diff --git a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/OAuth2ResourceServerProperties.java b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/OAuth2ResourceServerProperties.java index 428cfedec07..594cfbc860f 100644 --- a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/OAuth2ResourceServerProperties.java +++ b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/OAuth2ResourceServerProperties.java @@ -23,6 +23,8 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.List; +import org.jspecify.annotations.Nullable; + import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.source.InvalidConfigurationPropertyValueException; import org.springframework.core.io.Resource; @@ -58,7 +60,7 @@ public class OAuth2ResourceServerProperties { /** * JSON Web Key URI to use to verify the JWT token. */ - private String jwkSetUri; + private @Nullable String jwkSetUri; /** * JSON Web Algorithms used for verifying the digital signatures. @@ -69,12 +71,12 @@ public class OAuth2ResourceServerProperties { * URI that can either be an OpenID Connect discovery endpoint or an OAuth 2.0 * Authorization Server Metadata endpoint defined by RFC 8414. */ - private String issuerUri; + private @Nullable String issuerUri; /** * Location of the file containing the public key used to verify a JWT. */ - private Resource publicKeyLocation; + private @Nullable Resource publicKeyLocation; /** * Identifies the recipients that the JWT is intended for. @@ -84,28 +86,28 @@ public class OAuth2ResourceServerProperties { /** * Prefix to use for authorities mapped from JWT. */ - private String authorityPrefix; + private @Nullable String authorityPrefix; /** * Regex to use for splitting the value of the authorities claim into authorities. */ - private String authoritiesClaimDelimiter; + private @Nullable String authoritiesClaimDelimiter; /** * Name of token claim to use for mapping authorities from JWT. */ - private String authoritiesClaimName; + private @Nullable String authoritiesClaimName; /** * JWT principal claim name. */ - private String principalClaimName; + private @Nullable String principalClaimName; - public String getJwkSetUri() { + public @Nullable String getJwkSetUri() { return this.jwkSetUri; } - public void setJwkSetUri(String jwkSetUri) { + public void setJwkSetUri(@Nullable String jwkSetUri) { this.jwkSetUri = jwkSetUri; } @@ -117,19 +119,19 @@ public class OAuth2ResourceServerProperties { this.jwsAlgorithms = jwsAlgorithms; } - public String getIssuerUri() { + public @Nullable String getIssuerUri() { return this.issuerUri; } - public void setIssuerUri(String issuerUri) { + public void setIssuerUri(@Nullable String issuerUri) { this.issuerUri = issuerUri; } - public Resource getPublicKeyLocation() { + public @Nullable Resource getPublicKeyLocation() { return this.publicKeyLocation; } - public void setPublicKeyLocation(Resource publicKeyLocation) { + public void setPublicKeyLocation(@Nullable Resource publicKeyLocation) { this.publicKeyLocation = publicKeyLocation; } @@ -141,35 +143,35 @@ public class OAuth2ResourceServerProperties { this.audiences = audiences; } - public String getAuthorityPrefix() { + public @Nullable String getAuthorityPrefix() { return this.authorityPrefix; } - public void setAuthorityPrefix(String authorityPrefix) { + public void setAuthorityPrefix(@Nullable String authorityPrefix) { this.authorityPrefix = authorityPrefix; } - public String getAuthoritiesClaimDelimiter() { + public @Nullable String getAuthoritiesClaimDelimiter() { return this.authoritiesClaimDelimiter; } - public void setAuthoritiesClaimDelimiter(String authoritiesClaimDelimiter) { + public void setAuthoritiesClaimDelimiter(@Nullable String authoritiesClaimDelimiter) { this.authoritiesClaimDelimiter = authoritiesClaimDelimiter; } - public String getAuthoritiesClaimName() { + public @Nullable String getAuthoritiesClaimName() { return this.authoritiesClaimName; } - public void setAuthoritiesClaimName(String authoritiesClaimName) { + public void setAuthoritiesClaimName(@Nullable String authoritiesClaimName) { this.authoritiesClaimName = authoritiesClaimName; } - public String getPrincipalClaimName() { + public @Nullable String getPrincipalClaimName() { return this.principalClaimName; } - public void setPrincipalClaimName(String principalClaimName) { + public void setPrincipalClaimName(@Nullable String principalClaimName) { this.principalClaimName = principalClaimName; } @@ -195,39 +197,39 @@ public class OAuth2ResourceServerProperties { /** * Client id used to authenticate with the token introspection endpoint. */ - private String clientId; + private @Nullable String clientId; /** * Client secret used to authenticate with the token introspection endpoint. */ - private String clientSecret; + private @Nullable String clientSecret; /** * OAuth 2.0 endpoint through which token introspection is accomplished. */ - private String introspectionUri; + private @Nullable String introspectionUri; - public String getClientId() { + public @Nullable String getClientId() { return this.clientId; } - public void setClientId(String clientId) { + public void setClientId(@Nullable String clientId) { this.clientId = clientId; } - public String getClientSecret() { + public @Nullable String getClientSecret() { return this.clientSecret; } - public void setClientSecret(String clientSecret) { + public void setClientSecret(@Nullable String clientSecret) { this.clientSecret = clientSecret; } - public String getIntrospectionUri() { + public @Nullable String getIntrospectionUri() { return this.introspectionUri; } - public void setIntrospectionUri(String introspectionUri) { + public void setIntrospectionUri(@Nullable String introspectionUri) { this.introspectionUri = introspectionUri; } diff --git a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/package-info.java b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/package-info.java index 437795bbe2b..0ce7dc0891c 100644 --- a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/package-info.java +++ b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/package-info.java @@ -17,4 +17,7 @@ /** * Support for Spring Security's OAuth2 resource server. */ +@NullMarked package org.springframework.boot.security.oauth2.server.resource.autoconfigure; + +import org.jspecify.annotations.NullMarked; diff --git a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java index 8f47c2be5a1..453251bae1f 100644 --- a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java +++ b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java @@ -25,6 +25,8 @@ import java.util.Collections; import java.util.List; import java.util.Set; +import org.jspecify.annotations.Nullable; + import org.springframework.beans.factory.ObjectProvider; import org.springframework.boot.autoconfigure.condition.AnyNestedCondition; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; @@ -125,7 +127,7 @@ class ReactiveOAuth2ResourceServerJwkConfiguration { return new JwtClaimValidator<>(JwtClaimNames.AUD, (aud) -> nullSafeDisjoint(aud, audiences)); } - private boolean nullSafeDisjoint(List c1, List c2) { + private boolean nullSafeDisjoint(@Nullable List c1, List c2) { return c1 != null && !Collections.disjoint(c1, c2); } diff --git a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/package-info.java b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/package-info.java index f5a566f5e56..910f9e88094 100644 --- a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/package-info.java +++ b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/package-info.java @@ -17,4 +17,7 @@ /** * Auto-configuration for Spring Security's Reactive OAuth2 resource server. */ +@NullMarked package org.springframework.boot.security.oauth2.server.resource.autoconfigure.reactive; + +import org.jspecify.annotations.NullMarked; diff --git a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/OAuth2ResourceServerJwtConfiguration.java b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/OAuth2ResourceServerJwtConfiguration.java index 81a8a8eaf90..ffc92de38cb 100644 --- a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/OAuth2ResourceServerJwtConfiguration.java +++ b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/OAuth2ResourceServerJwtConfiguration.java @@ -25,6 +25,8 @@ import java.util.Collections; import java.util.List; import java.util.Set; +import org.jspecify.annotations.Nullable; + import org.springframework.beans.factory.ObjectProvider; import org.springframework.boot.autoconfigure.condition.AnyNestedCondition; import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; @@ -124,7 +126,7 @@ class OAuth2ResourceServerJwtConfiguration { return new JwtClaimValidator<>(JwtClaimNames.AUD, (aud) -> nullSafeDisjoint(aud, audiences)); } - private boolean nullSafeDisjoint(List c1, List c2) { + private boolean nullSafeDisjoint(@Nullable List c1, List c2) { return c1 != null && !Collections.disjoint(c1, c2); } diff --git a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/package-info.java b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/package-info.java index bf718ed4eea..1debecdde49 100644 --- a/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/package-info.java +++ b/module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/package-info.java @@ -17,4 +17,7 @@ /** * Auto-configuration for Spring Security's OAuth2 resource server. */ +@NullMarked package org.springframework.boot.security.oauth2.server.resource.autoconfigure.servlet; + +import org.jspecify.annotations.NullMarked;