Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-08 14:34:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add @Nullable to changePassword parameters in UserDetailsManager

Browse Source 
Closes: gh-18257

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
This commit is contained in:
Andrey Litvitski 2025-12-05 21:17:49 +03:00 committed by Rob Winch
parent 5e56877487
commit 0a182f1f20
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/src/main/java/org/springframework/security/provisioning/InMemoryUserDetailsManager.java
View File

@ -51,6 +51,7 @@ import org.springframework.util.Assert;
* system isn't required.
*
* @author Luke Taylor
* @author Andrey Litvitski
* @since 3.1
*/
public class InMemoryUserDetailsManager implements UserDetailsManager, UserDetailsPasswordService {
@ -130,7 +131,7 @@ public class InMemoryUserDetailsManager implements UserDetailsManager, UserDetai
}
@Override
public void changePassword(String oldPassword, String newPassword) {
public void changePassword(@Nullable String oldPassword, @Nullable String newPassword) {
Authentication currentUser = this.securityContextHolderStrategy.getContext().getAuthentication();
if (currentUser == null) {
// This would indicate bad coding somewhere

6
core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java
View File

@ -69,6 +69,7 @@ import org.springframework.util.Assert;
*
* @author Luke Taylor
* @author Junhyeok Lee
* @author Andrey Litvitski
* @since 2.0
*/
public class JdbcUserDetailsManager extends JdbcDaoImpl
@ -310,7 +311,8 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl
}
@Override
public void changePassword(String oldPassword, String newPassword) throws AuthenticationException {
public void changePassword(@Nullable String oldPassword, @Nullable String newPassword)
throws AuthenticationException {
Authentication currentUser = this.securityContextHolderStrategy.getContext().getAuthentication();
if (currentUser == null) {
// This would indicate bad coding somewhere
@ -337,7 +339,7 @@ public class JdbcUserDetailsManager extends JdbcDaoImpl
this.userCache.removeUserFromCache(username);
}
protected Authentication createNewAuthentication(Authentication currentAuth, String newPassword) {
protected Authentication createNewAuthentication(Authentication currentAuth, @Nullable String newPassword) {
UserDetails user = loadUserByUsername(currentAuth.getName());
UsernamePasswordAuthenticationToken newAuthentication = UsernamePasswordAuthenticationToken.authenticated(user,
null, user.getAuthorities());

4
core/src/main/java/org/springframework/security/provisioning/UserDetailsManager.java
View File

@ -16,6 +16,8 @@
package org.springframework.security.provisioning;
import org.jspecify.annotations.Nullable;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
@ -49,7 +51,7 @@ public interface UserDetailsManager extends UserDetailsService {
* @param oldPassword current password (for re-authentication if required)
* @param newPassword the password to change to
*/
void changePassword(String oldPassword, String newPassword);
void changePassword(@Nullable String oldPassword, @Nullable String newPassword);
/**
* Check if a user with the supplied login name exists in the system.