diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java index 104a0be328..de01d55b4e 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/WebAuthnConfigurer.java @@ -46,6 +46,7 @@ import org.springframework.security.web.webauthn.registration.DefaultWebAuthnReg import org.springframework.security.web.webauthn.registration.PublicKeyCredentialCreationOptionsFilter; import org.springframework.security.web.webauthn.registration.PublicKeyCredentialCreationOptionsRepository; import org.springframework.security.web.webauthn.registration.WebAuthnRegistrationFilter; +import org.springframework.util.Assert; /** * Configures WebAuthn for Spring Security applications @@ -75,6 +76,7 @@ public class WebAuthnConfigurer> * @return the {@link WebAuthnConfigurer} for further customization */ public WebAuthnConfigurer rpId(String rpId) { + Assert.hasText(rpId, "rpId be null or empty"); this.rpId = rpId; return this; } @@ -85,6 +87,7 @@ public class WebAuthnConfigurer> * @return the {@link WebAuthnConfigurer} for further customization */ public WebAuthnConfigurer rpName(String rpName) { + Assert.hasText(rpName, "rpName can't be null or empty"); this.rpName = rpName; return this; } @@ -106,6 +109,7 @@ public class WebAuthnConfigurer> * @see #allowedOrigins(String...) */ public WebAuthnConfigurer allowedOrigins(Set allowedOrigins) { + Assert.notNull(allowedOrigins, "allowedOrigins can't be null"); this.allowedOrigins = allowedOrigins; return this; } @@ -129,6 +133,7 @@ public class WebAuthnConfigurer> * @return the {@link WebAuthnConfigurer} for further customization */ public WebAuthnConfigurer messageConverter(HttpMessageConverter converter) { + Assert.notNull(converter, "converter can't be null"); this.converter = converter; return this; } @@ -140,15 +145,15 @@ public class WebAuthnConfigurer> */ public WebAuthnConfigurer creationOptionsRepository( PublicKeyCredentialCreationOptionsRepository creationOptionsRepository) { + Assert.notNull(creationOptionsRepository, "creationOptionsRepository can't be null"); this.creationOptionsRepository = creationOptionsRepository; return this; } @Override public void configure(H http) throws Exception { - UserDetailsService userDetailsService = getSharedOrBean(http, UserDetailsService.class).orElseGet(() -> { - throw new IllegalStateException("Missing UserDetailsService Bean"); - }); + UserDetailsService userDetailsService = getSharedOrBean(http, UserDetailsService.class) + .orElseThrow(() -> new IllegalStateException("Missing UserDetailsService Bean")); PublicKeyCredentialUserEntityRepository userEntities = getSharedOrBean(http, PublicKeyCredentialUserEntityRepository.class) .orElse(userEntityRepository()); @@ -238,12 +243,9 @@ public class WebAuthnConfigurer> PublicKeyCredentialUserEntityRepository userEntities, UserCredentialRepository userCredentials) { Optional webauthnOperationsBean = getBeanOrNull( WebAuthnRelyingPartyOperations.class); - if (webauthnOperationsBean.isPresent()) { - return webauthnOperationsBean.get(); - } - Webauthn4JRelyingPartyOperations result = new Webauthn4JRelyingPartyOperations(userEntities, userCredentials, - PublicKeyCredentialRpEntity.builder().id(this.rpId).name(this.rpName).build(), this.allowedOrigins); - return result; + return webauthnOperationsBean.orElseGet(() -> new Webauthn4JRelyingPartyOperations(userEntities, + userCredentials, PublicKeyCredentialRpEntity.builder().id(this.rpId).name(this.rpName).build(), + this.allowedOrigins)); } }