* See the License for the specific language governing permissions and
 * limitations under the License.
 */
package sample.config;

import java.util.UUID;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;

            

Reported by PMD.

              
	@Bean
	@Order(Ordered.HIGHEST_PRECEDENCE)
	public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
		OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
		return http.formLogin(Customizer.withDefaults()).build();
	}

	// @formatter:off

            

Reported by PMD.

              	@Order(Ordered.HIGHEST_PRECEDENCE)
	public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
		OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
		return http.formLogin(Customizer.withDefaults()).build();
	}

	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

              	// @formatter:off
	@Bean
	public RegisteredClientRepository registeredClientRepository(JdbcTemplate jdbcTemplate) {
		RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
				.clientId("messaging-client")
				.clientSecret("secret")
				.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)

            

Reported by PMD.

               * @author Alexey Nesterov
 */
public class OAuth2ClientCredentialsAuthenticationTokenTests {
	private final RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
	private final OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(
			this.registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, this.registeredClient.getClientSecret());
	private Set<String> scopes = Collections.singleton("scope1");
	private Map<String, Object> additionalParameters = Collections.singletonMap("param1", "value1");


            

Reported by PMD.

               */
public class OAuth2ClientCredentialsAuthenticationTokenTests {
	private final RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
	private final OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(
			this.registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, this.registeredClient.getClientSecret());
	private Set<String> scopes = Collections.singleton("scope1");
	private Map<String, Object> additionalParameters = Collections.singletonMap("param1", "value1");

	@Test

            

Reported by PMD.

              	private final RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
	private final OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(
			this.registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, this.registeredClient.getClientSecret());
	private Set<String> scopes = Collections.singleton("scope1");
	private Map<String, Object> additionalParameters = Collections.singletonMap("param1", "value1");

	@Test
	public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))

            

Reported by PMD.

              	private final RegisteredClient registeredClient = TestRegisteredClients.registeredClient().build();
	private final OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(
			this.registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, this.registeredClient.getClientSecret());
	private Set<String> scopes = Collections.singleton("scope1");
	private Map<String, Object> additionalParameters = Collections.singletonMap("param1", "value1");

	@Test
	public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))

            

Reported by PMD.

              	private final OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(
			this.registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, this.registeredClient.getClientSecret());
	private Set<String> scopes = Collections.singleton("scope1");
	private Map<String, Object> additionalParameters = Collections.singletonMap("param1", "value1");

	@Test
	public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))
				.isInstanceOf(IllegalArgumentException.class)

            

Reported by PMD.

              	private final OAuth2ClientAuthenticationToken clientPrincipal = new OAuth2ClientAuthenticationToken(
			this.registeredClient, ClientAuthenticationMethod.CLIENT_SECRET_BASIC, this.registeredClient.getClientSecret());
	private Set<String> scopes = Collections.singleton("scope1");
	private Map<String, Object> additionalParameters = Collections.singletonMap("param1", "value1");

	@Test
	public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))
				.isInstanceOf(IllegalArgumentException.class)

            

Reported by PMD.

              
	@Test
	public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("clientPrincipal cannot be null");
	}

	@Test

            

Reported by PMD.

              
	@Test
	public void constructorWhenClientPrincipalNullThenThrowIllegalArgumentException() {
		assertThatThrownBy(() -> new OAuth2ClientCredentialsAuthenticationToken(null, this.scopes, this.additionalParameters))
				.isInstanceOf(IllegalArgumentException.class)
				.hasMessage("clientPrincipal cannot be null");
	}

	@Test

            

Reported by PMD.

              	}

	@Test
	public void constructorWhenClientPrincipalProvidedThenCreated() {
		OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(
				this.clientPrincipal, this.scopes, this.additionalParameters);

		assertThat(authentication.getGrantType()).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS);
		assertThat(authentication.getPrincipal()).isEqualTo(this.clientPrincipal);

            

Reported by PMD.

              		OAuth2ClientCredentialsAuthenticationToken authentication = new OAuth2ClientCredentialsAuthenticationToken(
				this.clientPrincipal, this.scopes, this.additionalParameters);

		assertThat(authentication.getGrantType()).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS);
		assertThat(authentication.getPrincipal()).isEqualTo(this.clientPrincipal);
		assertThat(authentication.getCredentials().toString()).isEmpty();
		assertThat(authentication.getScopes()).isEqualTo(this.scopes);
		assertThat(authentication.getAdditionalParameters()).isEqualTo(this.additionalParameters);
	}

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.oauth2.server.authorization.web;

import java.io.IOException;
import java.time.temporal.ChronoUnit;
import java.util.Arrays;
import java.util.Map;

            

Reported by PMD.

              	private static final String DEFAULT_TOKEN_ENDPOINT_URI = "/oauth2/token";

	private static final String DEFAULT_ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
	private final AuthenticationManager authenticationManager;
	private final RequestMatcher tokenEndpointMatcher;
	private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
			new OAuth2AccessTokenResponseHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();

            

Reported by PMD.

              
	private static final String DEFAULT_ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
	private final AuthenticationManager authenticationManager;
	private final RequestMatcher tokenEndpointMatcher;
	private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
			new OAuth2AccessTokenResponseHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();
	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =

            

Reported by PMD.

              	private static final String DEFAULT_ERROR_URI = "https://datatracker.ietf.org/doc/html/rfc6749#section-5.2";
	private final AuthenticationManager authenticationManager;
	private final RequestMatcher tokenEndpointMatcher;
	private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
			new OAuth2AccessTokenResponseHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();
	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
			new WebAuthenticationDetailsSource();

            

Reported by PMD.

              	private final RequestMatcher tokenEndpointMatcher;
	private final HttpMessageConverter<OAuth2AccessTokenResponse> accessTokenHttpResponseConverter =
			new OAuth2AccessTokenResponseHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();
	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
			new WebAuthenticationDetailsSource();
	private AuthenticationConverter authenticationConverter;
	private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAccessTokenResponse;

            

Reported by PMD.

              			new OAuth2AccessTokenResponseHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter =
			new OAuth2ErrorHttpMessageConverter();
	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
			new WebAuthenticationDetailsSource();
	private AuthenticationConverter authenticationConverter;
	private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAccessTokenResponse;
	private AuthenticationFailureHandler authenticationFailureHandler = this::sendErrorResponse;


            

Reported by PMD.

              			new OAuth2ErrorHttpMessageConverter();
	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
			new WebAuthenticationDetailsSource();
	private AuthenticationConverter authenticationConverter;
	private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAccessTokenResponse;
	private AuthenticationFailureHandler authenticationFailureHandler = this::sendErrorResponse;

	/**
	 * Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.

            

Reported by PMD.

              	private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource =
			new WebAuthenticationDetailsSource();
	private AuthenticationConverter authenticationConverter;
	private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAccessTokenResponse;
	private AuthenticationFailureHandler authenticationFailureHandler = this::sendErrorResponse;

	/**
	 * Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
	 *

            

Reported by PMD.

              			new WebAuthenticationDetailsSource();
	private AuthenticationConverter authenticationConverter;
	private AuthenticationSuccessHandler authenticationSuccessHandler = this::sendAccessTokenResponse;
	private AuthenticationFailureHandler authenticationFailureHandler = this::sendErrorResponse;

	/**
	 * Constructs an {@code OAuth2TokenEndpointFilter} using the provided parameters.
	 *
	 * @param authenticationManager the authentication manager

            

Reported by PMD.

              		this.authenticationFailureHandler = authenticationFailureHandler;
	}

	private void sendAccessTokenResponse(HttpServletRequest request, HttpServletResponse response,
			Authentication authentication) throws IOException {

		OAuth2AccessTokenAuthenticationToken accessTokenAuthentication =
				(OAuth2AccessTokenAuthenticationToken) authentication;


            

Reported by PMD.

               * @author Steve Riesenberg
 */
public class RegisterMissingBeanPostProcessorTests {
	private final RegisterMissingBeanPostProcessor postProcessor = new RegisterMissingBeanPostProcessor();

	@Test
	public void postProcessBeanDefinitionRegistryWhenClassAddedThenRegisteredWithClass() {
		this.postProcessor.addBeanDefinition(SimpleBean.class, null);
		this.postProcessor.setBeanFactory(new DefaultListableBeanFactory());

            

Reported by PMD.

              	private final RegisterMissingBeanPostProcessor postProcessor = new RegisterMissingBeanPostProcessor();

	@Test
	public void postProcessBeanDefinitionRegistryWhenClassAddedThenRegisteredWithClass() {
		this.postProcessor.addBeanDefinition(SimpleBean.class, null);
		this.postProcessor.setBeanFactory(new DefaultListableBeanFactory());

		BeanDefinitionRegistry beanDefinitionRegistry = mock(BeanDefinitionRegistry.class);
		this.postProcessor.postProcessBeanDefinitionRegistry(beanDefinitionRegistry);

            

Reported by PMD.

              		this.postProcessor.postProcessBeanDefinitionRegistry(beanDefinitionRegistry);

		ArgumentCaptor<BeanDefinition> beanDefinitionCaptor = ArgumentCaptor.forClass(BeanDefinition.class);
		verify(beanDefinitionRegistry).registerBeanDefinition(endsWith("SimpleBean"), beanDefinitionCaptor.capture());

		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

            

Reported by PMD.

              		this.postProcessor.postProcessBeanDefinitionRegistry(beanDefinitionRegistry);

		ArgumentCaptor<BeanDefinition> beanDefinitionCaptor = ArgumentCaptor.forClass(BeanDefinition.class);
		verify(beanDefinitionRegistry).registerBeanDefinition(endsWith("SimpleBean"), beanDefinitionCaptor.capture());

		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

            

Reported by PMD.

              		ArgumentCaptor<BeanDefinition> beanDefinitionCaptor = ArgumentCaptor.forClass(BeanDefinition.class);
		verify(beanDefinitionRegistry).registerBeanDefinition(endsWith("SimpleBean"), beanDefinitionCaptor.capture());

		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

	@Test

            

Reported by PMD.

              		verify(beanDefinitionRegistry).registerBeanDefinition(endsWith("SimpleBean"), beanDefinitionCaptor.capture());

		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

	@Test
	public void postProcessBeanDefinitionRegistryWhenSupplierAddedThenRegisteredWithSupplier() {

            

Reported by PMD.

              		verify(beanDefinitionRegistry).registerBeanDefinition(endsWith("SimpleBean"), beanDefinitionCaptor.capture());

		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

	@Test
	public void postProcessBeanDefinitionRegistryWhenSupplierAddedThenRegisteredWithSupplier() {

            

Reported by PMD.

              
		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

	@Test
	public void postProcessBeanDefinitionRegistryWhenSupplierAddedThenRegisteredWithSupplier() {
		Supplier<SimpleBean> beanSupplier = () -> new SimpleBean("string");

            

Reported by PMD.

              
		RootBeanDefinition beanDefinition = (RootBeanDefinition) beanDefinitionCaptor.getValue();
		assertThat(beanDefinition.getBeanClass()).isEqualTo(SimpleBean.class);
		assertThat(beanDefinition.getInstanceSupplier()).isNull();
	}

	@Test
	public void postProcessBeanDefinitionRegistryWhenSupplierAddedThenRegisteredWithSupplier() {
		Supplier<SimpleBean> beanSupplier = () -> new SimpleBean("string");

            

Reported by PMD.

              	}

	@Test
	public void postProcessBeanDefinitionRegistryWhenSupplierAddedThenRegisteredWithSupplier() {
		Supplier<SimpleBean> beanSupplier = () -> new SimpleBean("string");
		this.postProcessor.addBeanDefinition(SimpleBean.class, beanSupplier);
		this.postProcessor.setBeanFactory(new DefaultListableBeanFactory());

		BeanDefinitionRegistry beanDefinitionRegistry = mock(BeanDefinitionRegistry.class);

            

Reported by PMD.

               * @see OAuth2AuthorizationServerMetadataEndpointFilter
 */
public final class OAuth2AuthorizationServerConfigurer<B extends HttpSecurityBuilder<B>>
		extends AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer<B>, B> {

	private final Map<Class<? extends AbstractOAuth2Configurer>, AbstractOAuth2Configurer> configurers = createConfigurers();
	private RequestMatcher tokenIntrospectionEndpointMatcher;
	private RequestMatcher tokenRevocationEndpointMatcher;
	private RequestMatcher jwkSetEndpointMatcher;

            

Reported by PMD.

              public final class OAuth2AuthorizationServerConfigurer<B extends HttpSecurityBuilder<B>>
		extends AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer<B>, B> {

	private final Map<Class<? extends AbstractOAuth2Configurer>, AbstractOAuth2Configurer> configurers = createConfigurers();
	private RequestMatcher tokenIntrospectionEndpointMatcher;
	private RequestMatcher tokenRevocationEndpointMatcher;
	private RequestMatcher jwkSetEndpointMatcher;
	private RequestMatcher authorizationServerMetadataEndpointMatcher;
	private final RequestMatcher endpointsMatcher = (request) ->

            

Reported by PMD.

              		extends AbstractHttpConfigurer<OAuth2AuthorizationServerConfigurer<B>, B> {

	private final Map<Class<? extends AbstractOAuth2Configurer>, AbstractOAuth2Configurer> configurers = createConfigurers();
	private RequestMatcher tokenIntrospectionEndpointMatcher;
	private RequestMatcher tokenRevocationEndpointMatcher;
	private RequestMatcher jwkSetEndpointMatcher;
	private RequestMatcher authorizationServerMetadataEndpointMatcher;
	private final RequestMatcher endpointsMatcher = (request) ->
			getRequestMatcher(OAuth2AuthorizationEndpointConfigurer.class).matches(request) ||

            

Reported by PMD.

              
	private final Map<Class<? extends AbstractOAuth2Configurer>, AbstractOAuth2Configurer> configurers = createConfigurers();
	private RequestMatcher tokenIntrospectionEndpointMatcher;
	private RequestMatcher tokenRevocationEndpointMatcher;
	private RequestMatcher jwkSetEndpointMatcher;
	private RequestMatcher authorizationServerMetadataEndpointMatcher;
	private final RequestMatcher endpointsMatcher = (request) ->
			getRequestMatcher(OAuth2AuthorizationEndpointConfigurer.class).matches(request) ||
			getRequestMatcher(OAuth2TokenEndpointConfigurer.class).matches(request) ||

            

Reported by PMD.

              	private final Map<Class<? extends AbstractOAuth2Configurer>, AbstractOAuth2Configurer> configurers = createConfigurers();
	private RequestMatcher tokenIntrospectionEndpointMatcher;
	private RequestMatcher tokenRevocationEndpointMatcher;
	private RequestMatcher jwkSetEndpointMatcher;
	private RequestMatcher authorizationServerMetadataEndpointMatcher;
	private final RequestMatcher endpointsMatcher = (request) ->
			getRequestMatcher(OAuth2AuthorizationEndpointConfigurer.class).matches(request) ||
			getRequestMatcher(OAuth2TokenEndpointConfigurer.class).matches(request) ||
			getRequestMatcher(OidcConfigurer.class).matches(request) ||

            

Reported by PMD.

              	private RequestMatcher tokenIntrospectionEndpointMatcher;
	private RequestMatcher tokenRevocationEndpointMatcher;
	private RequestMatcher jwkSetEndpointMatcher;
	private RequestMatcher authorizationServerMetadataEndpointMatcher;
	private final RequestMatcher endpointsMatcher = (request) ->
			getRequestMatcher(OAuth2AuthorizationEndpointConfigurer.class).matches(request) ||
			getRequestMatcher(OAuth2TokenEndpointConfigurer.class).matches(request) ||
			getRequestMatcher(OidcConfigurer.class).matches(request) ||
			this.tokenIntrospectionEndpointMatcher.matches(request) ||

            

Reported by PMD.

              		OAuth2TokenIntrospectionEndpointFilter tokenIntrospectionEndpointFilter =
				new OAuth2TokenIntrospectionEndpointFilter(
						authenticationManager,
						providerSettings.getTokenIntrospectionEndpoint());
		builder.addFilterAfter(postProcess(tokenIntrospectionEndpointFilter), FilterSecurityInterceptor.class);

		OAuth2TokenRevocationEndpointFilter tokenRevocationEndpointFilter =
				new OAuth2TokenRevocationEndpointFilter(
						authenticationManager,

            

Reported by PMD.

              		OAuth2TokenRevocationEndpointFilter tokenRevocationEndpointFilter =
				new OAuth2TokenRevocationEndpointFilter(
						authenticationManager,
						providerSettings.getTokenRevocationEndpoint());
		builder.addFilterAfter(postProcess(tokenRevocationEndpointFilter), FilterSecurityInterceptor.class);

		NimbusJwkSetEndpointFilter jwkSetEndpointFilter =
				new NimbusJwkSetEndpointFilter(
						OAuth2ConfigurerUtils.getJwkSource(builder),

            

Reported by PMD.

              		NimbusJwkSetEndpointFilter jwkSetEndpointFilter =
				new NimbusJwkSetEndpointFilter(
						OAuth2ConfigurerUtils.getJwkSource(builder),
						providerSettings.getJwkSetEndpoint());
		builder.addFilterBefore(postProcess(jwkSetEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class);

		if (providerSettings.getIssuer() != null) {
			OAuth2AuthorizationServerMetadataEndpointFilter authorizationServerMetadataEndpointFilter =
					new OAuth2AuthorizationServerMetadataEndpointFilter(providerSettings);

            

Reported by PMD.

              						providerSettings.getJwkSetEndpoint());
		builder.addFilterBefore(postProcess(jwkSetEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class);

		if (providerSettings.getIssuer() != null) {
			OAuth2AuthorizationServerMetadataEndpointFilter authorizationServerMetadataEndpointFilter =
					new OAuth2AuthorizationServerMetadataEndpointFilter(providerSettings);
			builder.addFilterBefore(postProcess(authorizationServerMetadataEndpointFilter), AbstractPreAuthenticatedProcessingFilter.class);
		}
	}

            

Reported by PMD.

              				.attribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME, authorizationRequest.getScopes());
	}

	private static Map<String, Object> tokenMetadata(Map<String, Object> tokenClaims) {
		Map<String, Object> tokenMetadata = new HashMap<>();
		tokenMetadata.put(OAuth2Authorization.Token.INVALIDATED_METADATA_NAME, false);
		if (CollectionUtils.isEmpty(tokenClaims)) {
			tokenClaims = defaultTokenClaims();
		}

            

Reported by PMD.

               * @author Joe Grandja
 * @author Daniel Garnier-Moiroux
 */
public class TestOAuth2Authorizations {

	public static OAuth2Authorization.Builder authorization() {
		return authorization(TestRegisteredClients.registeredClient().build());
	}


            

Reported by PMD.

              public class TestOAuth2Authorizations {

	public static OAuth2Authorization.Builder authorization() {
		return authorization(TestRegisteredClients.registeredClient().build());
	}

	public static OAuth2Authorization.Builder authorization(RegisteredClient registeredClient) {
		return authorization(registeredClient, Collections.emptyMap());
	}

            

Reported by PMD.

              	public static OAuth2Authorization.Builder authorization(RegisteredClient registeredClient,
			Map<String, Object> authorizationRequestAdditionalParameters) {
		OAuth2AccessToken accessToken = new OAuth2AccessToken(
				OAuth2AccessToken.TokenType.BEARER, "access-token", Instant.now(), Instant.now().plusSeconds(300));
		return authorization(registeredClient, accessToken, Collections.emptyMap(), authorizationRequestAdditionalParameters);
	}

	private static OAuth2Authorization.Builder authorization(RegisteredClient registeredClient,
			OAuth2AccessToken accessToken, Map<String, Object> accessTokenClaims,

            

Reported by PMD.

              			OAuth2AccessToken accessToken, Map<String, Object> accessTokenClaims,
			Map<String, Object> authorizationRequestAdditionalParameters) {
		OAuth2AuthorizationCode authorizationCode = new OAuth2AuthorizationCode(
				"code", Instant.now(), Instant.now().plusSeconds(120));
		OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
				"refresh-token", Instant.now(), Instant.now().plus(1, ChronoUnit.HOURS));
		OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
				.authorizationUri("https://provider.com/oauth2/authorize")
				.clientId(registeredClient.getClientId())

            

Reported by PMD.

              		OAuth2AuthorizationCode authorizationCode = new OAuth2AuthorizationCode(
				"code", Instant.now(), Instant.now().plusSeconds(120));
		OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
				"refresh-token", Instant.now(), Instant.now().plus(1, ChronoUnit.HOURS));
		OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
				.authorizationUri("https://provider.com/oauth2/authorize")
				.clientId(registeredClient.getClientId())
				.redirectUri(registeredClient.getRedirectUris().iterator().next())
				.scopes(registeredClient.getScopes())

            

Reported by PMD.

              				"code", Instant.now(), Instant.now().plusSeconds(120));
		OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
				"refresh-token", Instant.now(), Instant.now().plus(1, ChronoUnit.HOURS));
		OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
				.authorizationUri("https://provider.com/oauth2/authorize")
				.clientId(registeredClient.getClientId())
				.redirectUri(registeredClient.getRedirectUris().iterator().next())
				.scopes(registeredClient.getScopes())
				.additionalParameters(authorizationRequestAdditionalParameters)

            

Reported by PMD.

              				"code", Instant.now(), Instant.now().plusSeconds(120));
		OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
				"refresh-token", Instant.now(), Instant.now().plus(1, ChronoUnit.HOURS));
		OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
				.authorizationUri("https://provider.com/oauth2/authorize")
				.clientId(registeredClient.getClientId())
				.redirectUri(registeredClient.getRedirectUris().iterator().next())
				.scopes(registeredClient.getScopes())
				.additionalParameters(authorizationRequestAdditionalParameters)

            

Reported by PMD.

              				"code", Instant.now(), Instant.now().plusSeconds(120));
		OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
				"refresh-token", Instant.now(), Instant.now().plus(1, ChronoUnit.HOURS));
		OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
				.authorizationUri("https://provider.com/oauth2/authorize")
				.clientId(registeredClient.getClientId())
				.redirectUri(registeredClient.getRedirectUris().iterator().next())
				.scopes(registeredClient.getScopes())
				.additionalParameters(authorizationRequestAdditionalParameters)

            

Reported by PMD.

              				"code", Instant.now(), Instant.now().plusSeconds(120));
		OAuth2RefreshToken refreshToken = new OAuth2RefreshToken(
				"refresh-token", Instant.now(), Instant.now().plus(1, ChronoUnit.HOURS));
		OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode()
				.authorizationUri("https://provider.com/oauth2/authorize")
				.clientId(registeredClient.getClientId())
				.redirectUri(registeredClient.getRedirectUris().iterator().next())
				.scopes(registeredClient.getScopes())
				.additionalParameters(authorizationRequestAdditionalParameters)

            

Reported by PMD.

               * @see OAuth2AuthorizationEndpointFilter
 */
public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

            

Reported by PMD.

               */
public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;


            

Reported by PMD.

               */
public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;


            

Reported by PMD.

              public final class OAuth2AuthorizationEndpointConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**

            

Reported by PMD.

              	private RequestMatcher requestMatcher;
	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**
	 * Restrict for internal use only.

            

Reported by PMD.

              	private RequestMatcher requestMatcher;
	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**
	 * Restrict for internal use only.

            

Reported by PMD.

              	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**
	 * Restrict for internal use only.
	 */

            

Reported by PMD.

              	private AuthenticationConverter authorizationRequestConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**
	 * Restrict for internal use only.
	 */

            

Reported by PMD.

              	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**
	 * Restrict for internal use only.
	 */
	OAuth2AuthorizationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {

            

Reported by PMD.

              	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authorizationResponseHandler;
	private AuthenticationFailureHandler errorResponseHandler;
	private String consentPage;

	/**
	 * Restrict for internal use only.
	 */
	OAuth2AuthorizationEndpointConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {

            

Reported by PMD.

               * @see OAuth2ClientAuthenticationFilter
 */
public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;


            

Reported by PMD.

               */
public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**

            

Reported by PMD.

               */
public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**

            

Reported by PMD.

              public final class OAuth2ClientAuthenticationConfigurer extends AbstractOAuth2Configurer {
	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**
	 * Restrict for internal use only.

            

Reported by PMD.

              	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**
	 * Restrict for internal use only.
	 */

            

Reported by PMD.

              	private RequestMatcher requestMatcher;
	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**
	 * Restrict for internal use only.
	 */

            

Reported by PMD.

              	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**
	 * Restrict for internal use only.
	 */
	OAuth2ClientAuthenticationConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {

            

Reported by PMD.

              	private AuthenticationConverter authenticationConverter;
	private final List<AuthenticationProvider> authenticationProviders = new ArrayList<>();
	private AuthenticationSuccessHandler authenticationSuccessHandler;
	private AuthenticationFailureHandler errorResponseHandler;

	/**
	 * Restrict for internal use only.
	 */
	OAuth2ClientAuthenticationConfigurer(ObjectPostProcessor<Object> objectPostProcessor) {

            

Reported by PMD.

              		ProviderSettings providerSettings = OAuth2ConfigurerUtils.getProviderSettings(builder);
		this.requestMatcher = new OrRequestMatcher(
				new AntPathRequestMatcher(
						providerSettings.getTokenEndpoint(),
						HttpMethod.POST.name()),
				new AntPathRequestMatcher(
						providerSettings.getTokenIntrospectionEndpoint(),
						HttpMethod.POST.name()),
				new AntPathRequestMatcher(

            

Reported by PMD.

              		this.requestMatcher = new OrRequestMatcher(
				new AntPathRequestMatcher(
						providerSettings.getTokenEndpoint(),
						HttpMethod.POST.name()),
				new AntPathRequestMatcher(
						providerSettings.getTokenIntrospectionEndpoint(),
						HttpMethod.POST.name()),
				new AntPathRequestMatcher(
						providerSettings.getTokenRevocationEndpoint(),

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.oauth2.server.authorization.web;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;


            

Reported by PMD.

              	 */
	private static final String DEFAULT_TOKEN_INTROSPECTION_ENDPOINT_URI = "/oauth2/introspect";

	private final AuthenticationManager authenticationManager;
	private final RequestMatcher tokenIntrospectionEndpointMatcher;
	private final Converter<HttpServletRequest, Authentication> tokenIntrospectionAuthenticationConverter =
			new DefaultTokenIntrospectionAuthenticationConverter();
	private final HttpMessageConverter<OAuth2TokenIntrospection> tokenIntrospectionHttpResponseConverter =
			new OAuth2TokenIntrospectionHttpMessageConverter();

            

Reported by PMD.

              	private static final String DEFAULT_TOKEN_INTROSPECTION_ENDPOINT_URI = "/oauth2/introspect";

	private final AuthenticationManager authenticationManager;
	private final RequestMatcher tokenIntrospectionEndpointMatcher;
	private final Converter<HttpServletRequest, Authentication> tokenIntrospectionAuthenticationConverter =
			new DefaultTokenIntrospectionAuthenticationConverter();
	private final HttpMessageConverter<OAuth2TokenIntrospection> tokenIntrospectionHttpResponseConverter =
			new OAuth2TokenIntrospectionHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter = new OAuth2ErrorHttpMessageConverter();

            

Reported by PMD.

              
	private final AuthenticationManager authenticationManager;
	private final RequestMatcher tokenIntrospectionEndpointMatcher;
	private final Converter<HttpServletRequest, Authentication> tokenIntrospectionAuthenticationConverter =
			new DefaultTokenIntrospectionAuthenticationConverter();
	private final HttpMessageConverter<OAuth2TokenIntrospection> tokenIntrospectionHttpResponseConverter =
			new OAuth2TokenIntrospectionHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter = new OAuth2ErrorHttpMessageConverter();


            

Reported by PMD.

              	private final RequestMatcher tokenIntrospectionEndpointMatcher;
	private final Converter<HttpServletRequest, Authentication> tokenIntrospectionAuthenticationConverter =
			new DefaultTokenIntrospectionAuthenticationConverter();
	private final HttpMessageConverter<OAuth2TokenIntrospection> tokenIntrospectionHttpResponseConverter =
			new OAuth2TokenIntrospectionHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter = new OAuth2ErrorHttpMessageConverter();

	/**
	 * Constructs an {@code OAuth2TokenIntrospectionEndpointFilter} using the provided parameters.

            

Reported by PMD.

              			new DefaultTokenIntrospectionAuthenticationConverter();
	private final HttpMessageConverter<OAuth2TokenIntrospection> tokenIntrospectionHttpResponseConverter =
			new OAuth2TokenIntrospectionHttpMessageConverter();
	private final HttpMessageConverter<OAuth2Error> errorHttpResponseConverter = new OAuth2ErrorHttpMessageConverter();

	/**
	 * Constructs an {@code OAuth2TokenIntrospectionEndpointFilter} using the provided parameters.
	 *
	 * @param authenticationManager the authentication manager

            

Reported by PMD.

              			OAuth2TokenIntrospectionAuthenticationToken tokenIntrospectionAuthenticationResult =
					(OAuth2TokenIntrospectionAuthenticationToken) this.authenticationManager.authenticate(tokenIntrospectionAuthentication);

			OAuth2TokenIntrospection tokenClaims = tokenIntrospectionAuthenticationResult.getTokenClaims();
			sendTokenIntrospectionResponse(response, tokenClaims);

		} catch (OAuth2AuthenticationException ex) {
			SecurityContextHolder.clearContext();
			sendErrorResponse(response, ex.getError());

            

Reported by PMD.

              
		@Override
		public Authentication convert(HttpServletRequest request) {
			Authentication clientPrincipal = SecurityContextHolder.getContext().getAuthentication();

			MultiValueMap<String, String> parameters = OAuth2EndpointUtils.getParameters(request);

			// token (REQUIRED)
			String token = parameters.getFirst(OAuth2ParameterNames.TOKEN);

            

Reported by PMD.

              			MultiValueMap<String, String> parameters = OAuth2EndpointUtils.getParameters(request);

			// token (REQUIRED)
			String token = parameters.getFirst(OAuth2ParameterNames.TOKEN);
			if (!StringUtils.hasText(token) ||
					parameters.get(OAuth2ParameterNames.TOKEN).size() != 1) {
				throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.TOKEN);
			}


            

Reported by PMD.

              			// token (REQUIRED)
			String token = parameters.getFirst(OAuth2ParameterNames.TOKEN);
			if (!StringUtils.hasText(token) ||
					parameters.get(OAuth2ParameterNames.TOKEN).size() != 1) {
				throwError(OAuth2ErrorCodes.INVALID_REQUEST, OAuth2ParameterNames.TOKEN);
			}

			// token_type_hint (OPTIONAL)
			String tokenTypeHint = parameters.getFirst(OAuth2ParameterNames.TOKEN_TYPE_HINT);

            

Reported by PMD.

               * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.source.JWKSource;
import com.nimbusds.jose.proc.SecurityContext;
import org.junit.After;

            

Reported by PMD.

              	private static ProviderSettings providerSettings;

	@Rule
	public final SpringTestRule spring = new SpringTestRule();

	@Autowired
	private MockMvc mvc;

	@Autowired

            

Reported by PMD.

              	public final SpringTestRule spring = new SpringTestRule();

	@Autowired
	private MockMvc mvc;

	@Autowired
	private JdbcOperations jdbcOperations;

	@BeforeClass

            

Reported by PMD.

              	private MockMvc mvc;

	@Autowired
	private JdbcOperations jdbcOperations;

	@BeforeClass
	public static void init() {
		JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
		jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);

            

Reported by PMD.

              	public static void init() {
		JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
		jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
		providerSettings = ProviderSettings.builder().jwkSetEndpoint("/test/jwks").build();
		db = new EmbeddedDatabaseBuilder()
				.generateUniqueName(true)
				.setType(EmbeddedDatabaseType.HSQL)
				.setScriptEncoding("UTF-8")
				.addScript("org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql")

            

Reported by PMD.

              	public static void init() {
		JWKSet jwkSet = new JWKSet(TestJwks.DEFAULT_RSA_JWK);
		jwkSource = (jwkSelector, securityContext) -> jwkSelector.select(jwkSet);
		providerSettings = ProviderSettings.builder().jwkSetEndpoint("/test/jwks").build();
		db = new EmbeddedDatabaseBuilder()
				.generateUniqueName(true)
				.setType(EmbeddedDatabaseType.HSQL)
				.setScriptEncoding("UTF-8")
				.addScript("org/springframework/security/oauth2/server/authorization/oauth2-authorization-schema.sql")

            

Reported by PMD.

              	}

	@Test
	public void requestWhenJwkSetThenReturnKeys() throws Exception {
		this.spring.register(AuthorizationServerConfiguration.class).autowire();

		assertJwkSetRequestThenReturnKeys(DEFAULT_JWK_SET_ENDPOINT_URI);
	}


            

Reported by PMD.

              	}

	@Test
	public void requestWhenJwkSetCustomEndpointThenReturnKeys() throws Exception {
		this.spring.register(AuthorizationServerConfigurationCustomEndpoints.class).autowire();

		assertJwkSetRequestThenReturnKeys(providerSettings.getJwkSetEndpoint());
	}


            

Reported by PMD.

              		assertJwkSetRequestThenReturnKeys(providerSettings.getJwkSetEndpoint());
	}

	private void assertJwkSetRequestThenReturnKeys(String jwkSetEndpointUri) throws Exception {
		this.mvc.perform(get(jwkSetEndpointUri))
				.andExpect(status().isOk())
				.andExpect(header().string(HttpHeaders.CACHE_CONTROL, containsString("no-store")))
				.andExpect(header().string(HttpHeaders.PRAGMA, containsString("no-cache")))
				.andExpect(jsonPath("$.keys").isNotEmpty())

            

Reported by PMD.

              
	private void assertJwkSetRequestThenReturnKeys(String jwkSetEndpointUri) throws Exception {
		this.mvc.perform(get(jwkSetEndpointUri))
				.andExpect(status().isOk())
				.andExpect(header().string(HttpHeaders.CACHE_CONTROL, containsString("no-store")))
				.andExpect(header().string(HttpHeaders.PRAGMA, containsString("no-cache")))
				.andExpect(jsonPath("$.keys").isNotEmpty())
				.andExpect(jsonPath("$.keys").isArray());
	}

            

Reported by PMD.