Add Decoder

Author: NeftaliYagua

src/main/java/net/coderic/core/api/config/SecurityConfiguration.java

@@ -10,6 +10,7 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.jwt.JwtDecoders;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.logout.HeaderWriterLogoutHandler;
@@ -20,6 +21,7 @@
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
+import javax.crypto.spec.SecretKeySpec;
 import java.util.Arrays;
 
 @Configuration
@@ -130,4 +132,11 @@ private JwtAuthenticationConverter jwtAuthenticationConverter() {
         // Configura cómo deseas mapear los claims del token JWT a roles/autorizaciones
         return converter;
     }
+    @Bean
+    public JwtDecoder jwtDecoder() {
+        // Clave simétrica utilizada para descifrar el token (debe coincidir con la configurada en Auth0)
+        String secretKey = System.getenv("OKTA_CLIENT_SECRET"); // Sustituye con la clave proporcionada por Auth0
+
+        return NimbusJwtDecoder.withSecretKey(new SecretKeySpec(secretKey.getBytes(), "AES")).build();
+    }
 }