I have a requirement of updating our previous authorization server based on spring 2.6 to spring security 6 and spring 3+, and have decided to go with the new spring authorization server. Have customized the configurations according to our need utilising custom authentication converter and custom access token response handler & token customizer. However, we had the implementation of JwtAccessTokenConverter and TokenStore previously using which we were signing and encrypting our jwt token with an rsa key-pair and jwe ( RSA_OAEP_256 algorithm), and since those interfaces are now deprecated , I am only able to utilise the NimbusJwtEncoder class now which only has JWS based encoding. I am also using the nimbusds.jose.jwk.JWKSet to generate a random RSA key-pair in my jwkSource(@Bean public JWKSource jwkSource() {---}) and tokenCustomizer to add additional claims to token. I was wondering if anyone has the pointer of how I can achieve JWE encryption on my JwtEncoder/JwtGenerator without using additional dependencies. Fyi: I can see the Nimbus library still provides for JWEObject/JWEEncrypter and so on, but I can't seem to find a way to have the context of the final JWT object, encrypt it and inject it back into AuthorizationServerEndpointsConfigurer.tokenStore() like before.
Have tried using the same implementation as of NimbusJwtEncoder into my custom encoder and changing the JWS encyption configurations to JWE configs but that was turning way too complex and I needed to know if there is any direct solution.
