Polish Nullability for oauth2-core

Issue gh-17820
2026-02-08 22:44:35 +00:00 · 2026-01-29 14:36:13 -05:00 · 2026-01-29 14:36:13 -05:00 · 2a2f13fbd3
commit 2a2f13fbd3
parent db5310bee8
5 changed files with 16 additions and 26 deletions
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java
@ -80,10 +80,10 @@ public class OAuth2AuthorizationRequest implements Serializable {
 	private final Map<String, Object> attributes;

 	protected OAuth2AuthorizationRequest(AbstractBuilder<?, ?> builder) {
-		Assert.hasText(builder.authorizationUri, "authorizationUri cannot be empty");
-		Assert.hasText(builder.clientId, "clientId cannot be empty");
 		Assert.notNull(builder.authorizationUri, "authorizationUri cannot be null");
 		Assert.notNull(builder.clientId, "clientId cannot be null");
+		Assert.hasText(builder.authorizationUri, "authorizationUri cannot be empty");
+		Assert.hasText(builder.clientId, "clientId cannot be empty");
 		this.authorizationUri = builder.authorizationUri;
 		this.authorizationGrantType = builder.authorizationGrantType;
 		this.responseType = builder.responseType;
@ -93,9 +93,9 @@ public class OAuth2AuthorizationRequest implements Serializable {
 				CollectionUtils.isEmpty(builder.scopes) ? Collections.emptySet() : new LinkedHashSet<>(builder.scopes));
 		this.state = builder.state;
 		this.additionalParameters = Collections.unmodifiableMap(builder.additionalParameters);
-		String builderUri = builder.authorizationRequestUri;
-		this.authorizationRequestUri = StringUtils.hasText(builderUri) ? builderUri
-				: builder.buildAuthorizationRequestUri();
+		String builderAuthorizationRequestUri = builder.authorizationRequestUri;
+		this.authorizationRequestUri = StringUtils.hasText(builderAuthorizationRequestUri)
+				? builderAuthorizationRequestUri : builder.buildAuthorizationRequestUri();
 		this.attributes = Collections.unmodifiableMap(builder.attributes);
 	}

@ -507,9 +507,8 @@ public class OAuth2AuthorizationRequest implements Serializable {
 					queryParams.set(key, encodeQueryParam(String.valueOf(v)));
 				}
 			});
-			String uri = this.authorizationUri;
-			Assert.notNull(uri, "authorizationUri cannot be null");
-			UriBuilder uriBuilder = this.uriBuilderFactory.uriString(uri).queryParams(queryParams);
+			Assert.notNull(this.authorizationUri, "authorizationUri cannot be null");
+			UriBuilder uriBuilder = this.uriBuilderFactory.uriString(this.authorizationUri).queryParams(queryParams);
 			return this.authorizationRequestUriFunction.apply(uriBuilder).toString();
 		}

--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java
@ -222,6 +222,7 @@ public final class OAuth2AuthorizationResponse implements Serializable {
 				authorizationResponse.code = this.code;
 			}
 			else {
+				Assert.notNull(this.errorCode, "errorCode cannot be null when code is not present");
 				Assert.hasText(this.errorCode, "errorCode cannot be empty when code is not present");
 				authorizationResponse.error = new OAuth2Error(this.errorCode, this.errorDescription, this.errorUri);
 			}
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2DeviceAuthorizationResponseHttpMessageConverter.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/http/converter/OAuth2DeviceAuthorizationResponseHttpMessageConverter.java
@ -146,18 +146,11 @@ public class OAuth2DeviceAuthorizationResponseHttpMessageConverter
 		@Override
 		public OAuth2DeviceAuthorizationResponse convert(Map<String, Object> parameters) {
 			String deviceCode = getParameterValue(parameters, OAuth2ParameterNames.DEVICE_CODE);
-			if (deviceCode == null) {
-				throw new IllegalArgumentException("Missing required parameter: " + OAuth2ParameterNames.DEVICE_CODE);
-			}
+			Assert.notNull(deviceCode, "Missing required parameter: " + OAuth2ParameterNames.DEVICE_CODE);
 			String userCode = getParameterValue(parameters, OAuth2ParameterNames.USER_CODE);
-			if (userCode == null) {
-				throw new IllegalArgumentException("Missing required parameter: " + OAuth2ParameterNames.USER_CODE);
-			}
+			Assert.notNull(userCode, "Missing required parameter: " + OAuth2ParameterNames.USER_CODE);
 			String verificationUri = getParameterValue(parameters, OAuth2ParameterNames.VERIFICATION_URI);
-			if (verificationUri == null) {
-				throw new IllegalArgumentException(
-						"Missing required parameter: " + OAuth2ParameterNames.VERIFICATION_URI);
-			}
+			Assert.notNull(verificationUri, "Missing required parameter: " + OAuth2ParameterNames.VERIFICATION_URI);
 			String verificationUriComplete = getParameterValue(parameters,
 					OAuth2ParameterNames.VERIFICATION_URI_COMPLETE);
 			long expiresIn = getParameterValue(parameters, OAuth2ParameterNames.EXPIRES_IN, 0L);
--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcIdToken.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/OidcIdToken.java
@ -250,10 +250,8 @@ public class OidcIdToken extends AbstractOAuth2Token implements IdTokenClaimAcce
 		 * @return The constructed {@link OidcIdToken}
 		 */
 		public OidcIdToken build() {
-			Object iatObj = this.claims.get(IdTokenClaimNames.IAT);
-			Object expObj = this.claims.get(IdTokenClaimNames.EXP);
-			Instant iat = toInstant(iatObj);
-			Instant exp = toInstant(expObj);
+			Instant iat = toInstant(this.claims.get(IdTokenClaimNames.IAT));
+			Instant exp = toInstant(this.claims.get(IdTokenClaimNames.EXP));
 			return new OidcIdToken(this.tokenValue, iat, exp, this.claims);
 		}

--- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
+++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/user/DefaultOAuth2User.java
@ -70,9 +70,8 @@ public class DefaultOAuth2User implements OAuth2User, Serializable {
 			Map<String, Object> attributes, String nameAttributeKey) {
 		Assert.notEmpty(attributes, "attributes cannot be empty");
 		Assert.hasText(nameAttributeKey, "nameAttributeKey cannot be empty");
-		Object nameAttributeValue = attributes.get(nameAttributeKey);
-		Assert.notNull(nameAttributeValue, "Attribute value for '" + nameAttributeKey + "' cannot be null");
-
+		Assert.notNull(attributes.get(nameAttributeKey),
+				"Attribute value for '" + nameAttributeKey + "' cannot be null");
 		this.authorities = (authorities != null)
 				? Collections.unmodifiableSet(new LinkedHashSet<>(this.sortAuthorities(authorities)))
 				: Collections.unmodifiableSet(new LinkedHashSet<>(AuthorityUtils.NO_AUTHORITIES));
@ -83,7 +82,7 @@ public class DefaultOAuth2User implements OAuth2User, Serializable {
 	@Override
 	public String getName() {
 		Object nameAttributeValue = this.getAttribute(this.nameAttributeKey);
-		Assert.notNull(nameAttributeValue, "Name attribute value cannot be null");
+		Assert.notNull(nameAttributeValue, "name attribute value cannot be null");
 		return nameAttributeValue.toString();
 	}