From a980e3b0d7f2d9a63b2d7d0acfda3d63b0b4697b Mon Sep 17 00:00:00 2001
From: Joe Grandja <jgrandja@pivotal.io>
Date: Thu, 19 Oct 2017 13:40:06 -0400
Subject: [PATCH] Remove ClientRegistrationIdentifierStrategy

Fixes gh-4648
---
 .../OAuth2UserAuthenticationProvider.java     | 22 +++++---------
 .../ClientRegistrationIdentifierStrategy.java | 29 ------------------
 .../token/InMemoryAccessTokenRepository.java  | 30 ++++++++-----------
 3 files changed, 20 insertions(+), 61 deletions(-)
 delete mode 100644 oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrationIdentifierStrategy.java

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/OAuth2UserAuthenticationProvider.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/OAuth2UserAuthenticationProvider.java
index e43d42da30..09cdaf37c2 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/OAuth2UserAuthenticationProvider.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/userinfo/OAuth2UserAuthenticationProvider.java
@@ -23,7 +23,6 @@ import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMap
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.oauth2.client.authentication.OAuth2ClientAuthenticationToken;
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.client.registration.ClientRegistrationIdentifierStrategy;
 import org.springframework.security.oauth2.core.user.OAuth2User;
 import org.springframework.util.Assert;
 
@@ -48,7 +47,6 @@ import java.util.Collection;
  * @see OAuth2User
  */
 public class OAuth2UserAuthenticationProvider implements AuthenticationProvider {
-	private final ClientRegistrationIdentifierStrategy<String> providerIdentifierStrategy = new ProviderIdentifierStrategy();
 	private final OAuth2UserService userService;
 	private GrantedAuthoritiesMapper authoritiesMapper = (authorities -> authorities);
 
@@ -115,23 +113,19 @@ public class OAuth2UserAuthenticationProvider implements AuthenticationProvider
 		OAuth2UserAuthenticationToken currentUserAuthentication =
 			(OAuth2UserAuthenticationToken)SecurityContextHolder.getContext().getAuthentication();
 
-		String userProviderId = this.providerIdentifierStrategy.getIdentifier(
+		String userProviderId = this.getProviderIdentifier(
 			currentUserAuthentication.getClientAuthentication().getClientRegistration());
-		String clientProviderId = this.providerIdentifierStrategy.getIdentifier(
+		String clientProviderId = this.getProviderIdentifier(
 			clientAuthentication.getClientRegistration());
 
 		return userProviderId.equals(clientProviderId);
 	}
 
-	private static class ProviderIdentifierStrategy implements ClientRegistrationIdentifierStrategy<String> {
-
-		@Override
-		public String getIdentifier(ClientRegistration clientRegistration) {
-			StringBuilder builder = new StringBuilder();
-			builder.append("[").append(clientRegistration.getProviderDetails().getAuthorizationUri()).append("]");
-			builder.append("[").append(clientRegistration.getProviderDetails().getTokenUri()).append("]");
-			builder.append("[").append(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri()).append("]");
-			return builder.toString();
-		}
+	private String getProviderIdentifier(ClientRegistration clientRegistration) {
+		StringBuilder builder = new StringBuilder();
+		builder.append("[").append(clientRegistration.getProviderDetails().getAuthorizationUri()).append("]");
+		builder.append("[").append(clientRegistration.getProviderDetails().getTokenUri()).append("]");
+		builder.append("[").append(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri()).append("]");
+		return builder.toString();
 	}
 }
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrationIdentifierStrategy.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrationIdentifierStrategy.java
deleted file mode 100644
index 4d8d7708cc..0000000000
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistrationIdentifierStrategy.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * Copyright 2012-2017 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.springframework.security.oauth2.client.registration;
-
-/**
- * A strategy for obtaining a unique identifier for a {@link ClientRegistration}.
- *
- * @author Joe Grandja
- * @since 5.0
- * @see ClientRegistration
- */
-public interface ClientRegistrationIdentifierStrategy<T> {
-
-	T getIdentifier(ClientRegistration clientRegistration);
-
-}
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/InMemoryAccessTokenRepository.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/InMemoryAccessTokenRepository.java
index 669be0e708..fcf91c24ea 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/InMemoryAccessTokenRepository.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/token/InMemoryAccessTokenRepository.java
@@ -16,7 +16,6 @@
 package org.springframework.security.oauth2.client.token;
 
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.client.registration.ClientRegistrationIdentifierStrategy;
 import org.springframework.security.oauth2.core.AccessToken;
 import org.springframework.util.Assert;
 
@@ -35,26 +34,25 @@ import java.util.concurrent.ConcurrentHashMap;
  * @see ClientRegistration
  */
 public final class InMemoryAccessTokenRepository implements SecurityTokenRepository<AccessToken> {
-	private final ClientRegistrationIdentifierStrategy<String> identifierStrategy = new AuthorizedClientIdentifierStrategy();
 	private final Map<String, AccessToken> accessTokens = new ConcurrentHashMap<>();
 
 	@Override
 	public AccessToken loadSecurityToken(ClientRegistration registration) {
 		Assert.notNull(registration, "registration cannot be null");
-		return this.accessTokens.get(this.identifierStrategy.getIdentifier(registration));
+		return this.accessTokens.get(this.getClientIdentifier(registration));
 	}
 
 	@Override
 	public void saveSecurityToken(AccessToken accessToken, ClientRegistration registration) {
 		Assert.notNull(accessToken, "accessToken cannot be null");
 		Assert.notNull(registration, "registration cannot be null");
-		this.accessTokens.put(this.identifierStrategy.getIdentifier(registration), accessToken);
+		this.accessTokens.put(this.getClientIdentifier(registration), accessToken);
 	}
 
 	@Override
 	public void removeSecurityToken(ClientRegistration registration) {
 		Assert.notNull(registration, "registration cannot be null");
-		this.accessTokens.remove(this.identifierStrategy.getIdentifier(registration));
+		this.accessTokens.remove(this.getClientIdentifier(registration));
 	}
 
 	/**
@@ -63,22 +61,18 @@ public final class InMemoryAccessTokenRepository implements SecurityTokenReposit
 	 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request</a>
 	 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-5.1">Section 5.1 Access Token Response</a>
 	 */
-	private static class AuthorizedClientIdentifierStrategy implements ClientRegistrationIdentifierStrategy<String> {
+	private String getClientIdentifier(ClientRegistration clientRegistration) {
+		StringBuilder builder = new StringBuilder();
 
-		@Override
-		public String getIdentifier(ClientRegistration clientRegistration) {
-			StringBuilder builder = new StringBuilder();
+		// Access Token Request attributes
+		builder.append("[").append(clientRegistration.getAuthorizationGrantType().getValue()).append("]");
+		builder.append("[").append(clientRegistration.getRedirectUri()).append("]");
+		builder.append("[").append(clientRegistration.getClientId()).append("]");
 
-			// Access Token Request attributes
-			builder.append("[").append(clientRegistration.getAuthorizationGrantType().getValue()).append("]");
-			builder.append("[").append(clientRegistration.getRedirectUri()).append("]");
-			builder.append("[").append(clientRegistration.getClientId()).append("]");
+		// Access Token Response attributes
+		builder.append("[").append(clientRegistration.getScopes().toString()).append("]");
 
-			// Access Token Response attributes
-			builder.append("[").append(clientRegistration.getScopes().toString()).append("]");
-
-			return Base64.getEncoder().encodeToString(builder.toString().getBytes());
-		}
+		return Base64.getEncoder().encodeToString(builder.toString().getBytes());
 	}
 }