From 5f905232cb3fb4789bc4d783757f8ed877a87d71 Mon Sep 17 00:00:00 2001
From: Josh Cummings <josh.cummings@gmail.com>
Date: Fri, 27 Sep 2019 13:17:37 -0600
Subject: [PATCH] Polish CurrentSecurityContextArgumentResolvers

Fixes gh-7487
---
 .../WebMvcSecurityConfiguration.java          |  2 +-
 ...urrentSecurityContextArgumentResolver.java | 38 ++++-----
 ...urrentSecurityContextArgumentResolver.java | 24 ++----
 ...tSecurityContextArgumentResolverTests.java | 77 ++++++++++---------
 ...tSecurityContextArgumentResolverTests.java | 58 +++++++-------
 5 files changed, 93 insertions(+), 106 deletions(-)
 rename web/src/main/java/org/springframework/security/web/{bind/support => method/annotation}/CurrentSecurityContextArgumentResolver.java (79%)
 rename web/src/test/java/org/springframework/security/web/{bind/support => method/annotation}/CurrentSecurityContextArgumentResolverTests.java (81%)

diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java
index 3c49395b99..312a1b170e 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java
@@ -21,7 +21,7 @@ import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.expression.BeanFactoryResolver;
 import org.springframework.expression.BeanResolver;
-import org.springframework.security.web.bind.support.CurrentSecurityContextArgumentResolver;
+import org.springframework.security.web.method.annotation.CurrentSecurityContextArgumentResolver;
 import org.springframework.security.web.method.annotation.AuthenticationPrincipalArgumentResolver;
 import org.springframework.security.web.method.annotation.CsrfTokenArgumentResolver;
 import org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor;
diff --git a/web/src/main/java/org/springframework/security/web/bind/support/CurrentSecurityContextArgumentResolver.java b/web/src/main/java/org/springframework/security/web/method/annotation/CurrentSecurityContextArgumentResolver.java
similarity index 79%
rename from web/src/main/java/org/springframework/security/web/bind/support/CurrentSecurityContextArgumentResolver.java
rename to web/src/main/java/org/springframework/security/web/method/annotation/CurrentSecurityContextArgumentResolver.java
index 805442f928..e05fc77bea 100644
--- a/web/src/main/java/org/springframework/security/web/bind/support/CurrentSecurityContextArgumentResolver.java
+++ b/web/src/main/java/org/springframework/security/web/method/annotation/CurrentSecurityContextArgumentResolver.java
@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.web.bind.support;
+package org.springframework.security.web.method.annotation;
 
 import java.lang.annotation.Annotation;
 
@@ -62,10 +62,10 @@ import org.springframework.web.method.support.ModelAndViewContainer;
  * </pre>
  *
  * <p>
- * Will resolve the SecurityContext argument using {@link SecurityContextHolder#getContext()} from
- * the {@link SecurityContextHolder}. If the {@link SecurityContext} is null, it will return null.
- * If the types do not match, null will be returned unless
- * {@link CurrentSecurityContext#errorOnInvalidType()} is true in which case a
+ * Will resolve the {@link SecurityContext} argument using {@link SecurityContextHolder#getContext()} from
+ * the {@link SecurityContextHolder}. If the {@link SecurityContext} is {@code null}, it will return {@code null}.
+ * If the types do not match, {@code null} will be returned unless
+ * {@link CurrentSecurityContext#errorOnInvalidType()} is {@code true} in which case a
  * {@link ClassCastException} will be thrown.
  * </p>
  *
@@ -78,32 +78,19 @@ public final class CurrentSecurityContextArgumentResolver
 	private ExpressionParser parser = new SpelExpressionParser();
 
 	private BeanResolver beanResolver;
+
 	/**
-	 * check if this argument resolve can support the parameter.
-	 * @param parameter the method parameter.
-	 * @return true = it can support parameter.
-	 *
-	 * @see
-	 * org.springframework.web.method.support.HandlerMethodArgumentResolver#
-	 * supportsParameter(org.springframework.core.MethodParameter)
+	 * {@inheritDoc}
 	 */
+	@Override
 	public boolean supportsParameter(MethodParameter parameter) {
 		return findMethodAnnotation(CurrentSecurityContext.class, parameter) != null;
 	}
 
 	/**
-	 * resolve the argument to inject into the controller parameter.
-	 * @param parameter the method parameter.
-	 * @param mavContainer the model and view container.
-	 * @param webRequest the web request.
-	 * @param binderFactory the web data binder factory.
-	 *
-	 * @see org.springframework.web.method.support.HandlerMethodArgumentResolver#
-	 * resolveArgument (org.springframework.core.MethodParameter,
-	 * org.springframework.web.method.support.ModelAndViewContainer,
-	 * org.springframework.web.context.request.NativeWebRequest,
-	 * org.springframework.web.bind.support.WebDataBinderFactory)
+	 * {@inheritDoc}
 	 */
+	@Override
 	public Object resolveArgument(MethodParameter parameter,
 				ModelAndViewContainer mavContainer, NativeWebRequest webRequest,
 				WebDataBinderFactory binderFactory) {
@@ -138,8 +125,9 @@ public final class CurrentSecurityContextArgumentResolver
 		}
 		return securityContextResult;
 	}
+
 	/**
-	 * Sets the {@link BeanResolver} to be used on the expressions
+	 * Set the {@link BeanResolver} to be used on the expressions
 	 * @param beanResolver the {@link BeanResolver} to use
 	 */
 	public void setBeanResolver(BeanResolver beanResolver) {
@@ -148,7 +136,7 @@ public final class CurrentSecurityContextArgumentResolver
 	}
 
 	/**
-	 * Obtains the specified {@link Annotation} on the specified {@link MethodParameter}.
+	 * Obtain the specified {@link Annotation} on the specified {@link MethodParameter}.
 	 *
 	 * @param annotationClass the class of the {@link Annotation} to find on the
 	 * {@link MethodParameter}
diff --git a/web/src/main/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolver.java b/web/src/main/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolver.java
index 73f0baa1e8..9f1eac242e 100644
--- a/web/src/main/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolver.java
+++ b/web/src/main/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolver.java
@@ -15,7 +15,11 @@
  */
 package org.springframework.security.web.reactive.result.method.annotation;
 
+import java.lang.annotation.Annotation;
+
 import org.reactivestreams.Publisher;
+import reactor.core.publisher.Mono;
+
 import org.springframework.core.MethodParameter;
 import org.springframework.core.ReactiveAdapter;
 import org.springframework.core.ReactiveAdapterRegistry;
@@ -34,12 +38,10 @@ import org.springframework.util.StringUtils;
 import org.springframework.web.reactive.BindingContext;
 import org.springframework.web.reactive.result.method.HandlerMethodArgumentResolverSupport;
 import org.springframework.web.server.ServerWebExchange;
-import reactor.core.publisher.Mono;
-
-import java.lang.annotation.Annotation;
 
 /**
- * Resolves the SecurityContext
+ * Resolves the {@link SecurityContext}
+ *
  * @author Dan Zheng
  * @since 5.2
  */
@@ -63,13 +65,7 @@ public class CurrentSecurityContextArgumentResolver extends HandlerMethodArgumen
 	}
 
 	/**
-	 * check if this argument resolve can support the parameter.
-	 * @param parameter the method parameter.
-	 * @return true = it can support parameter.
-	 *
-	 * @see
-	 * org.springframework.web.reactive.result.method.HandlerMethodArgumentResolver#
-	 * supportsParameter(org.springframework.core.MethodParameter)
+	 * {@inheritDoc}
 	 */
 	@Override
 	public boolean supportsParameter(MethodParameter parameter) {
@@ -77,11 +73,7 @@ public class CurrentSecurityContextArgumentResolver extends HandlerMethodArgumen
 	}
 
 	/**
-	 * resolve the argument to inject into the controller parameter.
-	 * @param parameter the method parameter.
-	 * @param bindingContext the binding context.
-	 * @param exchange the server web exchange.
-	 * @return the reactive mono object result.
+	 * {@inheritDoc}
 	 */
 	@Override
 	public Mono<Object> resolveArgument(MethodParameter parameter, BindingContext bindingContext,
diff --git a/web/src/test/java/org/springframework/security/web/bind/support/CurrentSecurityContextArgumentResolverTests.java b/web/src/test/java/org/springframework/security/web/method/annotation/CurrentSecurityContextArgumentResolverTests.java
similarity index 81%
rename from web/src/test/java/org/springframework/security/web/bind/support/CurrentSecurityContextArgumentResolverTests.java
rename to web/src/test/java/org/springframework/security/web/method/annotation/CurrentSecurityContextArgumentResolverTests.java
index 3c7bf65d8e..84dc2b2ce1 100644
--- a/web/src/test/java/org/springframework/security/web/bind/support/CurrentSecurityContextArgumentResolverTests.java
+++ b/web/src/test/java/org/springframework/security/web/method/annotation/CurrentSecurityContextArgumentResolverTests.java
@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.springframework.security.web.bind.support;
+package org.springframework.security.web.method.annotation;
 
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
@@ -45,12 +45,11 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
  *
  */
 public class CurrentSecurityContextArgumentResolverTests {
-	private Object expectedPrincipal;
 	private CurrentSecurityContextArgumentResolver resolver;
 
 	@Before
 	public void setup() {
-		resolver = new CurrentSecurityContextArgumentResolver();
+		this.resolver = new CurrentSecurityContextArgumentResolver();
 	}
 
 	@After
@@ -60,45 +59,48 @@ public class CurrentSecurityContextArgumentResolverTests {
 
 	@Test
 	public void supportsParameterNoAnnotation() {
-		assertThat(resolver.supportsParameter(showSecurityContextNoAnnotation())).isFalse();
+		assertThat(this.resolver.supportsParameter(showSecurityContextNoAnnotation())).isFalse();
 	}
 
 	@Test
 	public void supportsParameterAnnotation() {
-		assertThat(resolver.supportsParameter(showSecurityContextAnnotation())).isTrue();
+		assertThat(this.resolver.supportsParameter(showSecurityContextAnnotation())).isTrue();
 	}
 
 	@Test
-	public void resolveArgumentWithCustomSecurityContext() throws Exception {
+	public void resolveArgumentWithCustomSecurityContext() {
 		String principal = "custom_security_context";
 		setAuthenticationPrincipalWithCustomSecurityContext(principal);
-		CustomSecurityContext customSecurityContext = (CustomSecurityContext) resolver.resolveArgument(showAnnotationWithCustomSecurityContext(), null, null, null);
+		CustomSecurityContext customSecurityContext = (CustomSecurityContext)
+				this.resolver.resolveArgument(showAnnotationWithCustomSecurityContext(), null, null, null);
 		assertThat(customSecurityContext.getAuthentication().getPrincipal()).isEqualTo(principal);
 	}
 
 	@Test
-	public void resolveArgumentWithCustomSecurityContextTypeMatch() throws Exception {
+	public void resolveArgumentWithCustomSecurityContextTypeMatch() {
 		String principal = "custom_security_context_type_match";
 		setAuthenticationPrincipalWithCustomSecurityContext(principal);
-		CustomSecurityContext customSecurityContext = (CustomSecurityContext) resolver.resolveArgument(showAnnotationWithCustomSecurityContext(), null, null, null);
+		CustomSecurityContext customSecurityContext = (CustomSecurityContext)
+				this.resolver.resolveArgument(showAnnotationWithCustomSecurityContext(), null, null, null);
 		assertThat(customSecurityContext.getAuthentication().getPrincipal()).isEqualTo(principal);
 	}
 
 	@Test
-	public void resolveArgumentNullAuthentication() throws Exception {
+	public void resolveArgumentNullAuthentication() {
 		SecurityContext context = SecurityContextHolder.getContext();
 		Authentication authentication = context.getAuthentication();
 		context.setAuthentication(null);
-		assertThat(resolver.resolveArgument(showSecurityContextAuthenticationAnnotation(), null, null, null))
+		assertThat(this.resolver.resolveArgument(showSecurityContextAuthenticationAnnotation(), null, null, null))
 				.isNull();
 		context.setAuthentication(authentication);
 	}
 
 	@Test
-	public void resolveArgumentWithAuthentication() throws Exception {
+	public void resolveArgumentWithAuthentication() {
 		String principal = "john";
 		setAuthenticationPrincipal(principal);
-		Authentication auth1 = (Authentication) resolver.resolveArgument(showSecurityContextAuthenticationAnnotation(), null, null, null);
+		Authentication auth1 = (Authentication)
+				this.resolver.resolveArgument(showSecurityContextAuthenticationAnnotation(), null, null, null);
 		assertThat(auth1.getPrincipal()).isEqualTo(principal);
 	}
 
@@ -109,52 +111,54 @@ public class CurrentSecurityContextArgumentResolverTests {
 		context.setAuthentication(null);
 		assertThatExceptionOfType(SpelEvaluationException.class)
 		.isThrownBy(() -> {
-			resolver.resolveArgument(showSecurityContextAuthenticationWithPrincipal(), null, null, null);
+			this.resolver.resolveArgument(showSecurityContextAuthenticationWithPrincipal(), null, null, null);
 		});
 		context.setAuthentication(authentication);
 	}
 
 	@Test
-	public void resolveArgumentWithOptionalPrincipal() throws Exception {
+	public void resolveArgumentWithOptionalPrincipal() {
 		SecurityContext context = SecurityContextHolder.getContext();
 		Authentication authentication = context.getAuthentication();
 		context.setAuthentication(null);
-		Object principalResult = resolver.resolveArgument(showSecurityContextAuthenticationWithOptionalPrincipal(), null, null, null);
+		Object principalResult =
+				this.resolver.resolveArgument(showSecurityContextAuthenticationWithOptionalPrincipal(), null, null, null);
 		assertThat(principalResult).isNull();
 		context.setAuthentication(authentication);
 	}
 
 	@Test
-	public void resolveArgumentWithPrincipal() throws Exception {
+	public void resolveArgumentWithPrincipal() {
 		String principal = "smith";
 		setAuthenticationPrincipal(principal);
-		String principalResult = (String) resolver.resolveArgument(showSecurityContextAuthenticationWithPrincipal(), null, null, null);
+		String principalResult = (String)
+				this.resolver.resolveArgument(showSecurityContextAuthenticationWithPrincipal(), null, null, null);
 		assertThat(principalResult).isEqualTo(principal);
 	}
 
 	@Test
-	public void resolveArgumentUserDetails() throws Exception {
+	public void resolveArgumentUserDetails() {
 		setAuthenticationDetail(new User("my_user", "my_password",
 				AuthorityUtils.createAuthorityList("ROLE_USER")));
 
-		User u = (User) resolver.resolveArgument(showSecurityContextWithUserDetail(), null, null,
+		User u = (User) this.resolver.resolveArgument(showSecurityContextWithUserDetail(), null, null,
 				null);
 		assertThat(u.getUsername()).isEqualTo("my_user");
 	}
 
 	@Test
-	public void resolveArgumentSecurityContextErrorOnInvalidTypeImplicit() throws Exception {
+	public void resolveArgumentSecurityContextErrorOnInvalidTypeImplicit() {
 		String principal = "invalid_type_implicit";
 		setAuthenticationPrincipal(principal);
-		assertThat(resolver.resolveArgument(showSecurityContextErrorOnInvalidTypeImplicit(), null, null, null))
+		assertThat(this.resolver.resolveArgument(showSecurityContextErrorOnInvalidTypeImplicit(), null, null, null))
 				.isNull();
 	}
 
 	@Test
-	public void resolveArgumentSecurityContextErrorOnInvalidTypeFalse() throws Exception {
+	public void resolveArgumentSecurityContextErrorOnInvalidTypeFalse() {
 		String principal = "invalid_type_false";
 		setAuthenticationPrincipal(principal);
-		assertThat(resolver.resolveArgument(showSecurityContextErrorOnInvalidTypeFalse(), null, null, null))
+		assertThat(this.resolver.resolveArgument(showSecurityContextErrorOnInvalidTypeFalse(), null, null, null))
 				.isNull();
 	}
 
@@ -162,34 +166,35 @@ public class CurrentSecurityContextArgumentResolverTests {
 	public void resolveArgumentSecurityContextErrorOnInvalidTypeTrue() {
 		String principal = "invalid_type_true";
 		setAuthenticationPrincipal(principal);
-		assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> resolver.resolveArgument(showSecurityContextErrorOnInvalidTypeTrue(), null,
-				null, null));
+		assertThatExceptionOfType(ClassCastException.class).isThrownBy(() ->
+				this.resolver.resolveArgument(showSecurityContextErrorOnInvalidTypeTrue(), null, null, null));
 	}
 
 	@Test
-	public void metaAnnotationWhenCurrentCustomSecurityContextThenInjectSecurityContext() throws Exception {
-		assertThat(resolver.resolveArgument(showCurrentCustomSecurityContext(), null, null, null))
+	public void metaAnnotationWhenCurrentCustomSecurityContextThenInjectSecurityContext() {
+		assertThat(this.resolver.resolveArgument(showCurrentCustomSecurityContext(), null, null, null))
 				.isNotNull();
 	}
 
 	@Test
-	public void metaAnnotationWhenCurrentAuthenticationThenInjectAuthentication() throws Exception {
+	public void metaAnnotationWhenCurrentAuthenticationThenInjectAuthentication() {
 		String principal = "current_authentcation";
 		setAuthenticationPrincipal(principal);
-		Authentication auth1 = (Authentication) resolver.resolveArgument(showCurrentAuthentication(), null, null, null);
+		Authentication auth1 = (Authentication)
+				this.resolver.resolveArgument(showCurrentAuthentication(), null, null, null);
 		assertThat(auth1.getPrincipal()).isEqualTo(principal);
 	}
 
 	@Test
-	public void metaAnnotationWhenCurrentSecurityWithErrorOnInvalidTypeThenInjectSecurityContext() throws Exception {
-		assertThat(resolver.resolveArgument(showCurrentSecurityWithErrorOnInvalidType(), null, null, null))
+	public void metaAnnotationWhenCurrentSecurityWithErrorOnInvalidTypeThenInjectSecurityContext() {
+		assertThat(this.resolver.resolveArgument(showCurrentSecurityWithErrorOnInvalidType(), null, null, null))
 				.isNotNull();
 	}
 
 	@Test
 	public void metaAnnotationWhenCurrentSecurityWithErrorOnInvalidTypeThenMisMatch() {
-		assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> resolver.resolveArgument(showCurrentSecurityWithErrorOnInvalidTypeMisMatch(), null,
-				null, null));
+		assertThatExceptionOfType(ClassCastException.class).isThrownBy(() ->
+				this.resolver.resolveArgument(showCurrentSecurityWithErrorOnInvalidTypeMisMatch(), null, null, null));
 	}
 
 	private MethodParameter showSecurityContextNoAnnotation() {
@@ -342,13 +347,13 @@ public class CurrentSecurityContextArgumentResolverTests {
 	@Target({ ElementType.PARAMETER })
 	@Retention(RetentionPolicy.RUNTIME)
 	@CurrentSecurityContext
-	static @interface CurrentCustomSecurityContext {
+	@interface CurrentCustomSecurityContext {
 	}
 
 	@Target({ ElementType.PARAMETER })
 	@Retention(RetentionPolicy.RUNTIME)
 	@CurrentSecurityContext(expression = "authentication")
-	static @interface CurrentAuthentication {
+	@interface CurrentAuthentication {
 	}
 
 	@Target({ ElementType.PARAMETER })
diff --git a/web/src/test/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolverTests.java b/web/src/test/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolverTests.java
index d23277bb37..c97f6b1276 100644
--- a/web/src/test/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolverTests.java
+++ b/web/src/test/java/org/springframework/security/web/reactive/result/method/annotation/CurrentSecurityContextArgumentResolverTests.java
@@ -16,9 +16,6 @@
 
 package org.springframework.security.web.reactive.result.method.annotation;
 
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
-
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
@@ -29,6 +26,8 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
+import reactor.core.publisher.Mono;
+import reactor.util.context.Context;
 
 import org.springframework.core.MethodParameter;
 import org.springframework.core.ReactiveAdapterRegistry;
@@ -43,8 +42,8 @@ import org.springframework.security.web.method.ResolvableMethod;
 import org.springframework.web.reactive.BindingContext;
 import org.springframework.web.server.ServerWebExchange;
 
-import reactor.core.publisher.Mono;
-import reactor.util.context.Context;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
 
 
 /**
@@ -71,25 +70,25 @@ public class CurrentSecurityContextArgumentResolverTests {
 
 	@Before
 	public void setup() {
-		resolver =  new CurrentSecurityContextArgumentResolver(new ReactiveAdapterRegistry());
+		this.resolver =  new CurrentSecurityContextArgumentResolver(new ReactiveAdapterRegistry());
 		this.resolver.setBeanResolver(this.beanResolver);
 	}
 
 	@Test
 	public void supportsParameterCurrentSecurityContext() {
-		assertThat(resolver.supportsParameter(this.securityContextMethod.arg(Mono.class, SecurityContext.class))).isTrue();
+		assertThat(this.resolver.supportsParameter(this.securityContextMethod.arg(Mono.class, SecurityContext.class))).isTrue();
 	}
 
 	@Test
 	public void supportsParameterWithAuthentication() {
-		assertThat(resolver.supportsParameter(this.securityContextWithAuthentication.arg(Mono.class, Authentication.class))).isTrue();
+		assertThat(this.resolver.supportsParameter(this.securityContextWithAuthentication.arg(Mono.class, Authentication.class))).isTrue();
 	}
 
 	@Test
 	public void resolveArgumentWithNullSecurityContext() {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContext").build().arg(Mono.class, SecurityContext.class);
 		Context context = ReactiveSecurityContextHolder.withSecurityContext(Mono.empty());
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Object obj = argument.subscriberContext(context).block();
 		assertThat(obj).isNull();
 		ReactiveSecurityContextHolder.clearContext();
@@ -100,7 +99,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContext").build().arg(Mono.class, SecurityContext.class);
 		Authentication auth = buildAuthenticationWithPrincipal("hello");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		SecurityContext securityContext = (SecurityContext) argument.subscriberContext(context).cast(Mono.class).block().block();
 		assertThat(securityContext.getAuthentication()).isSameAs(auth);
 		ReactiveSecurityContextHolder.clearContext();
@@ -111,7 +110,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("customSecurityContext").build().arg(Mono.class, SecurityContext.class);
 		Authentication auth = buildAuthenticationWithPrincipal("hello");
 		Context context = ReactiveSecurityContextHolder.withSecurityContext(Mono.just(new CustomSecurityContext(auth)));
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		CustomSecurityContext securityContext = (CustomSecurityContext) argument.subscriberContext(context).cast(Mono.class).block().block();
 		assertThat(securityContext.getAuthentication()).isSameAs(auth);
 		ReactiveSecurityContextHolder.clearContext();
@@ -122,7 +121,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContext").build().arg(Mono.class, SecurityContext.class);
 		Authentication auth = null;
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		SecurityContext securityContext = (SecurityContext) argument.subscriberContext(context).cast(Mono.class).block().block();
 		assertThat(securityContext.getAuthentication()).isNull();
 		ReactiveSecurityContextHolder.clearContext();
@@ -133,7 +132,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContextWithAuthentication").build().arg(Mono.class, Authentication.class);
 		Authentication auth = null;
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<Object> r = (Mono<Object>) argument.subscriberContext(context).block();
 		assertThat(r.block()).isNull();
 		ReactiveSecurityContextHolder.clearContext();
@@ -144,7 +143,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContextWithAuthentication").build().arg(Mono.class, Authentication.class);
 		Authentication auth = buildAuthenticationWithPrincipal("authentication1");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<Authentication> auth1 = (Mono<Authentication>) argument.subscriberContext(context).block();
 		assertThat(auth1.block()).isSameAs(auth);
 		ReactiveSecurityContextHolder.clearContext();
@@ -155,7 +154,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContextWithDepthPropOptional").build().arg(Mono.class, Object.class);
 		Authentication auth = null;
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<Object> obj = (Mono<Object>) argument.subscriberContext(context).block();
 		assertThat(obj.block()).isNull();
 		ReactiveSecurityContextHolder.clearContext();
@@ -166,7 +165,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContextWithDepthPropOptional").build().arg(Mono.class, Object.class);
 		Authentication auth = buildAuthenticationWithPrincipal("auth_optional");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<Object> obj = (Mono<Object>) argument.subscriberContext(context).block();
 		assertThat(obj.block()).isEqualTo("auth_optional");
 		ReactiveSecurityContextHolder.clearContext();
@@ -177,7 +176,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContextWithDepthProp").build().arg(Mono.class, Object.class);
 		Authentication auth = null;
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		assertThatExceptionOfType(SpelEvaluationException.class).isThrownBy(() -> argument.subscriberContext(context).block());
 		ReactiveSecurityContextHolder.clearContext();
 	}
@@ -187,7 +186,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("securityContextWithDepthStringProp").build().arg(Mono.class, String.class);
 		Authentication auth = buildAuthenticationWithPrincipal("auth_string");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<String> obj = (Mono<String>) argument.subscriberContext(context).block();
 		assertThat(obj.block()).isEqualTo("auth_string");
 		ReactiveSecurityContextHolder.clearContext();
@@ -198,7 +197,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("errorOnInvalidTypeWhenImplicit").build().arg(Mono.class, String.class);
 		Authentication auth = buildAuthenticationWithPrincipal("invalid_type_implicit");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<String> obj = (Mono<String>) argument.subscriberContext(context).block();
 		assertThat(obj.block()).isNull();
 		ReactiveSecurityContextHolder.clearContext();
@@ -209,7 +208,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("errorOnInvalidTypeWhenExplicitFalse").build().arg(Mono.class, String.class);
 		Authentication auth = buildAuthenticationWithPrincipal("error_on_invalid_type_explicit_false");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Mono<String> obj = (Mono<String>) argument.subscriberContext(context).block();
 		assertThat(obj.block()).isNull();
 		ReactiveSecurityContextHolder.clearContext();
@@ -220,7 +219,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("errorOnInvalidTypeWhenExplicitTrue").build().arg(Mono.class, String.class);
 		Authentication auth = buildAuthenticationWithPrincipal("error_on_invalid_type_explicit_true");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> argument.subscriberContext(context).block());
 		ReactiveSecurityContextHolder.clearContext();
 	}
@@ -230,7 +229,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("currentCustomSecurityContext").build().arg(Mono.class, SecurityContext.class);
 		Authentication auth = buildAuthenticationWithPrincipal("current_custom_security_context");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		SecurityContext securityContext = (SecurityContext) argument.subscriberContext(context).cast(Mono.class).block().block();
 		assertThat(securityContext.getAuthentication()).isSameAs(auth);
 		ReactiveSecurityContextHolder.clearContext();
@@ -241,7 +240,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("currentAuthentication").build().arg(Mono.class, Authentication.class);
 		Authentication auth = buildAuthenticationWithPrincipal("current_authentication");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		Authentication authentication = (Authentication) argument.subscriberContext(context).cast(Mono.class).block().block();
 		assertThat(authentication).isSameAs(auth);
 		ReactiveSecurityContextHolder.clearContext();
@@ -252,7 +251,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("currentSecurityWithErrorOnInvalidType").build().arg(Mono.class, SecurityContext.class);
 		Authentication auth = buildAuthenticationWithPrincipal("current_security_with_error_on_invalid_type");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		SecurityContext securityContext = (SecurityContext) argument.subscriberContext(context).cast(Mono.class).block().block();
 		assertThat(securityContext.getAuthentication()).isSameAs(auth);
 		ReactiveSecurityContextHolder.clearContext();
@@ -263,7 +262,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 		MethodParameter parameter = ResolvableMethod.on(getClass()).named("currentSecurityWithErrorOnInvalidTypeMisMatch").build().arg(Mono.class, String.class);
 		Authentication auth = buildAuthenticationWithPrincipal("current_security_with_error_on_invalid_type_mismatch");
 		Context context = ReactiveSecurityContextHolder.withAuthentication(auth);
-		Mono<Object> argument = resolver.resolveArgument(parameter, bindingContext, exchange);
+		Mono<Object> argument = this.resolver.resolveArgument(parameter, this.bindingContext, this.exchange);
 		assertThatExceptionOfType(ClassCastException.class).isThrownBy(() -> argument.subscriberContext(context).cast(Mono.class).block().block());
 		ReactiveSecurityContextHolder.clearContext();
 	}
@@ -297,26 +296,28 @@ public class CurrentSecurityContextArgumentResolverTests {
 	@Target({ ElementType.PARAMETER })
 	@Retention(RetentionPolicy.RUNTIME)
 	@CurrentSecurityContext
-	static @interface CurrentCustomSecurityContext {
+	@interface CurrentCustomSecurityContext {
 	}
 
 	@Target({ ElementType.PARAMETER })
 	@Retention(RetentionPolicy.RUNTIME)
 	@CurrentSecurityContext(expression = "authentication")
-	static @interface CurrentAuthentication {
+	@interface CurrentAuthentication {
 	}
 
 	@Target({ ElementType.PARAMETER })
 	@Retention(RetentionPolicy.RUNTIME)
 	@CurrentSecurityContext(errorOnInvalidType = true)
-	static @interface CurrentSecurityWithErrorOnInvalidType {
+	@interface CurrentSecurityWithErrorOnInvalidType {
 	}
 
 	static class CustomSecurityContext implements SecurityContext {
 		private Authentication authentication;
+
 		CustomSecurityContext(Authentication authentication) {
 			this.authentication = authentication;
 		}
+
 		@Override
 		public Authentication getAuthentication() {
 			return authentication;
@@ -327,6 +328,7 @@ public class CurrentSecurityContextArgumentResolverTests {
 			this.authentication = authentication;
 		}
 	}
+
 	private Authentication buildAuthenticationWithPrincipal(Object principal) {
 		return new TestingAuthenticationToken(principal, "password",
 				"ROLE_USER");