From 6c24a1e7170fadbee762997b126239a928351579 Mon Sep 17 00:00:00 2001
From: Max Batischev <mblancer@mail.ru>
Date: Wed, 12 Mar 2025 13:23:56 +0300
Subject: [PATCH] Improve JdbcOAuth2AuthorizedClientService
 saveAuthorizedClient

Closes gh-16726

Signed-off-by: Max Batischev <mblancer@mail.ru>
---
 .../JdbcOAuth2AuthorizedClientService.java    | 22 +++++--------------
 ...dbcOAuth2AuthorizedClientServiceTests.java |  3 +--
 2 files changed, 7 insertions(+), 18 deletions(-)

diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientService.java
index 19e373fe72..291158068e 100644
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientService.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientService.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -30,7 +30,6 @@ import java.util.Set;
 import java.util.function.Function;
 
 import org.springframework.dao.DataRetrievalFailureException;
-import org.springframework.dao.DuplicateKeyException;
 import org.springframework.jdbc.core.ArgumentPreparedStatementSetter;
 import org.springframework.jdbc.core.JdbcOperations;
 import org.springframework.jdbc.core.PreparedStatementSetter;
@@ -166,22 +165,13 @@ public class JdbcOAuth2AuthorizedClientService implements OAuth2AuthorizedClient
 	public void saveAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) {
 		Assert.notNull(authorizedClient, "authorizedClient cannot be null");
 		Assert.notNull(principal, "principal cannot be null");
-		boolean existsAuthorizedClient = null != this
-			.loadAuthorizedClient(authorizedClient.getClientRegistration().getRegistrationId(), principal.getName());
-		if (existsAuthorizedClient) {
-			updateAuthorizedClient(authorizedClient, principal);
-		}
-		else {
-			try {
-				insertAuthorizedClient(authorizedClient, principal);
-			}
-			catch (DuplicateKeyException ex) {
-				updateAuthorizedClient(authorizedClient, principal);
-			}
+		int rows = updateAuthorizedClient(authorizedClient, principal);
+		if (rows == 0) {
+			insertAuthorizedClient(authorizedClient, principal);
 		}
 	}
 
-	private void updateAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) {
+	private int updateAuthorizedClient(OAuth2AuthorizedClient authorizedClient, Authentication principal) {
 		List<SqlParameterValue> parameters = this.authorizedClientParametersMapper
 			.apply(new OAuth2AuthorizedClientHolder(authorizedClient, principal));
 		SqlParameterValue clientRegistrationIdParameter = parameters.remove(0);
@@ -191,7 +181,7 @@ public class JdbcOAuth2AuthorizedClientService implements OAuth2AuthorizedClient
 		try (LobCreator lobCreator = this.lobHandler.getLobCreator()) {
 			PreparedStatementSetter pss = new LobCreatorArgumentPreparedStatementSetter(lobCreator,
 					parameters.toArray());
-			this.jdbcOperations.update(UPDATE_AUTHORIZED_CLIENT_SQL, pss);
+			return this.jdbcOperations.update(UPDATE_AUTHORIZED_CLIENT_SQL, pss);
 		}
 	}
 
diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java
index 20deeb03c8..9d7d42d481 100644
--- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java
+++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2020 the original author or authors.
+ * Copyright 2002-2025 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -306,7 +306,6 @@ public class JdbcOAuth2AuthorizedClientServiceTests {
 		this.authorizedClientService.loadAuthorizedClient(this.clientRegistration.getRegistrationId(),
 				principal.getName());
 		verify(authorizedClientRowMapper).mapRow(any(), anyInt());
-		verify(authorizedClientParametersMapper).apply(any());
 	}
 
 	@Test