From 42b6aa57bdb54a6a5668e5371809b4636c514bd9 Mon Sep 17 00:00:00 2001
From: Harry Smith <hsmith@greshamtech.com>
Date: Mon, 23 Jan 2023 09:00:19 +0000
Subject: [PATCH] DWN-39926 : use patterns to avoid multiple compilation

---
 .../src/main/java/org/mitre/oauth2/web/ScopeAPI.java         | 5 +++--
 .../main/java/org/mitre/openid/connect/web/WhitelistAPI.java | 4 +++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java
index 07b8acd59..28fc3eb39 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java
@@ -21,6 +21,7 @@
 package org.mitre.oauth2.web;
 
 import java.util.Set;
+import java.util.regex.Pattern;
 
 import org.mitre.oauth2.model.SystemScope;
 import org.mitre.oauth2.service.SystemScopeService;
@@ -57,7 +58,7 @@ public class ScopeAPI {
 	public static final String URL = RootController.API_URL + "/scopes";
 
 	private static final String characterMatcher = "[a-zA-Z]+";
-
+	private static final Pattern pattern = Pattern.compile(characterMatcher);
 	@Autowired
 	private SystemScopeService scopeService;
 
@@ -183,7 +184,7 @@ public class ScopeAPI {
 	}
 
 	private void validateScope(SystemScope scope) throws ScopeException {
-		if (!scope.getValue().matches(characterMatcher)) {
+		if (!pattern.matcher(scope.getValue()).matches()) {
 			throw new ScopeException(scope.getValue());
 		}
 	}
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
index 07425f173..35e7c77eb 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java
@@ -23,6 +23,7 @@ package org.mitre.openid.connect.web;
 import java.security.Principal;
 import java.util.Collection;
 import java.util.Set;
+import java.util.regex.Pattern;
 
 import org.mitre.openid.connect.exception.ScopeException;
 import org.mitre.openid.connect.model.WhitelistedSite;
@@ -59,6 +60,7 @@ public class WhitelistAPI {
 
 	public static final String URL = RootController.API_URL + "/whitelist";
 	private static final String characterMatcher = "[a-zA-Z]+";
+	private static final Pattern pattern = Pattern.compile(characterMatcher);
 
 	@Autowired
 	private WhitelistedSiteService whitelistService;
@@ -182,7 +184,7 @@ public class WhitelistAPI {
 
 	private void validateWhitelistScopes(Set<String> scopes) throws ScopeException {
 		for (String s : scopes) {
-			if (!s.matches(characterMatcher)) {
+			if (!pattern.matcher(s).matches()) {
 				throw new ScopeException(s);
 			}
 		}