I have a Spring Boot 2 application, which uses OAuth2, and relays its bearer tokens to all the REST services it calls. Amongst these services, stands a legacy Java 6 webapp that doesn't use Spring. I would like to know if it is possible to validate a bearer token in this legacy app, knowing the OAuth2 server's public key.
OAuth 2 is a standard, it's not Spring Boot specific implementation, so I don't see why you wouldn't be able to validate the token. If it's a JWT you can just use a vanilla Java library for handling JWTs and use it in your legacy app. E.g. have a look at this filter implementation: https://github.com/curityio/oauth-filter-for-java it's not using Spring and it validates JWTs.
A problem you might run into is whether the legacy app supports all signature verification algorithms that your OAuth server might use. For example, I'm not sure if Java 6 supported Elliptic Curve algorithms for signature verification, but that's something you need to investigate.
If the Java version won't be able to properly verify the JWT, or if your auhtorization server issues opaque tokens, then you may have to call the introspection endpoint of the authorization server, in order to validate the token and get the claims. This might even prove simpler, as it would just require an http call from the legacy app to the authorization server.