Checkstyle fixes for webauthn JSpecify

Issue gh-17839

webauthn/src/main/java/org/springframework/security/web/webauthn/api/ImmutableCredentialRecord.java

@@ -60,7 +60,8 @@ public final class ImmutableCredentialRecord implements CredentialRecord {
 	private ImmutableCredentialRecord(@Nullable PublicKeyCredentialType credentialType, Bytes credentialId,
 			Bytes userEntityUserId, PublicKeyCose publicKey, long signatureCount, boolean uvInitialized,
 			Set<AuthenticatorTransport> transports, boolean backupEligible, boolean backupState,
-			@Nullable Bytes attestationObject, @Nullable Bytes attestationClientDataJSON, Instant created, Instant lastUsed, String label) {
+			@Nullable Bytes attestationObject, @Nullable Bytes attestationClientDataJSON, Instant created,
+			Instant lastUsed, String label) {
 		this.credentialType = credentialType;
 		this.credentialId = credentialId;
 		this.userEntityUserId = userEntityUserId;

webauthn/src/main/java/org/springframework/security/web/webauthn/authentication/PublicKeyCredentialRequestOptionsRepository.java

@@ -39,7 +39,8 @@ public interface PublicKeyCredentialRequestOptionsRepository {
 	 * @param options the {@link PublicKeyCredentialRequestOptions} to save or null if an
 	 * existing {@link PublicKeyCredentialRequestOptions} should be removed.
 	 */
-	void save(HttpServletRequest request, HttpServletResponse response, @Nullable PublicKeyCredentialRequestOptions options);
+	void save(HttpServletRequest request, HttpServletResponse response,
+			@Nullable PublicKeyCredentialRequestOptions options);
 
 	/**
 	 * Gets a saved {@link PublicKeyCredentialRequestOptions} if it exists, otherwise

webauthn/src/main/java/org/springframework/security/web/webauthn/management/RelyingPartyRegistrationRequest.java

@@ -16,8 +16,6 @@
 
 package org.springframework.security.web.webauthn.management;
 
-import org.jspecify.annotations.Nullable;
-
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;
 
 /**

webauthn/src/main/java/org/springframework/security/web/webauthn/management/WebAuthnRelyingPartyOperations.java

@@ -16,8 +16,6 @@
 
 package org.springframework.security.web.webauthn.management;
 
-import org.jspecify.annotations.Nullable;
-
 import org.springframework.security.core.Authentication;
 import org.springframework.security.web.webauthn.api.CredentialRecord;
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;

webauthn/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java

@@ -375,14 +375,15 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe
 		CborConverter cborConverter = this.objectConverter.getCborConverter();
 		Bytes attestationObject = credentialRecord.getAttestationObject();
 		Assert.notNull(attestationObject, "attestationObject cannot be null");
-		AttestationObject wa4jAttestationObject = cborConverter
+		AttestationObject wa4jAttestationObject = cborConverter.readValue(attestationObject.getBytes(),
-			.readValue(attestationObject.getBytes(), AttestationObject.class);
+				AttestationObject.class);
 		Assert.notNull(wa4jAttestationObject, "attestationObject cannot be null");
-		AuthenticatorData<RegistrationExtensionAuthenticatorOutput> wa4jAuthData = wa4jAttestationObject.getAuthenticatorData();
+		AuthenticatorData<RegistrationExtensionAuthenticatorOutput> wa4jAuthData = wa4jAttestationObject
+			.getAuthenticatorData();
 		AttestedCredentialData wa4jCredData = wa4jAuthData.getAttestedCredentialData();
 		Assert.notNull(wa4jCredData, "attestedCredentialData cannot be null");
-		AttestedCredentialData data = new AttestedCredentialData(wa4jCredData.getAaguid(),
+		AttestedCredentialData data = new AttestedCredentialData(wa4jCredData.getAaguid(), keyId.getBytes(),
-				keyId.getBytes(), wa4jCredData.getCOSEKey());
+				wa4jCredData.getCOSEKey());
 
 		Authenticator authenticator = new AuthenticatorImpl(data, wa4jAttestationObject.getAttestationStatement(),
 				credentialRecord.getSignatureCount());
@@ -392,8 +393,7 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe
 		byte[] tokenBindingId = null /* set tokenBindingId */;
 		String rpId = requestOptions.getRpId();
 		Assert.notNull(rpId, "rpId cannot be null");
-		ServerProperty serverProperty = new ServerProperty(origins, rpId, challenge,
+		ServerProperty serverProperty = new ServerProperty(origins, rpId, challenge, tokenBindingId);
-				tokenBindingId);
 		boolean userVerificationRequired = request.getRequestOptions()
 			.getUserVerification() == UserVerificationRequirement.REQUIRED;
 
@@ -406,7 +406,8 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe
 		AuthenticationData wa4jAuthenticationData = this.webAuthnManager.validate(authenticationRequest,
 				authenticationParameters);
 
-		AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> wa4jValidatedAuthData = wa4jAuthenticationData.getAuthenticatorData();
+		AuthenticatorData<AuthenticationExtensionAuthenticatorOutput> wa4jValidatedAuthData = wa4jAuthenticationData
+			.getAuthenticatorData();
 		Assert.notNull(wa4jValidatedAuthData, "authenticatorData cannot be null");
 		long updatedSignCount = wa4jValidatedAuthData.getSignCount();
 		ImmutableCredentialRecord updatedRecord = ImmutableCredentialRecord.fromCredentialRecord(credentialRecord)
@@ -415,10 +416,10 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe
 			.build();
 		this.userCredentials.save(updatedRecord);
 
-		PublicKeyCredentialUserEntity userEntity = this.userEntities.findById(
+		PublicKeyCredentialUserEntity userEntity = this.userEntities.findById(credentialRecord.getUserEntityUserId());
-				credentialRecord.getUserEntityUserId());
 		if (userEntity == null) {
-			throw new IllegalArgumentException("Unable to find UserEntity with id " + credentialRecord.getUserEntityUserId() + " for " + request);
+			throw new IllegalArgumentException(
+					"Unable to find UserEntity with id " + credentialRecord.getUserEntityUserId() + " for " + request);
 		}
 		return userEntity;
 	}

webauthn/src/main/java/org/springframework/security/web/webauthn/registration/HttpSessionPublicKeyCredentialCreationOptionsRepository.java

@@ -22,7 +22,6 @@ import jakarta.servlet.http.HttpSession;
 import org.jspecify.annotations.Nullable;
 
 import org.springframework.security.web.webauthn.api.PublicKeyCredentialCreationOptions;
-import org.springframework.security.web.webauthn.api.PublicKeyCredentialRequestOptions;
 import org.springframework.util.Assert;
 
 public class HttpSessionPublicKeyCredentialCreationOptionsRepository
@@ -38,7 +37,6 @@ public class HttpSessionPublicKeyCredentialCreationOptionsRepository
 		request.getSession().setAttribute(this.attrName, options);
 	}
 
-
 	public @Nullable PublicKeyCredentialCreationOptions load(HttpServletRequest request) {
 		HttpSession session = request.getSession(false);
 		if (session == null) {

webauthn/src/main/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsRepository.java

@@ -39,7 +39,8 @@ public interface PublicKeyCredentialCreationOptionsRepository {
 	 * @param options the {@link PublicKeyCredentialCreationOptions} to save or null if an
 	 * existing {@link PublicKeyCredentialCreationOptions} should be removed.
 	 */
-	void save(HttpServletRequest request, HttpServletResponse response, @Nullable PublicKeyCredentialCreationOptions options);
+	void save(HttpServletRequest request, HttpServletResponse response,
+			@Nullable PublicKeyCredentialCreationOptions options);
 
 	/**
 	 * Gets a saved {@link PublicKeyCredentialCreationOptions} if it exists, otherwise