RedisCacheConfiguration with TTL for the blacklist cache.

CacheConfig.java

@Configuration
@AutoConfigureAfter(RedisAutoConfiguration.class)
public class CacheConfig {

    public final static String BLACKLIST_CACHE_NAME = "jwt-black-list";
    @Value("${jwt.duration:0}")
    private int tokenDuration;

    @Value("${spring.redis.host:localhost}")
    private String redisHost;

    @Value("${spring.redis.port:7001}")
    private int redisPort;

    @Bean
    public LettuceConnectionFactory redisConnectionFactory() {
        return new LettuceConnectionFactory(new RedisStandaloneConfiguration(redisHost, redisPort));
    }

    @Bean
    RedisCacheManagerBuilderCustomizer redisCacheManagerBuilderCustomizer() {
        return (builder) -> {
            Map<String, RedisCacheConfiguration> configurationMap = new HashMap<>();
            configurationMap.put(BLACKLIST_CACHE_NAME, RedisCacheConfiguration.defaultCacheConfig().entryTtl(
                    Duration.ofSeconds(tokenDuration)));
            builder.withInitialCacheConfigurations(configurationMap);
        };
    }

}

Related to medium article: https://blog.devgenius.io/fixing-jwt-insecure-session-termination-by-blacklisting-tokens-36d783adfd67