthserver.com/rsa")
        .restOperations(rest).build();

For future reference, this feels like a question that is better suited to Stack Overflow. As mentioned in the guidelines for contributing, we prefer to use GitHub issues only for bugs and enhancements.