Remove requireProofKey warning for non-auth-code flows

The warning is unnecessary since PKCE only applies to authorization_code flow and the code already corrects this silently. Closes: gh-18221 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
2 weeks ago · 0d5f42f852
1 changed files with 0 additions and 3 deletions
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java
@ -705,9 +705,6 @@ public final class ClientRegistration implements Serializable {
				@@ -705,9 +705,6 @@ public final class ClientRegistration implements Serializable {
 			if (!AuthorizationGrantType.AUTHORIZATION_CODE.equals(this.authorizationGrantType)
 					&& this.clientSettings.isRequireProofKey()) {
 				this.clientSettings = ClientSettings.builder().requireProofKey(false).build();
-				logger.warn(LogMessage.format(
-						"clientSettings.isRequireProofKey=true is only valid with authorizationGrantType=%s. Got authorizationGrantType=%s. Resetting to clientSettings.isRequireProofKey=false",
-						AuthorizationGrantType.AUTHORIZATION_CODE, this.authorizationGrantType));
 			}
 		}