Clarify Nullability on Saml2AuthenticationRequestRepository

Issue gh-17823 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
2026-03-12 01:24:53 +00:00 · 2026-03-11 16:51:48 -06:00 · 2026-03-11 16:51:48 -06:00 · 266d2608f1
commit 266d2608f1
parent ddb825f7a5
3 changed files with 4 additions and 6 deletions
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/CacheSaml2AuthenticationRequestRepository.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/CacheSaml2AuthenticationRequestRepository.java
@ -51,7 +51,7 @@ public final class CacheSaml2AuthenticationRequestRepository
 	}

 	@Override
-	public void saveAuthenticationRequest(@Nullable AbstractSaml2AuthenticationRequest authenticationRequest,
+	public void saveAuthenticationRequest(AbstractSaml2AuthenticationRequest authenticationRequest,
 			HttpServletRequest request, HttpServletResponse response) {
 		Assert.notNull(authenticationRequest, "authenticationRequest must not be null");
 		String relayState = request.getParameter(Saml2ParameterNames.RELAY_STATE);
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/HttpSessionSaml2AuthenticationRequestRepository.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/HttpSessionSaml2AuthenticationRequestRepository.java
@ -50,7 +50,7 @@ public class HttpSessionSaml2AuthenticationRequestRepository
 	}

 	@Override
-	public void saveAuthenticationRequest(@Nullable AbstractSaml2AuthenticationRequest authenticationRequest,
+	public void saveAuthenticationRequest(AbstractSaml2AuthenticationRequest authenticationRequest,
 			HttpServletRequest request, HttpServletResponse response) {
 		if (authenticationRequest == null) {
 			removeAuthenticationRequest(request, response);
--- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationRequestRepository.java
+++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2AuthenticationRequestRepository.java
@ -42,13 +42,11 @@ public interface Saml2AuthenticationRequestRepository<T extends AbstractSaml2Aut
 	/**
 	 * Saves the current authentication request using the {@link HttpServletRequest} and
 	 * {@link HttpServletResponse}
-	 * @param authenticationRequest the {@link AbstractSaml2AuthenticationRequest}, if
-	 * {@code null}, then remove
+	 * @param authenticationRequest the {@link AbstractSaml2AuthenticationRequest}
 	 * @param request the current request
 	 * @param response the current response
 	 */
-	void saveAuthenticationRequest(@Nullable T authenticationRequest, HttpServletRequest request,
-			HttpServletResponse response);
+	void saveAuthenticationRequest(T authenticationRequest, HttpServletRequest request, HttpServletResponse response);

 	/**
 	 * Removes the authentication request using the {@link HttpServletRequest} and