diff --git a/core/src/main/java/org/springframework/security/authentication/AuthenticationObservationConvention.java b/core/src/main/java/org/springframework/security/authentication/AuthenticationObservationConvention.java index 4d0b6c693da..ac7b32bb142 100644 --- a/core/src/main/java/org/springframework/security/authentication/AuthenticationObservationConvention.java +++ b/core/src/main/java/org/springframework/security/authentication/AuthenticationObservationConvention.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,9 +21,7 @@ import io.micrometer.common.KeyValues; import io.micrometer.observation.Observation; import io.micrometer.observation.ObservationConvention; -import org.jetbrains.annotations.NotNull; - -import org.springframework.lang.NonNull; +import org.jspecify.annotations.NonNull; /** * An {@link ObservationConvention} for translating authentications into @@ -63,7 +61,7 @@ public String getContextualName(AuthenticationObservationContext context) { /** * {@inheritDoc} */ - @NotNull + @NonNull @Override public KeyValues getLowCardinalityKeyValues(@NonNull AuthenticationObservationContext context) { return KeyValues.of("authentication.request.type", getAuthenticationType(context)) @@ -104,7 +102,7 @@ private String getAuthenticationFailureType(AuthenticationObservationContext con * {@inheritDoc} */ @Override - public boolean supportsContext(@NotNull Observation.Context context) { + public boolean supportsContext(Observation.@NonNull Context context) { return context instanceof AuthenticationObservationContext; } diff --git a/core/src/main/java/org/springframework/security/authentication/ott/InMemoryOneTimeTokenService.java b/core/src/main/java/org/springframework/security/authentication/ott/InMemoryOneTimeTokenService.java index 0d679617946..e7819f8495e 100644 --- a/core/src/main/java/org/springframework/security/authentication/ott/InMemoryOneTimeTokenService.java +++ b/core/src/main/java/org/springframework/security/authentication/ott/InMemoryOneTimeTokenService.java @@ -22,7 +22,8 @@ import java.util.UUID; import java.util.concurrent.ConcurrentHashMap; -import org.springframework.lang.NonNull; +import org.jspecify.annotations.NonNull; + import org.springframework.util.Assert; /** @@ -41,8 +42,7 @@ public final class InMemoryOneTimeTokenService implements OneTimeTokenService { private Clock clock = Clock.systemUTC(); @Override - @NonNull - public OneTimeToken generate(GenerateOneTimeTokenRequest request) { + @NonNull public OneTimeToken generate(GenerateOneTimeTokenRequest request) { String token = UUID.randomUUID().toString(); Instant expiresAt = this.clock.instant().plus(request.getExpiresIn()); OneTimeToken ott = new DefaultOneTimeToken(token, request.getUsername(), expiresAt); diff --git a/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenService.java b/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenService.java index e8584a8fb36..7b49748951a 100644 --- a/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenService.java +++ b/core/src/main/java/org/springframework/security/authentication/ott/OneTimeTokenService.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,8 +16,8 @@ package org.springframework.security.authentication.ott; -import org.springframework.lang.NonNull; -import org.springframework.lang.Nullable; +import org.jspecify.annotations.NonNull; +import org.jspecify.annotations.Nullable; /** * Interface for generating and consuming one-time tokens. @@ -33,8 +33,7 @@ public interface OneTimeTokenService { * generate the token * @return the generated {@link OneTimeToken}, never {@code null}. */ - @NonNull - OneTimeToken generate(GenerateOneTimeTokenRequest request); + @NonNull OneTimeToken generate(GenerateOneTimeTokenRequest request); /** * Consumes a one-time token based on the provided authentication token. @@ -42,7 +41,6 @@ public interface OneTimeTokenService { * value to be consumed * @return the consumed {@link OneTimeToken} or {@code null} if the token is invalid */ - @Nullable - OneTimeToken consume(OneTimeTokenAuthenticationToken authenticationToken); + @Nullable OneTimeToken consume(OneTimeTokenAuthenticationToken authenticationToken); } diff --git a/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordChecker.java b/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordChecker.java index c77af2b6035..cde7136a5ef 100644 --- a/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordChecker.java +++ b/core/src/main/java/org/springframework/security/authentication/password/CompromisedPasswordChecker.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,7 +16,7 @@ package org.springframework.security.authentication.password; -import org.springframework.lang.NonNull; +import org.jspecify.annotations.NonNull; /** * An API for checking if a password has been compromised. @@ -31,7 +31,6 @@ public interface CompromisedPasswordChecker { * @param password the password to check * @return a non-null {@link CompromisedPasswordDecision} */ - @NonNull - CompromisedPasswordDecision check(String password); + @NonNull CompromisedPasswordDecision check(String password); } diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java index 4fdb5ab2605..8eb3b9e95ee 100644 --- a/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/AuthorizationManager.java @@ -18,7 +18,8 @@ import java.util.function.Supplier; -import org.springframework.lang.Nullable; +import org.jspecify.annotations.Nullable; + import org.springframework.security.access.AccessDeniedException; import org.springframework.security.core.Authentication; @@ -53,7 +54,6 @@ default void verify(Supplier authentication, T object) { * @return an {@link AuthorizationResult} * @since 6.4 */ - @Nullable - AuthorizationResult authorize(Supplier authentication, T object); + @Nullable AuthorizationResult authorize(Supplier authentication, T object); } diff --git a/core/src/main/java/org/springframework/security/authorization/method/AbstractAuthorizationManagerRegistry.java b/core/src/main/java/org/springframework/security/authorization/method/AbstractAuthorizationManagerRegistry.java index 5a2b4fba7f0..5d1572265d1 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/AbstractAuthorizationManagerRegistry.java +++ b/core/src/main/java/org/springframework/security/authorization/method/AbstractAuthorizationManagerRegistry.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,9 +21,9 @@ import java.util.concurrent.ConcurrentHashMap; import org.aopalliance.intercept.MethodInvocation; +import org.jspecify.annotations.NonNull; import org.springframework.core.MethodClassKey; -import org.springframework.lang.NonNull; import org.springframework.security.authorization.AuthorizationManager; /** @@ -57,7 +57,6 @@ final AuthorizationManager getManager(MethodInvocation methodI * @param targetClass the target class * @return the non-null {@link AuthorizationManager} */ - @NonNull - abstract AuthorizationManager resolveManager(Method method, Class targetClass); + @NonNull abstract AuthorizationManager resolveManager(Method method, Class targetClass); } diff --git a/core/src/main/java/org/springframework/security/authorization/method/AbstractExpressionAttributeRegistry.java b/core/src/main/java/org/springframework/security/authorization/method/AbstractExpressionAttributeRegistry.java index 0b3c4614ba4..e9555ceb1b7 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/AbstractExpressionAttributeRegistry.java +++ b/core/src/main/java/org/springframework/security/authorization/method/AbstractExpressionAttributeRegistry.java @@ -21,9 +21,9 @@ import java.util.concurrent.ConcurrentHashMap; import org.aopalliance.intercept.MethodInvocation; +import org.jspecify.annotations.NonNull; import org.springframework.core.MethodClassKey; -import org.springframework.lang.NonNull; import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler; import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler; import org.springframework.security.core.annotation.AnnotationTemplateExpressionDefaults; @@ -86,8 +86,7 @@ void setExpressionHandler(MethodSecurityExpressionHandler expressionHandler) { * @param targetClass the target class * @return the non-null {@link ExpressionAttribute} */ - @NonNull - abstract T resolveAttribute(Method method, Class targetClass); + @NonNull abstract T resolveAttribute(Method method, Class targetClass); Class targetClass(Method method, Class targetClass) { return (targetClass != null) ? targetClass : method.getDeclaringClass(); diff --git a/core/src/main/java/org/springframework/security/authorization/method/AuthorizationAdvisorProxyFactory.java b/core/src/main/java/org/springframework/security/authorization/method/AuthorizationAdvisorProxyFactory.java index f0f3984cb7c..7ef066bf349 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/AuthorizationAdvisorProxyFactory.java +++ b/core/src/main/java/org/springframework/security/authorization/method/AuthorizationAdvisorProxyFactory.java @@ -40,6 +40,7 @@ import org.aopalliance.aop.Advice; import org.aopalliance.intercept.MethodInvocation; +import org.jspecify.annotations.NonNull; import reactor.core.publisher.Flux; import reactor.core.publisher.Mono; @@ -49,7 +50,6 @@ import org.springframework.aop.framework.ProxyFactory; import org.springframework.beans.factory.SmartInitializingSingleton; import org.springframework.core.annotation.AnnotationAwareOrderComparator; -import org.springframework.lang.NonNull; import org.springframework.security.authorization.AuthorizationProxyFactory; import org.springframework.util.Assert; import org.springframework.util.ClassUtils; @@ -278,8 +278,7 @@ public void setTargetVisitor(TargetVisitor visitor) { } @Override - @NonNull - public Iterator iterator() { + @NonNull public Iterator iterator() { return this.advisors.iterator(); } diff --git a/core/src/main/java/org/springframework/security/authorization/method/Jsr250AuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/method/Jsr250AuthorizationManager.java index 1012013e442..801f6a66f49 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/Jsr250AuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/method/Jsr250AuthorizationManager.java @@ -28,8 +28,8 @@ import jakarta.annotation.security.PermitAll; import jakarta.annotation.security.RolesAllowed; import org.aopalliance.intercept.MethodInvocation; +import org.jspecify.annotations.NonNull; -import org.springframework.lang.NonNull; import org.springframework.security.authorization.AuthoritiesAuthorizationManager; import org.springframework.security.authorization.AuthorizationManager; import org.springframework.security.authorization.AuthorizationResult; diff --git a/core/src/main/java/org/springframework/security/authorization/method/MethodAuthorizationDeniedHandler.java b/core/src/main/java/org/springframework/security/authorization/method/MethodAuthorizationDeniedHandler.java index 5b059cf0b67..3274e62336f 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/MethodAuthorizationDeniedHandler.java +++ b/core/src/main/java/org/springframework/security/authorization/method/MethodAuthorizationDeniedHandler.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package org.springframework.security.authorization.method; import org.aopalliance.intercept.MethodInvocation; +import org.jspecify.annotations.Nullable; -import org.springframework.lang.Nullable; import org.springframework.security.authorization.AuthorizationResult; /** @@ -41,8 +41,7 @@ public interface MethodAuthorizationDeniedHandler { * @return a replacement result for the denied method invocation, or null, or a * {@link reactor.core.publisher.Mono} for reactive applications */ - @Nullable - Object handleDeniedInvocation(MethodInvocation methodInvocation, AuthorizationResult authorizationResult); + @Nullable Object handleDeniedInvocation(MethodInvocation methodInvocation, AuthorizationResult authorizationResult); /** * Handle denied method invocations, implementations might either throw an @@ -56,8 +55,7 @@ public interface MethodAuthorizationDeniedHandler { * @return a replacement result for the denied method invocation, or null, or a * {@link reactor.core.publisher.Mono} for reactive applications */ - @Nullable - default Object handleDeniedInvocationResult(MethodInvocationResult methodInvocationResult, + @Nullable default Object handleDeniedInvocationResult(MethodInvocationResult methodInvocationResult, AuthorizationResult authorizationResult) { return handleDeniedInvocation(methodInvocationResult.getMethodInvocation(), authorizationResult); } diff --git a/core/src/main/java/org/springframework/security/authorization/method/PostFilterExpressionAttributeRegistry.java b/core/src/main/java/org/springframework/security/authorization/method/PostFilterExpressionAttributeRegistry.java index 3d6881a8d3a..bc1ccc0605c 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/PostFilterExpressionAttributeRegistry.java +++ b/core/src/main/java/org/springframework/security/authorization/method/PostFilterExpressionAttributeRegistry.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,8 +18,9 @@ import java.lang.reflect.Method; +import org.jspecify.annotations.NonNull; + import org.springframework.expression.Expression; -import org.springframework.lang.NonNull; import org.springframework.security.access.prepost.PostFilter; import org.springframework.security.core.annotation.AnnotationTemplateExpressionDefaults; import org.springframework.security.core.annotation.SecurityAnnotationScanner; diff --git a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeExpressionAttributeRegistry.java b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeExpressionAttributeRegistry.java index b2700cef349..fc712e28b40 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeExpressionAttributeRegistry.java +++ b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeExpressionAttributeRegistry.java @@ -20,9 +20,10 @@ import java.util.Arrays; import java.util.function.Function; +import org.jspecify.annotations.NonNull; + import org.springframework.context.ApplicationContext; import org.springframework.expression.Expression; -import org.springframework.lang.NonNull; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.annotation.AnnotationTemplateExpressionDefaults; import org.springframework.security.core.annotation.SecurityAnnotationScanner; diff --git a/core/src/main/java/org/springframework/security/authorization/method/PreFilterExpressionAttributeRegistry.java b/core/src/main/java/org/springframework/security/authorization/method/PreFilterExpressionAttributeRegistry.java index 654c6c25142..c4011693fe0 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/PreFilterExpressionAttributeRegistry.java +++ b/core/src/main/java/org/springframework/security/authorization/method/PreFilterExpressionAttributeRegistry.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,8 +18,9 @@ import java.lang.reflect.Method; +import org.jspecify.annotations.NonNull; + import org.springframework.expression.Expression; -import org.springframework.lang.NonNull; import org.springframework.security.access.prepost.PreFilter; import org.springframework.security.core.annotation.AnnotationTemplateExpressionDefaults; import org.springframework.security.core.annotation.SecurityAnnotationScanner; diff --git a/core/src/main/java/org/springframework/security/converter/RsaKeyConverters.java b/core/src/main/java/org/springframework/security/converter/RsaKeyConverters.java index 02ba68e67df..3961f6f58f9 100644 --- a/core/src/main/java/org/springframework/security/converter/RsaKeyConverters.java +++ b/core/src/main/java/org/springframework/security/converter/RsaKeyConverters.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2021 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -34,8 +34,9 @@ import java.util.List; import java.util.stream.Collectors; +import org.jspecify.annotations.NonNull; + import org.springframework.core.convert.converter.Converter; -import org.springframework.lang.NonNull; import org.springframework.util.Assert; /** @@ -162,8 +163,7 @@ private static class X509PemDecoder implements Converter, RSAPublic } @Override - @NonNull - public RSAPublicKey convert(List lines) { + @NonNull public RSAPublicKey convert(List lines) { StringBuilder base64Encoded = new StringBuilder(); for (String line : lines) { if (isNotX509PemWrapper(line)) { @@ -194,8 +194,7 @@ private static class X509CertificateDecoder implements Converter, R } @Override - @NonNull - public RSAPublicKey convert(List lines) { + @NonNull public RSAPublicKey convert(List lines) { StringBuilder base64Encoded = new StringBuilder(); for (String line : lines) { if (isNotX509CertificateWrapper(line)) { diff --git a/core/src/main/java/org/springframework/security/core/annotation/AbstractSecurityAnnotationScanner.java b/core/src/main/java/org/springframework/security/core/annotation/AbstractSecurityAnnotationScanner.java index e192405eb1a..b06f650f054 100644 --- a/core/src/main/java/org/springframework/security/core/annotation/AbstractSecurityAnnotationScanner.java +++ b/core/src/main/java/org/springframework/security/core/annotation/AbstractSecurityAnnotationScanner.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,8 +21,9 @@ import java.lang.reflect.Method; import java.lang.reflect.Parameter; +import org.jspecify.annotations.Nullable; + import org.springframework.core.annotation.MergedAnnotation; -import org.springframework.lang.Nullable; import org.springframework.util.Assert; /** diff --git a/core/src/main/java/org/springframework/security/core/annotation/SecurityAnnotationScanner.java b/core/src/main/java/org/springframework/security/core/annotation/SecurityAnnotationScanner.java index c6b2535aae5..e6717b26464 100644 --- a/core/src/main/java/org/springframework/security/core/annotation/SecurityAnnotationScanner.java +++ b/core/src/main/java/org/springframework/security/core/annotation/SecurityAnnotationScanner.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import java.lang.reflect.Method; import java.lang.reflect.Parameter; -import org.springframework.lang.Nullable; +import org.jspecify.annotations.Nullable; /** * An interface to scan for and synthesize an annotation on a type, method, or method @@ -62,8 +62,7 @@ public interface SecurityAnnotationScanner { * @param targetClass the target class for the method * @return the synthesized annotation or {@code null} if not found */ - @Nullable - A scan(Method method, Class targetClass); + @Nullable A scan(Method method, Class targetClass); /** * Scan for an annotation of type {@code A}, starting from the given method parameter. @@ -78,7 +77,6 @@ public interface SecurityAnnotationScanner { * @param element the element to search * @return the synthesized annotation or {@code null} if not found */ - @Nullable - A scan(Parameter parameter); + @Nullable A scan(Parameter parameter); } diff --git a/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java b/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java index 3babccf147d..9158483cca0 100644 --- a/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java +++ b/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java @@ -36,7 +36,7 @@ import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; -import org.jetbrains.annotations.NotNull; +import org.jspecify.annotations.NonNull; import org.junit.jupiter.api.Test; import org.springframework.aop.Pointcut; @@ -443,7 +443,7 @@ public String getLastName() { } @Override - public int compareTo(@NotNull User that) { + public int compareTo(@NonNull User that) { return this.id.compareTo(that.getId()); } @@ -453,7 +453,7 @@ static class UserRepository implements Iterable { List users = List.of(new User("1", "first", "last")); - @NotNull + @NonNull @Override public Iterator iterator() { return this.users.iterator(); diff --git a/core/src/test/java/org/springframework/security/authorization/ReactiveAuthorizationAdvisorProxyFactoryTests.java b/core/src/test/java/org/springframework/security/authorization/ReactiveAuthorizationAdvisorProxyFactoryTests.java index 901cae12519..c40748dd5ae 100644 --- a/core/src/test/java/org/springframework/security/authorization/ReactiveAuthorizationAdvisorProxyFactoryTests.java +++ b/core/src/test/java/org/springframework/security/authorization/ReactiveAuthorizationAdvisorProxyFactoryTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import java.util.Iterator; import java.util.List; -import org.jetbrains.annotations.NotNull; +import org.jspecify.annotations.NonNull; import org.junit.jupiter.api.Test; import reactor.core.publisher.Flux; import reactor.core.publisher.Mono; @@ -193,7 +193,7 @@ public Mono getLastName() { } @Override - public int compareTo(@NotNull User that) { + public int compareTo(@NonNull User that) { return this.id.compareTo(that.getId()); } @@ -207,7 +207,7 @@ Flux findAll() { return Flux.fromIterable(this.users); } - @NotNull + @NonNull @Override public Iterator iterator() { return this.users.iterator();