diff --git a/http/base/src/main/java/org/wildfly/security/http/HttpConstants.java b/http/base/src/main/java/org/wildfly/security/http/HttpConstants.java
index 1ef8cefec1a..cb3d074a74d 100644
--- a/http/base/src/main/java/org/wildfly/security/http/HttpConstants.java
+++ b/http/base/src/main/java/org/wildfly/security/http/HttpConstants.java
@@ -207,6 +207,9 @@ private HttpConstants() {
/**
* Bearer token pattern.
+ * The Bearer token authorization header is of the form "Bearer", followed by optional whitespace, followed by
+ * the token itself, followed by optional whitespace. The token itself must be one or more characters and must
+ * not contain any whitespace.
*/
public static final Pattern BEARER_TOKEN_PATTERN = Pattern.compile("^Bearer *([^ ]+) *$", Pattern.CASE_INSENSITIVE);
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/BasicAuthRequestAuthenticator.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/BasicAuthRequestAuthenticator.java
index 03376c83a70..0e3ea0f19f0 100644
--- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/BasicAuthRequestAuthenticator.java
+++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/BasicAuthRequestAuthenticator.java
@@ -34,7 +34,7 @@
* @author Bill Burke
* @author Farah Juma
*/
-public class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticator {
+class BasicAuthRequestAuthenticator extends BearerTokenRequestAuthenticator {
private static final String CHALLENGE_PREFIX = "Basic ";
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/BearerTokenRequestAuthenticator.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/BearerTokenRequestAuthenticator.java
index b14f363efa3..d732f82c28e 100644
--- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/BearerTokenRequestAuthenticator.java
+++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/BearerTokenRequestAuthenticator.java
@@ -40,7 +40,7 @@
* @author Bill Burke
* @author Farah Juma
*/
-public class BearerTokenRequestAuthenticator {
+class BearerTokenRequestAuthenticator {
protected OidcHttpFacade facade;
protected OidcClientConfiguration oidcClientConfiguration;
protected AuthChallenge challenge;
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/QueryParameterTokenRequestAuthenticator.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/QueryParameterTokenRequestAuthenticator.java
index 7d973144862..d72b2f42f4b 100644
--- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/QueryParameterTokenRequestAuthenticator.java
+++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/QueryParameterTokenRequestAuthenticator.java
@@ -24,7 +24,7 @@
* @author John D. Ament
* @author Farah Juma
*/
-public class QueryParameterTokenRequestAuthenticator extends BearerTokenRequestAuthenticator {
+class QueryParameterTokenRequestAuthenticator extends BearerTokenRequestAuthenticator {
public static final String ACCESS_TOKEN = "access_token";
public QueryParameterTokenRequestAuthenticator(OidcHttpFacade facade, OidcClientConfiguration oidcClientConfiguration) {
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java
index 438f83b6be1..81c2c9b784f 100644
--- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java
+++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/RequestAuthenticator.java
@@ -152,7 +152,7 @@ private AuthOutcome doAuthenticate() {
log.debug("NOT_ATTEMPTED: bearer only");
return AuthOutcome.NOT_ATTEMPTED;
}
- if (isAutodetectedBearerOnly(facade.getRequest())) {
+ if (isAutodetectedBearerOnly()) {
challenge = bearer.getChallenge();
log.debug("NOT_ATTEMPTED: Treating as bearer only");
return AuthOutcome.NOT_ATTEMPTED;
@@ -214,7 +214,7 @@ protected void completeAuthentication(BearerTokenRequestAuthenticator bearer) {
log.debugv("User ''{0}'' invoking ''{1}'' on client ''{2}''", principal.getName(), facade.getRequest().getURI(), deployment.getResourceName());
}
- protected boolean isAutodetectedBearerOnly(OidcHttpFacade.Request request) {
+ protected boolean isAutodetectedBearerOnly() {
if (! deployment.isAutodetectBearerOnly()) return false;
String headerValue = facade.getRequest().getHeader(X_REQUESTED_WITH);
diff --git a/http/oidc/src/main/java/org/wildfly/security/http/oidc/ServerRequest.java b/http/oidc/src/main/java/org/wildfly/security/http/oidc/ServerRequest.java
index d938cec0a29..a39554f901c 100644
--- a/http/oidc/src/main/java/org/wildfly/security/http/oidc/ServerRequest.java
+++ b/http/oidc/src/main/java/org/wildfly/security/http/oidc/ServerRequest.java
@@ -269,14 +269,8 @@ public static AccessAndIDTokenResponse getBearerToken(OidcClientConfiguration oi
if (entity == null) {
throw log.noMessageEntity();
}
- InputStream is = entity.getContent();
- try {
+ try (InputStream is = entity.getContent()) {
tokenResponse = JsonSerialization.readValue(is, AccessAndIDTokenResponse.class);
- } finally {
- try {
- is.close();
- } catch (java.io.IOException ignored) {
- }
}
return tokenResponse;
}