Support BouncyCastleFipsProvider

Question

Support BouncyCastleFipsProvider

onyas opened this issue 8 months ago · 4 comments

Is your feature request related to a problem? Please describe.

in our project, we need BouncyCastleFipsProvider which is in the lib implementation 'org.bouncycastle:bc-fips', but it look like jjwt currently does not support this lib, because in the class RuntimeEnvironment, it has the fixed class nameprivate static final String BC_PROVIDER_CLASS_NAME = "org.bouncycastle.jce.provider.BouncyCastleProvider";

Describe the solution you'd like

please provide a way to support customized providers, or jjwt already supports this but I don't know.

Answer 1 · 2023-11-17T20:29:04.000Z

JJWT doesn't currently instantiate BouncyCastleFipsProvider, but you can always specify it via the .provider method on the JwtBuilder and JwtParserBuilder. Have you tried that in the meantime?

Answer 2 · 2023-11-17T20:30:25.000Z

Also, starting with 0.12.0, RuntimeEnvironment is no longer used anywhere in JJWT's codebase - it was deprecated. The Providers class in the impl module replaced it.

Answer 3 · 2023-11-17T20:33:42.000Z

We'll try to see if we can fallback dynamically instantiating BouncyCastleFipsProvider if BouncyCastleProvider isn't in the classpath. Does that sound like a viable solution? Would it ever be realistic that both would be in the classpath?

Answer 4 · 2023-11-20T01:52:29.000Z

Thank you for the suggestion. It works.