Format Lambda Expressions

This commit updats lambda expressions so that their variable is surrounded in parentheses. Issue gh-13067
6 months ago · c43afbf5e1
45 changed files with 272 additions and 272 deletions
--- a/buildSrc/src/main/groovy/io/spring/gradle/convention/ManagementConfigurationPlugin.java
+++ b/buildSrc/src/main/groovy/io/spring/gradle/convention/ManagementConfigurationPlugin.java
@ -61,7 +61,7 @@ public class ManagementConfigurationPlugin implements Plugin<Project> {
 				PublishingExtension publishing = project.getExtensions().getByType(PublishingExtension.class);
 				publishing.getPublications().withType(MavenPublication.class, (mavenPublication -> {
 					mavenPublication.versionMapping((versions) ->
-							versions.allVariants(versionMapping -> versionMapping.fromResolutionResult())
+							versions.allVariants((versionMapping) -> versionMapping.fromResolutionResult())
 					);
 				}));
 			});
@ -71,4 +71,4 @@ public class ManagementConfigurationPlugin implements Plugin<Project> {
 			}));
 		});
 	}
-}
+}
--- a/buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java
+++ b/buildSrc/src/main/java/org/springframework/security/CheckExpectedBranchVersionPlugin.java
@ -46,7 +46,7 @@ public class CheckExpectedBranchVersionPlugin implements Plugin<Project> {
 			task.setDescription("Check if the project version matches the branch version");
 			task.onlyIf("skipCheckExpectedBranchVersion property is false or not present", CheckExpectedBranchVersionPlugin::skipPropertyFalseOrNotPresent);
 			task.getVersion().convention(project.provider(() -> project.getVersion().toString()));
-			task.getBranchName().convention(project.getProviders().exec(execSpec -> execSpec.setCommandLine("git", "symbolic-ref", "--short", "HEAD")).getStandardOutput().getAsText());
+			task.getBranchName().convention(project.getProviders().exec((execSpec) -> execSpec.setCommandLine("git", "symbolic-ref", "--short", "HEAD")).getStandardOutput().getAsText());
 			task.getOutputFile().convention(project.getLayout().getBuildDirectory().file("check-expected-branch-version"));
 		});
 		project.getTasks().named(JavaBasePlugin.CHECK_TASK_NAME, checkTask -> checkTask.dependsOn(checkExpectedBranchVersionTask));
--- a/docs/modules/ROOT/pages/features/authentication/password-storage.adoc
+++ b/docs/modules/ROOT/pages/features/authentication/password-storage.adoc
@ -615,7 +615,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
-        .authorizeHttpRequests(authorize -> authorize
+        .authorizeHttpRequests((authorize) -> authorize
            .anyRequest().authenticated()
        )
        .formLogin((login) -> login
--- a/docs/modules/ROOT/pages/reactive/authorization/authorize-http-requests.adoc
+++ b/docs/modules/ROOT/pages/reactive/authorization/authorize-http-requests.adoc
@ -15,7 +15,7 @@ Java::
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
    http
-        .authorizeExchange(exchanges -> exchanges
+        .authorizeExchange((exchanges) -> exchanges
            .anyExchange().authenticated()
        )
        .httpBasic(withDefaults())
--- a/docs/modules/ROOT/pages/reactive/authorization/method.adoc
+++ b/docs/modules/ROOT/pages/reactive/authorization/method.adoc
@ -614,7 +614,7 @@ public class SecurityConfig {
 		return http
 			// Demonstrate that method security works
 			// Best practice to use both for defense in depth
-			.authorizeExchange(exchanges -> exchanges
+			.authorizeExchange((exchanges) -> exchanges
 				.anyExchange().permitAll()
 			)
 			.httpBasic(withDefaults())
--- a/docs/modules/ROOT/pages/reactive/configuration/webflux.adoc
+++ b/docs/modules/ROOT/pages/reactive/configuration/webflux.adoc
@ -87,7 +87,7 @@ public class HelloWebfluxSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 		http
-			.authorizeExchange(exchanges -> exchanges
+			.authorizeExchange((exchanges) -> exchanges
 			    .anyExchange().authenticated()
 			)
 			.httpBasic(withDefaults())
--- a/docs/modules/ROOT/pages/reactive/exploits/csrf.adoc
+++ b/docs/modules/ROOT/pages/reactive/exploits/csrf.adoc
@ -45,7 +45,7 @@ Java::
 public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.csrf(csrf -> csrf.csrfTokenRepository(CookieServerCsrfTokenRepository.withHttpOnlyFalse()))
+		.csrf((csrf) -> csrf.csrfTokenRepository(CookieServerCsrfTokenRepository.withHttpOnlyFalse()))
 	return http.build();
 }
 -----
@ -91,7 +91,7 @@ Java::
 public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.csrf(csrf -> csrf.disable()))
+		.csrf((csrf) -> csrf.disable()))
 	return http.build();
 }
 ----
@ -133,7 +133,7 @@ Java::
 public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.csrf(csrf -> csrf
+		.csrf((csrf) -> csrf
 			.csrfTokenRequestHandler(new ServerCsrfTokenRequestAttributeHandler())
 		)
 	return http.build();
@ -181,7 +181,7 @@ public class SecurityControllerAdvice {
 	@ModelAttribute
 	Mono<CsrfToken> csrfToken(ServerWebExchange exchange) {
 		Mono<CsrfToken> csrfToken = exchange.getAttribute(CsrfToken.class.getName());
-		return csrfToken.doOnSuccess(token -> exchange.getAttributes()
+		return csrfToken.doOnSuccess((token) -> token.getAttributes()
 				.put(CsrfRequestDataValueProcessor.DEFAULT_CSRF_ATTR_NAME, token));
 	}
 }
@ -351,7 +351,7 @@ Java::
 public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.logout(logout -> logout.requiresLogout(new PathPatternParserServerWebExchangeMatcher("/logout")))
+		.logout((logout) -> logout.requiresLogout(new PathPatternParserServerWebExchangeMatcher("/logout")))
 	return http.build();
 }
 ----
@ -416,7 +416,7 @@ Java::
 public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.csrf(csrf -> csrf.tokenFromMultipartDataEnabled(true))
+		.csrf((csrf) -> csrf.tokenFromMultipartDataEnabled(true))
 	return http.build();
 }
 ----
--- a/docs/modules/ROOT/pages/reactive/exploits/headers.adoc
+++ b/docs/modules/ROOT/pages/reactive/exploits/headers.adoc
@ -26,8 +26,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.frameOptions(frameOptions -> frameOptions
+			.frameOptions((frameOptions) -> frameOptions
 				.mode(Mode.SAMEORIGIN)
 			)
 		);
@ -67,7 +67,7 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers.disable());
+		.headers((headers) -> headers.disable());
 	return http.build();
 }
 ----
@ -112,8 +112,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.cache(cache -> cache.disable())
+			.cache((cache) -> cache.disable())
 		);
 	return http.build();
 }
@ -154,8 +154,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.contentTypeOptions(contentTypeOptions -> contentTypeOptions.disable())
+			.contentTypeOptions((contentTypeOptions) -> contentTypeOptions.disable())
 		);
 	return http.build();
 }
@ -196,8 +196,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.hsts(hsts -> hsts
+			.hsts((hsts) -> hsts
 				.includeSubdomains(true)
 				.preload(true)
 				.maxAge(Duration.ofDays(365))
@ -244,8 +244,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.frameOptions(frameOptions -> frameOptions
+			.frameOptions((frameOptions) -> frameOptions
 				.mode(SAMEORIGIN)
 			)
 		);
@ -287,8 +287,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.xssProtection(xssProtection -> xssProtection.disable())
+			.xssProtection((xssProtection) -> xssProtection.disable())
 		);
 	return http.build();
 }
@ -325,8 +325,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.xssProtection(xssProtection -> xssProtection.headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue.ENABLED_MODE_BLOCK))
+			.xssProtection((xssProtection) -> xssProtection.headerValue(XXssProtectionServerHttpHeadersWriter.HeaderValue.ENABLED_MODE_BLOCK))
 		);
 	return http.build();
 }
@ -376,8 +376,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.contentSecurityPolicy(policy -> policy
+			.contentSecurityPolicy((policy) -> policy
 				.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
 			)
 		);
@ -416,8 +416,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.contentSecurityPolicy(policy -> policy
+			.contentSecurityPolicy((policy) -> policy
 				.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
 				.reportOnly()
 			)
@ -462,8 +462,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.referrerPolicy(referrer -> referrer
+			.referrerPolicy((referrer) -> referrer
 				.policy(ReferrerPolicy.SAME_ORIGIN)
 			)
 		);
@ -515,7 +515,7 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
 			.featurePolicy("geolocation 'self'")
 		);
 	return http.build();
@ -564,8 +564,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.headers(headers -> headers
+		.headers((headers) -> headers
-			.permissionsPolicy(permissions -> permissions
+			.permissionsPolicy((permissions) -> permissions
 				.policy("geolocation=(self)")
 			)
 		);
--- a/docs/modules/ROOT/pages/reactive/exploits/http.adoc
+++ b/docs/modules/ROOT/pages/reactive/exploits/http.adoc
@ -57,8 +57,8 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.redirectToHttps(redirect -> redirect
+		.redirectToHttps((redirect) -> redirect
-			.httpsRedirectWhen(e -> e.getRequest().getHeaders().containsKey("X-Forwarded-Proto"))
+			.httpsRedirectWhen((e) -> e.getRequest().getHeaders().containsKey("X-Forwarded-Proto"))
 		);
 	return http.build();
 }
--- a/docs/modules/ROOT/pages/reactive/integrations/cors.adoc
+++ b/docs/modules/ROOT/pages/reactive/integrations/cors.adoc
@ -55,7 +55,7 @@ Java::
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
 		// ...
-		.cors(cors -> cors.disable());
+		.cors((cors) -> cors.disable());
 	return http.build();
 }
 ----
--- a/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc
+++ b/docs/modules/ROOT/pages/reactive/integrations/rsocket.adoc
@ -426,7 +426,7 @@ rsocket
 		authz
 			.setup().hasRole("SETUP") // <1>
 			.route("fetch.profile.me").authenticated() // <2>
-			.matcher(payloadExchange -> isMatch(payloadExchange)) // <3>
+			.matcher((payloadExchange) -> payloadExchange(payloadExchange)) // <3>
 				.hasRole("CUSTOM")
 			.route("fetch.profile.{username}") // <4>
 				.access((authentication, context) -> checkFriends(authentication, context))
--- a/docs/modules/ROOT/pages/reactive/oauth2/client/authorization-grants.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/client/authorization-grants.adoc
@ -145,10 +145,10 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.authorizeExchange(authorize -> authorize
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().authenticated()
 			)
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
 				.authorizationRequestResolver(
 					authorizationRequestResolver(this.clientRegistrationRepository)
 				)
@ -170,7 +170,7 @@ public class OAuth2LoginSecurityConfig {
 	private Consumer<OAuth2AuthorizationRequest.Builder> authorizationRequestCustomizer() {
 		return customizer -> customizer
-					.additionalParameters(params -> params.put("prompt", "consent"));
+					.additionalParameters((params) -> params.put("prompt", "consent"));
 	}
 }
 ----
@ -252,7 +252,7 @@ Java::
 ----
 private Consumer<OAuth2AuthorizationRequest.Builder> authorizationRequestCustomizer() {
 	return customizer -> customizer
-			.authorizationRequestUri(uriBuilder -> uriBuilder
+			.authorizationRequestUri((uriBuilder) -> uriBuilder
 					.queryParam("prompt", "consent").build());
 }
 ----
@ -301,7 +301,7 @@ public class OAuth2ClientSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.oauth2Client(oauth2 -> oauth2
+			.oauth2Client((oauth2) -> oauth2
 				.authorizationRequestRepository(this.authorizationRequestRepository())
 				// ...
 			);
@ -370,7 +370,7 @@ public class OAuth2ClientSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.oauth2Client(oauth2 -> oauth2
+			.oauth2Client((oauth2) -> oauth2
 				.authenticationManager(this.authorizationCodeAuthenticationManager())
 				// ...
 			);
@ -461,7 +461,7 @@ ReactiveOAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest> refreshT
 ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
 		ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
 				.authorizationCode()
-				.refreshToken(configurer -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient))
+				.refreshToken((configurer) -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient))
 				.build();
 // ...
@ -540,7 +540,7 @@ ReactiveOAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> cli
 ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
 		ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
-				.clientCredentials(configurer -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient))
+				.clientCredentials((configurer) -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient))
 				.build();
 // ...
@ -748,7 +748,7 @@ ReactiveOAuth2AccessTokenResponseClient<OAuth2PasswordGrantRequest> passwordToke
 ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
 		ReactiveOAuth2AuthorizedClientProviderBuilder.builder()
-				.password(configurer -> configurer.accessTokenResponseClient(passwordTokenResponseClient))
+				.password((configurer) -> configurer.accessTokenResponseClient(passwordTokenResponseClient))
 				.refreshToken()
 				.build();
--- a/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/client/index.adoc
@ -38,7 +38,7 @@ public class OAuth2ClientSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.oauth2Client(oauth2 -> oauth2
+			.oauth2Client((oauth2) -> oauth2
 				.clientRegistrationRepository(this.clientRegistrationRepository())
 				.authorizedClientRepository(this.authorizedClientRepository())
 				.authorizationRequestRepository(this.authorizationRequestRepository())
--- a/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc
@ -36,7 +36,7 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
 				.authenticationConverter(this.authenticationConverter())
 				.authenticationMatcher(this.authenticationMatcher())
 				.authenticationManager(this.authenticationManager())
@ -135,10 +135,10 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.exceptionHandling(exceptionHandling -> exceptionHandling
+			.exceptionHandling((exceptionHandling) -> exceptionHandling
 				.authenticationEntryPoint(new RedirectServerAuthenticationEntryPoint("/login/oauth2"))
 			)
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
 				.authorizationRequestResolver(this.authorizationRequestResolver())
 			);
@ -239,7 +239,7 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
 				.authenticationMatcher(new PathPatternParserServerWebExchangeMatcher("/login/oauth2/callback/{registrationId}"))
 			);
@ -688,7 +688,7 @@ Java::
@Bean
 public ReactiveJwtDecoderFactory<ClientRegistration> idTokenDecoderFactory() {
 	ReactiveOidcIdTokenDecoderFactory idTokenDecoderFactory = new ReactiveOidcIdTokenDecoderFactory();
-	idTokenDecoderFactory.setJwsAlgorithmResolver(clientRegistration -> MacAlgorithm.HS256);
+	idTokenDecoderFactory.setJwsAlgorithmResolver((clientRegistration) -> clientRegistration.HS256);
 	return idTokenDecoderFactory;
 }
 ----
--- a/docs/modules/ROOT/pages/reactive/oauth2/login/core.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/login/core.adoc
@ -337,7 +337,7 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.authorizeExchange(authorize -> authorize
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().authenticated()
 			)
 			.oauth2Login(withDefaults());
@ -390,7 +390,7 @@ public class OAuth2LoginConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.authorizeExchange(authorize -> authorize
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().authenticated()
 			)
 			.oauth2Login(withDefaults());
@ -487,7 +487,7 @@ public class OAuth2LoginConfig {
 	@Bean
 	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
 		http
-			.authorizeExchange(authorize -> authorize
+			.authorizeExchange((authorize) -> authorize
 				.anyExchange().authenticated()
 			)
 			.oauth2Login(withDefaults());
--- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/bearer-tokens.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/bearer-tokens.adoc
@ -19,7 +19,7 @@ Java::
 ServerBearerTokenAuthenticationConverter converter = new ServerBearerTokenAuthenticationConverter();
 converter.setBearerTokenHeaderName(HttpHeaders.PROXY_AUTHORIZATION);
 http
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .bearerTokenConverter(converter)
    );
 ----
@ -108,7 +108,7 @@ Java::
 ----
 this.rest.get()
        .uri("https://other-service.example.com/endpoint")
-        .headers(headers -> headers.setBearerAuth(overridingToken))
+        .headers((headers) -> headers.setBearerAuth(overridingToken))
        .retrieve()
        .bodyToMono(String.class)
 ----
--- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/jwt.adoc
@ -128,7 +128,7 @@ Java::
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.anyExchange().authenticated()
 		)
 		.oauth2ResourceServer(OAuth2ResourceServerSpec::jwt)
@ -170,11 +170,11 @@ import static org.springframework.security.oauth2.core.authorization.OAuth2React
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.pathMatchers("/message/**").access(hasScope("message:read"))
 			.anyExchange().authenticated()
 		)
-		.oauth2ResourceServer(oauth2 -> oauth2
+		.oauth2ResourceServer((oauth2) -> oauth2
 			.jwt(withDefaults())
 		);
 	return http.build();
@ -254,11 +254,11 @@ Java::
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.anyExchange().authenticated()
 		)
-		.oauth2ResourceServer(oauth2 -> oauth2
+		.oauth2ResourceServer((oauth2) -> oauth2
-			.jwt(jwt -> jwt
+			.jwt((jwt) -> jwt
 				.jwkSetUri("https://idp.example.com/.well-known/jwks.json")
 			)
 		);
@ -302,11 +302,11 @@ Java::
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.anyExchange().authenticated()
 		)
-		.oauth2ResourceServer(oauth2 -> oauth2
+		.oauth2ResourceServer((oauth2) -> oauth2
-			.jwt(jwt -> jwt
+			.jwt((jwt) -> jwt
 				.decoder(myCustomDecoder())
 			)
 		);
@ -691,7 +691,7 @@ import static org.springframework.security.oauth2.core.authorization.OAuth2React
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.mvcMatchers("/contacts/**").access(hasScope("contacts"))
 			.mvcMatchers("/messages/**").access(hasScope("messages"))
 			.anyExchange().authenticated()
@ -762,11 +762,11 @@ Java::
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.anyExchange().authenticated()
 		)
-		.oauth2ResourceServer(oauth2 -> oauth2
+		.oauth2ResourceServer((oauth2) -> oauth2
-			.jwt(jwt -> jwt
+			.jwt((jwt) -> jwt
 				.jwtAuthenticationConverter(grantedAuthoritiesExtractor())
 			)
 		);
--- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/multitenancy.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/multitenancy.adoc
@ -27,10 +27,10 @@ JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver = J
    .fromTrustedIssuers("https://idp.example.org/issuerOne", "https://idp.example.org/issuerTwo");
 http
-    .authorizeExchange(exchanges -> exchanges
+    .authorizeExchange((exchanges) -> exchanges
        .anyExchange().authenticated()
    )
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .authenticationManagerResolver(authenticationManagerResolver)
    );
 ----
@ -74,7 +74,7 @@ private Mono<ReactiveAuthenticationManager> addManager(
 	return Mono.fromCallable(() -> ReactiveJwtDecoders.fromIssuerLocation(issuer))
            .subscribeOn(Schedulers.boundedElastic())
            .map(JwtReactiveAuthenticationManager::new)
-            .doOnNext(authenticationManager -> authenticationManagers.put(issuer, authenticationManager));
+            .doOnNext((authenticationManager) -> authenticationManager.put(issuer, authenticationManager));
 }
 // ...
@ -83,10 +83,10 @@ JwtIssuerReactiveAuthenticationManagerResolver authenticationManagerResolver =
        new JwtIssuerReactiveAuthenticationManagerResolver(authenticationManagers::get);
 http
-    .authorizeExchange(exchanges -> exchanges
+    .authorizeExchange((exchanges) -> exchanges
        .anyExchange().authenticated()
    )
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .authenticationManagerResolver(authenticationManagerResolver)
    );
 ----
--- a/docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/resource-server/opaque-token.adoc
@ -176,7 +176,7 @@ Java::
@Bean
 SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
 	http
-		.authorizeExchange(exchanges -> exchanges
+		.authorizeExchange((exchanges) -> exchanges
 			.anyExchange().authenticated()
 		)
 		.oauth2ResourceServer(ServerHttpSecurity.OAuth2ResourceServerSpec::opaqueToken)
@ -221,12 +221,12 @@ public class MyCustomSecurityConfiguration {
    @Bean
    SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http
-            .authorizeExchange(exchanges -> exchanges
+            .authorizeExchange((exchanges) -> exchanges
                .pathMatchers("/messages/**").access(hasScope("message:read"))
                .anyExchange().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .opaqueToken(opaqueToken -> opaqueToken
+                .opaqueToken((opaqueToken) -> opaqueToken
                    .introspector(myIntrospector())
                )
            );
@ -310,11 +310,11 @@ public class DirectlyConfiguredIntrospectionUri {
    @Bean
    SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http
-            .authorizeExchange(exchanges -> exchanges
+            .authorizeExchange((exchanges) -> exchanges
                .anyExchange().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .opaqueToken(opaqueToken -> opaqueToken
+                .opaqueToken((opaqueToken) -> opaqueToken
                    .introspectionUri("https://idp.example.com/introspect")
                    .introspectionClientCredentials("client", "secret")
                )
@ -364,11 +364,11 @@ public class DirectlyConfiguredIntrospector {
    @Bean
    SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http
-            .authorizeExchange(exchanges -> exchanges
+            .authorizeExchange((exchanges) -> exchanges
                .anyExchange().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .opaqueToken(opaqueToken -> opaqueToken
+                .opaqueToken((opaqueToken) -> opaqueToken
                    .introspector(myCustomIntrospector())
                )
            );
@ -457,7 +457,7 @@ public class MappedAuthorities {
    @Bean
    SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
        http
-            .authorizeExchange(exchange -> exchange
+            .authorizeExchange((exchange) -> exchange
                .pathMatchers("/contacts/**").access(hasScope("contacts"))
                .pathMatchers("/messages/**").access(hasScope("messages"))
                .anyExchange().authenticated()
@ -543,7 +543,7 @@ public class CustomAuthoritiesOpaqueTokenIntrospector implements ReactiveOpaqueT
    public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) {
        return this.delegate.introspect(token)
-                .map(principal -> new DefaultOAuth2AuthenticatedPrincipal(
+                .map((principal) -> principal DefaultOAuth2AuthenticatedPrincipal(
                        principal.getName(), principal.getAttributes(), extractAuthorities(principal)));
    }
@ -650,8 +650,8 @@ public class JwtOpaqueTokenIntrospector implements ReactiveOpaqueTokenIntrospect
 	public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) {
 		return this.delegate.introspect(token)
-				.flatMap(principal -> this.jwtDecoder.decode(token))
+				.flatMap((principal) -> principal.jwtDecoder.decode(token))
-				.map(jwt -> new DefaultOAuth2AuthenticatedPrincipal(jwt.getClaims(), NO_AUTHORITIES));
+				.map((jwt) -> jwt DefaultOAuth2AuthenticatedPrincipal(jwt.getClaims(), NO_AUTHORITIES));
 	}
 	private static class ParseOnlyJWTProcessor implements Converter<JWT, Mono<JWTClaimsSet>> {
--- a/docs/modules/ROOT/pages/reactive/test/web/oauth2.adoc
+++ b/docs/modules/ROOT/pages/reactive/test/web/oauth2.adoc
@ -227,7 +227,7 @@ Java::
 ----
 client
    .mutateWith(mockOidcLogin()
-        .idToken(token -> token.claim("user_id", "1234"))
+        .idToken((token) -> token.claim("user_id", "1234"))
    )
    .get().uri("/endpoint").exchange();
 ----
@ -470,7 +470,7 @@ Java::
 ----
 client
    .mutateWith(mockOAuth2Login()
-        .attributes(attrs -> attrs.put("user_id", "1234"))
+        .attributes((attrs) -> attrs.put("user_id", "1234"))
    )
    .get().uri("/endpoint").exchange();
 ----
@ -869,7 +869,7 @@ Java::
 [source,java,role="primary"]
 ----
 client
-	.mutateWith(mockJwt().jwt(jwt -> jwt.header("kid", "one")
+	.mutateWith(mockJwt().jwt((jwt) -> jwt.header("kid", "one")
 		.claim("iss", "https://idp.example.org")))
 	.get().uri("/endpoint").exchange();
 ----
@ -893,7 +893,7 @@ Java::
 [source,java,role="primary"]
 ----
 client
-	.mutateWith(mockJwt().jwt(jwt -> jwt.claims(claims -> claims.remove("scope"))))
+	.mutateWith(mockJwt().jwt((jwt) -> jwt.claims((claims) -> claims.remove("scope"))))
 	.get().uri("/endpoint").exchange();
 ----
@ -1206,7 +1206,7 @@ Java::
 ----
 client
    .mutateWith(mockOpaqueToken()
-        .attributes(attrs -> attrs.put("user_id", "1234"))
+        .attributes((attrs) -> attrs.put("user_id", "1234"))
    )
    .get().uri("/endpoint").exchange();
 ----
--- a/docs/modules/ROOT/pages/servlet/architecture.adoc
+++ b/docs/modules/ROOT/pages/servlet/architecture.adoc
@ -171,7 +171,7 @@ public class SecurityConfig {
            .csrf(Customizer.withDefaults())
            .httpBasic(Customizer.withDefaults())
            .formLogin(Customizer.withDefaults())
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            );
--- a/docs/modules/ROOT/pages/servlet/authentication/passwords/digest.adoc
+++ b/docs/modules/ROOT/pages/servlet/authentication/passwords/digest.adoc
@ -64,7 +64,7 @@ DigestAuthenticationFilter digestAuthenticationFilter() {
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 	http
 		// ...
-		.exceptionHandling(e -> e.authenticationEntryPoint(authenticationEntryPoint()))
+		.exceptionHandling((e) -> e.authenticationEntryPoint(authenticationEntryPoint()))
 		.addFilter(digestAuthenticationFilter());
 	return http.build();
 }
--- a/docs/modules/ROOT/pages/servlet/authentication/passwords/form.adoc
+++ b/docs/modules/ROOT/pages/servlet/authentication/passwords/form.adoc
@ -120,7 +120,7 @@ Java::
 ----
 public SecurityFilterChain filterChain(HttpSecurity http) {
 	http
-		.formLogin(form -> form
+		.formLogin((form) -> form
 			.loginPage("/login")
 			.permitAll()
 		);
--- a/docs/modules/ROOT/pages/servlet/authentication/session-management.adoc
+++ b/docs/modules/ROOT/pages/servlet/authentication/session-management.adoc
@ -359,7 +359,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) {
    http
-        .sessionManagement(session -> session
+        .sessionManagement((session) -> session
            .maximumSessions(1)
        );
    return http.build();
@ -412,7 +412,7 @@ Java::
 public SecurityFilterChain filterChain(HttpSecurity http) {
 	AuthorizationManager<?> isAdmin = AuthorityAuthorizationManager.hasRole("ADMIN");
    http
-        .sessionManagement(session -> session
+        .sessionManagement((session) -> session
            .maximumSessions((authentication) -> isAdmin.authorize(() -> authentication, null).isGranted() ? -1 : 1)
        );
    return http.build();
@ -504,7 +504,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) {
    http
-        .sessionManagement(session -> session
+        .sessionManagement((session) -> session
            .maximumSessions(1)
            .maxSessionsPreventsLogin(true)
        );
@ -612,7 +612,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) {
    http
-        .sessionManagement(session -> session
+        .sessionManagement((session) -> session
            .invalidSessionUrl("/invalidSession")
        );
    return http.build();
@ -663,7 +663,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) {
    http
-        .sessionManagement(session -> session
+        .sessionManagement((session) -> session
            .invalidSessionStrategy(new MyCustomInvalidSessionStrategy())
        );
    return http.build();
@ -767,7 +767,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) {
    http
-        .logout(logout -> logout
+        .logout((logout) -> logout
            .deleteCookies("JSESSIONID")
        );
    return http.build();
@ -971,7 +971,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) {
    http
-        .sessionManagement(session -> session
+        .sessionManagement((session) -> session
            .sessionCreationPolicy(SessionCreationPolicy.ALWAYS)
        );
    return http.build();
--- a/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
+++ b/docs/modules/ROOT/pages/servlet/authorization/authorize-http-requests.adoc
@ -741,7 +741,7 @@ import static org.springframework.security.authorization.AuthorityAuthorizationM
 SecurityFilterChain web(HttpSecurity http) throws Exception {
 	http
 		// ...
-		.authorizeHttpRequests(authorize -> authorize                                  // <1>
+		.authorizeHttpRequests((authorize) -> authorize                                  // <1>
            .dispatcherTypeMatchers(FORWARD, ERROR).permitAll() // <2>
 			.requestMatchers("/static/**", "/signup", "/about").permitAll()         // <3>
 			.requestMatchers("/admin/**").hasRole("ADMIN")                             // <4>
@ -1043,7 +1043,7 @@ public class SecurityConfig {
 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		http
 			.securityMatcher("/api/**")                            <1>
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.requestMatchers("/api/user/**").hasRole("USER")   <2>
 				.requestMatchers("/api/admin/**").hasRole("ADMIN") <3>
 				.anyRequest().authenticated()                      <4>
@ -1106,7 +1106,7 @@ public class SecurityConfig {
 	public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		http
 			.securityMatcher(antMatcher("/api/**"))                              <2>
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.requestMatchers(antMatcher("/api/user/**")).hasRole("USER")     <3>
 				.requestMatchers(regexMatcher("/api/admin/.*")).hasRole("ADMIN") <4>
 				.requestMatchers(new MyCustomRequestMatcher()).hasRole("SUPERVISOR")     <5>
--- a/docs/modules/ROOT/pages/servlet/configuration/java.adoc
+++ b/docs/modules/ROOT/pages/servlet/configuration/java.adoc
@ -173,7 +173,7 @@ It is configured with the following default implementation:
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 	http
-		.authorizeHttpRequests(authorize -> authorize
+		.authorizeHttpRequests((authorize) -> authorize
 			.anyRequest().authenticated()
 		)
 		.formLogin(Customizer.withDefaults())
@ -228,7 +228,7 @@ public class MultiHttpSecurityConfig {
 	public SecurityFilterChain apiFilterChain(HttpSecurity http) throws Exception {
 		http
 			.securityMatcher("/api/**")                              <3>
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().hasRole("ADMIN")
 			)
 			.httpBasic(Customizer.withDefaults());
@ -238,7 +238,7 @@ public class MultiHttpSecurityConfig {
 	@Bean                                                            <4>
 	public SecurityFilterChain formLoginFilterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.formLogin(Customizer.withDefaults());
@ -297,7 +297,7 @@ public class PartialSecurityConfig {
 	public SecurityFilterChain securedFilterChain(HttpSecurity http) throws Exception {
 		http
 			.securityMatcher("/secured/**")                            <1>
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.requestMatchers("/secured/user").hasRole("USER")      <2>
 				.requestMatchers("/secured/admin").hasRole("ADMIN")    <3>
 				.anyRequest().authenticated()                          <4>
@ -357,15 +357,15 @@ public class SecuredSecurityConfig {
 	public SecurityFilterChain securedFilterChain(HttpSecurity http) throws Exception {
 		http
 			.securityMatcher("/secured/**")                            <1>
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()                          <2>
 			)
-			.formLogin(formLogin -> formLogin                          <3>
+			.formLogin((formLogin) -> formLogin                          <3>
 				.loginPage("/secured/login")
 				.loginProcessingUrl("/secured/login")
 				.permitAll()
 			)
-			.logout(logout -> logout                                   <4>
+			.logout((logout) -> logout                                   <4>
 				.logoutUrl("/secured/logout")
 				.logoutSuccessUrl("/secured/login?logout")
 				.permitAll()
@ -377,7 +377,7 @@ public class SecuredSecurityConfig {
 	@Bean
 	public SecurityFilterChain defaultFilterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().denyAll()                                <5>
 			);
 		return http.build();
@ -424,7 +424,7 @@ public class BankingSecurityConfig {
        String[] approvalsPaths = { "/accounts/approvals/**", "/loans/approvals/**", "/credit-cards/approvals/**" };
        http
            .securityMatcher(approvalsPaths)
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().hasRole("ADMIN")
            )
            .httpBasic(Customizer.withDefaults());
@ -438,7 +438,7 @@ public class BankingSecurityConfig {
 		String[] viewBalancePaths = { "/balances/**" };
        http
 			.securityMatcher(bankingPaths)
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.requestMatchers(viewBalancePaths).hasRole("VIEW_BALANCE")
 				.anyRequest().hasRole("USER")
            );
@ -449,15 +449,15 @@ public class BankingSecurityConfig {
    public SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
 		String[] allowedPaths = { "/", "/user-login", "/user-logout", "/notices", "/contact", "/register" };
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
 				.requestMatchers(allowedPaths).permitAll()
 				.anyRequest().authenticated()
            )
-			.formLogin(formLogin -> formLogin
+			.formLogin((formLogin) -> formLogin
 				.loginPage("/user-login")
 				.loginProcessingUrl("/user-login")
 			)
-			.logout(logout -> logout
+			.logout((logout) -> logout
 				.logoutUrl("/user-logout")
 				.logoutSuccessUrl("/?logout")
 			);
@ -680,7 +680,7 @@ For example, to configure the `filterSecurityPublishAuthorizationSuccess` proper
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 	http
-		.authorizeHttpRequests(authorize -> authorize
+		.authorizeHttpRequests((authorize) -> authorize
 			.anyRequest().authenticated()
 			.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
 				public <O extends FilterSecurityInterceptor> O postProcess(
--- a/docs/modules/ROOT/pages/servlet/exploits/headers.adoc
+++ b/docs/modules/ROOT/pages/servlet/exploits/headers.adoc
@ -30,8 +30,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.frameOptions(frameOptions -> frameOptions
+				.frameOptions((frameOptions) -> frameOptions
 					.sameOrigin()
 				)
 			);
@ -96,7 +96,7 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
 				// do not use any default headers unless explicitly listed
 				.defaultsDisabled()
 				.cacheControl(withDefaults())
@ -160,7 +160,7 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers.disable());
+			.headers((headers) -> headers.disable());
 		return http.build();
 	}
 }
@ -226,8 +226,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.cacheControl(cache -> cache.disable())
+				.cacheControl((cache) -> cache.disable())
 			);
 		return http.build();
 	}
@ -291,8 +291,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.contentTypeOptions(contentTypeOptions -> contentTypeOptions.disable())
+				.contentTypeOptions((contentTypeOptions) -> contentTypeOptions.disable())
 			);
 		return http.build();
 	}
@ -357,8 +357,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.httpStrictTransportSecurity(hsts -> hsts
+				.httpStrictTransportSecurity((hsts) -> hsts
 					.includeSubDomains(true)
 					.preload(true)
 					.maxAgeInSeconds(31536000)
@ -431,8 +431,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.httpPublicKeyPinning(hpkp -> hpkp
+				.httpPublicKeyPinning((hpkp) -> hpkp
 					.includeSubDomains(true)
 					.reportUri("https://example.net/pkp-report")
 					.addSha256Pins("d6qzRu9zOECb90Uez27xWltNsj0e1Md7GkYYkVoZWmM=", "E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g=")
@ -511,8 +511,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.frameOptions(frameOptions -> frameOptions
+				.frameOptions((frameOptions) -> frameOptions
 					.sameOrigin()
 				)
 			);
@ -582,8 +582,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.xssProtection(xss -> xss
+				.xssProtection((xss) -> xss
 					.headerValue(XXssProtectionHeaderWriter.HeaderValue.ENABLED_MODE_BLOCK)
 				)
 			);
@ -660,8 +660,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.contentSecurityPolicy(csp -> csp
+				.contentSecurityPolicy((csp) -> csp
 					.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
 				)
 			);
@ -725,8 +725,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.contentSecurityPolicy(csp -> csp
+				.contentSecurityPolicy((csp) -> csp
 					.policyDirectives("script-src 'self' https://trustedscripts.example.com; object-src https://trustedplugins.example.com; report-uri /csp-report-endpoint/")
 					.reportOnly()
 				)
@ -797,8 +797,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.referrerPolicy(referrer -> referrer
+				.referrerPolicy((referrer) -> referrer
 					.policy(ReferrerPolicy.SAME_ORIGIN)
 				)
 			);
@ -873,7 +873,7 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
 				.featurePolicy("geolocation 'self'")
 			);
 		return http.build();
@ -945,8 +945,8 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.permissionsPolicy(permissions -> permissions
+				.permissionsPolicy((permissions) -> permissions
 					.policy("geolocation=(self)")
 				)
 			);
@ -1082,7 +1082,7 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
 				.addHeaderWriter(new StaticHeadersWriter("X-Custom-Security-Header","header-value"))
 			);
 		return http.build();
@ -1147,7 +1147,7 @@ public class WebSecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
 				.addHeaderWriter(new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN))
 			);
 		return http.build();
@ -1223,8 +1223,8 @@ public class WebSecurityConfig {
 			new DelegatingRequestMatcherHeaderWriter(matcher,new XFrameOptionsHeaderWriter());
 		http
 			// ...
-			.headers(headers -> headers
+			.headers((headers) -> headers
-				.frameOptions(frameOptions -> frameOptions.disable())
+				.frameOptions((frameOptions) -> frameOptions.disable())
 				.addHeaderWriter(headerWriter)
 			);
 		return http.build();
--- a/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
+++ b/docs/modules/ROOT/pages/servlet/integrations/websocket.adoc
@ -440,7 +440,7 @@ public class WebSocketSecurityConfig implements WebSocketMessageBrokerConfigurer
    private final ApplicationContext applicationContext;
    private final AuthorizationManager<Message<?>> authorizationManager;
-    
+
    public WebSocketSecurityConfig(ApplicationContext applicationContext, AuthorizationManager<Message<?>> authorizationManager) {
        this.applicationContext = applicationContext;
        this.authorizationManager = authorizationManager;
@ -607,8 +607,8 @@ public class WebSecurityConfig {
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
            // ...
-            .headers(headers -> headers
+            .headers((headers) -> headers
-                .frameOptions(frameOptions -> frameOptions
+                .frameOptions((frameOptions) -> frameOptions
                     .sameOrigin()
                )
        );
@ -670,17 +670,17 @@ public class WebSecurityConfig {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .csrf(csrf -> csrf
+            .csrf((csrf) -> csrf
                // ignore our stomp endpoints since they are protected using Stomp headers
                .ignoringRequestMatchers("/chat/**")
            )
-            .headers(headers -> headers
+            .headers((headers) -> headers
                // allow same origin to frame our site to support iframe SockJS
-                .frameOptions(frameOptions -> frameOptions
+                .frameOptions((frameOptions) -> frameOptions
                    .sameOrigin()
                )
            )
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                ...
            )
            ...
--- a/docs/modules/ROOT/pages/servlet/oauth2/client/authorization-grants.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/client/authorization-grants.adoc
@ -147,11 +147,11 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-				.authorizationEndpoint(authorization -> authorization
+				.authorizationEndpoint((authorization) -> authorization
 					.authorizationRequestResolver(
 						authorizationRequestResolver(this.clientRegistrationRepository)
 					)
@ -174,7 +174,7 @@ public class OAuth2LoginSecurityConfig {
 	private Consumer<OAuth2AuthorizationRequest.Builder> authorizationRequestCustomizer() {
 		return customizer -> customizer
-					.additionalParameters(params -> params.put("prompt", "consent"));
+					.additionalParameters((params) -> params.put("prompt", "consent"));
 	}
 }
 ----
@ -257,7 +257,7 @@ Java::
 ----
 private Consumer<OAuth2AuthorizationRequest.Builder> authorizationRequestCustomizer() {
 	return customizer -> customizer
-				.authorizationRequestUri(uriBuilder -> uriBuilder
+				.authorizationRequestUri((uriBuilder) -> uriBuilder
 					.queryParam("prompt", "consent").build());
 }
 ----
@ -306,14 +306,14 @@ public class OAuth2ClientSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Client(oauth2 -> oauth2
+			.oauth2Client((oauth2) -> oauth2
-				.authorizationCodeGrant(codeGrant -> codeGrant
+				.authorizationCodeGrant((codeGrant) -> codeGrant
 					.authorizationRequestRepository(this.authorizationRequestRepository())
 					// ...
 				)
 			)
-            .oauth2Login(oauth2 -> oauth2
+            .oauth2Login((oauth2) -> oauth2
-                .authorizationEndpoint(endpoint -> endpoint
+                .authorizationEndpoint((endpoint) -> endpoint
                    .authorizationRequestRepository(this.authorizationRequestRepository())
                    // ...
                )
@ -412,8 +412,8 @@ public class OAuth2ClientSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Client(oauth2 -> oauth2
+			.oauth2Client((oauth2) -> oauth2
-				.authorizationCodeGrant(codeGrant -> codeGrant
+				.authorizationCodeGrant((codeGrant) -> codeGrant
 					.accessTokenResponseClient(this.accessTokenResponseClient())
 					// ...
 				)
@ -514,7 +514,7 @@ OAuth2AccessTokenResponseClient<OAuth2RefreshTokenGrantRequest> refreshTokenToke
 OAuth2AuthorizedClientProvider authorizedClientProvider =
 		OAuth2AuthorizedClientProviderBuilder.builder()
 				.authorizationCode()
-				.refreshToken(configurer -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient))
+				.refreshToken((configurer) -> configurer.accessTokenResponseClient(refreshTokenTokenResponseClient))
 				.build();
 // ...
@ -605,7 +605,7 @@ OAuth2AccessTokenResponseClient<OAuth2ClientCredentialsGrantRequest> clientCrede
 OAuth2AuthorizedClientProvider authorizedClientProvider =
 		OAuth2AuthorizedClientProviderBuilder.builder()
-				.clientCredentials(configurer -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient))
+				.clientCredentials((configurer) -> configurer.accessTokenResponseClient(clientCredentialsTokenResponseClient))
 				.build();
 // ...
@ -882,7 +882,7 @@ OAuth2AccessTokenResponseClient<OAuth2PasswordGrantRequest> passwordTokenRespons
 OAuth2AuthorizedClientProvider authorizedClientProvider =
 		OAuth2AuthorizedClientProviderBuilder.builder()
-				.password(configurer -> configurer.accessTokenResponseClient(passwordTokenResponseClient))
+				.password((configurer) -> configurer.accessTokenResponseClient(passwordTokenResponseClient))
 				.refreshToken()
 				.build();
--- a/docs/modules/ROOT/pages/servlet/oauth2/client/index.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/client/index.adoc
@ -40,11 +40,11 @@ public class OAuth2ClientSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Client(oauth2 -> oauth2
+			.oauth2Client((oauth2) -> oauth2
 				.clientRegistrationRepository(this.clientRegistrationRepository())
 				.authorizedClientRepository(this.authorizedClientRepository())
 				.authorizedClientService(this.authorizedClientService())
-				.authorizationCodeGrant(codeGrant -> codeGrant
+				.authorizationCodeGrant((codeGrant) -> codeGrant
 					.authorizationRequestRepository(this.authorizationRequestRepository())
 					.authorizationRequestResolver(this.authorizationRequestResolver())
 					.accessTokenResponseClient(this.accessTokenResponseClient())
--- a/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc
@ -22,17 +22,17 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-			    .authorizationEndpoint(authorization -> authorization
+			    .authorizationEndpoint((authorization) -> authorization
 			            ...
 			    )
-			    .redirectionEndpoint(redirection -> redirection
+			    .redirectionEndpoint((redirection) -> redirection
 			            ...
 			    )
-			    .tokenEndpoint(token -> token
+			    .tokenEndpoint((token) -> token
 			            ...
 			    )
-			    .userInfoEndpoint(userInfo -> userInfo
+			    .userInfoEndpoint((userInfo) -> userInfo
 			            ...
 			    )
 			);
@ -108,23 +108,23 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
 			    .clientRegistrationRepository(this.clientRegistrationRepository())
 			    .authorizedClientRepository(this.authorizedClientRepository())
 			    .authorizedClientService(this.authorizedClientService())
 			    .loginPage("/login")
-			    .authorizationEndpoint(authorization -> authorization
+			    .authorizationEndpoint((authorization) -> authorization
 			        .baseUri(this.authorizationRequestBaseUri())
 			        .authorizationRequestRepository(this.authorizationRequestRepository())
 			        .authorizationRequestResolver(this.authorizationRequestResolver())
 			    )
-			    .redirectionEndpoint(redirection -> redirection
+			    .redirectionEndpoint((redirection) -> redirection
 			        .baseUri(this.authorizationResponseBaseUri())
 			    )
-			    .tokenEndpoint(token -> token
+			    .tokenEndpoint((token) -> token
 			        .accessTokenResponseClient(this.accessTokenResponseClient())
 			    )
-			    .userInfoEndpoint(userInfo -> userInfo
+			    .userInfoEndpoint((userInfo) -> userInfo
 			        .userAuthoritiesMapper(this.userAuthoritiesMapper())
 			        .userService(this.oauth2UserService())
 			        .oidcUserService(this.oidcUserService())
@ -250,10 +250,10 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
 			    .loginPage("/login/oauth2")
 			    ...
-			    .authorizationEndpoint(authorization -> authorization
+			    .authorizationEndpoint((authorization) -> authorization
 			        .baseUri("/login/oauth2/authorization")
 			        ...
 			    )
@ -345,8 +345,8 @@ public class OAuth2LoginSecurityConfig {
    @Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-			    .redirectionEndpoint(redirection -> redirection
+			    .redirectionEndpoint((redirection) -> redirection
 			        .baseUri("/login/oauth2/callback/*")
 			        ...
 			    )
@ -469,8 +469,8 @@ public class OAuth2LoginSecurityConfig {
    @Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-			    .userInfoEndpoint(userInfo -> userInfo
+			    .userInfoEndpoint((userInfo) -> userInfo
 			        .userAuthoritiesMapper(this.userAuthoritiesMapper())
 			        ...
 			    )
@ -636,8 +636,8 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-			    .userInfoEndpoint(userInfo -> userInfo
+			    .userInfoEndpoint((userInfo) -> userInfo
 			        .oidcUserService(this.oidcUserService())
 			        ...
 			    )
@ -776,8 +776,8 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-			    .userInfoEndpoint(userInfo -> userInfo
+			    .userInfoEndpoint((userInfo) -> userInfo
 			        .userService(this.oauth2UserService())
 			        ...
 			    )
@ -844,8 +844,8 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.oauth2Login(oauth2 -> oauth2
+			.oauth2Login((oauth2) -> oauth2
-				.userInfoEndpoint(userInfo -> userInfo
+				.userInfoEndpoint((userInfo) -> userInfo
 				    .oidcUserService(this.oidcUserService())
 				    ...
 			    )
@ -911,7 +911,7 @@ Java::
@Bean
 public JwtDecoderFactory<ClientRegistration> idTokenDecoderFactory() {
 	OidcIdTokenDecoderFactory idTokenDecoderFactory = new OidcIdTokenDecoderFactory();
-	idTokenDecoderFactory.setJwsAlgorithmResolver(clientRegistration -> MacAlgorithm.HS256);
+	idTokenDecoderFactory.setJwsAlgorithmResolver((clientRegistration) -> clientRegistration.HS256);
 	return idTokenDecoderFactory;
 }
 ----
--- a/docs/modules/ROOT/pages/servlet/oauth2/login/core.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/login/core.adoc
@ -332,7 +332,7 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.oauth2Login(withDefaults());
@ -381,7 +381,7 @@ public class OAuth2LoginConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.oauth2Login(withDefaults());
@ -475,7 +475,7 @@ public class OAuth2LoginConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.oauth2Login(withDefaults());
--- a/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/login/logout.adoc
@ -57,11 +57,11 @@ public class OAuth2LoginSecurityConfig {
 	@Bean
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
 		http
-			.authorizeHttpRequests(authorize -> authorize
+			.authorizeHttpRequests((authorize) -> authorize
 				.anyRequest().authenticated()
 			)
 			.oauth2Login(withDefaults())
-			.logout(logout -> logout
+			.logout((logout) -> logout
 				.logoutSuccessHandler(oidcLogoutSuccessHandler())
 			);
 		return http.build();
--- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/bearer-tokens.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/bearer-tokens.adoc
@ -69,7 +69,7 @@ Java::
 DefaultBearerTokenResolver resolver = new DefaultBearerTokenResolver();
 resolver.setAllowFormEncodedBodyParameter(true);
 http
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .bearerTokenResolver(resolver)
    );
 ----
@ -176,7 +176,7 @@ Java::
 ----
 this.rest.get()
        .uri("https://other-service.example.com/endpoint")
-        .headers(headers -> headers.setBearerAuth(overridingToken))
+        .headers((headers) -> headers.setBearerAuth(overridingToken))
        .retrieve()
        .bodyToMono(String.class)
        .block()
--- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/jwt.adoc
@ -174,7 +174,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
-        .authorizeHttpRequests(authorize -> authorize
+        .authorizeHttpRequests((authorize) -> authorize
            .anyRequest().authenticated()
        )
        .oauth2ResourceServer((oauth2) -> oauth2.jwt(Customizer.withDefaults()));
@ -220,12 +220,12 @@ public class MyCustomSecurityConfiguration {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/messages/**").access(hasScope("message:read"))
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .jwt(jwt -> jwt
+                .jwt((jwt) -> jwt
                    .jwtAuthenticationConverter(myConverter())
                )
            );
@ -355,11 +355,11 @@ public class DirectlyConfiguredJwkSetUri {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .jwt(jwt -> jwt
+                .jwt((jwt) -> jwt
                    .jwkSetUri("https://idp.example.com/.well-known/jwks.json")
                )
            );
@ -425,11 +425,11 @@ public class DirectlyConfiguredJwtDecoder {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .jwt(jwt -> jwt
+                .jwt((jwt) -> jwt
                    .decoder(myCustomDecoder())
                )
            );
@ -875,12 +875,12 @@ public class DirectlyConfiguredJwkSetUri {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/contacts/**").access(hasScope("contacts"))
                .requestMatchers("/messages/**").access(hasScope("messages"))
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
                .jwt(Customizer.withDefaults())
            );
        return http.build();
@ -1107,11 +1107,11 @@ public class CustomAuthenticationConverterConfig {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .jwt(jwt -> jwt
+                .jwt((jwt) -> jwt
                    .jwtAuthenticationConverter(new CustomAuthenticationConverter())
                )
            );
--- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/multitenancy.adoc
@ -58,10 +58,10 @@ Java::
 [source,java,role="primary"]
 ----
 http
-    .authorizeHttpRequests(authorize -> authorize
+    .authorizeHttpRequests((authorize) -> authorize
        .anyRequest().authenticated()
    )
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .authenticationManagerResolver(this.tokenAuthenticationManagerResolver)
    );
 ----
@ -118,10 +118,10 @@ JwtIssuerAuthenticationManagerResolver authenticationManagerResolver = JwtIssuer
    .fromTrustedIssuers("https://idp.example.org/issuerOne", "https://idp.example.org/issuerTwo");
 http
-    .authorizeHttpRequests(authorize -> authorize
+    .authorizeHttpRequests((authorize) -> authorize
        .anyRequest().authenticated()
    )
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .authenticationManagerResolver(authenticationManagerResolver)
    );
 ----
@ -189,10 +189,10 @@ JwtIssuerAuthenticationManagerResolver authenticationManagerResolver =
        new JwtIssuerAuthenticationManagerResolver(authenticationManagers::get);
 http
-    .authorizeHttpRequests(authorize -> authorize
+    .authorizeHttpRequests((authorize) -> authorize
        .anyRequest().authenticated()
    )
-    .oauth2ResourceServer(oauth2 -> oauth2
+    .oauth2ResourceServer((oauth2) -> oauth2
        .authenticationManagerResolver(authenticationManagerResolver)
    );
 ----
@ -265,7 +265,7 @@ public class TenantJWSKeySelector
 	private JWSKeySelector<SecurityContext> fromTenant(String tenant) {
 		return Optional.ofNullable(this.tenants.findById(tenant)) <3>
-		        .map(t -> t.getAttrbute("jwks_uri"))
+		        .map((t) -> t.getAttrbute("jwks_uri"))
 				.map(this::fromUri)
 				.orElseThrow(() -> new IllegalArgumentException("unknown tenant"));
 	}
--- a/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/resource-server/opaque-token.adoc
@ -201,10 +201,10 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
-        .authorizeHttpRequests(authorize -> authorize
+        .authorizeHttpRequests((authorize) -> authorize
            .anyRequest().authenticated()
        )
-        .oauth2ResourceServer(oauth2 -> oauth2
+        .oauth2ResourceServer((oauth2) -> oauth2
            .opaqueToken(Customizer.withDefaults())
        );
    return http.build();
@ -249,12 +249,12 @@ public class MyCustomSecurityConfiguration {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/messages/**").access(hasScope("message:read"))
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .opaqueToken(opaqueToken -> opaqueToken
+                .opaqueToken((opaqueToken) -> opaqueToken
                    .introspector(myIntrospector())
                )
            );
@ -400,11 +400,11 @@ public class DirectlyConfiguredIntrospectionUri {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .opaqueToken(opaqueToken -> opaqueToken
+                .opaqueToken((opaqueToken) -> opaqueToken
                    .introspectionUri("https://idp.example.com/introspect")
                    .introspectionClientCredentials("client", "secret")
                )
@ -472,11 +472,11 @@ public class DirectlyConfiguredIntrospector {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
-                .opaqueToken(opaqueToken -> opaqueToken
+                .opaqueToken((opaqueToken) -> opaqueToken
                    .introspector(myCustomIntrospector())
                )
            );
@ -564,12 +564,12 @@ public class MappedAuthorities {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorizeRequests -> authorizeRequests
+            .authorizeHttpRequests((authorizeRequests) -> authorizeRequests
                .requestMatchers("/contacts/**").access(hasScope("contacts"))
                .requestMatchers("/messages/**").access(hasScope("messages"))
                .anyRequest().authenticated()
            )
-            .oauth2ResourceServer(oauth2 -> oauth2
+            .oauth2ResourceServer((oauth2) -> oauth2
                .opaqueToken(Customizer.withDefaults())
            );
        return http.build();
--- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication-requests.adoc
@ -156,7 +156,7 @@ Java::
 ----
 RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("okta")
        // ...
-        .assertingPartyMetadata(party -> party
+        .assertingPartyMetadata((party) -> party
            // ...
            .wantAuthnRequestsSigned(false)
        )
@ -239,7 +239,7 @@ Java::
 ----
 RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("okta")
        // ...
-        .assertingPartyMetadata(party -> party
+        .assertingPartyMetadata((party) -> party
            // ...
            .singleSignOnServiceBinding(Saml2MessageBinding.POST)
        )
--- a/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/login/authentication.adoc
@ -148,10 +148,10 @@ public class SecurityConfig {
        );
        http
-            .authorizeHttpRequests(authz -> authz
+            .authorizeHttpRequests((authz) -> authz
                .anyRequest().authenticated()
            )
-            .saml2Login(saml2 -> saml2
+            .saml2Login((saml2) -> saml2
                .authenticationManager(new ProviderManager(authenticationProvider))
            );
        return http.build();
@ -211,10 +211,10 @@ public class SecurityConfig {
                .clockSkew(Duration.ofMinutes(10)).build();
 		authenticationProvider.setAssertionValidator(assertionValidator);
        http
-            .authorizeHttpRequests(authz -> authz
+            .authorizeHttpRequests((authz) -> authz
                .anyRequest().authenticated()
            )
-            .saml2Login(saml2 -> saml2
+            .saml2Login((saml2) -> saml2
                .authenticationManager(new ProviderManager(authenticationProvider))
            );
        return http.build();
@ -409,10 +409,10 @@ public class SecurityConfig {
        });
        http
-            .authorizeHttpRequests(authz -> authz
+            .authorizeHttpRequests((authz) -> authz
                .anyRequest().authenticated()
            )
-            .saml2Login(saml2 -> saml2
+            .saml2Login((saml2) -> saml2
                .authenticationManager(new ProviderManager(authenticationProvider))
            );
        return http.build();
@ -780,10 +780,10 @@ public class SecurityConfig {
 	public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        AuthenticationManager authenticationManager = new MySaml2AuthenticationManager(...);
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .anyRequest().authenticated()
            )
-            .saml2Login(saml2 -> saml2
+            .saml2Login((saml2) -> saml2
                .authenticationManager(authenticationManager)
            )
        ;
--- a/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
+++ b/docs/modules/ROOT/pages/servlet/saml2/login/overview.adoc
@ -342,7 +342,7 @@ Java::
@Bean
 public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
    http
-        .authorizeHttpRequests(authorize -> authorize
+        .authorizeHttpRequests((authorize) -> authorize
            .anyRequest().authenticated()
        )
        .saml2Login(withDefaults());
@ -384,7 +384,7 @@ public class MyCustomSecurityConfiguration {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/messages/**").hasAuthority("ROLE_USER")
                .anyRequest().authenticated()
            )
@ -486,11 +486,11 @@ public RelyingPartyRegistrationRepository relyingPartyRegistrations() throws Exc
    Saml2X509Credential credential = Saml2X509Credential.verification(certificate);
    RelyingPartyRegistration registration = RelyingPartyRegistration
            .withRegistrationId("example")
-            .assertingPartyMetadata(party -> party
+            .assertingPartyMetadata((party) -> party
                .entityId("https://idp.example.com/issuer")
                .singleSignOnServiceLocation("https://idp.example.com/SSO.saml2")
                .wantAuthnRequestsSigned(false)
-                .verificationX509Credentials(c -> c.add(credential))
+                .verificationX509Credentials((c) -> c.add(credential))
            )
            .build();
    return new InMemoryRelyingPartyRegistrationRepository(registration);
@ -549,11 +549,11 @@ public class MyCustomSecurityConfiguration {
    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        http
-            .authorizeHttpRequests(authorize -> authorize
+            .authorizeHttpRequests((authorize) -> authorize
                .requestMatchers("/messages/**").hasAuthority("ROLE_USER")
                .anyRequest().authenticated()
            )
-            .saml2Login(saml2 -> saml2
+            .saml2Login((saml2) -> saml2
                .relyingPartyRegistrationRepository(relyingPartyRegistrations())
            );
        return http.build();
@ -699,11 +699,11 @@ Java::
 ----
 RelyingPartyRegistration relyingPartyRegistration = RelyingPartyRegistration.withRegistrationId("my-id")
        .entityId("{baseUrl}/{registrationId}")
-        .decryptionX509Credentials(c -> c.add(relyingPartyDecryptingCredential()))
+        .decryptionX509Credentials((c) -> c.add(relyingPartyDecryptingCredential()))
        .assertionConsumerServiceLocation("/my-login-endpoint/{registrationId}")
-        .assertingPartyMetadata(party -> party
+        .assertingPartyMetadata((party) -> party
                .entityId("https://ap.example.org")
-                .verificationX509Credentials(c -> c.add(assertingPartyVerifyingCredential()))
+                .verificationX509Credentials((c) -> c.add(assertingPartyVerifyingCredential()))
                .singleSignOnServiceLocation("https://ap.example.org/SSO.saml2")
        )
        .build();
@ -913,7 +913,7 @@ private RelyingPartyRegistration.Builder
        addRelyingPartyDetails(RelyingPartyRegistration.Builder builder) {
    Saml2X509Credential signingCredential = ...
-    builder.signingX509Credentials(c -> c.addAll(signingCredential));
+    builder.signingX509Credentials((c) -> c.addAll(signingCredential));
    // ... other relying party configurations
 }
--- a/docs/modules/ROOT/pages/servlet/test/mockmvc/oauth2.adoc
+++ b/docs/modules/ROOT/pages/servlet/test/mockmvc/oauth2.adoc
@ -228,7 +228,7 @@ Java::
 mvc
    .perform(get("/endpoint")
        .with(oidcLogin()
-                .idToken(token -> token.claim("user_id", "1234"))
+                .idToken((token) -> token.claim("user_id", "1234"))
        )
    );
 ----
@ -475,7 +475,7 @@ Java::
 mvc
    .perform(get("/endpoint")
        .with(oauth2Login()
-                .attributes(attrs -> attrs.put("user_id", "1234"))
+                .attributes((attrs) -> attrs.put("user_id", "1234"))
        )
    );
 ----
@ -875,7 +875,7 @@ Java::
 ----
 mvc
    .perform(get("/endpoint")
-        .with(jwt().jwt(jwt -> jwt.header("kid", "one").claim("iss", "https://idp.example.org"))));
+        .with(jwt().jwt((jwt) -> jwt.header("kid", "one").claim("iss", "https://idp.example.org"))));
 ----
 Kotlin::
@ -898,7 +898,7 @@ Java::
 ----
 mvc
    .perform(get("/endpoint")
-        .with(jwt().jwt(jwt -> jwt.claims(claims -> claims.remove("scope")))));
+        .with(jwt().jwt((jwt) -> jwt.claims((claims) -> claims.remove("scope")))));
 ----
 Kotlin::
@ -1219,7 +1219,7 @@ Java::
 mvc
    .perform(get("/endpoint")
        .with(opaqueToken()
-                .attributes(attrs -> attrs.put("user_id", "1234"))
+                .attributes((attrs) -> attrs.put("user_id", "1234"))
        )
    );
 ----
--- a/docs/modules/ROOT/partials/reactive/oauth2/client/web-client-access-token-response-client.adoc
+++ b/docs/modules/ROOT/partials/reactive/oauth2/client/web-client-access-token-response-client.adoc
@ -270,7 +270,7 @@ BodyExtractor<Mono<Map<String, Object>>, ReactiveHttpInputMessage> bodyExtractor
 	BodyExtractors.toMono(new ParameterizedTypeReference<>() {});
 accessTokenResponseClient.setBodyExtractor((inputMessage, context) ->
 	bodyExtractor.extract(inputMessage, context)
-		.map(parameters -> OAuth2AccessTokenResponse.withToken("custom-token")
+		.map((parameters) -> parameters.withToken("custom-token")
 			// ...
 			.build()
 		)
--- a/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/CustomX509Configuration.java
+++ b/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/CustomX509Configuration.java
@ -59,11 +59,11 @@ public class CustomX509Configuration {
 		// @formatter:off
 		http
-			.x509(x509 -> x509
+			.x509((x509) -> x509
 				.principalExtractor(principalExtractor)
 				.authenticationManager(authenticationManager)
 			)
-			.authorizeExchange(exchanges -> exchanges
+			.authorizeExchange((exchanges) -> exchanges
 				.anyExchange().authenticated()
 			);
 		// @formatter:on
--- a/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/DefaultX509Configuration.java
+++ b/docs/src/test/java/org/springframework/security/docs/reactive/authentication/reactivex509/DefaultX509Configuration.java
@ -44,7 +44,7 @@ public class DefaultX509Configuration {
 		// @formatter:off
 		http
 			.x509(Customizer.withDefaults())
-			.authorizeExchange(exchanges -> exchanges
+			.authorizeExchange((exchanges) -> exchanges
 				.anyExchange().authenticated()
 			);
 		// @formatter:on
--- a/docs/src/test/java/org/springframework/security/docs/servlet/authentication/servletx509config/DefaultX509Configuration.java
+++ b/docs/src/test/java/org/springframework/security/docs/servlet/authentication/servletx509config/DefaultX509Configuration.java
@ -44,7 +44,7 @@ public class DefaultX509Configuration {
 		// @formatter:off
 		http
 			.x509(Customizer.withDefaults())
-			.authorizeHttpRequests(exchanges -> exchanges
+			.authorizeHttpRequests((exchanges) -> exchanges
 				.anyRequest().authenticated()
 			);
 		// @formatter:on