From 336e247e709daf15f5851dc06485b721f9cbc1c1 Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Tue, 30 May 2017 15:37:33 -0400
Subject: [PATCH] Change AccessToken.TokenType from enum to class

Fixes gh-4293
---
 ...NimbusAuthorizationCodeTokenExchanger.java |  2 +-
 .../security/oauth2/core/AccessToken.java     | 27 +++++++++++++++----
 2 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/nimbus/NimbusAuthorizationCodeTokenExchanger.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/nimbus/NimbusAuthorizationCodeTokenExchanger.java
index 9ddbad61bb..c2c0408e00 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/nimbus/NimbusAuthorizationCodeTokenExchanger.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/nimbus/NimbusAuthorizationCodeTokenExchanger.java
@@ -113,7 +113,7 @@ public class NimbusAuthorizationCodeTokenExchanger implements AuthorizationGrant
 
 		String accessToken = accessTokenResponse.getTokens().getAccessToken().getValue();
 		AccessToken.TokenType accessTokenType = null;
-		if (AccessToken.TokenType.BEARER.value().equals(accessTokenResponse.getTokens().getAccessToken().getType().getValue())) {
+		if (AccessToken.TokenType.BEARER.getValue().equalsIgnoreCase(accessTokenResponse.getTokens().getAccessToken().getType().getValue())) {
 			accessTokenType = AccessToken.TokenType.BEARER;
 		}
 		long expiresIn = accessTokenResponse.getTokens().getAccessToken().getLifetime();
diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java
index 097c3a0c22..98a054fe48 100644
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AccessToken.java
@@ -40,18 +40,35 @@ public class AccessToken extends AbstractToken {
 	private final Set<String> scopes;
 	private final Map<String,Object> additionalParameters;
 
-	public enum TokenType {
-		BEARER("Bearer");
-
+	public static final class TokenType {
+		public static final TokenType BEARER = new TokenType("Bearer");
 		private final String value;
 
-		TokenType(String value) {
+		public TokenType(String value) {
+			Assert.hasText(value, "value cannot be empty");
 			this.value = value;
 		}
 
-		public String value() {
+		public String getValue() {
 			return this.value;
 		}
+
+		@Override
+		public boolean equals(Object obj) {
+			if (this == obj) {
+				return true;
+			}
+			if (obj == null || this.getClass() != obj.getClass()) {
+				return false;
+			}
+			TokenType that = (TokenType) obj;
+			return this.getValue().equalsIgnoreCase(that.getValue());
+		}
+
+		@Override
+		public int hashCode() {
+			return this.getValue().hashCode();
+		}
 	}
 
 	public AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt) {