ensure JwtAuthenticationProvider.authenticate returns not null Authentication

Signed-off-by: alfonsoristorato <alfonsoristorato@gmail.com>
4 days ago · 7abc1ae8dc
1 changed files with 3 additions and 1 deletions
--- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java
+++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java
@ -21,6 +21,8 @@ import java.util.Collection;
				@@ -21,6 +21,8 @@ import java.util.Collection;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;

+import org.jspecify.annotations.NonNull;
+
 import org.springframework.core.convert.converter.Converter;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationProvider;
@ -83,7 +85,7 @@ public final class JwtAuthenticationProvider implements AuthenticationProvider {
				@@ -83,7 +85,7 @@ public final class JwtAuthenticationProvider implements AuthenticationProvider {
 	 * @throws AuthenticationException if authentication failed for some reason
 	 */
 	@Override
-	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+	public @NonNull Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		BearerTokenAuthenticationToken bearer = (BearerTokenAuthenticationToken) authentication;
 		Jwt jwt = getJwt(bearer);
 		AbstractAuthenticationToken token = this.jwtAuthenticationConverter.convert(jwt);