Merge branch '1.1.x' into 1.2.x

Author: jgrandja

buildSrc/build.gradle

@@ -15,7 +15,7 @@ repositories {
 dependencies {
 	implementation "com.github.ben-manes:gradle-versions-plugin:0.38.0"
 	implementation "io.github.gradle-nexus:publish-plugin:1.1.0"
-	implementation "io.spring.javaformat:spring-javaformat-gradle-plugin:0.0.31"
+	implementation "io.spring.javaformat:spring-javaformat-gradle-plugin:0.0.41"
 	implementation "io.spring.nohttp:nohttp-gradle:0.0.10"
 	implementation "org.asciidoctor:asciidoctor-gradle-jvm:3.3.2"
 	implementation "org.asciidoctor:asciidoctor-gradle-jvm-pdf:3.3.2"

buildSrc/src/main/java/org/springframework/gradle/checkstyle/SpringJavaCheckstylePlugin.java

@@ -37,7 +37,7 @@
 public class SpringJavaCheckstylePlugin implements Plugin<Project> {
 	private static final String CHECKSTYLE_DIR = "etc/checkstyle";
 	private static final String SPRING_JAVAFORMAT_VERSION_PROPERTY = "springJavaformatVersion";
-	private static final String DEFAULT_SPRING_JAVAFORMAT_VERSION = "0.0.31";
+	private static final String DEFAULT_SPRING_JAVAFORMAT_VERSION = "0.0.41";
 	private static final String NOHTTP_CHECKSTYLE_VERSION_PROPERTY = "nohttpCheckstyleVersion";
 	private static final String DEFAULT_NOHTTP_CHECKSTYLE_VERSION = "0.0.10";
 	private static final String CHECKSTYLE_TOOL_VERSION_PROPERTY = "checkstyleToolVersion";

gradle.properties

@@ -4,8 +4,7 @@ org.gradle.parallel=true
 org.gradle.caching=true
 springFrameworkVersion=6.1.6
 springSecurityVersion=6.2.4
-springJavaformatVersion=0.0.38
-springJavaformatExcludePackages=org/springframework/security/config org/springframework/security/oauth2
+springJavaformatVersion=0.0.41
 checkstyleToolVersion=8.34
 nohttpCheckstyleVersion=0.0.11
 jacocoToolVersion=0.8.7

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/AbstractOAuth2AuthorizationServerMetadata.java

@@ -26,7 +26,8 @@
 import org.springframework.util.Assert;
 
 /**
- * An {@link OAuth2AuthorizationConsentService} that stores {@link OAuth2AuthorizationConsent}'s in-memory.
+ * An {@link OAuth2AuthorizationConsentService} that stores
+ * {@link OAuth2AuthorizationConsent}'s in-memory.
  *
  * <p>
  * <b>NOTE:</b> This implementation should ONLY be used during development/testing.
@@ -36,6 +37,7 @@
  * @see OAuth2AuthorizationConsentService
  */
 public final class InMemoryOAuth2AuthorizationConsentService implements OAuth2AuthorizationConsentService {
+
 	private final Map<Integer, OAuth2AuthorizationConsent> authorizationConsents = new ConcurrentHashMap<>();
 
 	/**
@@ -46,17 +48,17 @@ public InMemoryOAuth2AuthorizationConsentService() {
 	}
 
 	/**
-	 * Constructs an {@code InMemoryOAuth2AuthorizationConsentService} using the provided parameters.
-	 *
+	 * Constructs an {@code InMemoryOAuth2AuthorizationConsentService} using the provided
+	 * parameters.
 	 * @param authorizationConsents the authorization consent(s)
 	 */
 	public InMemoryOAuth2AuthorizationConsentService(OAuth2AuthorizationConsent... authorizationConsents) {
 		this(Arrays.asList(authorizationConsents));
 	}
 
 	/**
-	 * Constructs an {@code InMemoryOAuth2AuthorizationConsentService} using the provided parameters.
-	 *
+	 * Constructs an {@code InMemoryOAuth2AuthorizationConsentService} using the provided
+	 * parameters.
 	 * @param authorizationConsents the authorization consent(s)
 	 */
 	public InMemoryOAuth2AuthorizationConsentService(List<OAuth2AuthorizationConsent> authorizationConsents) {
@@ -66,8 +68,8 @@ public InMemoryOAuth2AuthorizationConsentService(List<OAuth2AuthorizationConsent
 			int id = getId(authorizationConsent);
 			Assert.isTrue(!this.authorizationConsents.containsKey(id),
 					"The authorizationConsent must be unique. Found duplicate, with registered client id: ["
-							+ authorizationConsent.getRegisteredClientId()
-							+ "] and principal name: [" + authorizationConsent.getPrincipalName() + "]");
+							+ authorizationConsent.getRegisteredClientId() + "] and principal name: ["
+							+ authorizationConsent.getPrincipalName() + "]");
 			this.authorizationConsents.put(id, authorizationConsent);
 		});
 	}

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/InMemoryOAuth2AuthorizationConsentService.java

@@ -33,7 +33,8 @@
 import org.springframework.util.Assert;
 
 /**
- * An {@link OAuth2AuthorizationService} that stores {@link OAuth2Authorization}'s in-memory.
+ * An {@link OAuth2AuthorizationService} that stores {@link OAuth2Authorization}'s
+ * in-memory.
  *
  * <p>
  * <b>NOTE:</b> This implementation should ONLY be used during development/testing.
@@ -44,15 +45,17 @@
  * @see OAuth2AuthorizationService
  */
 public final class InMemoryOAuth2AuthorizationService implements OAuth2AuthorizationService {
+
 	private int maxInitializedAuthorizations = 100;
 
 	/*
-	 * Stores "initialized" (uncompleted) authorizations, where an access token has not yet been granted.
-	 * This state occurs with the authorization_code grant flow during the user consent step OR
-	 * when the code is returned in the authorization response but the access token request is not yet initiated.
+	 * Stores "initialized" (uncompleted) authorizations, where an access token has not
+	 * yet been granted. This state occurs with the authorization_code grant flow during
+	 * the user consent step OR when the code is returned in the authorization response
+	 * but the access token request is not yet initiated.
 	 */
-	private Map<String, OAuth2Authorization> initializedAuthorizations =
-			Collections.synchronizedMap(new MaxSizeHashMap<>(this.maxInitializedAuthorizations));
+	private Map<String, OAuth2Authorization> initializedAuthorizations = Collections
+		.synchronizedMap(new MaxSizeHashMap<>(this.maxInitializedAuthorizations));
 
 	/*
 	 * Stores "completed" authorizations, where an access token has been granted.
@@ -64,7 +67,8 @@ public final class InMemoryOAuth2AuthorizationService implements OAuth2Authoriza
 	 */
 	InMemoryOAuth2AuthorizationService(int maxInitializedAuthorizations) {
 		this.maxInitializedAuthorizations = maxInitializedAuthorizations;
-		this.initializedAuthorizations = Collections.synchronizedMap(new MaxSizeHashMap<>(this.maxInitializedAuthorizations));
+		this.initializedAuthorizations = Collections
+			.synchronizedMap(new MaxSizeHashMap<>(this.maxInitializedAuthorizations));
 	}
 
 	/**
@@ -75,17 +79,17 @@ public InMemoryOAuth2AuthorizationService() {
 	}
 
 	/**
-	 * Constructs an {@code InMemoryOAuth2AuthorizationService} using the provided parameters.
-	 *
+	 * Constructs an {@code InMemoryOAuth2AuthorizationService} using the provided
+	 * parameters.
 	 * @param authorizations the authorization(s)
 	 */
 	public InMemoryOAuth2AuthorizationService(OAuth2Authorization... authorizations) {
 		this(Arrays.asList(authorizations));
 	}
 
 	/**
-	 * Constructs an {@code InMemoryOAuth2AuthorizationService} using the provided parameters.
-	 *
+	 * Constructs an {@code InMemoryOAuth2AuthorizationService} using the provided
+	 * parameters.
 	 * @param authorizations the authorization(s)
 	 */
 	public InMemoryOAuth2AuthorizationService(List<OAuth2Authorization> authorizations) {
@@ -103,7 +107,8 @@ public void save(OAuth2Authorization authorization) {
 		Assert.notNull(authorization, "authorization cannot be null");
 		if (isComplete(authorization)) {
 			this.authorizations.put(authorization.getId(), authorization);
-		} else {
+		}
+		else {
 			this.initializedAuthorizations.put(authorization.getId(), authorization);
 		}
 	}
@@ -113,7 +118,8 @@ public void remove(OAuth2Authorization authorization) {
 		Assert.notNull(authorization, "authorization cannot be null");
 		if (isComplete(authorization)) {
 			this.authorizations.remove(authorization.getId(), authorization);
-		} else {
+		}
+		else {
 			this.initializedAuthorizations.remove(authorization.getId(), authorization);
 		}
 	}
@@ -123,9 +129,7 @@ public void remove(OAuth2Authorization authorization) {
 	public OAuth2Authorization findById(String id) {
 		Assert.hasText(id, "id cannot be empty");
 		OAuth2Authorization authorization = this.authorizations.get(id);
-		return authorization != null ?
-				authorization :
-				this.initializedAuthorizations.get(id);
+		return authorization != null ? authorization : this.initializedAuthorizations.get(id);
 	}
 
 	@Nullable
@@ -149,7 +153,9 @@ private static boolean isComplete(OAuth2Authorization authorization) {
 		return authorization.getAccessToken() != null;
 	}
 
-	private static boolean hasToken(OAuth2Authorization authorization, String token, @Nullable OAuth2TokenType tokenType) {
+	private static boolean hasToken(OAuth2Authorization authorization, String token,
+			@Nullable OAuth2TokenType tokenType) {
+		// @formatter:off
 		if (tokenType == null) {
 			return matchesState(authorization, token) ||
 					matchesAuthorizationCode(authorization, token) ||
@@ -173,6 +179,7 @@ private static boolean hasToken(OAuth2Authorization authorization, String token,
 		} else if (OAuth2ParameterNames.USER_CODE.equals(tokenType.getValue())) {
 			return matchesUserCode(authorization, token);
 		}
+		// @formatter:on
 		return false;
 	}
 
@@ -181,42 +188,38 @@ private static boolean matchesState(OAuth2Authorization authorization, String to
 	}
 
 	private static boolean matchesAuthorizationCode(OAuth2Authorization authorization, String token) {
-		OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode =
-				authorization.getToken(OAuth2AuthorizationCode.class);
+		OAuth2Authorization.Token<OAuth2AuthorizationCode> authorizationCode = authorization
+			.getToken(OAuth2AuthorizationCode.class);
 		return authorizationCode != null && authorizationCode.getToken().getTokenValue().equals(token);
 	}
 
 	private static boolean matchesAccessToken(OAuth2Authorization authorization, String token) {
-		OAuth2Authorization.Token<OAuth2AccessToken> accessToken =
-				authorization.getToken(OAuth2AccessToken.class);
+		OAuth2Authorization.Token<OAuth2AccessToken> accessToken = authorization.getToken(OAuth2AccessToken.class);
 		return accessToken != null && accessToken.getToken().getTokenValue().equals(token);
 	}
 
 	private static boolean matchesRefreshToken(OAuth2Authorization authorization, String token) {
-		OAuth2Authorization.Token<OAuth2RefreshToken> refreshToken =
-				authorization.getToken(OAuth2RefreshToken.class);
+		OAuth2Authorization.Token<OAuth2RefreshToken> refreshToken = authorization.getToken(OAuth2RefreshToken.class);
 		return refreshToken != null && refreshToken.getToken().getTokenValue().equals(token);
 	}
 
 	private static boolean matchesIdToken(OAuth2Authorization authorization, String token) {
-		OAuth2Authorization.Token<OidcIdToken> idToken =
-				authorization.getToken(OidcIdToken.class);
+		OAuth2Authorization.Token<OidcIdToken> idToken = authorization.getToken(OidcIdToken.class);
 		return idToken != null && idToken.getToken().getTokenValue().equals(token);
 	}
 
 	private static boolean matchesDeviceCode(OAuth2Authorization authorization, String token) {
-		OAuth2Authorization.Token<OAuth2DeviceCode> deviceCode =
-				authorization.getToken(OAuth2DeviceCode.class);
+		OAuth2Authorization.Token<OAuth2DeviceCode> deviceCode = authorization.getToken(OAuth2DeviceCode.class);
 		return deviceCode != null && deviceCode.getToken().getTokenValue().equals(token);
 	}
 
 	private static boolean matchesUserCode(OAuth2Authorization authorization, String token) {
-		OAuth2Authorization.Token<OAuth2UserCode> userCode =
-				authorization.getToken(OAuth2UserCode.class);
+		OAuth2Authorization.Token<OAuth2UserCode> userCode = authorization.getToken(OAuth2UserCode.class);
 		return userCode != null && userCode.getToken().getTokenValue().equals(token);
 	}
 
 	private static final class MaxSizeHashMap<K, V> extends LinkedHashMap<K, V> {
+
 		private final int maxSize;
 
 		private MaxSizeHashMap(int maxSize) {