Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove Logging of Untrusted Data

This commit is contained in:
Josh Cummings 2023-08-07 14:39:17 -06:00
parent 3307c656f4
commit fed3de8dce
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerAuthenticationManagerResolver.java
View File

@ -227,8 +227,7 @@ public final class JwtIssuerAuthenticationManagerResolver implements Authenticat
return authenticationManager;
}
else {
this.logger.debug(LogMessage
.format("Did not resolve AuthenticationManager since issuer is not trusted", issuer));
this.logger.debug("Did not resolve AuthenticationManager since issuer is not trusted");
}
return null;
}

3
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtIssuerReactiveAuthenticationManagerResolver.java
View File

@ -221,8 +221,7 @@ public final class JwtIssuerReactiveAuthenticationManagerResolver
@Override
public Mono<ReactiveAuthenticationManager> resolve(String issuer) {
if (!this.trustedIssuer.test(issuer)) {
this.logger.debug(LogMessage
.format("Did not resolve AuthenticationManager since issuer is not trusted", issuer));
this.logger.debug("Did not resolve AuthenticationManager since issuer is not trusted");
return Mono.empty();
}
// @formatter:off