Wojciech Sierka
Wojciech Sierka
> Generally, when an object is used as the key in a Map, it should always implement equals() and hashCode(). Yes I agree but: `oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DefaultOAuth2AuthenticatedPrincipal.java` and `oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/introspection/OAuth2IntrospectionAuthenticatedPrincipal.java` do not. This...
We have been using `DefaultOAuth2AuthenticatedPrincipal` as principal and our fix was to cache `DefaultOAuth2AuthenticatedPrincipal` for few seconds instead of creating it for every request so no I cannot definitely say...