From 7abc1ae8dc400ea35382fd0da476692897af45fe Mon Sep 17 00:00:00 2001 From: alfonsoristorato Date: Sat, 13 Dec 2025 20:39:25 +0000 Subject: [PATCH] ensure JwtAuthenticationProvider.authenticate returns not null Authentication Signed-off-by: alfonsoristorato --- .../resource/authentication/JwtAuthenticationProvider.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java index d7daa116b5..89ed88599c 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java @@ -21,6 +21,8 @@ import java.util.Collection; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.jspecify.annotations.NonNull; + import org.springframework.core.convert.converter.Converter; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AuthenticationProvider; @@ -83,7 +85,7 @@ public final class JwtAuthenticationProvider implements AuthenticationProvider { * @throws AuthenticationException if authentication failed for some reason */ @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { + public @NonNull Authentication authenticate(Authentication authentication) throws AuthenticationException { BearerTokenAuthenticationToken bearer = (BearerTokenAuthenticationToken) authentication; Jwt jwt = getJwt(bearer); AbstractAuthenticationToken token = this.jwtAuthenticationConverter.convert(jwt);