The extent to which the Nimbus library is used in Nimbus(Reactive)OpaqueTokenIntrospector is minimal enough that there's value in creating Nimbus-free versions in order to simplify dependency management with com.nimbusds:oauth2-oidc-sdk.
These Nimbus-free versions would become the default.
The existing classes use Nimbus for parsing the introspection HTTP response. These new implementations would instead rely on RestTemplate or WebClient to parse the response as a Map of attributes. Now as a Map, the convertClaimSet(TokenIntrospectionSuccessResponse) would become convertClaimSet(Map).
For testing, all the tests in Nimbus(Reactive)OpaqueTokenIntrospector should be applicable for Spring(Reactive)OpaqueTokenIntrospector.
Comment From: mkheck
Hi @jzheaux, I'd like to take this one.
Comment From: jgrandja
@jzheaux You might want to consider OAuth2TokenIntrospectionHttpMessageConverter as part of this implementation.
Comment From: jzheaux
Thanks, @jgrandja, I'll take a look.