Remove deprecated UnAuthenticatedServerOAuth2AuthorizedClientRepository

Closes gh-11508

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -36,11 +36,9 @@ import org.springframework.security.core.context.ReactiveSecurityContextHolder;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.oauth2.client.ClientAuthorizationException;
 import org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider;
-import org.springframework.security.oauth2.client.OAuth2AuthorizationContext;
 import org.springframework.security.oauth2.client.OAuth2AuthorizeRequest;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler;
-import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationSuccessHandler;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientManager;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
@@ -53,7 +51,6 @@ import org.springframework.security.oauth2.client.registration.ClientRegistratio
 import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
 import org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
-import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.core.OAuth2AuthorizationException;
 import org.springframework.security.oauth2.core.OAuth2Error;
 import org.springframework.security.oauth2.core.OAuth2ErrorCodes;
@@ -227,16 +224,6 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 			ServerOAuth2AuthorizedClientRepository authorizedClientRepository,
 			ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
 		// gh-7544
-		if (authorizedClientRepository instanceof UnAuthenticatedServerOAuth2AuthorizedClientRepository) {
-			UnAuthenticatedReactiveOAuth2AuthorizedClientManager unauthenticatedAuthorizedClientManager = new UnAuthenticatedReactiveOAuth2AuthorizedClientManager(
-					clientRegistrationRepository,
-					(UnAuthenticatedServerOAuth2AuthorizedClientRepository) authorizedClientRepository,
-					authorizationFailureHandler);
-			unauthenticatedAuthorizedClientManager
-					.setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
-							.authorizationCode().refreshToken().clientCredentials().password().build());
-			return unauthenticatedAuthorizedClientManager;
-		}
 		DefaultReactiveOAuth2AuthorizedClientManager authorizedClientManager = new DefaultReactiveOAuth2AuthorizedClientManager(
 				clientRegistrationRepository, authorizedClientRepository);
 		authorizedClientManager.setAuthorizationFailureHandler(authorizationFailureHandler);
@@ -386,14 +373,8 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 				.password((configurer) -> configurer.clockSkew(this.accessTokenExpiresSkew))
 				.build();
 		// @formatter:on
-		if (this.authorizedClientManager instanceof UnAuthenticatedReactiveOAuth2AuthorizedClientManager) {
-			((UnAuthenticatedReactiveOAuth2AuthorizedClientManager) this.authorizedClientManager)
-					.setAuthorizedClientProvider(authorizedClientProvider);
-		}
-		else {
-			((DefaultReactiveOAuth2AuthorizedClientManager) this.authorizedClientManager)
-					.setAuthorizedClientProvider(authorizedClientProvider);
-		}
+		((DefaultReactiveOAuth2AuthorizedClientManager) this.authorizedClientManager)
+				.setAuthorizedClientProvider(authorizedClientProvider);
 	}
 
 	private void updateClientCredentialsProvider(
@@ -558,114 +539,6 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 
 	}
 
-	private static final class UnAuthenticatedReactiveOAuth2AuthorizedClientManager
-			implements ReactiveOAuth2AuthorizedClientManager {
-
-		private final ReactiveClientRegistrationRepository clientRegistrationRepository;
-
-		private final UnAuthenticatedServerOAuth2AuthorizedClientRepository authorizedClientRepository;
-
-		private final ReactiveOAuth2AuthorizationSuccessHandler authorizationSuccessHandler;
-
-		private final ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler;
-
-		private ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider;
-
-		private UnAuthenticatedReactiveOAuth2AuthorizedClientManager(
-				ReactiveClientRegistrationRepository clientRegistrationRepository,
-				UnAuthenticatedServerOAuth2AuthorizedClientRepository authorizedClientRepository,
-				ReactiveOAuth2AuthorizationFailureHandler authorizationFailureHandler) {
-			this.clientRegistrationRepository = clientRegistrationRepository;
-			this.authorizedClientRepository = authorizedClientRepository;
-			this.authorizationSuccessHandler = (authorizedClient, principal, attributes) -> authorizedClientRepository
-					.saveAuthorizedClient(authorizedClient, principal, null);
-			this.authorizationFailureHandler = authorizationFailureHandler;
-		}
-
-		@Override
-		public Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizeRequest authorizeRequest) {
-			Assert.notNull(authorizeRequest, "authorizeRequest cannot be null");
-			String clientRegistrationId = authorizeRequest.getClientRegistrationId();
-			Authentication principal = authorizeRequest.getPrincipal();
-			// @formatter:off
-			return Mono.justOrEmpty(authorizeRequest.getAuthorizedClient())
-					.switchIfEmpty(loadAuthorizedClient(clientRegistrationId, principal))
-					.flatMap((authorizedClient) -> reauthorize(authorizedClient, authorizeRequest, principal))
-					.switchIfEmpty(findAndAuthorize(clientRegistrationId, principal));
-			// @formatter:on
-		}
-
-		private Mono<OAuth2AuthorizedClient> loadAuthorizedClient(String clientRegistrationId,
-				Authentication principal) {
-			return Mono.defer(
-					() -> this.authorizedClientRepository.loadAuthorizedClient(clientRegistrationId, principal, null));
-		}
-
-		private Mono<OAuth2AuthorizedClient> reauthorize(OAuth2AuthorizedClient authorizedClient,
-				OAuth2AuthorizeRequest authorizeRequest, Authentication principal) {
-			return Mono
-					.just(OAuth2AuthorizationContext.withAuthorizedClient(authorizedClient).principal(principal)
-							.build())
-					.flatMap((authorizationContext) -> authorize(authorizationContext, principal))
-					// Default to the existing authorizedClient if the client was not
-					// re-authorized
-					.defaultIfEmpty((authorizeRequest.getAuthorizedClient() != null)
-							? authorizeRequest.getAuthorizedClient() : authorizedClient);
-		}
-
-		private Mono<OAuth2AuthorizedClient> findAndAuthorize(String clientRegistrationId, Authentication principal) {
-			// @formatter:off
-			return Mono.defer(() ->
-					this.clientRegistrationRepository.findByRegistrationId(clientRegistrationId)
-						.switchIfEmpty(Mono.error(() ->
-								new IllegalArgumentException("Could not find ClientRegistration with id '" + clientRegistrationId + "'"))
-						)
-						.flatMap((clientRegistration) -> Mono.just(OAuth2AuthorizationContext
-							.withClientRegistration(clientRegistration).principal(principal).build())
-						)
-						.flatMap((authorizationContext) -> authorize(authorizationContext, principal))
-			);
-			// @formatter:on
-		}
-
-		/**
-		 * Performs authorization and then delegates to either the
-		 * {@link #authorizationSuccessHandler} or {@link #authorizationFailureHandler},
-		 * depending on the authorization result.
-		 * @param authorizationContext the context to authorize
-		 * @param principal the principle to authorize
-		 * @return a {@link Mono} that emits the authorized client after the authorization
-		 * attempt succeeds and the {@link #authorizationSuccessHandler} has completed, or
-		 * completes with an exception after the authorization attempt fails and the
-		 * {@link #authorizationFailureHandler} has completed
-		 */
-		private Mono<OAuth2AuthorizedClient> authorize(OAuth2AuthorizationContext authorizationContext,
-				Authentication principal) {
-			// @formatter:off
-			return this.authorizedClientProvider.authorize(authorizationContext)
-					// Delegates to the authorizationSuccessHandler of the successful
-					// authorization
-					.flatMap((authorizedClient) -> this.authorizationSuccessHandler
-							.onAuthorizationSuccess(authorizedClient, principal, Collections.emptyMap())
-							.thenReturn(authorizedClient)
-					)
-					// Delegates to the authorizationFailureHandler of the failed
-					// authorization
-					.onErrorResume(OAuth2AuthorizationException.class, (authorizationException) ->
-							this.authorizationFailureHandler
-									.onAuthorizationFailure(authorizationException, principal, Collections.emptyMap())
-									.then(Mono.error(authorizationException))
-					);
-			// @formatter:on
-		}
-
-		private void setAuthorizedClientProvider(ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider) {
-			Assert.notNull(authorizedClientProvider, "authorizedClientProvider cannot be null");
-			this.authorizedClientProvider = authorizedClientProvider;
-		}
-
-	}
-
 	/**
 	 * Forwards authentication and authorization failures to a
 	 * {@link ReactiveOAuth2AuthorizationFailureHandler}.

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/UnAuthenticatedServerOAuth2AuthorizedClientRepository.java

@@ -1,84 +0,0 @@
-/*
- * Copyright 2002-2020 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.oauth2.client.web.server;
-
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
-import reactor.core.publisher.Mono;
-
-import org.springframework.security.authentication.AuthenticationTrustResolver;
-import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
-import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
-import org.springframework.util.Assert;
-import org.springframework.web.server.ServerWebExchange;
-
-/**
- * Provides support for an unauthenticated user. This is useful when running as a process
- * with no user associated to it. The implementation ensures that
- * {@link ServerWebExchange} is null and that the {@link Authentication} is either null or
- * anonymous to prevent using it incorrectly.
- *
- * @author Rob Winch
- * @since 5.1
- * @deprecated Use {@link AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager}
- * instead
- */
-@Deprecated
-public class UnAuthenticatedServerOAuth2AuthorizedClientRepository implements ServerOAuth2AuthorizedClientRepository {
-
-	private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
-
-	private final Map<String, OAuth2AuthorizedClient> clientRegistrationIdToAuthorizedClient = new ConcurrentHashMap<>();
-
-	@Override
-	public <T extends OAuth2AuthorizedClient> Mono<T> loadAuthorizedClient(String clientRegistrationId,
-			Authentication authentication, ServerWebExchange serverWebExchange) {
-		Assert.notNull(clientRegistrationId, "clientRegistrationId cannot be null");
-		Assert.isNull(serverWebExchange, "serverWebExchange must be null");
-		Assert.isTrue(isUnauthenticated(authentication), "The user " + authentication + " should not be authenticated");
-		return Mono.fromSupplier(() -> (T) this.clientRegistrationIdToAuthorizedClient.get(clientRegistrationId));
-	}
-
-	@Override
-	public Mono<Void> saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication authentication,
-			ServerWebExchange serverWebExchange) {
-		Assert.notNull(authorizedClient, "authorizedClient cannot be null");
-		Assert.isNull(serverWebExchange, "serverWebExchange must be null");
-		Assert.isTrue(isUnauthenticated(authentication), "The user " + authentication + " should not be authenticated");
-		return Mono.fromRunnable(() -> {
-			String clientRegistrationId = authorizedClient.getClientRegistration().getRegistrationId();
-			this.clientRegistrationIdToAuthorizedClient.put(clientRegistrationId, authorizedClient);
-		});
-	}
-
-	@Override
-	public Mono<Void> removeAuthorizedClient(String clientRegistrationId, Authentication authentication,
-			ServerWebExchange serverWebExchange) {
-		Assert.notNull(clientRegistrationId, "clientRegistrationId cannot be null");
-		Assert.isNull(serverWebExchange, "serverWebExchange " + serverWebExchange + "must be null");
-		Assert.isTrue(isUnauthenticated(authentication), "The user " + authentication + " should not be authenticated");
-		return Mono.fromRunnable(() -> this.clientRegistrationIdToAuthorizedClient.remove(clientRegistrationId));
-	}
-
-	private boolean isUnauthenticated(Authentication authentication) {
-		return authentication == null || this.trustResolver.isAnonymous(authentication);
-	}
-
-}

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunctionTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2022 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -60,13 +60,17 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.context.ReactiveSecurityContextHolder;
+import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
 import org.springframework.security.oauth2.client.ClientAuthorizationException;
+import org.springframework.security.oauth2.client.ClientCredentialsReactiveOAuth2AuthorizedClientProvider;
+import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.JwtBearerReactiveOAuth2AuthorizedClientProvider;
 import org.springframework.security.oauth2.client.OAuth2AuthorizationContext;
 import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizationFailureHandler;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
 import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
+import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientService;
 import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.oauth2.client.endpoint.JwtBearerGrantRequest;
 import org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest;
@@ -79,7 +83,6 @@ import org.springframework.security.oauth2.client.registration.ReactiveClientReg
 import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
 import org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager;
 import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
-import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
@@ -872,13 +875,32 @@ public class ServerOAuth2AuthorizedClientExchangeFilterFunctionTests {
 	@Test
 	public void filterWhenClientCredentialsClientNotAuthorizedAndOutsideRequestContextThenGetNewToken() {
 		setupMockHeaders();
-		// Use UnAuthenticatedServerOAuth2AuthorizedClientRepository when operating
-		// outside of a request context
-		ServerOAuth2AuthorizedClientRepository unauthenticatedAuthorizedClientRepository = spy(
-				new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
-		this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository,
-				unauthenticatedAuthorizedClientRepository);
-		this.function.setClientCredentialsTokenResponseClient(this.clientCredentialsTokenResponseClient);
+		ReactiveOAuth2AuthorizedClientService authorizedClientServiceDelegate = new InMemoryReactiveOAuth2AuthorizedClientService(
+				this.clientRegistrationRepository);
+		ReactiveOAuth2AuthorizedClientService authorizedClientService = new ReactiveOAuth2AuthorizedClientService() {
+			@Override
+			public <T extends OAuth2AuthorizedClient> Mono<T> loadAuthorizedClient(String clientRegistrationId,
+					String principalName) {
+				return authorizedClientServiceDelegate.loadAuthorizedClient(clientRegistrationId, principalName);
+			}
+
+			@Override
+			public Mono<Void> saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) {
+				return authorizedClientServiceDelegate.saveAuthorizedClient(authorizedClient, principal);
+			}
+
+			@Override
+			public Mono<Void> removeAuthorizedClient(String clientRegistrationId, String principalName) {
+				return authorizedClientServiceDelegate.removeAuthorizedClient(clientRegistrationId, principalName);
+			}
+		};
+		authorizedClientService = spy(authorizedClientService);
+		AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager = new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
+				this.clientRegistrationRepository, authorizedClientService);
+		ClientCredentialsReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = new ClientCredentialsReactiveOAuth2AuthorizedClientProvider();
+		authorizedClientProvider.setAccessTokenResponseClient(this.clientCredentialsTokenResponseClient);
+		authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
+		this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
 		OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("new-token")
 				.tokenType(OAuth2AccessToken.TokenType.BEARER).expiresIn(360).build();
 		given(this.clientCredentialsTokenResponseClient.getTokenResponse(any()))
@@ -892,9 +914,9 @@ public class ServerOAuth2AuthorizedClientExchangeFilterFunctionTests {
 				.build();
 		// @formatter:on
 		this.function.filter(request, this.exchange).block();
-		verify(unauthenticatedAuthorizedClientRepository).loadAuthorizedClient(any(), any(), any());
+		verify(authorizedClientService).loadAuthorizedClient(any(), any());
 		verify(this.clientCredentialsTokenResponseClient).getTokenResponse(any());
-		verify(unauthenticatedAuthorizedClientRepository).saveAuthorizedClient(any(), any(), any());
+		verify(authorizedClientService).saveAuthorizedClient(any(), any());
 		List<ClientRequest> requests = this.exchange.getRequests();
 		assertThat(requests).hasSize(1);
 		ClientRequest request1 = requests.get(0);

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/server/UnAuthenticatedServerOAuth2AuthorizedClientRepositoryTests.java

@@ -1,171 +0,0 @@
-/*
- * Copyright 2002-2018 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.springframework.security.oauth2.client.web.server;
-
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.api.Test;
-
-import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
-import org.springframework.mock.web.server.MockServerWebExchange;
-import org.springframework.security.authentication.AnonymousAuthenticationToken;
-import org.springframework.security.authentication.TestingAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.authority.AuthorityUtils;
-import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
-import org.springframework.security.oauth2.client.registration.ClientRegistration;
-import org.springframework.security.oauth2.client.registration.TestClientRegistrations;
-import org.springframework.security.oauth2.core.OAuth2AccessToken;
-import org.springframework.security.oauth2.core.TestOAuth2AccessTokens;
-import org.springframework.web.server.ServerWebExchange;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
-
-/**
- * @author Rob Winch
- */
-public class UnAuthenticatedServerOAuth2AuthorizedClientRepositoryTests {
-
-	private UnAuthenticatedServerOAuth2AuthorizedClientRepository repository = new UnAuthenticatedServerOAuth2AuthorizedClientRepository();
-
-	private ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().build();
-
-	private String clientRegistrationId = this.clientRegistration.getRegistrationId();
-
-	private ServerWebExchange exchange;
-
-	private Authentication anonymous = new AnonymousAuthenticationToken("key", "anonymous",
-			AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
-
-	private Authentication authentication;
-
-	private OAuth2AuthorizedClient authorizedClient;
-
-	@BeforeEach
-	public void setup() {
-		OAuth2AccessToken token = TestOAuth2AccessTokens.noScopes();
-		this.authorizedClient = new OAuth2AuthorizedClient(this.clientRegistration, "anonymousUser", token);
-	}
-
-	// loadAuthorizedClient
-	@Test
-	public void loadAuthorizedClientWhenClientRegistrationIdNullThenIllegalArgumentException() {
-		this.clientRegistrationId = null;
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void loadAuthorizedClientWhenAuthenticationNotNullThenIllegalArgumentException() {
-		this.authentication = new TestingAuthenticationToken("a", "b", "ROLE_USER");
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void loadAuthorizedClientWhenServerWebExchangeNotNullThenIllegalArgumentException() {
-		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void loadAuthorizedClientWhenNotFoundThenEmpty() {
-		assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
-				.block()).isNull();
-	}
-
-	@Test
-	public void loadAuthorizedClientWhenFoundThenFound() {
-		this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
-		assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
-				.block()).isEqualTo(this.authorizedClient);
-	}
-
-	@Test
-	public void loadAuthorizedClientWhenMultipleThenFound() {
-		ClientRegistration otherClientRegistration = TestClientRegistrations.clientRegistration()
-				.registrationId("other-client-registration").build();
-		OAuth2AuthorizedClient otherAuthorizedClient = new OAuth2AuthorizedClient(otherClientRegistration,
-				"anonymousUser", this.authorizedClient.getAccessToken());
-		this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
-		this.repository.saveAuthorizedClient(otherAuthorizedClient, this.authentication, this.exchange).block();
-		assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
-				.block()).isEqualTo(this.authorizedClient);
-	}
-
-	@Test
-	public void loadAuthorizedClientWhenAnonymousThenFound() {
-		this.authentication = this.anonymous;
-		this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
-		assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
-				.block()).isEqualTo(this.authorizedClient);
-	}
-
-	// saveAuthorizedClient
-	@Test
-	public void saveAuthorizedClientWhenAuthorizedClientNullThenIllegalArgumentException() {
-		this.authorizedClient = null;
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void saveAuthorizedClientWhenAuthenticationNotNullThenIllegalArgumentException() {
-		this.authentication = new TestingAuthenticationToken("a", "b", "ROLE_USER");
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void saveAuthorizedClientWhenServerWebExchangeNotNullThenIllegalArgumentException() {
-		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block());
-	}
-
-	// removeAuthorizedClient
-	@Test
-	public void removeAuthorizedClientWhenClientRegistrationIdNullThenIllegalArgumentException() {
-		this.clientRegistrationId = null;
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void removeAuthorizedClientWhenAuthenticationNotNullThenIllegalArgumentException() {
-		this.authentication = new TestingAuthenticationToken("a", "b", "ROLE_USER");
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void removeAuthorizedClientWhenServerWebExchangeNotNullThenIllegalArgumentException() {
-		this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build());
-		assertThatIllegalArgumentException().isThrownBy(() -> this.repository
-				.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block());
-	}
-
-	@Test
-	public void removeAuthorizedClientWhenFoundThenFound() {
-		this.repository.saveAuthorizedClient(this.authorizedClient, this.authentication, this.exchange).block();
-		this.repository.removeAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange).block();
-		assertThat(this.repository.loadAuthorizedClient(this.clientRegistrationId, this.authentication, this.exchange)
-				.block()).isNull();
-	}
-
-}