Spring-security: InMemoryReactiveClientRegistrationRepository should not use ConcurrentReferenceHashMap

Created on 22 Aug 2019  路  5Comments  路  Source: spring-projects/spring-security

ConcurrentReferenceHashMap is a cache-style map that uses weak references.

Since InMemoryReactiveClientRegistrationRepository is intended to be persistent, it should instead use ConcurrentHashMap.

The change to be made is in the InMemoryReactiveClientRegistrationRepository constructor that instantiates a ConcurrentReferenceHashMap:

Assert.notEmpty(registrations, "registrations cannot be empty");
this.clientIdToClientRegistration = new ConcurrentReferenceHashMap<>(); // <-- this line
for (ClientRegistration registration : registrations) {
    Assert.notNull(registration, "registrations cannot contain null values");
    this.clientIdToClientRegistration.put(registration.getRegistrationId(), registration);
}

should instead be

Assert.notEmpty(registrations, "registrations cannot be empty");
this.clientIdToClientRegistration = new ConcurrentHashMap<>();  // <-- this line
for (ClientRegistration registration : registrations) {
    Assert.notNull(registration, "registrations cannot contain null values");
    this.clientIdToClientRegistration.put(registration.getRegistrationId(), registration);
}

This ticket should also be backported to 5.1.x.

oauth2 backported bug
Source
picture jzheaux

Most helpful comment

I can make that change.

picture eberttc on 23 Aug 2019
🎉2 👍2

All 5 comments

I can make that change.

eberttc picture eberttc on 23 Aug 2019
🎉2 👍2

Sounds great, @eberttc, it's yours!

jzheaux picture jzheaux on 23 Aug 2019

I'm getting this error at pushing:

remote: Permission to spring-projects/spring-security.git denied to eberttc.
fatal: unable to access 'https://github.com/spring-projects/spring-security.git/': The requested URL returned error: 403

Do I need permission in the project?

eberttc picture eberttc on 23 Aug 2019

Correct, @eberttc, you will need to fork the repository first. Check out this GitHub Guide about forking.

The basic idea is that you fork the repository and that fork is yours - you commit to that, and then form a pull request. It may seem like a lot for just a little change like this, but having it this way will assist you with doing more sophisticated PRs down the road.

jzheaux picture jzheaux on 23 Aug 2019
👍1

Thanks for the support @jzheaux .
I will do that.

eberttc picture eberttc on 23 Aug 2019
1 👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

donhuvy picture donhuvy  路  3Comments
spring-issuemaster picture spring-issuemaster  路  3Comments
aotrzonsek picture aotrzonsek  路  3Comments
spring-issuemaster picture spring-issuemaster  路  4Comments
silentsnooc picture silentsnooc  路  3Comments