Spring Security Reactive JWT Decoder not picking up algo from jwk but non reactive version works

Describe the bug ReactiveJwtDecoders.fromIssuerLocation("https://thomasmiller.eu.authz.cloudentity.io/thomasmiller/test") does not return the correct algo. As RS256 comes back instead of EC256 However Not reactive version does work and comes back with EC256 JwtDecoders.fromIssuerLocation("https://thomasmiller.eu.authz.cloudentity.io/thomasmiller/test")

Drilling into it ReactiveJwtDecoderProviderConfigurationUtils.getJWSAlgorithms() will return the right value if you block it. However its never ran, due to further up chain.

** Reproduce ** Create a JWT with EC256 Have JWK of EC256 `ReactiveJwtDecoders.fromIssuerLocation("jwk with just ec256")

// The access token is a test token with no access and is expired invalid 
    main(){
// Will throw ec256 not supported
ReactiveJwtDecoders
.fromIssuerLocation("https://thomasmiller.eu.authz.cloudentity.io/thomasmiller/test")
.decode("eyJhbGciOiJFUzI1NiIsImtpZCI6IjI1MzI4NzQzODA2OTQyMjcyNDI5OTE2MDUwMzE5OTE1MTM3NTAxNSIsInR5cCI6IkpXVCJ9.eyJhY3IiOiIxIiwiYWlkIjoidGVzdCIsImFtciI6WyJwd2QiXSwiYXVkIjpbImFiYWZjOTk0ZWM2MjQzMWFhZGE1YTBmNTc3YTM5ZTM4Iiwic3BpZmZlOi8vdGhvbWFzbWlsbGVyLmV1LmF1dGh6LmNsb3VkZW50aXR5LmlvL3Rob21hc21pbGxlci90ZXN0L3Rlc3QtcHJvZmlsZSJdLCJleHAiOjE2NjI5MzQ5MDMsImlhdCI6MTY2MjkzMTMwMywiaWRwIjoiZDcyODJlYzI0MjUyNDE0NThjM2MxYjRkZTlkOTNjYTEiLCJpc3MiOiJodHRwczovL3Rob21hc21pbGxlci5ldS5hdXRoei5jbG91ZGVudGl0eS5pby90aG9tYXNtaWxsZXIvdGVzdCIsImp0aSI6ImY0YzMyNmU1LTlmNmQtNDQ5Ni05YjhhLWExNmY0ODFiMGM0NyIsIm5iZiI6MTY2MjkzMTMwMywic2NwIjpbImVtYWlsIiwib3BlbmlkIiwicHJvZmlsZSJdLCJzdCI6InB1YmxpYyIsInN1YiI6ImM2NDljNDQ0OGFkZDQ0ZWY1ZDA1NjEwY2JlMDEwNDU1Yjk5Y2RkZDdjMmU1MDY1YTYxNTNhYWI4ZTM5YzVhODkiLCJ0aWQiOiJ0aG9tYXNtaWxsZXIifQ.OgKf6CSojaV07UnIXUk7McATha2-TRbvGOcuCtUYMnZI8lyq2M6tpe_ueZB6sttK-h9xvUnMurKvYf9zOGs6qA")
}

** Notes **

Looks to be have introduced in https://github.com/spring-projects/spring-security/issues/7160

Comment From: m-kay

@jzheaux any update on this?

Comment From: sjohnr

Thanks for reaching out @thomasmillergb! I apologize that this issue was missed and never responded to. However, it looks as though the URL https://thomasmiller.eu.authz.cloudentity.io/thomasmiller/test returns a 404 Not Found.

Drilling into it ReactiveJwtDecoderProviderConfigurationUtils.getJWSAlgorithms() will return the right value if you block it. However its never ran, due to further up chain.

I'm not clear on what is being pointed to as the problem based on this description. If you are able to provide a self-contained minimal, reproducible sample I'll be happy to take a look. For now, I'll close this issue as not reproducible.