Jim Anderson

Thanks for raising this; I don't believe this is currently possible but this is something we should look into adding.

Thanks for the PR @rimasu! We do want to look into Guava alternatives, including Caffeine. As you noted, unfortunately when the library was written it was tightly coupled to Guava,...

Thanks @inemtsev, we'll look into perhaps exposing an ability to drop the cache, though need to think through how this would be leveraged (i.e., how to know when to drop...

Testing it out, it appears both servlet and WebFlux work without `@EnableSpringSecurity`. I'll push a new commit to remove `@EnableWebSecurity`.

👋 hi @purejgleason, can you provide a bit more info about what code example is conflicting with which code in the repo? Are you referring to the sample using `authorizeRequest()`...

Hi @davidvuckovic, thanks for raising this. You are correct that this library does not currently support PKCE, but is on the roadmap to add support for.

👋 Thanks for raising @uap-universe! I agree that a new major should be made available, which would (among other things) target Jakarta EE (will need to decide which version to...

Hey @mehiatt, the `JwtDecoder` bean is there to ensure the audience claim is validated. If you're using Spring Boot 3, this isn't necessary with the Spring changes discussed in #27,...

👋 hi @michael4screen, thanks for the issue and info. Any chance you could provide a little sample to demonstrate the issue? The constructor is not public because we don't want...

👋 hi @arlyon, thanks for raising the request. Could you provide some additional info such as some pseudo-code of what the ideal solution would look like from a consumer's usage?...