Remove lying test

There is no verification of issuer at all. The only reason the test
still "passes" is because the JSON response has the active attribute
as the JSON string "true" rather than the boolean true which is not
accepted.

Choose to remove the test rather than adding issuer verification since
the class is deprecated and will most likely be removed in a future
release.

Signed-off-by: Andreas Svanberg <[email protected]>

Author: asvanberg

oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/introspection/NimbusOpaqueTokenIntrospectorTests.java

@@ -96,13 +96,6 @@ public class NimbusOpaqueTokenIntrospectorTests {
 			+ "     }";
 	// @formatter:on
 
-	// @formatter:off
-	private static final String MALFORMED_ISSUER_RESPONSE = "{\n"
-			+ "     \"active\" : \"true\",\n"
-			+ "     \"iss\" : \"badissuer\"\n"
-			+ "    }";
-	// @formatter:on
-
 	// @formatter:off
 	private static final String MALFORMED_SCOPE_RESPONSE = "{\n"
 			+ "      \"active\": true,\n"
@@ -241,18 +234,6 @@ public void introspectWhenIntrospectionTokenReturnsInvalidResponseThenInvalidTok
 		}
 	}
 
-	@Test
-	public void introspectWhenIntrospectionTokenReturnsMalformedIssuerResponseThenInvalidToken() throws IOException {
-		try (MockWebServer server = new MockWebServer()) {
-			server.setDispatcher(requiresAuth(CLIENT_ID, CLIENT_SECRET, MALFORMED_ISSUER_RESPONSE));
-			String introspectUri = server.url("/introspect").toString();
-			OpaqueTokenIntrospector introspectionClient = new NimbusOpaqueTokenIntrospector(introspectUri, CLIENT_ID,
-					CLIENT_SECRET);
-			assertThatExceptionOfType(OAuth2IntrospectionException.class)
-				.isThrownBy(() -> introspectionClient.introspect("token"));
-		}
-	}
-
 	// gh-7563
 	@Test
 	public void introspectWhenIntrospectionTokenReturnsMalformedScopeThenEmptyAuthorities() throws IOException {