@Test
	public void withAlgorithmWhenNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> JoseHeader.withAlgorithm(null))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("jwaAlgorithm cannot be null");
	}

	@Test

            

Reported by PMD.

              
	@Test
	public void withAlgorithmWhenNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> JoseHeader.withAlgorithm(null))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("jwaAlgorithm cannot be null");
	}

	@Test

            

Reported by PMD.

              	}

	@Test
	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())

            

Reported by PMD.

              
	@Test
	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())

            

Reported by PMD.

              	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())
				.x509Url(expectedJoseHeader.getX509Url().toExternalForm())
				.x509CertificateChain(expectedJoseHeader.getX509CertificateChain())

            

Reported by PMD.

              	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())
				.x509Url(expectedJoseHeader.getX509Url().toExternalForm())
				.x509CertificateChain(expectedJoseHeader.getX509CertificateChain())

            

Reported by PMD.

              	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())
				.x509Url(expectedJoseHeader.getX509Url().toExternalForm())
				.x509CertificateChain(expectedJoseHeader.getX509CertificateChain())

            

Reported by PMD.

              	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())
				.x509Url(expectedJoseHeader.getX509Url().toExternalForm())
				.x509CertificateChain(expectedJoseHeader.getX509CertificateChain())

            

Reported by PMD.

              	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())
				.x509Url(expectedJoseHeader.getX509Url().toExternalForm())
				.x509CertificateChain(expectedJoseHeader.getX509CertificateChain())

            

Reported by PMD.

              	public void buildWhenAllHeadersProvidedThenAllHeadersAreSet() {
		JoseHeader expectedJoseHeader = TestJoseHeaders.joseHeader().build();

		JoseHeader joseHeader = JoseHeader.withAlgorithm(expectedJoseHeader.getAlgorithm())
				.jwkSetUrl(expectedJoseHeader.getJwkSetUrl().toExternalForm())
				.jwk(expectedJoseHeader.getJwk())
				.keyId(expectedJoseHeader.getKeyId())
				.x509Url(expectedJoseHeader.getX509Url().toExternalForm())
				.x509CertificateChain(expectedJoseHeader.getX509CertificateChain())

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.oauth2.server.authorization.authentication;

import java.security.Principal;
import java.time.Duration;
import java.time.Instant;
import java.util.Base64;

            

Reported by PMD.

               * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request</a>
 */
public final class OAuth2AuthorizationCodeAuthenticationProvider implements AuthenticationProvider {
	private static final OAuth2TokenType AUTHORIZATION_CODE_TOKEN_TYPE =
			new OAuth2TokenType(OAuth2ParameterNames.CODE);
	private static final OAuth2TokenType ID_TOKEN_TOKEN_TYPE =
			new OAuth2TokenType(OidcParameterNames.ID_TOKEN);
	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =

            

Reported by PMD.

               * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1">Section 4.1 Authorization Code Grant</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-4.1.3">Section 4.1.3 Access Token Request</a>
 */
public final class OAuth2AuthorizationCodeAuthenticationProvider implements AuthenticationProvider {
	private static final OAuth2TokenType AUTHORIZATION_CODE_TOKEN_TYPE =
			new OAuth2TokenType(OAuth2ParameterNames.CODE);
	private static final OAuth2TokenType ID_TOKEN_TOKEN_TYPE =
			new OAuth2TokenType(OidcParameterNames.ID_TOKEN);
	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =

            

Reported by PMD.

              			new OAuth2TokenType(OidcParameterNames.ID_TOKEN);
	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =
			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;


            

Reported by PMD.

              	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =
			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**

            

Reported by PMD.

              			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**
	 * Constructs an {@code OAuth2AuthorizationCodeAuthenticationProvider} using the provided parameters.

            

Reported by PMD.

              	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**
	 * Constructs an {@code OAuth2AuthorizationCodeAuthenticationProvider} using the provided parameters.
	 *

            

Reported by PMD.

              	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**
	 * Constructs an {@code OAuth2AuthorizationCodeAuthenticationProvider} using the provided parameters.
	 *
	 * @param authorizationService the authorization service

            

Reported by PMD.

              	}

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication =
				(OAuth2AuthorizationCodeAuthenticationToken) authentication;

		OAuth2ClientAuthenticationToken clientPrincipal =
				getAuthenticatedClientElseThrowInvalidClient(authorizationCodeAuthentication);

            

Reported by PMD.

              	}

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		OAuth2AuthorizationCodeAuthenticationToken authorizationCodeAuthentication =
				(OAuth2AuthorizationCodeAuthenticationToken) authentication;

		OAuth2ClientAuthenticationToken clientPrincipal =
				getAuthenticatedClientElseThrowInvalidClient(authorizationCodeAuthentication);

            

Reported by PMD.

              		return parameters;
	}

	private static String encodeBasicAuth(String clientId, String secret) throws Exception {
		clientId = URLEncoder.encode(clientId, StandardCharsets.UTF_8.name());
		secret = URLEncoder.encode(secret, StandardCharsets.UTF_8.name());
		String credentialsString = clientId + ":" + secret;
		byte[] encodedBytes = Base64.getEncoder().encode(credentialsString.getBytes(StandardCharsets.UTF_8));
		return new String(encodedBytes, StandardCharsets.UTF_8);

            

Reported by PMD.

              		return parameters;
	}

	private static String encodeBasicAuth(String clientId, String secret) throws Exception {
		clientId = URLEncoder.encode(clientId, StandardCharsets.UTF_8.name());
		secret = URLEncoder.encode(secret, StandardCharsets.UTF_8.name());
		String credentialsString = clientId + ":" + secret;
		byte[] encodedBytes = Base64.getEncoder().encode(credentialsString.getBytes(StandardCharsets.UTF_8));
		return new String(encodedBytes, StandardCharsets.UTF_8);

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;

            

Reported by PMD.

              			new OAuth2AccessTokenResponseHttpMessageConverter();

	@Rule
	public final SpringTestRule spring = new SpringTestRule();

	@Autowired
	private MockMvc mvc;

	@Autowired

            

Reported by PMD.

              	public final SpringTestRule spring = new SpringTestRule();

	@Autowired
	private MockMvc mvc;

	@Autowired
	private JdbcOperations jdbcOperations;

	@Autowired

            

Reported by PMD.

              	private MockMvc mvc;

	@Autowired
	private JdbcOperations jdbcOperations;

	@Autowired
	private RegisteredClientRepository registeredClientRepository;

	@Autowired

            

Reported by PMD.

              	private JdbcOperations jdbcOperations;

	@Autowired
	private RegisteredClientRepository registeredClientRepository;

	@Autowired
	private OAuth2AuthorizationService authorizationService;

	@Autowired

            

Reported by PMD.

              	private RegisteredClientRepository registeredClientRepository;

	@Autowired
	private OAuth2AuthorizationService authorizationService;

	@Autowired
	private JwtDecoder jwtDecoder;

	@BeforeClass

            

Reported by PMD.

              	private OAuth2AuthorizationService authorizationService;

	@Autowired
	private JwtDecoder jwtDecoder;

	@BeforeClass
	public static void init() {
		JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
		jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);

            

Reported by PMD.

              	}

	@Test
	public void requestWhenConfigurationRequestAndIssuerSetThenReturnConfigurationResponse() throws Exception {
		this.spring.register(AuthorizationServerConfigurationWithIssuer.class).autowire();

		this.mvc.perform(get(DEFAULT_OIDC_PROVIDER_CONFIGURATION_ENDPOINT_URI))
				.andExpect(status().is2xxSuccessful())
				.andExpect(jsonPath("issuer").value(ISSUER_URL));

            

Reported by PMD.

              	public void readInternalWhenFailingConverterThenThrowException() {
		String errorMessage = "this is not a valid converter";
		this.messageConverter.setTokenIntrospectionConverter(source -> {
			throw new RuntimeException(errorMessage);
		});
		MockClientHttpResponse response = new MockClientHttpResponse("{}".getBytes(), HttpStatus.OK);

		assertThatExceptionOfType(HttpMessageNotReadableException.class)
				.isThrownBy(() -> this.messageConverter.readInternal(OAuth2TokenIntrospection.class, response))

            

Reported by PMD.

              	public void writeInternalWhenWriteFailsThenThrowsException() {
		String errorMessage = "this is not a valid converter";
		Converter<OAuth2TokenIntrospection, Map<String, Object>> failingConverter = source -> {
			throw new RuntimeException(errorMessage);
		};
		this.messageConverter.setTokenIntrospectionParametersConverter(failingConverter);

		OAuth2TokenIntrospection tokenClaims = OAuth2TokenIntrospection.builder().build();


            

Reported by PMD.

               * @author Joe Grandja
 */
public class OAuth2TokenIntrospectionHttpMessageConverterTests {
	private final OAuth2TokenIntrospectionHttpMessageConverter messageConverter = new OAuth2TokenIntrospectionHttpMessageConverter();

	@Test
	public void supportsWhenOAuth2TokenIntrospectionThenTrue() {
		assertThat(this.messageConverter.supports(OAuth2TokenIntrospection.class)).isTrue();
	}

            

Reported by PMD.

              
	@Test
	public void supportsWhenOAuth2TokenIntrospectionThenTrue() {
		assertThat(this.messageConverter.supports(OAuth2TokenIntrospection.class)).isTrue();
	}

	@Test
	public void setTokenIntrospectionParametersConverterWhenNullThenThrowIllegalArgumentException() {
		assertThatIllegalArgumentException()

            

Reported by PMD.

              
	@Test
	public void setTokenIntrospectionParametersConverterWhenNullThenThrowIllegalArgumentException() {
		assertThatIllegalArgumentException()
				.isThrownBy(() -> this.messageConverter.setTokenIntrospectionParametersConverter(null));
	}

	@Test
	public void setTokenIntrospectionConverterWhenNullThenThrowIllegalArgumentException() {

            

Reported by PMD.

              
	@Test
	public void setTokenIntrospectionConverterWhenNullThenThrowIllegalArgumentException() {
		assertThatIllegalArgumentException()
				.isThrownBy(() -> this.messageConverter.setTokenIntrospectionConverter(null));
	}

	@Test
	public void readInternalWhenValidParametersThenSuccess() throws Exception {

            

Reported by PMD.

              	}

	@Test
	public void readInternalWhenValidParametersThenSuccess() throws Exception {
		// @formatter:off
		String tokenIntrospectionResponseBody = "{\n"
				+ "		\"active\": true,\n"
				+ "		\"client_id\": \"clientId1\",\n"
				+ "		\"username\": \"username1\",\n"

            

Reported by PMD.

              	}

	@Test
	public void readInternalWhenValidParametersThenSuccess() throws Exception {
		// @formatter:off
		String tokenIntrospectionResponseBody = "{\n"
				+ "		\"active\": true,\n"
				+ "		\"client_id\": \"clientId1\",\n"
				+ "		\"username\": \"username1\",\n"

            

Reported by PMD.

              				+ "}\n";
		// @formatter:on
		MockClientHttpResponse response = new MockClientHttpResponse(
				tokenIntrospectionResponseBody.getBytes(), HttpStatus.OK);
		OAuth2TokenIntrospection tokenIntrospectionResponse = this.messageConverter
				.readInternal(OAuth2TokenIntrospection.class, response);

		assertThat(tokenIntrospectionResponse.isActive()).isTrue();
		assertThat(tokenIntrospectionResponse.getClientId()).isEqualTo("clientId1");

            

Reported by PMD.

              		OAuth2TokenIntrospection tokenIntrospectionResponse = this.messageConverter
				.readInternal(OAuth2TokenIntrospection.class, response);

		assertThat(tokenIntrospectionResponse.isActive()).isTrue();
		assertThat(tokenIntrospectionResponse.getClientId()).isEqualTo("clientId1");
		assertThat(tokenIntrospectionResponse.getUsername()).isEqualTo("username1");
		assertThat(tokenIntrospectionResponse.getIssuedAt()).isEqualTo(Instant.ofEpochSecond(1607633867L));
		assertThat(tokenIntrospectionResponse.getExpiresAt()).isEqualTo(Instant.ofEpochSecond(1607637467L));
		assertThat(tokenIntrospectionResponse.getScopes()).containsExactlyInAnyOrderElementsOf(Arrays.asList("scope1", "scope2"));

            

Reported by PMD.

              
	@Test
	public void withRegisteredClientWhenRegisteredClientNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> OAuth2Authorization.withRegisteredClient(null))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("registeredClient cannot be null");
	}

	@Test

            

Reported by PMD.

              
	@Test
	public void withRegisteredClientWhenRegisteredClientNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> OAuth2Authorization.withRegisteredClient(null))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("registeredClient cannot be null");
	}

	@Test

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> OAuth2Authorization.from(null))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("authorization cannot be null");
	}

	@Test

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> OAuth2Authorization.from(null))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("authorization cannot be null");
	}

	@Test

            

Reported by PMD.

              	}

	@Test
	public void fromWhenAuthorizationProvidedThenCopied() {
		OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
				.id(ID)
				.principalName(PRINCIPAL_NAME)
				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
				.token(AUTHORIZATION_CODE)

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationProvidedThenCopied() {
		OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
				.id(ID)
				.principalName(PRINCIPAL_NAME)
				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
				.token(AUTHORIZATION_CODE)
				.accessToken(ACCESS_TOKEN)

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationProvidedThenCopied() {
		OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
				.id(ID)
				.principalName(PRINCIPAL_NAME)
				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
				.token(AUTHORIZATION_CODE)
				.accessToken(ACCESS_TOKEN)

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationProvidedThenCopied() {
		OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
				.id(ID)
				.principalName(PRINCIPAL_NAME)
				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
				.token(AUTHORIZATION_CODE)
				.accessToken(ACCESS_TOKEN)

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationProvidedThenCopied() {
		OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
				.id(ID)
				.principalName(PRINCIPAL_NAME)
				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
				.token(AUTHORIZATION_CODE)
				.accessToken(ACCESS_TOKEN)

            

Reported by PMD.

              
	@Test
	public void fromWhenAuthorizationProvidedThenCopied() {
		OAuth2Authorization authorization = OAuth2Authorization.withRegisteredClient(REGISTERED_CLIENT)
				.id(ID)
				.principalName(PRINCIPAL_NAME)
				.authorizationGrantType(AUTHORIZATION_GRANT_TYPE)
				.token(AUTHORIZATION_CODE)
				.accessToken(ACCESS_TOKEN)

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.oauth2.server.authorization.authentication;

import java.security.Principal;
import java.time.Duration;
import java.time.Instant;
import java.util.Base64;

            

Reported by PMD.

               * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.5">Section 1.5 Refresh Token Grant</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-6">Section 6 Refreshing an Access Token</a>
 */
public final class OAuth2RefreshTokenAuthenticationProvider implements AuthenticationProvider {
	private static final OAuth2TokenType ID_TOKEN_TOKEN_TYPE = new OAuth2TokenType(OidcParameterNames.ID_TOKEN);
	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =
			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;

            

Reported by PMD.

               * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-1.5">Section 1.5 Refresh Token Grant</a>
 * @see <a target="_blank" href="https://tools.ietf.org/html/rfc6749#section-6">Section 6 Refreshing an Access Token</a>
 */
public final class OAuth2RefreshTokenAuthenticationProvider implements AuthenticationProvider {
	private static final OAuth2TokenType ID_TOKEN_TOKEN_TYPE = new OAuth2TokenType(OidcParameterNames.ID_TOKEN);
	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =
			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;

            

Reported by PMD.

              	private static final OAuth2TokenType ID_TOKEN_TOKEN_TYPE = new OAuth2TokenType(OidcParameterNames.ID_TOKEN);
	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =
			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;


            

Reported by PMD.

              	private static final StringKeyGenerator DEFAULT_REFRESH_TOKEN_GENERATOR =
			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**

            

Reported by PMD.

              			new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**
	 * Constructs an {@code OAuth2RefreshTokenAuthenticationProvider} using the provided parameters.

            

Reported by PMD.

              	private final OAuth2AuthorizationService authorizationService;
	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**
	 * Constructs an {@code OAuth2RefreshTokenAuthenticationProvider} using the provided parameters.
	 *

            

Reported by PMD.

              	private final JwtEncoder jwtEncoder;
	private OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer = (context) -> {};
	private Supplier<String> refreshTokenGenerator = DEFAULT_REFRESH_TOKEN_GENERATOR::generateKey;
	private ProviderSettings providerSettings;

	/**
	 * Constructs an {@code OAuth2RefreshTokenAuthenticationProvider} using the provided parameters.
	 *
	 * @param authorizationService the authorization service

            

Reported by PMD.

              	}

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		OAuth2RefreshTokenAuthenticationToken refreshTokenAuthentication =
				(OAuth2RefreshTokenAuthenticationToken) authentication;

		OAuth2ClientAuthenticationToken clientPrincipal =
				getAuthenticatedClientElseThrowInvalidClient(refreshTokenAuthentication);

            

Reported by PMD.

              	}

	@Override
	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
		OAuth2RefreshTokenAuthenticationToken refreshTokenAuthentication =
				(OAuth2RefreshTokenAuthenticationToken) authentication;

		OAuth2ClientAuthenticationToken clientPrincipal =
				getAuthenticatedClientElseThrowInvalidClient(refreshTokenAuthentication);

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.oauth2.server.authorization;

import java.nio.charset.StandardCharsets;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

            

Reported by PMD.

              
	private void updateAuthorization(OAuth2Authorization authorization) {
		List<SqlParameterValue> parameters = this.authorizationParametersMapper.apply(authorization);
		SqlParameterValue id = parameters.remove(0);
		parameters.add(id);
		try (LobCreator lobCreator = this.lobHandler.getLobCreator()) {
			PreparedStatementSetter pss = new LobCreatorArgumentPreparedStatementSetter(lobCreator,
					parameters.toArray());
			this.jdbcOperations.update(UPDATE_AUTHORIZATION_SQL, pss);

            

Reported by PMD.

              	private void updateAuthorization(OAuth2Authorization authorization) {
		List<SqlParameterValue> parameters = this.authorizationParametersMapper.apply(authorization);
		SqlParameterValue id = parameters.remove(0);
		parameters.add(id);
		try (LobCreator lobCreator = this.lobHandler.getLobCreator()) {
			PreparedStatementSetter pss = new LobCreatorArgumentPreparedStatementSetter(lobCreator,
					parameters.toArray());
			this.jdbcOperations.update(UPDATE_AUTHORIZATION_SQL, pss);
		}

            

Reported by PMD.

              			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(UNKNOWN_TOKEN_TYPE_FILTER, parameters);
		} else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
			parameters.add(new SqlParameterValue(Types.VARCHAR, token));
			return findBy(STATE_FILTER, parameters);
		} else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(AUTHORIZATION_CODE_FILTER, parameters);

            

Reported by PMD.

              		} else if (OAuth2ParameterNames.STATE.equals(tokenType.getValue())) {
			parameters.add(new SqlParameterValue(Types.VARCHAR, token));
			return findBy(STATE_FILTER, parameters);
		} else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(AUTHORIZATION_CODE_FILTER, parameters);
		} else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(ACCESS_TOKEN_FILTER, parameters);

            

Reported by PMD.

              		} else if (OAuth2ParameterNames.CODE.equals(tokenType.getValue())) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(AUTHORIZATION_CODE_FILTER, parameters);
		} else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(ACCESS_TOKEN_FILTER, parameters);
		} else if (OAuth2TokenType.REFRESH_TOKEN.equals(tokenType)) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(REFRESH_TOKEN_FILTER, parameters);

            

Reported by PMD.

              		} else if (OAuth2TokenType.ACCESS_TOKEN.equals(tokenType)) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(ACCESS_TOKEN_FILTER, parameters);
		} else if (OAuth2TokenType.REFRESH_TOKEN.equals(tokenType)) {
			parameters.add(new SqlParameterValue(Types.BLOB, token.getBytes(StandardCharsets.UTF_8)));
			return findBy(REFRESH_TOKEN_FILTER, parameters);
		}
		return null;
	}

            

Reported by PMD.

              	private OAuth2Authorization findBy(String filter, List<SqlParameterValue> parameters) {
		PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters.toArray());
		List<OAuth2Authorization> result = this.jdbcOperations.query(LOAD_AUTHORIZATION_SQL + filter, pss, this.authorizationRowMapper);
		return !result.isEmpty() ? result.get(0) : null;
	}

	/**
	 * Sets the {@link RowMapper} used for mapping the current row in
	 * {@code java.sql.ResultSet} to {@link OAuth2Authorization}. The default is

            

Reported by PMD.

              	private OAuth2Authorization findBy(String filter, List<SqlParameterValue> parameters) {
		PreparedStatementSetter pss = new ArgumentPreparedStatementSetter(parameters.toArray());
		List<OAuth2Authorization> result = this.jdbcOperations.query(LOAD_AUTHORIZATION_SQL + filter, pss, this.authorizationRowMapper);
		return !result.isEmpty() ? result.get(0) : null;
	}

	/**
	 * Sets the {@link RowMapper} used for mapping the current row in
	 * {@code java.sql.ResultSet} to {@link OAuth2Authorization}. The default is

            

Reported by PMD.

              	 * The default {@link RowMapper} that maps the current row in
	 * {@code java.sql.ResultSet} to {@link OAuth2Authorization}.
	 */
	public static class OAuth2AuthorizationRowMapper implements RowMapper<OAuth2Authorization> {
		private final RegisteredClientRepository registeredClientRepository;
		private LobHandler lobHandler = new DefaultLobHandler();
		private ObjectMapper objectMapper = new ObjectMapper();

		public OAuth2AuthorizationRowMapper(RegisteredClientRepository registeredClientRepository) {

            

Reported by PMD.

              public class ProviderSettingsTests {

	@Test
	public void buildWhenDefaultThenDefaultsAreSet() {
		ProviderSettings providerSettings = ProviderSettings.builder().build();

		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");

            

Reported by PMD.

              
	@Test
	public void buildWhenDefaultThenDefaultsAreSet() {
		ProviderSettings providerSettings = ProviderSettings.builder().build();

		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");

            

Reported by PMD.

              	public void buildWhenDefaultThenDefaultsAreSet() {
		ProviderSettings providerSettings = ProviderSettings.builder().build();

		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");

            

Reported by PMD.

              	public void buildWhenDefaultThenDefaultsAreSet() {
		ProviderSettings providerSettings = ProviderSettings.builder().build();

		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");

            

Reported by PMD.

              		ProviderSettings providerSettings = ProviderSettings.builder().build();

		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");
		assertThat(providerSettings.getOidcClientRegistrationEndpoint()).isEqualTo("/connect/register");

            

Reported by PMD.

              		ProviderSettings providerSettings = ProviderSettings.builder().build();

		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");
		assertThat(providerSettings.getOidcClientRegistrationEndpoint()).isEqualTo("/connect/register");

            

Reported by PMD.

              
		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");
		assertThat(providerSettings.getOidcClientRegistrationEndpoint()).isEqualTo("/connect/register");
	}

            

Reported by PMD.

              
		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");
		assertThat(providerSettings.getOidcClientRegistrationEndpoint()).isEqualTo("/connect/register");
	}

            

Reported by PMD.

              		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");
		assertThat(providerSettings.getOidcClientRegistrationEndpoint()).isEqualTo("/connect/register");
	}


            

Reported by PMD.

              		assertThat(providerSettings.getIssuer()).isNull();
		assertThat(providerSettings.getAuthorizationEndpoint()).isEqualTo("/oauth2/authorize");
		assertThat(providerSettings.getTokenEndpoint()).isEqualTo("/oauth2/token");
		assertThat(providerSettings.getJwkSetEndpoint()).isEqualTo("/oauth2/jwks");
		assertThat(providerSettings.getTokenRevocationEndpoint()).isEqualTo("/oauth2/revoke");
		assertThat(providerSettings.getTokenIntrospectionEndpoint()).isEqualTo("/oauth2/introspect");
		assertThat(providerSettings.getOidcClientRegistrationEndpoint()).isEqualTo("/connect/register");
	}


            

Reported by PMD.

              
	@Test
	public void buildWhenClaimsEmptyThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> JwtClaimsSet.builder().build())
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("claims cannot be empty");
	}

	@Test

            

Reported by PMD.

              
	@Test
	public void buildWhenClaimsEmptyThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> JwtClaimsSet.builder().build())
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("claims cannot be empty");
	}

	@Test

            

Reported by PMD.

              	}

	@Test
	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())

            

Reported by PMD.

              
	@Test
	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())

            

Reported by PMD.

              	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())
				.issuedAt(expectedJwtClaimsSet.getIssuedAt())
				.notBefore(expectedJwtClaimsSet.getNotBefore())

            

Reported by PMD.

              	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())
				.issuedAt(expectedJwtClaimsSet.getIssuedAt())
				.notBefore(expectedJwtClaimsSet.getNotBefore())

            

Reported by PMD.

              	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())
				.issuedAt(expectedJwtClaimsSet.getIssuedAt())
				.notBefore(expectedJwtClaimsSet.getNotBefore())

            

Reported by PMD.

              	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())
				.issuedAt(expectedJwtClaimsSet.getIssuedAt())
				.notBefore(expectedJwtClaimsSet.getNotBefore())

            

Reported by PMD.

              	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())
				.issuedAt(expectedJwtClaimsSet.getIssuedAt())
				.notBefore(expectedJwtClaimsSet.getNotBefore())

            

Reported by PMD.

              	public void buildWhenAllClaimsProvidedThenAllClaimsAreSet() {
		JwtClaimsSet expectedJwtClaimsSet = TestJwtClaimsSets.jwtClaimsSet().build();

		JwtClaimsSet jwtClaimsSet = JwtClaimsSet.builder()
				.issuer(expectedJwtClaimsSet.getIssuer().toExternalForm())
				.subject(expectedJwtClaimsSet.getSubject())
				.audience(expectedJwtClaimsSet.getAudience())
				.issuedAt(expectedJwtClaimsSet.getIssuedAt())
				.notBefore(expectedJwtClaimsSet.getNotBefore())

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.oauth2.server.authorization.web;

import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


            

Reported by PMD.

               * @author Joe Grandja
 */
public class OAuth2ClientAuthenticationFilterTests {
	private String filterProcessesUrl = "/oauth2/token";
	private AuthenticationManager authenticationManager;
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =

            

Reported by PMD.

               * @author Joe Grandja
 */
public class OAuth2ClientAuthenticationFilterTests {
	private String filterProcessesUrl = "/oauth2/token";
	private AuthenticationManager authenticationManager;
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =

            

Reported by PMD.

               */
public class OAuth2ClientAuthenticationFilterTests {
	private String filterProcessesUrl = "/oauth2/token";
	private AuthenticationManager authenticationManager;
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();

            

Reported by PMD.

              public class OAuth2ClientAuthenticationFilterTests {
	private String filterProcessesUrl = "/oauth2/token";
	private AuthenticationManager authenticationManager;
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();


            

Reported by PMD.

              	private String filterProcessesUrl = "/oauth2/token";
	private AuthenticationManager authenticationManager;
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();

	@Before

            

Reported by PMD.

              	private AuthenticationManager authenticationManager;
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();

	@Before
	public void setUp() {

            

Reported by PMD.

              	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private OAuth2ClientAuthenticationFilter filter;
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();

	@Before
	public void setUp() {
		this.authenticationManager = mock(AuthenticationManager.class);

            

Reported by PMD.

              	@Before
	public void setUp() {
		this.authenticationManager = mock(AuthenticationManager.class);
		this.requestMatcher = new AntPathRequestMatcher(this.filterProcessesUrl, HttpMethod.POST.name());
		this.filter = new OAuth2ClientAuthenticationFilter(this.authenticationManager, this.requestMatcher);
		this.authenticationConverter = mock(AuthenticationConverter.class);
		this.filter.setAuthenticationConverter(this.authenticationConverter);
	}


            

Reported by PMD.

              
	@Test
	public void constructorWhenAuthenticationManagerNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientAuthenticationFilter(null, this.requestMatcher))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("authenticationManager cannot be null");
	}

	@Test

            

Reported by PMD.