diff --git a/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java b/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java index e080347b51..f013f42e3b 100644 --- a/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java +++ b/cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java @@ -72,13 +72,13 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails @Override public boolean equals(Object obj) { - if (super.equals(obj)) { + if (this == obj) { return true; } - if (obj instanceof DefaultServiceAuthenticationDetails that) { - return this.serviceUrl.equals(that.getServiceUrl()); + if (!(obj instanceof DefaultServiceAuthenticationDetails that)) { + return false; } - return false; + return this.serviceUrl.equals(that.getServiceUrl()); } @Override @@ -111,7 +111,10 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails */ private @Nullable String getQueryString(final HttpServletRequest request, final Pattern artifactPattern) { final String query = request.getQueryString(); - String result = (query != null) ? artifactPattern.matcher(query).replaceFirst("") : ""; + if (query == null) { + return null; + } + String result = artifactPattern.matcher(query).replaceFirst(""); if (result.isEmpty()) { return null; } diff --git a/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java b/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java index e0c35f7c2d..7aa5f50ac0 100644 --- a/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java +++ b/core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java @@ -208,7 +208,8 @@ public abstract class SecurityExpressionRoot impleme /** * Convenience method to access {@link Authentication#getPrincipal()} from * {@link #getAuthentication()} - * @return + * @return the {@code Principal} being authenticated or the authenticated principal + * after authentication. */ public @Nullable Object getPrincipal() { return getAuthentication().getPrincipal(); diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java index 09e95f68f6..22db6fcc84 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java +++ b/crypto/src/main/java/org/springframework/security/crypto/password/AbstractValidatingPasswordEncoder.java @@ -21,7 +21,11 @@ import org.jspecify.annotations.Nullable; import org.springframework.util.StringUtils; /** - * Implementation of PasswordEncoder. + * An abstract {@link PasswordEncoder} that implementers can use for expecting the + * password to be non-{@code null}. Each common password API method is accompanied with an + * abstract method with a {@code NonNull} prefix. By implementing this, the concrete class + * is specifying what to do with the password when it is non-{@code null}, allowing this + * class to handle the {@code null} case. * * @author Rob Winch * @since 7.0 @@ -50,10 +54,10 @@ public abstract class AbstractValidatingPasswordEncoder implements PasswordEncod @Override public final boolean upgradeEncoding(@Nullable String encodedPassword) { - if (StringUtils.hasLength(encodedPassword)) { - return upgradeEncodingNonNull(encodedPassword); + if (!StringUtils.hasLength(encodedPassword)) { + return false; } - return false; + return upgradeEncodingNonNull(encodedPassword); } protected boolean upgradeEncodingNonNull(String encodedPassword) { diff --git a/web/src/main/java/org/springframework/security/web/firewall/RequestWrapper.java b/web/src/main/java/org/springframework/security/web/firewall/RequestWrapper.java index 032b75e6fc..84232834a6 100644 --- a/web/src/main/java/org/springframework/security/web/firewall/RequestWrapper.java +++ b/web/src/main/java/org/springframework/security/web/firewall/RequestWrapper.java @@ -25,6 +25,7 @@ import jakarta.servlet.ServletRequest; import jakarta.servlet.ServletResponse; import jakarta.servlet.http.HttpServletRequest; import org.jspecify.annotations.Nullable; +import org.springframework.util.StringUtils; /** * Request wrapper which ensures values of {@code servletPath} and {@code pathInfo} are @@ -58,7 +59,7 @@ final class RequestWrapper extends FirewalledRequest { super(request); this.strippedServletPath = strip(request.getServletPath()); String pathInfo = strip(request.getPathInfo()); - if (pathInfo != null && pathInfo.isEmpty()) { + if (!StringUtils.hasLength(pathInfo)) { pathInfo = null; } this.strippedPathInfo = pathInfo; diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java index a20ade9de3..3f66fe2810 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java @@ -36,6 +36,7 @@ import org.jspecify.annotations.Nullable; import org.springframework.security.web.util.UrlUtils; import org.springframework.util.Assert; import org.springframework.util.ObjectUtils; +import org.springframework.util.StringUtils; import org.springframework.web.util.UriComponentsBuilder; /** @@ -100,7 +101,7 @@ public class DefaultSavedRequest implements SavedRequest { private final @Nullable String matchingRequestParameterName; public DefaultSavedRequest(HttpServletRequest request) { - this(request, (String) null); + this(request, null); } public DefaultSavedRequest(HttpServletRequest request, @Nullable String matchingRequestParameterName) { @@ -193,21 +194,17 @@ public class DefaultSavedRequest implements SavedRequest { * @since 4.2 */ private void addParameters(Map parameters) { - if (!ObjectUtils.isEmpty(parameters)) { - for (String paramName : parameters.keySet()) { - Object paramValues = parameters.get(paramName); - if (paramValues instanceof String[]) { - this.addParameter(paramName, (String[]) paramValues); - } - else { - logger.warn("ServletRequest.getParameterMap() returned non-String array"); - } - } + if (ObjectUtils.isEmpty(parameters)) { + return; } - } - private void addParameter(String name, String[] values) { - this.parameters.put(name, values); + for (Map.Entry entry : parameters.entrySet()) { + String name = entry.getKey(); + String[] values = entry.getValue(); + if (values != null) { + this.parameters.put(name, values); + } + } } public @Nullable String getContextPath() { @@ -301,16 +298,6 @@ public class DefaultSavedRequest implements SavedRequest { return this.servletPath; } - private boolean propertyEquals(@Nullable Object arg1, Object arg2) { - if ((arg1 == null) && (arg2 == null)) { - return true; - } - if (arg1 == null || arg2 == null) { - return false; - } - return arg1.equals(arg2); - } - @Override public String toString() { return "DefaultSavedRequest [" + getRedirectUrl() + "]"; @@ -321,7 +308,7 @@ public class DefaultSavedRequest implements SavedRequest { if (matchingRequestParameterName == null) { return queryString; } - if (queryString == null || queryString.length() == 0) { + if (!StringUtils.hasLength(queryString)) { return matchingRequestParameterName; } return UriComponentsBuilder.newInstance()