Related #8885, https://github.com/spring-projects/spring-security/issues/9904#issuecomment-863439948
It would be nice to be able to provide an issuer location to NimbusJwtDecoder instead of a JWK Set URI.
It would allow the issuer discovery to share the same RestOperations/WebClient as the decode method does. Since the JWK Set is cached, this will save a call to the authorization server and also allow the RestOperations and WebClient used for issuer discovery to be configured.
This should be added for both NimbusJwtDecoder and NimbusReactiveJwtDecoder.
Comment From: jgrandja
@jzheaux Please see this comment as a potential alternative to this issue. Any feedback would be greatly appreciated.