Use pattern matching

Closes gh-1907

Signed-off-by: arefbehboudi <behboodiaref@gmail.com>

docs/src/main/java/sample/extgrant/CustomCodeGrantAuthenticationProvider.java

@@ -91,11 +91,11 @@ public class CustomCodeGrantAuthenticationProvider implements AuthenticationProv
 		OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization.withRegisteredClient(registeredClient)
 				.principalName(clientPrincipal.getName())
 				.authorizationGrantType(customCodeGrantAuthentication.getGrantType());
-		if (generatedAccessToken instanceof ClaimAccessor) {
+		if (generatedAccessToken instanceof ClaimAccessor claimAccessor) {
 			authorizationBuilder.token(accessToken, (metadata) ->
 				metadata.put(
 					OAuth2Authorization.Token.CLAIMS_METADATA_NAME,
-					((ClaimAccessor) generatedAccessToken).getClaims())
+					claimAccessor.getClaims())
 			);
 		} else {
 			authorizationBuilder.accessToken(accessToken);

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/config/annotation/web/configurers/DefaultOAuth2TokenCustomizers.java

@@ -96,8 +96,8 @@ final class DefaultOAuth2TokenCustomizers {
 			Map<String, Object> jwkJson = (Map<String, Object>) dPoPProofJwt.getHeaders().get("jwk");
 			try {
 				JWK jwk = JWK.parse(jwkJson);
-				if (jwk instanceof AsymmetricJWK) {
+				if (jwk instanceof AsymmetricJWK asymmetricJWK) {
-					publicKey = ((AsymmetricJWK) jwk).toPublicKey();
+					publicKey = asymmetricJWK.toPublicKey();
 				}
 			}
 			catch (Exception ignored) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2AuthorizationEndpointFilter.java

@@ -173,8 +173,8 @@ public final class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilte
 
 		try {
 			Authentication authentication = this.authenticationConverter.convert(request);
-			if (authentication instanceof AbstractAuthenticationToken) {
+			if (authentication instanceof AbstractAuthenticationToken abstractAuthenticationToken) {
-				((AbstractAuthenticationToken) authentication)
+				abstractAuthenticationToken
 					.setDetails(this.authenticationDetailsSource.buildDetails(request));
 			}
 			Authentication authenticationResult = this.authenticationManager.authenticate(authentication);
@@ -188,13 +188,13 @@ public final class OAuth2AuthorizationEndpointFilter extends OncePerRequestFilte
 				return;
 			}
 
-			if (authenticationResult instanceof OAuth2AuthorizationConsentAuthenticationToken) {
+			if (authenticationResult instanceof OAuth2AuthorizationConsentAuthenticationToken oAuth2AuthorizationConsentAuthenticationToken) {
 				if (this.logger.isTraceEnabled()) {
 					this.logger.trace("Authorization consent is required");
 				}
 				sendAuthorizationConsent(request, response,
 						(OAuth2AuthorizationCodeRequestAuthenticationToken) authentication,
-						(OAuth2AuthorizationConsentAuthenticationToken) authenticationResult);
+						oAuth2AuthorizationConsentAuthenticationToken);
 				return;
 			}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2ClientAuthenticationFilter.java

@@ -132,8 +132,8 @@ public final class OAuth2ClientAuthenticationFilter extends OncePerRequestFilter
 
 		try {
 			Authentication authenticationRequest = this.authenticationConverter.convert(request);
-			if (authenticationRequest instanceof AbstractAuthenticationToken) {
+			if (authenticationRequest instanceof AbstractAuthenticationToken abstractAuthenticationToken) {
-				((AbstractAuthenticationToken) authenticationRequest)
+				abstractAuthenticationToken
 					.setDetails(this.authenticationDetailsSource.buildDetails(request));
 			}
 			if (authenticationRequest != null) {

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2DeviceAuthorizationEndpointFilter.java

@@ -129,8 +129,8 @@ public final class OAuth2DeviceAuthorizationEndpointFilter extends OncePerReques
 
 		try {
 			Authentication deviceAuthorizationRequestAuthentication = this.authenticationConverter.convert(request);
-			if (deviceAuthorizationRequestAuthentication instanceof AbstractAuthenticationToken) {
+			if (deviceAuthorizationRequestAuthentication instanceof AbstractAuthenticationToken abstractAuthenticationToken) {
-				((AbstractAuthenticationToken) deviceAuthorizationRequestAuthentication)
+				abstractAuthenticationToken
 					.setDetails(this.authenticationDetailsSource.buildDetails(request));
 			}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2DeviceVerificationEndpointFilter.java

@@ -155,8 +155,8 @@ public final class OAuth2DeviceVerificationEndpointFilter extends OncePerRequest
 
 		try {
 			Authentication authentication = this.authenticationConverter.convert(request);
-			if (authentication instanceof AbstractAuthenticationToken) {
+			if (authentication instanceof AbstractAuthenticationToken abstractAuthenticationToken) {
-				((AbstractAuthenticationToken) authentication)
+				abstractAuthenticationToken
 					.setDetails(this.authenticationDetailsSource.buildDetails(request));
 			}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenEndpointFilter.java

@@ -161,8 +161,8 @@ public final class OAuth2TokenEndpointFilter extends OncePerRequestFilter {
 			if (authorizationGrantAuthentication == null) {
 				throwError(OAuth2ErrorCodes.UNSUPPORTED_GRANT_TYPE, OAuth2ParameterNames.GRANT_TYPE);
 			}
-			if (authorizationGrantAuthentication instanceof AbstractAuthenticationToken) {
+			if (authorizationGrantAuthentication instanceof AbstractAuthenticationToken abstractAuthenticationToken) {
-				((AbstractAuthenticationToken) authorizationGrantAuthentication)
+				abstractAuthenticationToken
 					.setDetails(this.authenticationDetailsSource.buildDetails(request));
 			}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/OAuth2TokenRevocationEndpointFilter.java

@@ -114,8 +114,8 @@ public final class OAuth2TokenRevocationEndpointFilter extends OncePerRequestFil
 
 		try {
 			Authentication tokenRevocationAuthentication = this.authenticationConverter.convert(request);
-			if (tokenRevocationAuthentication instanceof AbstractAuthenticationToken) {
+			if (tokenRevocationAuthentication instanceof AbstractAuthenticationToken abstractAuthenticationToken) {
-				((AbstractAuthenticationToken) tokenRevocationAuthentication)
+				abstractAuthenticationToken
 					.setDetails(this.authenticationDetailsSource.buildDetails(request));
 			}
 

oauth2-authorization-server/src/main/java/org/springframework/security/oauth2/server/authorization/web/authentication/OAuth2ErrorAuthenticationFailureHandler.java

@@ -55,8 +55,8 @@ public final class OAuth2ErrorAuthenticationFailureHandler implements Authentica
 		ServletServerHttpResponse httpResponse = new ServletServerHttpResponse(response);
 		httpResponse.setStatusCode(HttpStatus.BAD_REQUEST);
 
-		if (authenticationException instanceof OAuth2AuthenticationException) {
+		if (authenticationException instanceof OAuth2AuthenticationException oAuth2AuthenticationException) {
-			OAuth2Error error = ((OAuth2AuthenticationException) authenticationException).getError();
+			OAuth2Error error = oAuth2AuthenticationException.getError();
 			this.errorResponseConverter.write(error, null, httpResponse);
 		}
 		else {

samples/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityAuthenticationSuccessHandler.java

@@ -50,10 +50,10 @@ public final class FederatedIdentityAuthenticationSuccessHandler implements Auth
 	@Override
 	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
 		if (authentication instanceof OAuth2AuthenticationToken) {
-			if (authentication.getPrincipal() instanceof OidcUser) {
+			if (authentication.getPrincipal() instanceof OidcUser oidcUser) {
-				this.oidcUserHandler.accept((OidcUser) authentication.getPrincipal());
+				this.oidcUserHandler.accept(oidcUser);
-			} else if (authentication.getPrincipal() instanceof OAuth2User) {
+			} else if (authentication.getPrincipal() instanceof OAuth2User oAuth2User) {
-				this.oauth2UserHandler.accept((OAuth2User) authentication.getPrincipal());
+				this.oauth2UserHandler.accept(oAuth2User);
 			}
 		}
 

samples/demo-authorizationserver/src/main/java/sample/federation/FederatedIdentityIdTokenCustomizer.java

@@ -77,12 +77,10 @@ public final class FederatedIdentityIdTokenCustomizer implements OAuth2TokenCust
 
 	private Map<String, Object> extractClaims(Authentication principal) {
 		Map<String, Object> claims;
-		if (principal.getPrincipal() instanceof OidcUser) {
+		if (principal.getPrincipal() instanceof OidcUser oidcUser) {
-			OidcUser oidcUser = (OidcUser) principal.getPrincipal();
 			OidcIdToken idToken = oidcUser.getIdToken();
 			claims = idToken.getClaims();
-		} else if (principal.getPrincipal() instanceof OAuth2User) {
+		} else if (principal.getPrincipal() instanceof OAuth2User oauth2User) {
-			OAuth2User oauth2User = (OAuth2User) principal.getPrincipal();
 			claims = oauth2User.getAttributes();
 		} else {
 			claims = Collections.emptyMap();