From 32539e709c8ba4e472aa2a21ed94c7688d062e27 Mon Sep 17 00:00:00 2001
From: liga-oz <liga.ozolina@sap.com>
Date: Thu, 4 Jan 2024 09:27:15 +0100
Subject: [PATCH] make the class fields more restrictive

Signed-off-by: liga-oz <liga.ozolina@sap.com>
---
 .../cloud/security/servlet/HybridTokenFactory.java  | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java b/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
index 9cf0edcdf..2f43fa637 100644
--- a/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
+++ b/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
@@ -32,8 +32,8 @@
 public class HybridTokenFactory implements TokenFactory {
 
 	private static final Logger LOGGER = LoggerFactory.getLogger(HybridTokenFactory.class);
-	protected static Optional<String> xsAppId;
-	protected static ScopeConverter xsScopeConverter;
+	static Optional<String> xsAppId;
+	static ScopeConverter xsScopeConverter;
 
 	/**
 	 * Determines whether the JWT token is issued by XSUAA or IAS identity service,
@@ -84,10 +84,13 @@ private static Optional<String> getXsAppId() {
 		}
 		OAuth2ServiceConfiguration serviceConfiguration = Environments.getCurrent().getXsuaaConfiguration();
 		if (serviceConfiguration != null) {
-			return xsAppId = Optional.of(serviceConfiguration.getProperty(CFConstants.XSUAA.APP_ID));
+			xsAppId = Optional.of(serviceConfiguration.getProperty(CFConstants.XSUAA.APP_ID));
+		} else {
+			LOGGER.warn(
+					"There is no xsuaa service configuration with 'xsappname' property: no local scope check possible.");
+			xsAppId = Optional.empty();
 		}
-		LOGGER.warn("There is no xsuaa service configuration with 'xsappname' property: no local scope check possible.");
-		return xsAppId = Optional.empty();
+		return xsAppId;
 	}
 
 	/**