From fed3de8dce93641dfea4d1501d856ba806e7d149 Mon Sep 17 00:00:00 2001
From: Josh Cummings <josh.cummings@gmail.com>
Date: Mon, 7 Aug 2023 14:39:17 -0600
Subject: [PATCH] Remove Logging of Untrusted Data

---
 .../authentication/JwtIssuerAuthenticationManagerResolver.java | 3 +--
 .../JwtIssuerReactiveAuthenticationManagerResolver.java        | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerAuthenticationManagerResolver.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerAuthenticationManagerResolver.java
index 21a18e5fb2..5d80e981bb 100644
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerAuthenticationManagerResolver.java
+++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerAuthenticationManagerResolver.java
@@ -227,8 +227,7 @@ public final class JwtIssuerAuthenticationManagerResolver implements Authenticat
 				return authenticationManager;
 			}
 			else {
-				this.logger.debug(LogMessage
-						.format("Did not resolve AuthenticationManager since issuer is not trusted", issuer));
+				this.logger.debug("Did not resolve AuthenticationManager since issuer is not trusted");
 			}
 			return null;
 		}
diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java
index 6c1cc0a1db..4985f8aa15 100644
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java
+++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java
@@ -221,8 +221,7 @@ public final class JwtIssuerReactiveAuthenticationManagerResolver
 		@Override
 		public Mono<ReactiveAuthenticationManager> resolve(String issuer) {
 			if (!this.trustedIssuer.test(issuer)) {
-				this.logger.debug(LogMessage
-						.format("Did not resolve AuthenticationManager since issuer is not trusted", issuer));
+				this.logger.debug("Did not resolve AuthenticationManager since issuer is not trusted");
 				return Mono.empty();
 			}
 			// @formatter:off