diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java index 8914c8e260..b516954f8e 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurerTests.java @@ -1127,7 +1127,7 @@ public class OAuth2ResourceServerConfigurerTests { .with(bearerToken("token"))) .andExpect(status().isUnauthorized()) .andExpect(header().string(HttpHeaders.WWW_AUTHENTICATE, - containsString("Provided token [token] isn't active"))); + containsString("Provided token isn't active"))); } @Test diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java index c4b0569ada..642dc451f1 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospector.java @@ -133,7 +133,7 @@ public class NimbusOpaqueTokenIntrospector implements OpaqueTokenIntrospector { public OAuth2AuthenticatedPrincipal introspect(String token) { RequestEntity requestEntity = this.requestEntityConverter.convert(token); if (requestEntity == null) { - throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); + throw new OAuth2IntrospectionException("requestEntityConverter returned a null entity"); } ResponseEntity responseEntity = makeRequest(requestEntity); @@ -143,7 +143,7 @@ public class NimbusOpaqueTokenIntrospector implements OpaqueTokenIntrospector { // relying solely on the authorization server to validate this token (not checking 'exp', for example) if (!introspectionSuccessResponse.isActive()) { - throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); + throw new OAuth2IntrospectionException("Provided token isn't active"); } return convertClaimsSet(introspectionSuccessResponse); diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java index 9908979d28..91690f8f10 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospector.java @@ -154,7 +154,7 @@ public class NimbusReactiveOpaqueTokenIntrospector implements ReactiveOpaqueToke private void validate(String token, TokenIntrospectionSuccessResponse response) { // relying solely on the authorization server to validate this token (not checking 'exp', for example) if (!response.isActive()) { - throw new OAuth2IntrospectionException("Provided token [" + token + "] isn't active"); + throw new OAuth2IntrospectionException("Provided token isn't active"); } } diff --git a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java index 966d8eae62..2ebf11c8b5 100644 --- a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java +++ b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java @@ -168,7 +168,7 @@ public class NimbusOpaqueTokenIntrospectorTests { assertThatCode(() -> introspectionClient.introspect("token")) .isInstanceOf(OAuth2IntrospectionException.class) .extracting("message") - .containsExactly("Provided token [token] isn't active"); + .containsExactly("Provided token isn't active"); } @Test diff --git a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java index 0b58f45e6b..7454debbaf 100644 --- a/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java +++ b/oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusReactiveOpaqueTokenIntrospectorTests.java @@ -142,7 +142,7 @@ public class NimbusReactiveOpaqueTokenIntrospectorTests { assertThatCode(() -> introspectionClient.introspect("token").block()) .isInstanceOf(OAuth2IntrospectionException.class) .extracting("message") - .containsExactly("Provided token [token] isn't active"); + .containsExactly("Provided token isn't active"); } @Test