Spring Security Support Certificate-Bound (POP) JWT Access Token Validation (Reactive)

This issue is for the Reactive implementation of gh-10538.

Comment From: franticticktick

Hi @jgrandja! What specific support is required? I see that ReactiveJwtDecoders has a method withProviderConfiguration:

private static ReactiveJwtDecoder withProviderConfiguration(Map<String, Object> configuration, String issuer) {
        JwtDecoderProviderConfigurationUtils.validateIssuer(configuration, issuer);
        OAuth2TokenValidator<Jwt> jwtValidator = JwtValidators.createDefaultWithIssuer(issuer);
        String jwkSetUri = configuration.get("jwks_uri").toString();
        NimbusReactiveJwtDecoder jwtDecoder = NimbusReactiveJwtDecoder.withJwkSetUri(jwkSetUri)
            .jwtProcessorCustomizer(ReactiveJwtDecoderProviderConfigurationUtils::addJWSAlgorithms)
            .build();
        jwtDecoder.setJwtValidator(jwtValidator);
        return jwtDecoder;
    }

It creates a ReactiveJwtDecoder by invocationJwtValidators.createDefaultWithIssuer, all default validators are already created there.

Comment From: jgrandja

@CrazyParanoid

It creates a ReactiveJwtDecoder by invocation JwtValidators.createDefaultWithIssuer, all default validators are already created there.

Yes, you are right. I missed that. I'll close this.