From 4993fb37f67d22a6a72a58259c1d506e38ba0064 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Fri, 25 Oct 2024 19:28:55 +0700 Subject: [PATCH 1/4] Polish diamond usage --- .../config/annotation/web/builders/HttpSecurity.java | 2 +- .../annotation/web/configurers/HttpBasicConfigurer.java | 5 ++--- .../server/resource/OAuth2ResourceServerConfigurer.java | 5 ++--- .../authentication/AuthenticationManagerFactoryBean.java | 2 +- .../authentication/jaas/memory/InMemoryConfiguration.java | 4 ++-- .../DefaultSecurityParameterNameDiscoverer.java | 4 ++-- .../security/jackson2/CoreJackson2Module.java | 8 ++++---- .../security/oauth2/client/jackson2/JsonNodeUtils.java | 2 +- .../security/web/webauthn/api/PublicKeyCredential.java | 2 +- 9 files changed, 16 insertions(+), 18 deletions(-) diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java index 16f736d3c82..3f65f8a7db4 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java @@ -3696,7 +3696,7 @@ public HttpSecurity securityMatcher(String... patterns) { * @throws Exception */ public HttpSecurity webAuthn(Customizer> webAuthn) throws Exception { - webAuthn.customize(getOrApply(new WebAuthnConfigurer())); + webAuthn.customize(getOrApply(new WebAuthnConfigurer<>())); return HttpSecurity.this; } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java index c968508a2db..51802672264 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/HttpBasicConfigurer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -179,8 +179,7 @@ private void registerDefaults(B http) { allMatcher.setUseEquals(true); RequestMatcher notHtmlMatcher = new NegatedRequestMatcher( new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.TEXT_HTML)); - RequestMatcher restNotHtmlMatcher = new AndRequestMatcher( - Arrays.asList(notHtmlMatcher, restMatcher)); + RequestMatcher restNotHtmlMatcher = new AndRequestMatcher(Arrays.asList(notHtmlMatcher, restMatcher)); RequestMatcher preferredMatcher = new OrRequestMatcher( Arrays.asList(X_REQUESTED_WITH, restNotHtmlMatcher, allMatcher)); registerDefaultEntryPoint(http, preferredMatcher); diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java index 01411c927c7..31a8c265a04 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -326,8 +326,7 @@ private void registerDefaultEntryPoint(H http) { allMatcher.setUseEquals(true); RequestMatcher notHtmlMatcher = new NegatedRequestMatcher( new MediaTypeRequestMatcher(contentNegotiationStrategy, MediaType.TEXT_HTML)); - RequestMatcher restNotHtmlMatcher = new AndRequestMatcher( - Arrays.asList(notHtmlMatcher, restMatcher)); + RequestMatcher restNotHtmlMatcher = new AndRequestMatcher(Arrays.asList(notHtmlMatcher, restMatcher)); RequestMatcher preferredMatcher = new OrRequestMatcher( Arrays.asList(this.requestMatcher, X_REQUESTED_WITH, restNotHtmlMatcher, allMatcher)); exceptionHandling.defaultAuthenticationEntryPointFor(this.authenticationEntryPoint, preferredMatcher); diff --git a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java index cbb7cfa0dcb..5abadc5c168 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java +++ b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java @@ -73,7 +73,7 @@ public AuthenticationManager getObject() throws Exception { provider.setPasswordEncoder(passwordEncoder); } provider.afterPropertiesSet(); - ProviderManager manager = new ProviderManager(Arrays.asList(provider)); + ProviderManager manager = new ProviderManager(Arrays.asList(provider)); if (this.observationRegistry.isNoop()) { return manager; } diff --git a/core/src/main/java/org/springframework/security/authentication/jaas/memory/InMemoryConfiguration.java b/core/src/main/java/org/springframework/security/authentication/jaas/memory/InMemoryConfiguration.java index 8aa767aaa76..49a6567d30b 100644 --- a/core/src/main/java/org/springframework/security/authentication/jaas/memory/InMemoryConfiguration.java +++ b/core/src/main/java/org/springframework/security/authentication/jaas/memory/InMemoryConfiguration.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2016 the original author or authors. + * Copyright 2010-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,7 +48,7 @@ public class InMemoryConfiguration extends Configuration { * {@link #getAppConfigurationEntry(String)}. Can be null. */ public InMemoryConfiguration(AppConfigurationEntry[] defaultConfiguration) { - this(Collections.emptyMap(), defaultConfiguration); + this(Collections.emptyMap(), defaultConfiguration); } /** diff --git a/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java b/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java index 8c2792eaa87..15051d133c6 100644 --- a/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java +++ b/core/src/main/java/org/springframework/security/core/parameters/DefaultSecurityParameterNameDiscoverer.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -53,7 +53,7 @@ public class DefaultSecurityParameterNameDiscoverer extends PrioritizedParameter * instances. */ public DefaultSecurityParameterNameDiscoverer() { - this(Collections.emptyList()); + this(Collections.emptyList()); } /** diff --git a/core/src/main/java/org/springframework/security/jackson2/CoreJackson2Module.java b/core/src/main/java/org/springframework/security/jackson2/CoreJackson2Module.java index 3a91f0c1369..42ad2f2c734 100644 --- a/core/src/main/java/org/springframework/security/jackson2/CoreJackson2Module.java +++ b/core/src/main/java/org/springframework/security/jackson2/CoreJackson2Module.java @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 the original author or authors. + * Copyright 2015-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -60,11 +60,11 @@ public void setupModule(SetupContext context) { context.setMixInAnnotations(AnonymousAuthenticationToken.class, AnonymousAuthenticationTokenMixin.class); context.setMixInAnnotations(RememberMeAuthenticationToken.class, RememberMeAuthenticationTokenMixin.class); context.setMixInAnnotations(SimpleGrantedAuthority.class, SimpleGrantedAuthorityMixin.class); - context.setMixInAnnotations(Collections.unmodifiableSet(Collections.emptySet()).getClass(), + context.setMixInAnnotations(Collections.unmodifiableSet(Collections.emptySet()).getClass(), UnmodifiableSetMixin.class); - context.setMixInAnnotations(Collections.unmodifiableList(Collections.emptyList()).getClass(), + context.setMixInAnnotations(Collections.unmodifiableList(Collections.emptyList()).getClass(), UnmodifiableListMixin.class); - context.setMixInAnnotations(Collections.unmodifiableMap(Collections.emptyMap()).getClass(), + context.setMixInAnnotations(Collections.unmodifiableMap(Collections.emptyMap()).getClass(), UnmodifiableMapMixin.class); context.setMixInAnnotations(User.class, UserMixin.class); context.setMixInAnnotations(UsernamePasswordAuthenticationToken.class, diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/JsonNodeUtils.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/JsonNodeUtils.java index 53ef79150df..59575ca277d 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/JsonNodeUtils.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/jackson2/JsonNodeUtils.java @@ -34,7 +34,7 @@ abstract class JsonNodeUtils { static final TypeReference> STRING_SET = new TypeReference<>() { }; - static final TypeReference> STRING_OBJECT_MAP = new TypeReference>() { + static final TypeReference> STRING_OBJECT_MAP = new TypeReference<>() { }; static String findStringValue(JsonNode jsonNode, String fieldName) { diff --git a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredential.java b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredential.java index fc36b9c9f4a..ac04b22f0fa 100644 --- a/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredential.java +++ b/web/src/main/java/org/springframework/security/web/webauthn/api/PublicKeyCredential.java @@ -121,7 +121,7 @@ public AuthenticationExtensionsClientOutputs getClientExtensionResults() { * @return the {@link PublicKeyCredentialBuilder} */ public static PublicKeyCredentialBuilder builder() { - return new PublicKeyCredentialBuilder(); + return new PublicKeyCredentialBuilder<>(); } /** From be15f5fea0676522308a562b3e69a202b05a85d2 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Fri, 25 Oct 2024 19:29:24 +0700 Subject: [PATCH 2/4] Polish Optional usage --- ...rvletOAuth2AuthorizedClientExchangeFilterFunction.java | 8 ++++---- .../web/server/authentication/SwitchUserWebFilter.java | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java index d03f648d04d..eb501c9b464 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -395,9 +395,9 @@ private Mono exchangeAndHandleResponse(ClientRequest request, Ex } private Mono mergeRequestAttributesIfNecessary(ClientRequest request) { - if (!request.attribute(HTTP_SERVLET_REQUEST_ATTR_NAME).isPresent() - || !request.attribute(HTTP_SERVLET_RESPONSE_ATTR_NAME).isPresent() - || !request.attribute(AUTHENTICATION_ATTR_NAME).isPresent()) { + if (request.attribute(HTTP_SERVLET_REQUEST_ATTR_NAME).isEmpty() + || request.attribute(HTTP_SERVLET_RESPONSE_ATTR_NAME).isEmpty() + || request.attribute(AUTHENTICATION_ATTR_NAME).isEmpty()) { return mergeRequestAttributesFromContext(request); } return Mono.just(request); diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java index cfc93a301af..8eab25cf1f6 100644 --- a/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/authentication/SwitchUserWebFilter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -228,7 +228,7 @@ private Mono attemptSwitchUser(Authentication currentAuthenticat @NonNull private Authentication attemptExitUser(Authentication currentAuthentication) { Optional sourceAuthentication = extractSourceAuthentication(currentAuthentication); - if (!sourceAuthentication.isPresent()) { + if (sourceAuthentication.isEmpty()) { this.logger.debug("Failed to find original user"); throw noOriginalAuthenticationException(); } From 58f3556c03f4495b4448a84255b719cb048a5768 Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Fri, 25 Oct 2024 19:41:26 +0700 Subject: [PATCH 3/4] Simplify condition in some methods --- .../cas/authentication/CasAuthenticationToken.java | 11 ++--------- .../core/converter/ObjectToListStringConverter.java | 11 ++++------- .../converter/ObjectToMapStringObjectConverter.java | 7 ++----- .../web/access/intercept/AuthorizationFilter.java | 6 ++---- .../security/web/firewall/DefaultHttpFirewall.java | 7 ++----- .../security/web/firewall/StrictHttpFirewall.java | 5 +---- .../web/savedrequest/DefaultSavedRequest.java | 7 ++----- 7 files changed, 15 insertions(+), 39 deletions(-) diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java index 7efdf8e9395..0bb9c4d28bc 100644 --- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java +++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java @@ -115,15 +115,8 @@ public boolean equals(final Object obj) { if (!super.equals(obj)) { return false; } - if (obj instanceof CasAuthenticationToken) { - CasAuthenticationToken test = (CasAuthenticationToken) obj; - if (!this.assertion.equals(test.getAssertion())) { - return false; - } - if (this.getKeyHash() != test.getKeyHash()) { - return false; - } - return true; + if (obj instanceof CasAuthenticationToken test) { + return this.assertion.equals(test.getAssertion()) && this.getKeyHash() == test.getKeyHash(); } return false; } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToListStringConverter.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToListStringConverter.java index c1a70f96511..f6e9b3c291b 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToListStringConverter.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToListStringConverter.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2019 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -43,12 +43,9 @@ public Set getConvertibleTypes() { @Override public boolean matches(TypeDescriptor sourceType, TypeDescriptor targetType) { - if (targetType.getElementTypeDescriptor() == null - || targetType.getElementTypeDescriptor().getType().equals(String.class) || sourceType == null - || ClassUtils.isAssignable(sourceType.getType(), targetType.getElementTypeDescriptor().getType())) { - return true; - } - return false; + TypeDescriptor typeDescriptor = targetType.getElementTypeDescriptor(); + return typeDescriptor == null || typeDescriptor.getType().equals(String.class) || sourceType == null + || ClassUtils.isAssignable(sourceType.getType(), typeDescriptor.getType()); } @Override diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToMapStringObjectConverter.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToMapStringObjectConverter.java index 2a6e2418124..863c36f4dbc 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToMapStringObjectConverter.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToMapStringObjectConverter.java @@ -37,11 +37,8 @@ public Set getConvertibleTypes() { @Override public boolean matches(TypeDescriptor sourceType, TypeDescriptor targetType) { - if (targetType.getElementTypeDescriptor() == null - || targetType.getMapKeyTypeDescriptor().getType().equals(String.class)) { - return true; - } - return false; + return targetType.getElementTypeDescriptor() == null + || targetType.getMapKeyTypeDescriptor().getType().equals(String.class); } @Override diff --git a/web/src/main/java/org/springframework/security/web/access/intercept/AuthorizationFilter.java b/web/src/main/java/org/springframework/security/web/access/intercept/AuthorizationFilter.java index 80659363f21..d6fb9286c45 100644 --- a/web/src/main/java/org/springframework/security/web/access/intercept/AuthorizationFilter.java +++ b/web/src/main/java/org/springframework/security/web/access/intercept/AuthorizationFilter.java @@ -109,10 +109,8 @@ private boolean skipDispatch(HttpServletRequest request) { if (DispatcherType.ERROR.equals(request.getDispatcherType()) && !this.filterErrorDispatch) { return true; } - if (DispatcherType.ASYNC.equals(request.getDispatcherType()) && !this.filterAsyncDispatch) { - return true; - } - return false; + + return DispatcherType.ASYNC.equals(request.getDispatcherType()) && !this.filterAsyncDispatch; } private boolean isApplied(HttpServletRequest request) { diff --git a/web/src/main/java/org/springframework/security/web/firewall/DefaultHttpFirewall.java b/web/src/main/java/org/springframework/security/web/firewall/DefaultHttpFirewall.java index 1bed1d74c24..224d9fa18c9 100644 --- a/web/src/main/java/org/springframework/security/web/firewall/DefaultHttpFirewall.java +++ b/web/src/main/java/org/springframework/security/web/firewall/DefaultHttpFirewall.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -87,10 +87,7 @@ private boolean containsInvalidUrlEncodedSlash(String uri) { if (this.allowUrlEncodedSlash || uri == null) { return false; } - if (uri.contains("%2f") || uri.contains("%2F")) { - return true; - } - return false; + return uri.contains("%2f") || uri.contains("%2F"); } /** diff --git a/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java b/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java index 601de7b0f8e..6bc13540ad5 100644 --- a/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java +++ b/web/src/main/java/org/springframework/security/web/firewall/StrictHttpFirewall.java @@ -611,10 +611,7 @@ private static boolean decodedUrlContains(HttpServletRequest request, String val if (valueContains(request.getServletPath(), value)) { return true; } - if (valueContains(request.getPathInfo(), value)) { - return true; - } - return false; + return valueContains(request.getPathInfo(), value); } private static boolean containsOnlyPrintableAsciiCharacters(String uri) { diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java index 47d7b8cad18..e221477e72c 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/DefaultSavedRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -354,10 +354,7 @@ private boolean propertyEquals(Object arg1, Object arg2) { if (arg1 == null || arg2 == null) { return false; } - if (arg1.equals(arg2)) { - return true; - } - return false; + return arg1.equals(arg2); } @Override From 17958b5b0817a2e4a271a99ae865d1bdb6bef94b Mon Sep 17 00:00:00 2001 From: Tran Ngoc Nhan Date: Fri, 25 Oct 2024 20:05:37 +0700 Subject: [PATCH 4/4] Remove unused import --- .../config/authentication/AuthenticationManagerFactoryBean.java | 1 - 1 file changed, 1 deletion(-) diff --git a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java index 5abadc5c168..337fc081f79 100644 --- a/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java +++ b/config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java @@ -26,7 +26,6 @@ import org.springframework.beans.factory.FactoryBean; import org.springframework.beans.factory.NoSuchBeanDefinitionException; import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.ObservationAuthenticationManager; import org.springframework.security.authentication.ProviderManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider;