Github issue 4442 (#4442) completion, with follow-on issue to be disc…

…ussed w/team
spring-projects · Sep 7, 2019 · 68c1cbf · 68c1cbf
1 parent 8ca42a4
commit 68c1cbf
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 2 deletions.
diff --git a/...mework/security/oauth2/client/oidc/authentication/DefaultOidcIdTokenValidatorFactory.java b/...mework/security/oauth2/client/oidc/authentication/DefaultOidcIdTokenValidatorFactory.java
@@ -18,7 +18,6 @@
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator;
 import org.springframework.security.oauth2.core.OAuth2TokenValidator;
-import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.jwt.JwtTimestampValidator;
 

diff --git a/.../org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java b/.../org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java
@@ -124,7 +124,6 @@ public OAuth2TokenValidatorResult validate(Jwt idToken) {
 		// that it is the same value as the one that was sent in the Authentication Request.
 		// The Client SHOULD check the nonce value for replay attacks.
 		// The precise method for detecting replay attacks is Client specific.
-		// Depends on gh-4442
 			String nonceHash = "";
 			try {
 				nonceHash = createHash(nonce);