DpopReplayCache

@Component

class DpopReplayCache(@Value(value = "${security.auth.dpop.replay-ttl-seconds:120}") ttlSeconds: Long)

Stops someone from reusing the exact same DPoP proof.

Plain English:

Each DPoP proof carries a one-time random id called jti (think “just this instance”).
We remember recent jti values for a short period. If we see the same one again, we reject it.

Implementation note: This is an in-memory map ideal for local/dev. Use Redis in production.

Constructors

constructor(@Value(value = "${security.auth.dpop.replay-ttl-seconds:120}") ttlSeconds: Long)