Github issue 4442 (#4442) completion, with follow-on issue to be discussed w/team

mkheck · mkheck · commit 68c1cbf478fd · 2019-09-07T17:13:09.000-05:00
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/DefaultOidcIdTokenValidatorFactory.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/DefaultOidcIdTokenValidatorFactory.java
@@ -18,7 +18,6 @@
 import org.springframework.security.oauth2.client.registration.ClientRegistration;
 import org.springframework.security.oauth2.core.DelegatingOAuth2TokenValidator;
 import org.springframework.security.oauth2.core.OAuth2TokenValidator;
-import org.springframework.security.oauth2.core.oidc.OidcIdToken;
 import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.jwt.JwtTimestampValidator;
 
diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/authentication/OidcIdTokenValidator.java
@@ -124,7 +124,6 @@ public OAuth2TokenValidatorResult validate(Jwt idToken) {
 		// that it is the same value as the one that was sent in the Authentication Request.
 		// The Client SHOULD check the nonce value for replay attacks.
 		// The precise method for detecting replay attacks is Client specific.
-		// Depends on gh-4442
 			String nonceHash = "";
 			try {
 				nonceHash = createHash(nonce);
