From 6894ff5d12de93d9f06b328d5cd4d34041c60cff Mon Sep 17 00:00:00 2001 From: Phillip Webb Date: Fri, 24 Jul 2020 19:03:31 -0700 Subject: [PATCH] Make classes final where possible Update classes that have private constructors so that they are also declared final. In a few cases, inner-classes used private constructors but were subclassed. These have now been changed to have package-private constructors. Issue gh-8945 --- .../acls/jdbc/JdbcMutableAclServiceTests.java | 2 +- .../UserDetailsManagerConfigurer.java | 2 +- .../annotation/rsocket/RSocketSecurity.java | 8 +- .../annotation/web/builders/HttpSecurity.java | 5 +- .../annotation/web/builders/WebSecurity.java | 2 +- .../ChannelSecurityConfigurer.java | 2 +- .../web/configurers/CsrfConfigurer.java | 9 +- .../ExpressionUrlAuthorizationConfigurer.java | 8 +- .../UrlAuthorizationConfigurer.java | 6 +- .../oauth2/client/OAuth2ClientConfigurer.java | 2 +- .../oauth2/client/OAuth2LoginConfigurer.java | 8 +- ...MessageSecurityMetadataSourceRegistry.java | 6 +- .../GrantedAuthorityDefaultsParserUtils.java | 8 +- .../config/web/server/ServerHttpSecurity.java | 112 +++++++++--------- ...bstractConfiguredSecurityBuilderTests.java | 2 +- .../WebTestClientHtmlUnitDriverBuilder.java | 2 +- ...enticatedReactiveAuthorizationManager.java | 6 +- ...AuthorityReactiveAuthorizationManager.java | 2 +- .../security/core/userdetails/User.java | 2 +- .../security/PopulatedDatabase.java | 2 +- .../security/crypto/encrypt/CipherUtils.java | 8 +- .../security/crypto/encrypt/Encryptors.java | 8 +- .../factory/PasswordEncoderFactories.java | 8 +- .../security/crypto/keygen/KeyGenerators.java | 10 +- .../crypto/password/PasswordEncoderUtils.java | 14 +-- .../security/crypto/util/EncodingUtils.java | 8 +- etc/checkstyle/checkstyle-suppressions.xml | 1 - .../handler/invocation/ResolvableMethod.java | 18 +-- .../client/OAuth2AuthorizationContext.java | 2 +- .../oauth2/client/OAuth2AuthorizeRequest.java | 2 +- ...OAuth2AuthorizedClientProviderBuilder.java | 8 +- ...OAuth2AuthorizedClientProviderBuilder.java | 8 +- .../registration/ClientRegistration.java | 6 +- ...uthorizedClientExchangeFilterFunction.java | 28 +++-- ...uthorizedClientExchangeFilterFunction.java | 2 +- ...dbcOAuth2AuthorizedClientServiceTests.java | 4 +- .../DelegatingOAuth2UserServiceTests.java | 3 +- .../endpoint/OAuth2AccessTokenResponse.java | 2 +- .../endpoint/OAuth2AuthorizationRequest.java | 2 +- .../endpoint/OAuth2AuthorizationResponse.java | 2 +- ...geMatcherReactiveAuthorizationManager.java | 4 +- .../OpenSamlAuthenticationProvider.java | 2 +- .../Saml2AuthenticationRequest.java | 2 +- .../Saml2AuthenticationRequestContext.java | 2 +- .../Saml2PostAuthenticationRequest.java | 4 +- .../Saml2RedirectAuthenticationRequest.java | 4 +- .../RelyingPartyRegistration.java | 4 +- ...WithUserDetailsSecurityContextFactory.java | 2 +- .../server/SecurityMockServerConfigurers.java | 26 ++-- .../SecurityMockMvcRequestPostProcessors.java | 18 +-- .../security/web/FilterChainProxy.java | 2 +- ...elegatingReactiveAuthorizationManager.java | 4 +- .../NoOpServerSecurityContextRepository.java | 9 +- .../savedrequest/NoOpServerRequestCache.java | 8 +- .../util/matcher/AntPathRequestMatcher.java | 4 +- .../web/reactive/server/WebTestHandler.java | 4 +- ...tentTokenBasedRememberMeServicesTests.java | 2 +- .../security/web/method/ResolvableMethod.java | 14 +-- 58 files changed, 229 insertions(+), 226 deletions(-) diff --git a/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java b/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java index df0d18603d..bab5a11958 100644 --- a/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java +++ b/acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java @@ -550,7 +550,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin */ private class CustomJdbcMutableAclService extends JdbcMutableAclService { - private CustomJdbcMutableAclService(DataSource dataSource, LookupStrategy lookupStrategy, AclCache aclCache) { + CustomJdbcMutableAclService(DataSource dataSource, LookupStrategy lookupStrategy, AclCache aclCache) { super(dataSource, lookupStrategy, aclCache); } diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/UserDetailsManagerConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/UserDetailsManagerConfigurer.java index d6681aa70d..3ae55eba45 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/UserDetailsManagerConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/UserDetailsManagerConfigurer.java @@ -104,7 +104,7 @@ public class UserDetailsManagerConfigurer, C * Builds the user to be added. At minimum the username, password, and authorities * should provided. The remaining attributes have reasonable defaults. */ - public class UserDetailsBuilder { + public final class UserDetailsBuilder { private UserBuilder user; diff --git a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java index 7bf6051025..b55fd0e1de 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java @@ -164,7 +164,7 @@ public class RSocketSecurity { /** * @since 5.3 */ - public class SimpleAuthenticationSpec { + public final class SimpleAuthenticationSpec { private ReactiveAuthenticationManager authenticationManager; @@ -208,7 +208,7 @@ public class RSocketSecurity { return this; } - public class BasicAuthenticationSpec { + public final class BasicAuthenticationSpec { private ReactiveAuthenticationManager authenticationManager; @@ -244,7 +244,7 @@ public class RSocketSecurity { return this; } - public class JwtSpec { + public final class JwtSpec { private ReactiveAuthenticationManager authenticationManager; @@ -370,7 +370,7 @@ public class RSocketSecurity { return new Access(matcher); } - public class Access { + public final class Access { private final PayloadExchangeMatcher matcher; diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java index 1c71ad0ba2..b4936abec5 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java @@ -2942,10 +2942,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder matchers = new ArrayList<>(); - /** - * @param context - */ - private RequestMatcherConfigurer(ApplicationContext context) { + RequestMatcherConfigurer(ApplicationContext context) { setApplicationContext(context); } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java index 7d8ef3304c..34abe958f3 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java @@ -337,7 +337,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder { - private IgnoredRequestConfigurer(ApplicationContext context) { + IgnoredRequestConfigurer(ApplicationContext context) { setApplicationContext(context); } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java index 6e32cbec24..30d08a20c9 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java @@ -220,7 +220,7 @@ public final class ChannelSecurityConfigurer> protected List requestMatchers; - private RequiresChannelUrl(List requestMatchers) { + RequiresChannelUrl(List requestMatchers) { this.requestMatchers = requestMatchers; } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java index 672c17f4fa..9245a1b93e 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java @@ -303,8 +303,8 @@ public final class CsrfConfigurer> * @since 5.2 */ private SessionAuthenticationStrategy getSessionAuthenticationStrategy() { - if (sessionAuthenticationStrategy != null) { - return sessionAuthenticationStrategy; + if (this.sessionAuthenticationStrategy != null) { + return this.sessionAuthenticationStrategy; } else { return new CsrfAuthenticationStrategy(this.csrfTokenRepository); @@ -321,10 +321,7 @@ public final class CsrfConfigurer> */ private class IgnoreCsrfProtectionRegistry extends AbstractRequestMatcherRegistry { - /** - * @param context - */ - private IgnoreCsrfProtectionRegistry(ApplicationContext context) { + IgnoreCsrfProtectionRegistry(ApplicationContext context) { setApplicationContext(context); } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java index 1a6bdf8acb..8d14c69455 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java @@ -109,7 +109,7 @@ public final class ExpressionUrlAuthorizationConfigurer.AbstractInterceptUrlRegistry { /** @@ -130,7 +130,7 @@ public final class ExpressionUrlAuthorizationConfigurer requestMatchers) { + protected AuthorizedUrl chainRequestMatchersInternal(List requestMatchers) { return new AuthorizedUrl(requestMatchers); } @@ -267,7 +267,7 @@ public final class ExpressionUrlAuthorizationConfigurer requestMatchers) { + AuthorizedUrl(List requestMatchers) { this.requestMatchers = requestMatchers; } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java index 7eb350a744..3bb7f5c96c 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java @@ -113,7 +113,7 @@ public final class UrlAuthorizationConfigurer> return this; } - public class StandardInterceptUrlRegistry extends + public final class StandardInterceptUrlRegistry extends ExpressionUrlAuthorizationConfigurer.AbstractInterceptUrlRegistry { /** @@ -134,7 +134,7 @@ public final class UrlAuthorizationConfigurer> } @Override - protected final AuthorizedUrl chainRequestMatchersInternal(List requestMatchers) { + protected AuthorizedUrl chainRequestMatchersInternal(List requestMatchers) { return new AuthorizedUrl(requestMatchers); } @@ -275,7 +275,7 @@ public final class UrlAuthorizationConfigurer> * @param requestMatchers the {@link RequestMatcher} instances to map to some * {@link ConfigAttribute} instances. */ - private AuthorizedUrl(List requestMatchers) { + AuthorizedUrl(List requestMatchers) { Assert.notEmpty(requestMatchers, "requestMatchers must contain at least one value"); this.requestMatchers = requestMatchers; } diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java index b504c8d6f8..64e9205359 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java @@ -154,7 +154,7 @@ public final class OAuth2ClientConfigurer> /** * Configuration options for the OAuth 2.0 Authorization Code Grant. */ - public class AuthorizationCodeGrantConfigurer { + public final class AuthorizationCodeGrantConfigurer { private OAuth2AuthorizationRequestResolver authorizationRequestResolver; diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java index 09addf7ea9..01c8d1625d 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java @@ -224,7 +224,7 @@ public final class OAuth2LoginConfigurer> /** * Configuration options for the Authorization Server's Authorization Endpoint. */ - public class AuthorizationEndpointConfig { + public final class AuthorizationEndpointConfig { private String authorizationRequestBaseUri; @@ -308,7 +308,7 @@ public final class OAuth2LoginConfigurer> /** * Configuration options for the Authorization Server's Token Endpoint. */ - public class TokenEndpointConfig { + public final class TokenEndpointConfig { private OAuth2AccessTokenResponseClient accessTokenResponseClient; @@ -364,7 +364,7 @@ public final class OAuth2LoginConfigurer> /** * Configuration options for the Client's Redirection Endpoint. */ - public class RedirectionEndpointConfig { + public final class RedirectionEndpointConfig { private String authorizationResponseBaseUri; @@ -416,7 +416,7 @@ public final class OAuth2LoginConfigurer> /** * Configuration options for the Authorization Server's UserInfo Endpoint. */ - public class UserInfoEndpointConfig { + public final class UserInfoEndpointConfig { private OAuth2UserService userService; diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java b/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java index 78ef22909a..4017be49e2 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java @@ -251,7 +251,7 @@ public class MessageSecurityMetadataSourceRegistry { * Represents the security constraint to be applied to the {@link MessageMatcher} * instances. */ - public class Constraint { + public final class Constraint { private final List messageMatchers; @@ -409,7 +409,7 @@ public class MessageSecurityMetadataSourceRegistry { return "hasAnyAuthority('" + anyAuthorities + "')"; } - private static class PreBuiltMatcherBuilder implements MatcherBuilder { + private final static class PreBuiltMatcherBuilder implements MatcherBuilder { private MessageMatcher matcher; @@ -423,7 +423,7 @@ public class MessageSecurityMetadataSourceRegistry { } - private class PathMatcherMessageMatcherBuilder implements MatcherBuilder { + private final class PathMatcherMessageMatcherBuilder implements MatcherBuilder { private final String pattern; diff --git a/config/src/main/java/org/springframework/security/config/http/GrantedAuthorityDefaultsParserUtils.java b/config/src/main/java/org/springframework/security/config/http/GrantedAuthorityDefaultsParserUtils.java index 625b4a8c1f..3f8e9e89be 100644 --- a/config/src/main/java/org/springframework/security/config/http/GrantedAuthorityDefaultsParserUtils.java +++ b/config/src/main/java/org/springframework/security/config/http/GrantedAuthorityDefaultsParserUtils.java @@ -27,7 +27,10 @@ import org.springframework.security.config.core.GrantedAuthorityDefaults; * @author Rob Winch * @since 4.2 */ -class GrantedAuthorityDefaultsParserUtils { +final class GrantedAuthorityDefaultsParserUtils { + + private GrantedAuthorityDefaultsParserUtils() { + } static RootBeanDefinition registerWithDefaultRolePrefix(ParserContext pc, Class beanFactoryClass) { @@ -60,7 +63,4 @@ class GrantedAuthorityDefaultsParserUtils { } - private GrantedAuthorityDefaultsParserUtils() { - } - } diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index eaade885f4..759228c707 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -628,10 +628,13 @@ public class ServerHttpSecurity { * Configures CORS support within Spring Security. This ensures that the * {@link CorsWebFilter} is place in the correct order. */ - public class CorsSpec { + public final class CorsSpec { private CorsWebFilter corsFilter; + private CorsSpec() { + } + /** * Configures the {@link CorsConfigurationSource} to be used * @param source the source to use @@ -683,9 +686,6 @@ public class ServerHttpSecurity { return this.corsFilter; } - private CorsSpec() { - } - } /** @@ -874,12 +874,15 @@ public class ServerHttpSecurity { * @since 5.2 * @see #x509() */ - public class X509Spec { + public final class X509Spec { private X509PrincipalExtractor principalExtractor; private ReactiveAuthenticationManager authenticationManager; + private X509Spec() { + } + public X509Spec principalExtractor(X509PrincipalExtractor principalExtractor) { this.principalExtractor = principalExtractor; return this; @@ -923,9 +926,6 @@ public class ServerHttpSecurity { return authenticationManager; } - private X509Spec() { - } - } /** @@ -981,7 +981,7 @@ public class ServerHttpSecurity { return this; } - public class OAuth2LoginSpec { + public final class OAuth2LoginSpec { private ReactiveClientRegistrationRepository clientRegistrationRepository; @@ -1003,6 +1003,9 @@ public class ServerHttpSecurity { private ServerAuthenticationFailureHandler authenticationFailureHandler; + private OAuth2LoginSpec() { + } + /** * Configures the {@link ReactiveAuthenticationManager} to use. The default is * {@link OAuth2AuthorizationCodeReactiveAuthenticationManager} @@ -1378,9 +1381,6 @@ public class ServerHttpSecurity { return service; } - private OAuth2LoginSpec() { - } - } /** @@ -1434,7 +1434,7 @@ public class ServerHttpSecurity { return this; } - public class OAuth2ClientSpec { + public final class OAuth2ClientSpec { private ReactiveClientRegistrationRepository clientRegistrationRepository; @@ -1446,6 +1446,9 @@ public class ServerHttpSecurity { private ServerAuthorizationRequestRepository authorizationRequestRepository; + private OAuth2ClientSpec() { + } + /** * Sets the converter to use * @param authenticationConverter the converter to use @@ -1595,9 +1598,6 @@ public class ServerHttpSecurity { return service; } - private OAuth2ClientSpec() { - } - } /** @@ -1794,8 +1794,9 @@ public class ServerHttpSecurity { if (this.authenticationManagerResolver != null) { AuthenticationWebFilter oauth2 = new AuthenticationWebFilter(this.authenticationManagerResolver); - oauth2.setServerAuthenticationConverter(bearerTokenConverter); - oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); + oauth2.setServerAuthenticationConverter(this.bearerTokenConverter); + oauth2.setAuthenticationFailureHandler( + new ServerAuthenticationEntryPointFailureHandler(this.entryPoint)); http.addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); } else if (this.jwt != null) { @@ -1961,8 +1962,9 @@ public class ServerHttpSecurity { protected void configure(ServerHttpSecurity http) { ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); AuthenticationWebFilter oauth2 = new BearerTokenAuthenticationWebFilter(authenticationManager); - oauth2.setServerAuthenticationConverter(bearerTokenConverter); - oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); + oauth2.setServerAuthenticationConverter(OAuth2ResourceServerSpec.this.bearerTokenConverter); + oauth2.setAuthenticationFailureHandler( + new ServerAuthenticationEntryPointFailureHandler(OAuth2ResourceServerSpec.this.entryPoint)); // @formatter:off http .addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); @@ -2003,7 +2005,7 @@ public class ServerHttpSecurity { * @author Josh Cummings * @since 5.2 */ - public class OpaqueTokenSpec { + public final class OpaqueTokenSpec { private String introspectionUri; @@ -2013,6 +2015,9 @@ public class ServerHttpSecurity { private Supplier introspector; + private OpaqueTokenSpec() { + } + /** * Configures the URI of the Introspection endpoint * @param introspectionUri The URI of the Introspection endpoint @@ -2071,14 +2076,12 @@ public class ServerHttpSecurity { protected void configure(ServerHttpSecurity http) { ReactiveAuthenticationManager authenticationManager = getAuthenticationManager(); AuthenticationWebFilter oauth2 = new BearerTokenAuthenticationWebFilter(authenticationManager); - oauth2.setServerAuthenticationConverter(bearerTokenConverter); - oauth2.setAuthenticationFailureHandler(new ServerAuthenticationEntryPointFailureHandler(entryPoint)); + oauth2.setServerAuthenticationConverter(OAuth2ResourceServerSpec.this.bearerTokenConverter); + oauth2.setAuthenticationFailureHandler( + new ServerAuthenticationEntryPointFailureHandler(OAuth2ResourceServerSpec.this.entryPoint)); http.addFilterAt(oauth2, SecurityWebFiltersOrder.AUTHENTICATION); } - private OpaqueTokenSpec() { - } - } public ServerHttpSecurity and() { @@ -2820,7 +2823,7 @@ public class ServerHttpSecurity { * @since 5.0 * @see #csrf() */ - public class CsrfSpec { + public final class CsrfSpec { private CsrfWebFilter filter = new CsrfWebFilter(); @@ -2917,7 +2920,7 @@ public class ServerHttpSecurity { * @since 5.0 * @see #exceptionHandling() */ - public class ExceptionHandlingSpec { + public final class ExceptionHandlingSpec { /** * Configures what to do when the application request authentication @@ -2963,7 +2966,7 @@ public class ServerHttpSecurity { * @since 5.0 * @see #requestCache() */ - public class RequestCacheSpec { + public final class RequestCacheSpec { private ServerRequestCache requestCache = new WebSessionServerRequestCache(); @@ -3013,7 +3016,7 @@ public class ServerHttpSecurity { * @since 5.0 * @see #httpBasic() */ - public class HttpBasicSpec { + public final class HttpBasicSpec { private ReactiveAuthenticationManager authenticationManager; @@ -3104,7 +3107,7 @@ public class ServerHttpSecurity { * @since 5.0 * @see #formLogin() */ - public class FormLoginSpec { + public final class FormLoginSpec { private final RedirectServerAuthenticationSuccessHandler defaultSuccessHandler = new RedirectServerAuthenticationSuccessHandler( "/"); @@ -3282,7 +3285,7 @@ public class ServerHttpSecurity { } - private class LoginPageSpec { + private final class LoginPageSpec { protected void configure(ServerHttpSecurity http) { if (http.authenticationEntryPoint != null) { @@ -3321,7 +3324,7 @@ public class ServerHttpSecurity { * @since 5.0 * @see #headers() */ - public class HeaderSpec { + public final class HeaderSpec { private final List writers; @@ -3535,7 +3538,7 @@ public class ServerHttpSecurity { * * @see #cache() */ - public class CacheSpec { + public final class CacheSpec { /** * Disables cache control response headers @@ -3556,7 +3559,7 @@ public class ServerHttpSecurity { * * @see #contentTypeOptions() */ - public class ContentTypeOptionsSpec { + public final class ContentTypeOptionsSpec { /** * Disables the content type options response header @@ -3577,7 +3580,7 @@ public class ServerHttpSecurity { * * @see #frameOptions() */ - public class FrameOptionsSpec { + public final class FrameOptionsSpec { /** * The mode to configure. Default is @@ -3618,7 +3621,7 @@ public class ServerHttpSecurity { * * @see #hsts() */ - public class HstsSpec { + public final class HstsSpec { /** * Configures the max age. Default is one year. @@ -3687,7 +3690,10 @@ public class ServerHttpSecurity { * * @see #xssProtection() */ - public class XssProtectionSpec { + public final class XssProtectionSpec { + + private XssProtectionSpec() { + } /** * Disables the x-xss-protection response header @@ -3698,9 +3704,6 @@ public class ServerHttpSecurity { return HeaderSpec.this; } - private XssProtectionSpec() { - } - } /** @@ -3709,7 +3712,7 @@ public class ServerHttpSecurity { * @since 5.1 * @see #contentSecurityPolicy(String) */ - public class ContentSecurityPolicySpec { + public final class ContentSecurityPolicySpec { private static final String DEFAULT_SRC_SELF_POLICY = "default-src 'self'"; @@ -3760,7 +3763,7 @@ public class ServerHttpSecurity { * @since 5.1 * @see #featurePolicy(String) */ - public class FeaturePolicySpec { + public final class FeaturePolicySpec { /** * Allows method chaining to continue configuring the @@ -3784,7 +3787,11 @@ public class ServerHttpSecurity { * @see #referrerPolicy() * @see #referrerPolicy(ReferrerPolicy) */ - public class ReferrerPolicySpec { + public final class ReferrerPolicySpec { + + private ReferrerPolicySpec(ReferrerPolicy referrerPolicy) { + HeaderSpec.this.referrerPolicy.setPolicy(referrerPolicy); + } /** * Sets the policy to be used in the response header. @@ -3808,10 +3815,6 @@ public class ServerHttpSecurity { private ReferrerPolicySpec() { } - private ReferrerPolicySpec(ReferrerPolicy referrerPolicy) { - HeaderSpec.this.referrerPolicy.setPolicy(referrerPolicy); - } - } private HeaderSpec() { @@ -4095,17 +4098,18 @@ public class ServerHttpSecurity { } protected void configure(ServerHttpSecurity http) { - if (authenticationFilter == null) { - authenticationFilter = new AnonymousAuthenticationWebFilter(getKey(), principal, authorities); + if (this.authenticationFilter == null) { + this.authenticationFilter = new AnonymousAuthenticationWebFilter(getKey(), this.principal, + this.authorities); } - http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.ANONYMOUS_AUTHENTICATION); + http.addFilterAt(this.authenticationFilter, SecurityWebFiltersOrder.ANONYMOUS_AUTHENTICATION); } private String getKey() { - if (key == null) { - key = UUID.randomUUID().toString(); + if (this.key == null) { + this.key = UUID.randomUUID().toString(); } - return key; + return this.key; } private AnonymousSpec() { diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java index d1ea811fa6..b7a26da9a7 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/AbstractConfiguredSecurityBuilderTests.java @@ -144,7 +144,7 @@ public class AbstractConfiguredSecurityBuilderTests { } - private static class TestConfiguredSecurityBuilder + private static final class TestConfiguredSecurityBuilder extends AbstractConfiguredSecurityBuilder { private TestConfiguredSecurityBuilder(ObjectPostProcessor objectPostProcessor) { diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java index 47d4a77783..db19b75056 100644 --- a/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java +++ b/config/src/test/java/org/springframework/security/htmlunit/server/WebTestClientHtmlUnitDriverBuilder.java @@ -30,7 +30,7 @@ import org.springframework.test.web.servlet.htmlunit.webdriver.WebConnectionHtml * @author Rob Winch * @since 5.0 */ -public class WebTestClientHtmlUnitDriverBuilder { +public final class WebTestClientHtmlUnitDriverBuilder { private final WebTestClient webTestClient; diff --git a/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java index 1d995be615..e20d1ed5a2 100644 --- a/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/AuthenticatedReactiveAuthorizationManager.java @@ -34,6 +34,9 @@ public class AuthenticatedReactiveAuthorizationManager implements ReactiveAut private AuthenticationTrustResolver authTrustResolver = new AuthenticationTrustResolverImpl(); + AuthenticatedReactiveAuthorizationManager() { + } + @Override public Mono check(Mono authentication, T object) { return authentication.filter(this::isNotAnonymous).map(a -> new AuthorizationDecision(a.isAuthenticated())) @@ -59,7 +62,4 @@ public class AuthenticatedReactiveAuthorizationManager implements ReactiveAut return new AuthenticatedReactiveAuthorizationManager<>(); } - private AuthenticatedReactiveAuthorizationManager() { - } - } diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java index a1a2a4784a..e1faf00f95 100644 --- a/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java @@ -36,7 +36,7 @@ public class AuthorityReactiveAuthorizationManager implements ReactiveAuthori private final List authorities; - private AuthorityReactiveAuthorizationManager(String... authorities) { + AuthorityReactiveAuthorizationManager(String... authorities) { this.authorities = Arrays.asList(authorities); } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/User.java b/core/src/main/java/org/springframework/security/core/userdetails/User.java index fa4bb98bfb..31d0892520 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/User.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/User.java @@ -334,7 +334,7 @@ public class User implements UserDetails, CredentialsContainer { * Builds the user to be added. At minimum the username, password, and authorities * should provided. The remaining attributes have reasonable defaults. */ - public static class UserBuilder { + public static final class UserBuilder { private String username; diff --git a/core/src/test/java/org/springframework/security/PopulatedDatabase.java b/core/src/test/java/org/springframework/security/PopulatedDatabase.java index bb3f0c7793..f450a2bb76 100644 --- a/core/src/test/java/org/springframework/security/PopulatedDatabase.java +++ b/core/src/test/java/org/springframework/security/PopulatedDatabase.java @@ -26,7 +26,7 @@ import org.springframework.jdbc.core.JdbcTemplate; * * @author Ben Alex */ -public class PopulatedDatabase { +public final class PopulatedDatabase { private static TestDataSource dataSource = null; diff --git a/crypto/src/main/java/org/springframework/security/crypto/encrypt/CipherUtils.java b/crypto/src/main/java/org/springframework/security/crypto/encrypt/CipherUtils.java index 58a268abe7..753a7b535f 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/encrypt/CipherUtils.java +++ b/crypto/src/main/java/org/springframework/security/crypto/encrypt/CipherUtils.java @@ -36,7 +36,10 @@ import javax.crypto.spec.PBEParameterSpec; * * @author Keith Donald */ -class CipherUtils { +final class CipherUtils { + + private CipherUtils() { + } /** * Generates a SecretKey. @@ -138,7 +141,4 @@ class CipherUtils { } } - private CipherUtils() { - } - } diff --git a/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java b/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java index 6b972d9e59..53270a01fa 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java +++ b/crypto/src/main/java/org/springframework/security/crypto/encrypt/Encryptors.java @@ -24,7 +24,10 @@ import org.springframework.security.crypto.keygen.KeyGenerators; * * @author Keith Donald */ -public class Encryptors { +public final class Encryptors { + + private Encryptors() { + } /** * Creates a standard password-based bytes encryptor using 256 bit AES encryption with @@ -112,9 +115,6 @@ public class Encryptors { return NO_OP_TEXT_INSTANCE; } - private Encryptors() { - } - private static final TextEncryptor NO_OP_TEXT_INSTANCE = new NoOpTextEncryptor(); private static final class NoOpTextEncryptor implements TextEncryptor { diff --git a/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java b/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java index c954da5d07..a3f995d23d 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java +++ b/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java @@ -32,7 +32,10 @@ import org.springframework.security.crypto.scrypt.SCryptPasswordEncoder; * @author Rob Winch * @since 5.0 */ -public class PasswordEncoderFactories { +public final class PasswordEncoderFactories { + + private PasswordEncoderFactories() { + } /** * Creates a {@link DelegatingPasswordEncoder} with default mappings. Additional @@ -79,7 +82,4 @@ public class PasswordEncoderFactories { return new DelegatingPasswordEncoder(encodingId, encoders); } - private PasswordEncoderFactories() { - } - } diff --git a/crypto/src/main/java/org/springframework/security/crypto/keygen/KeyGenerators.java b/crypto/src/main/java/org/springframework/security/crypto/keygen/KeyGenerators.java index 4a70ccef19..02d781788a 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/keygen/KeyGenerators.java +++ b/crypto/src/main/java/org/springframework/security/crypto/keygen/KeyGenerators.java @@ -23,7 +23,10 @@ import java.security.SecureRandom; * * @author Keith Donald */ -public class KeyGenerators { +public final class KeyGenerators { + + private KeyGenerators() { + } /** * Create a {@link BytesKeyGenerator} that uses a {@link SecureRandom} to generate @@ -59,9 +62,4 @@ public class KeyGenerators { return new HexEncodingStringKeyGenerator(secureRandom()); } - // internal helpers - - private KeyGenerators() { - } - } diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoderUtils.java b/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoderUtils.java index 167a51b1d3..d30b10d0bf 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoderUtils.java +++ b/crypto/src/main/java/org/springframework/security/crypto/password/PasswordEncoderUtils.java @@ -24,7 +24,10 @@ import org.springframework.security.crypto.codec.Utf8; * * @author Rob Winch */ -class PasswordEncoderUtils { +final class PasswordEncoderUtils { + + private PasswordEncoderUtils() { + } /** * Constant time comparison to prevent against timing attacks. @@ -43,12 +46,9 @@ class PasswordEncoderUtils { if (s == null) { return null; } - - return Utf8.encode(s); // need to check if Utf8.encode() runs in constant time - // (probably not). This may leak length of string. - } - - private PasswordEncoderUtils() { + // need to check if Utf8.encode() runs in constant time (probably not). + // This may leak length of string. + return Utf8.encode(s); } } diff --git a/crypto/src/main/java/org/springframework/security/crypto/util/EncodingUtils.java b/crypto/src/main/java/org/springframework/security/crypto/util/EncodingUtils.java index 4a49aaedfc..f71e9f8cb2 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/util/EncodingUtils.java +++ b/crypto/src/main/java/org/springframework/security/crypto/util/EncodingUtils.java @@ -22,7 +22,10 @@ package org.springframework.security.crypto.util; * * @author Keith Donald */ -public class EncodingUtils { +public final class EncodingUtils { + + private EncodingUtils() { + } /** * Combine the individual byte arrays into one array. @@ -54,7 +57,4 @@ public class EncodingUtils { return subarray; } - private EncodingUtils() { - } - } diff --git a/etc/checkstyle/checkstyle-suppressions.xml b/etc/checkstyle/checkstyle-suppressions.xml index 3fd9f4387c..ae0b46bcac 100644 --- a/etc/checkstyle/checkstyle-suppressions.xml +++ b/etc/checkstyle/checkstyle-suppressions.xml @@ -3,7 +3,6 @@ "-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN" "https://checkstyle.org/dtds/suppressions_1_2.dtd"> - diff --git a/messaging/src/test/java/org/springframework/security/messaging/handler/invocation/ResolvableMethod.java b/messaging/src/test/java/org/springframework/security/messaging/handler/invocation/ResolvableMethod.java index 9f969752e4..999589a8ce 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/handler/invocation/ResolvableMethod.java +++ b/messaging/src/test/java/org/springframework/security/messaging/handler/invocation/ResolvableMethod.java @@ -127,7 +127,7 @@ import static java.util.stream.Collectors.joining; * @author Rossen Stoyanchev * @since 5.2 */ -public class ResolvableMethod { +public final class ResolvableMethod { private static final Log logger = LogFactory.getLog(ResolvableMethod.class); @@ -258,7 +258,7 @@ public class ResolvableMethod { /** * Builder for {@code ResolvableMethod}. */ - public static class Builder { + public static final class Builder { private final Class objectClass; @@ -400,7 +400,7 @@ public class ResolvableMethod { *

* {@code build().method()} */ - public final Method resolveMethod() { + public Method resolveMethod() { return method().method(); } @@ -418,7 +418,7 @@ public class ResolvableMethod { *

* {@code build().returnType()} */ - public final MethodParameter resolveReturnType() { + public MethodParameter resolveReturnType() { return method().returnType(); } @@ -466,7 +466,7 @@ public class ResolvableMethod { /** * Predicate with a descriptive label. */ - private static class LabeledPredicate implements Predicate { + private static final class LabeledPredicate implements Predicate { private final String label; @@ -507,7 +507,7 @@ public class ResolvableMethod { /** * Resolver for method arguments. */ - public class ArgResolver { + public final class ArgResolver { private final List> filters = new ArrayList<>(4); @@ -578,7 +578,7 @@ public class ResolvableMethod { /** * Resolve the argument. */ - public final MethodParameter arg() { + public MethodParameter arg() { List matches = applyFilters(); Assert.state(!matches.isEmpty(), () -> "No matching arg in method\n" + formatMethod()); Assert.state(matches.size() == 1, @@ -588,8 +588,8 @@ public class ResolvableMethod { private List applyFilters() { List matches = new ArrayList<>(); - for (int i = 0; i < method.getParameterCount(); i++) { - MethodParameter param = new SynthesizingMethodParameter(method, i); + for (int i = 0; i < ResolvableMethod.this.method.getParameterCount(); i++) { + MethodParameter param = new SynthesizingMethodParameter(ResolvableMethod.this.method, i); param.initParameterNameDiscovery(nameDiscoverer); if (this.filters.stream().allMatch(p -> p.test(param))) { matches.add(param); diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizationContext.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizationContext.java index 38779bf650..7dcbed8268 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizationContext.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizationContext.java @@ -140,7 +140,7 @@ public final class OAuth2AuthorizationContext { /** * A builder for {@link OAuth2AuthorizationContext}. */ - public static class Builder { + public static final class Builder { private ClientRegistration clientRegistration; diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java index 26c1fababb..aead6ea1ab 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizeRequest.java @@ -122,7 +122,7 @@ public final class OAuth2AuthorizeRequest { /** * A builder for {@link OAuth2AuthorizeRequest}. */ - public static class Builder { + public static final class Builder { private String clientRegistrationId; diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientProviderBuilder.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientProviderBuilder.java index a3e8a1e08a..4a510258e8 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientProviderBuilder.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/OAuth2AuthorizedClientProviderBuilder.java @@ -89,7 +89,7 @@ public final class OAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code authorization_code} grant. */ - public class AuthorizationCodeGrantBuilder implements Builder { + public final class AuthorizationCodeGrantBuilder implements Builder { private AuthorizationCodeGrantBuilder() { } @@ -131,7 +131,7 @@ public final class OAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code refresh_token} grant. */ - public class RefreshTokenGrantBuilder implements Builder { + public final class RefreshTokenGrantBuilder implements Builder { private OAuth2AccessTokenResponseClient accessTokenResponseClient; @@ -226,7 +226,7 @@ public final class OAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code client_credentials} grant. */ - public class ClientCredentialsGrantBuilder implements Builder { + public final class ClientCredentialsGrantBuilder implements Builder { private OAuth2AccessTokenResponseClient accessTokenResponseClient; @@ -319,7 +319,7 @@ public final class OAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code password} grant. */ - public class PasswordGrantBuilder implements Builder { + public final class PasswordGrantBuilder implements Builder { private OAuth2AccessTokenResponseClient accessTokenResponseClient; diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ReactiveOAuth2AuthorizedClientProviderBuilder.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ReactiveOAuth2AuthorizedClientProviderBuilder.java index 2149cc1440..2e6eb85eb4 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ReactiveOAuth2AuthorizedClientProviderBuilder.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/ReactiveOAuth2AuthorizedClientProviderBuilder.java @@ -89,7 +89,7 @@ public final class ReactiveOAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code authorization_code} grant. */ - public class AuthorizationCodeGrantBuilder implements Builder { + public final class AuthorizationCodeGrantBuilder implements Builder { private AuthorizationCodeGrantBuilder() { } @@ -133,7 +133,7 @@ public final class ReactiveOAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code refresh_token} grant. */ - public class RefreshTokenGrantBuilder implements Builder { + public final class RefreshTokenGrantBuilder implements Builder { private ReactiveOAuth2AccessTokenResponseClient accessTokenResponseClient; @@ -230,7 +230,7 @@ public final class ReactiveOAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code client_credentials} grant. */ - public class ClientCredentialsGrantBuilder implements Builder { + public final class ClientCredentialsGrantBuilder implements Builder { private ReactiveOAuth2AccessTokenResponseClient accessTokenResponseClient; @@ -325,7 +325,7 @@ public final class ReactiveOAuth2AuthorizedClientProviderBuilder { /** * A builder for the {@code password} grant. */ - public class PasswordGrantBuilder implements Builder { + public final class PasswordGrantBuilder implements Builder { private ReactiveOAuth2AccessTokenResponseClient accessTokenResponseClient; diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java index 807f915db6..b4ecb5748d 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java @@ -195,7 +195,7 @@ public final class ClientRegistration implements Serializable { private Map configurationMetadata = Collections.emptyMap(); - private ProviderDetails() { + ProviderDetails() { } /** @@ -263,7 +263,7 @@ public final class ClientRegistration implements Serializable { private String userNameAttributeName; - private UserInfoEndpoint() { + UserInfoEndpoint() { } /** @@ -322,7 +322,7 @@ public final class ClientRegistration implements Serializable { /** * A builder for {@link ClientRegistration}. */ - public static class Builder implements Serializable { + public static final class Builder implements Serializable { private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID; diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java index 480c793c85..9ea3263d5b 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java @@ -131,7 +131,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements private final Mono currentAuthenticationMono = ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication).defaultIfEmpty(ANONYMOUS_USER_TOKEN); - private final Mono clientRegistrationIdMono = currentAuthenticationMono + private final Mono clientRegistrationIdMono = this.currentAuthenticationMono .filter(t -> this.defaultOAuth2AuthorizedClient && t instanceof OAuth2AuthenticationToken) .cast(OAuth2AuthenticationToken.class).map(OAuth2AuthenticationToken::getAuthorizedClientRegistrationId); @@ -472,7 +472,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements private Mono effectiveClientRegistrationId(ClientRequest request) { return Mono.justOrEmpty(clientRegistrationId(request)) .switchIfEmpty(Mono.justOrEmpty(this.defaultClientRegistrationId)) - .switchIfEmpty(clientRegistrationIdMono); + .switchIfEmpty(this.clientRegistrationIdMono); } /** @@ -488,7 +488,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements * {@link ServerWebExchange} that is active for the given request. */ private Mono> effectiveServerWebExchange(ClientRequest request) { - return Mono.justOrEmpty(serverWebExchange(request)).switchIfEmpty(currentServerWebExchangeMono) + return Mono.justOrEmpty(serverWebExchange(request)).switchIfEmpty(this.currentServerWebExchangeMono) .map(Optional::of).defaultIfEmpty(Optional.empty()); } @@ -534,7 +534,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements this.clientResponseHandler = new AuthorizationFailureForwarder(authorizationFailureHandler); } - private static class UnAuthenticatedReactiveOAuth2AuthorizedClientManager + private static final class UnAuthenticatedReactiveOAuth2AuthorizedClientManager implements ReactiveOAuth2AuthorizedClientManager { private final ReactiveClientRegistrationRepository clientRegistrationRepository; @@ -628,7 +628,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements * * @since 5.3 */ - private class AuthorizationFailureForwarder implements ClientResponseHandler { + private final class AuthorizationFailureForwarder implements ClientResponseHandler { /** * A map of HTTP Status Code to OAuth 2.0 Error codes for HTTP status codes that @@ -667,7 +667,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements Mono clientRegistrationId = effectiveClientRegistrationId(request); - return Mono.zip(currentAuthenticationMono, serverWebExchange, clientRegistrationId) + return Mono + .zip(ServerOAuth2AuthorizedClientExchangeFilterFunction.this.currentAuthenticationMono, + serverWebExchange, clientRegistrationId) .flatMap(tuple3 -> handleAuthorizationFailure(tuple3.getT1(), // Authentication // principal tuple3.getT2().orElse(null), // ServerWebExchange exchange @@ -723,7 +725,9 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements Mono clientRegistrationId = effectiveClientRegistrationId(request); - return Mono.zip(currentAuthenticationMono, serverWebExchange, clientRegistrationId) + return Mono + .zip(ServerOAuth2AuthorizedClientExchangeFilterFunction.this.currentAuthenticationMono, + serverWebExchange, clientRegistrationId) .flatMap(tuple3 -> handleAuthorizationFailure(tuple3.getT1(), // Authentication // principal tuple3.getT2().orElse(null), // ServerWebExchange exchange @@ -744,11 +748,13 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements private Mono handleAuthorizationException(ClientRequest request, OAuth2AuthorizationException exception) { Mono> serverWebExchange = effectiveServerWebExchange(request); - return Mono.zip(currentAuthenticationMono, serverWebExchange) - .flatMap(tuple2 -> handleAuthorizationFailure(tuple2.getT1(), // Authentication + return Mono.zip(ServerOAuth2AuthorizedClientExchangeFilterFunction.this.currentAuthenticationMono, + serverWebExchange).flatMap( + tuple2 -> handleAuthorizationFailure(tuple2.getT1(), // Authentication // principal - tuple2.getT2().orElse(null), // ServerWebExchange exchange - exception)); + tuple2.getT2().orElse(null), // ServerWebExchange + // exchange + exception)); } /** diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java index 6849ee1178..6600151027 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServletOAuth2AuthorizedClientExchangeFilterFunction.java @@ -637,7 +637,7 @@ public final class ServletOAuth2AuthorizedClientExchangeFilterFunction implement * * @since 5.3 */ - private static class AuthorizationFailureForwarder implements ClientResponseHandler { + private static final class AuthorizationFailureForwarder implements ClientResponseHandler { /** * A map of HTTP status code to OAuth 2.0 error code for HTTP status codes that diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java index 12faee7be2..fde3807a62 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/JdbcOAuth2AuthorizedClientServiceTests.java @@ -398,7 +398,7 @@ public class JdbcOAuth2AuthorizedClientServiceTests { return new OAuth2AuthorizedClient(clientRegistration, principal.getName(), accessToken, refreshToken); } - private static class CustomTableDefinitionJdbcOAuth2AuthorizedClientService + private final static class CustomTableDefinitionJdbcOAuth2AuthorizedClientService extends JdbcOAuth2AuthorizedClientService { private static final String COLUMN_NAMES = "clientRegistrationId, " + "principalName, " + "accessTokenType, " @@ -453,7 +453,7 @@ public class JdbcOAuth2AuthorizedClientServiceTests { this.jdbcOperations.update(REMOVE_AUTHORIZED_CLIENT_SQL, pss); } - private static class OAuth2AuthorizedClientRowMapper implements RowMapper { + private final static class OAuth2AuthorizedClientRowMapper implements RowMapper { private final ClientRegistrationRepository clientRegistrationRepository; diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java index 96306065a0..6038e10130 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DelegatingOAuth2UserServiceTests.java @@ -47,8 +47,9 @@ public class DelegatingOAuth2UserServiceTests { @Test(expected = IllegalArgumentException.class) @SuppressWarnings("unchecked") public void loadUserWhenUserRequestIsNullThenThrowIllegalArgumentException() { + OAuth2UserService userService = mock(OAuth2UserService.class); DelegatingOAuth2UserService delegatingUserService = new DelegatingOAuth2UserService<>( - Arrays.asList(mock(OAuth2UserService.class), mock(OAuth2UserService.class))); + Arrays.asList(userService, userService)); delegatingUserService.loadUser(null); } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java index 13a0ff023d..1d26409579 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java @@ -94,7 +94,7 @@ public final class OAuth2AccessTokenResponse { /** * A builder for {@link OAuth2AccessTokenResponse}. */ - public static class Builder { + public static final class Builder { private String tokenValue; diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java index ced36218f8..7b43028e73 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java @@ -226,7 +226,7 @@ public final class OAuth2AuthorizationRequest implements Serializable { /** * A builder for {@link OAuth2AuthorizationRequest}. */ - public static class Builder { + public static final class Builder { private String authorizationUri; diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java index a43785e4b2..3cb0d23607 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationResponse.java @@ -118,7 +118,7 @@ public final class OAuth2AuthorizationResponse { /** * A builder for {@link OAuth2AuthorizationResponse}. */ - public static class Builder { + public static final class Builder { private String redirectUri; diff --git a/rsocket/src/main/java/org/springframework/security/rsocket/authorization/PayloadExchangeMatcherReactiveAuthorizationManager.java b/rsocket/src/main/java/org/springframework/security/rsocket/authorization/PayloadExchangeMatcherReactiveAuthorizationManager.java index aa132a8528..cd3e7015aa 100644 --- a/rsocket/src/main/java/org/springframework/security/rsocket/authorization/PayloadExchangeMatcherReactiveAuthorizationManager.java +++ b/rsocket/src/main/java/org/springframework/security/rsocket/authorization/PayloadExchangeMatcherReactiveAuthorizationManager.java @@ -38,7 +38,7 @@ import org.springframework.util.Assert; * @author Rob Winch * @since 5.2 */ -public class PayloadExchangeMatcherReactiveAuthorizationManager +public final class PayloadExchangeMatcherReactiveAuthorizationManager implements ReactiveAuthorizationManager { private final List>> mappings; @@ -63,7 +63,7 @@ public class PayloadExchangeMatcherReactiveAuthorizationManager return new PayloadExchangeMatcherReactiveAuthorizationManager.Builder(); } - public static class Builder { + public static final class Builder { private final List>> mappings = new ArrayList<>(); diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java index 1980184f02..cf749a5361 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java @@ -673,7 +673,7 @@ public final class OpenSamlAuthenticationProvider implements AuthenticationProvi * * @since 5.4 */ - public static class Tuple { + public static final class Tuple { private final Saml2AuthenticationToken authentication; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java index bb00ebcb36..7f428f7a3e 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequest.java @@ -119,7 +119,7 @@ public final class Saml2AuthenticationRequest { /** * A builder for {@link Saml2AuthenticationRequest}. */ - public static class Builder { + public static final class Builder { private String issuer; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java index 690ebbd98a..53c87b0560 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2AuthenticationRequestContext.java @@ -108,7 +108,7 @@ public class Saml2AuthenticationRequestContext { /** * A builder for {@link Saml2AuthenticationRequestContext}. */ - public static class Builder { + public static final class Builder { private String issuer; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java index b767af35e6..99503faf40 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2PostAuthenticationRequest.java @@ -31,7 +31,7 @@ import static org.springframework.security.saml2.provider.service.registration.S */ public class Saml2PostAuthenticationRequest extends AbstractSaml2AuthenticationRequest { - private Saml2PostAuthenticationRequest(String samlRequest, String relayState, String authenticationRequestUri) { + Saml2PostAuthenticationRequest(String samlRequest, String relayState, String authenticationRequestUri) { super(samlRequest, relayState, authenticationRequestUri); } @@ -59,7 +59,7 @@ public class Saml2PostAuthenticationRequest extends AbstractSaml2AuthenticationR /** * Builder class for a {@link Saml2PostAuthenticationRequest} object. */ - public static class Builder extends AbstractSaml2AuthenticationRequest.Builder { + public static final class Builder extends AbstractSaml2AuthenticationRequest.Builder { private Builder() { super(); diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java index a4b0d25c95..c9d2909156 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/Saml2RedirectAuthenticationRequest.java @@ -29,7 +29,7 @@ import static org.springframework.security.saml2.provider.service.registration.S * @since 5.3 * @see Saml2AuthenticationRequestFactory */ -public class Saml2RedirectAuthenticationRequest extends AbstractSaml2AuthenticationRequest { +public final class Saml2RedirectAuthenticationRequest extends AbstractSaml2AuthenticationRequest { private final String sigAlg; @@ -82,7 +82,7 @@ public class Saml2RedirectAuthenticationRequest extends AbstractSaml2Authenticat /** * Builder class for a {@link Saml2RedirectAuthenticationRequest} object. */ - public static class Builder extends AbstractSaml2AuthenticationRequest.Builder { + public static final class Builder extends AbstractSaml2AuthenticationRequest.Builder { private String sigAlg; diff --git a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java index fea758f5a1..f739e7e427 100644 --- a/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java +++ b/saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/registration/RelyingPartyRegistration.java @@ -28,6 +28,8 @@ import java.util.function.Consumer; import java.util.function.Function; import org.springframework.security.saml2.core.Saml2X509Credential; +import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.AssertingPartyDetails; +import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration.ProviderDetails; import org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter; import org.springframework.util.Assert; @@ -69,7 +71,7 @@ import org.springframework.util.Assert; * @author Josh Cummings * @since 5.2 */ -public class RelyingPartyRegistration { +public final class RelyingPartyRegistration { private final String registrationId; diff --git a/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java b/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java index 55b3d48060..c1be09f80c 100644 --- a/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java +++ b/test/src/main/java/org/springframework/security/test/context/support/WithUserDetailsSecurityContextFactory.java @@ -87,7 +87,7 @@ final class WithUserDetailsSecurityContextFactory implements WithSecurityContext } } - private class ReactiveUserDetailsServiceAdapter implements UserDetailsService { + private final class ReactiveUserDetailsServiceAdapter implements UserDetailsService { private final ReactiveUserDetailsService userDetailsService; diff --git a/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java b/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java index 153e4692cd..6fc1d68fef 100644 --- a/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java +++ b/test/src/main/java/org/springframework/security/test/web/reactive/server/SecurityMockServerConfigurers.java @@ -242,7 +242,10 @@ public class SecurityMockServerConfigurers { return new CsrfMutator(); } - public static class CsrfMutator implements WebTestClientConfigurer, MockServerConfigurer { + public static final class CsrfMutator implements WebTestClientConfigurer, MockServerConfigurer { + + private CsrfMutator() { + } @Override public void afterConfigurerAdded(WebTestClient.Builder builder, @@ -262,9 +265,6 @@ public class SecurityMockServerConfigurers { } - private CsrfMutator() { - } - } /** @@ -272,7 +272,7 @@ public class SecurityMockServerConfigurers { * SecurityMockServerConfigurers#mockUser(UserDetails)}}. Defaults to use a password * of "password" and granted authorities of "ROLE_USER". */ - public static class UserExchangeMutator implements WebTestClientConfigurer, MockServerConfigurer { + public static final class UserExchangeMutator implements WebTestClientConfigurer, MockServerConfigurer { private final User.UserBuilder userBuilder; @@ -376,7 +376,7 @@ public class SecurityMockServerConfigurers { } - private static class MutatorWebTestClientConfigurer implements WebTestClientConfigurer, MockServerConfigurer { + private static final class MutatorWebTestClientConfigurer implements WebTestClientConfigurer, MockServerConfigurer { private final Supplier> context; @@ -402,7 +402,7 @@ public class SecurityMockServerConfigurers { } - private static class SetupMutatorFilter implements WebFilter { + private static final class SetupMutatorFilter implements WebFilter { private final Supplier> context; @@ -443,7 +443,7 @@ public class SecurityMockServerConfigurers { * @author Josh Cummings * @since 5.2 */ - public static class JwtMutator implements WebTestClientConfigurer, MockServerConfigurer { + public static final class JwtMutator implements WebTestClientConfigurer, MockServerConfigurer { private Jwt jwt; @@ -1149,7 +1149,7 @@ public class SecurityMockServerConfigurers { * Used to wrap the {@link OAuth2AuthorizedClientManager} to provide support for * testing when the request is wrapped */ - private static class TestReactiveOAuth2AuthorizedClientManager + private static final class TestReactiveOAuth2AuthorizedClientManager implements ReactiveOAuth2AuthorizedClientManager { final static String TOKEN_ATTR_NAME = TestReactiveOAuth2AuthorizedClientManager.class.getName() @@ -1186,10 +1186,13 @@ public class SecurityMockServerConfigurers { } - private static class OAuth2ClientServerTestUtils { + private static final class OAuth2ClientServerTestUtils { private static final ServerOAuth2AuthorizedClientRepository DEFAULT_CLIENT_REPO = new WebSessionServerOAuth2AuthorizedClientRepository(); + private OAuth2ClientServerTestUtils() { + } + /** * Gets the {@link ReactiveOAuth2AuthorizedClientManager} for the specified * {@link ServerWebExchange}. If one is not found, one based off of @@ -1278,9 +1281,6 @@ public class SecurityMockServerConfigurers { } - private OAuth2ClientServerTestUtils() { - } - } } diff --git a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java index 1cfa77fee4..e40a60659b 100644 --- a/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java +++ b/test/src/main/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessors.java @@ -457,7 +457,7 @@ public final class SecurityMockMvcRequestPostProcessors { /** * Populates the X509Certificate instances onto the request */ - private static class X509RequestPostProcessor implements RequestPostProcessor { + private static final class X509RequestPostProcessor implements RequestPostProcessor { private final X509Certificate[] certificates; @@ -480,12 +480,15 @@ public final class SecurityMockMvcRequestPostProcessors { * @author Rob Winch * @since 4.0 */ - public static class CsrfRequestPostProcessor implements RequestPostProcessor { + public static final class CsrfRequestPostProcessor implements RequestPostProcessor { private boolean asHeader; private boolean useInvalidToken; + private CsrfRequestPostProcessor() { + } + /* * (non-Javadoc) * @@ -531,9 +534,6 @@ public final class SecurityMockMvcRequestPostProcessors { return this; } - private CsrfRequestPostProcessor() { - } - /** * Used to wrap the CsrfTokenRepository to provide support for testing when the * request is wrapped (i.e. Spring Session is in use). @@ -759,7 +759,7 @@ public final class SecurityMockMvcRequestPostProcessors { * Used to wrap the SecurityContextRepository to provide support for testing in * stateless mode */ - static class TestSecurityContextRepository implements SecurityContextRepository { + static final class TestSecurityContextRepository implements SecurityContextRepository { private final static String ATTR_NAME = TestSecurityContextRepository.class.getName().concat(".REPO"); @@ -1035,7 +1035,7 @@ public final class SecurityMockMvcRequestPostProcessors { } - private static class HttpBasicRequestPostProcessor implements RequestPostProcessor { + private static final class HttpBasicRequestPostProcessor implements RequestPostProcessor { private String headerValue; @@ -1648,7 +1648,7 @@ public final class SecurityMockMvcRequestPostProcessors { * Used to wrap the {@link OAuth2AuthorizedClientManager} to provide support for * testing when the request is wrapped */ - private static class TestOAuth2AuthorizedClientManager implements OAuth2AuthorizedClientManager { + private static final class TestOAuth2AuthorizedClientManager implements OAuth2AuthorizedClientManager { final static String TOKEN_ATTR_NAME = TestOAuth2AuthorizedClientManager.class.getName().concat(".TOKEN"); @@ -1682,7 +1682,7 @@ public final class SecurityMockMvcRequestPostProcessors { } - private static class OAuth2ClientServletTestUtils { + private static final class OAuth2ClientServletTestUtils { private static final OAuth2AuthorizedClientRepository DEFAULT_CLIENT_REPO = new HttpSessionOAuth2AuthorizedClientRepository(); diff --git a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java index 20331a208c..54cf8b3778 100644 --- a/web/src/main/java/org/springframework/security/web/FilterChainProxy.java +++ b/web/src/main/java/org/springframework/security/web/FilterChainProxy.java @@ -294,7 +294,7 @@ public class FilterChainProxy extends GenericFilterBean { * Internal {@code FilterChain} implementation that is used to pass a request through * the additional internal list of filters which match the request. */ - private static class VirtualFilterChain implements FilterChain { + private static final class VirtualFilterChain implements FilterChain { private final FilterChain originalChain; diff --git a/web/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java b/web/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java index 5799269cb8..63b542ed52 100644 --- a/web/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java +++ b/web/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java @@ -35,7 +35,7 @@ import org.springframework.web.server.ServerWebExchange; * @author Mathieu Ouellet * @since 5.0 */ -public class DelegatingReactiveAuthorizationManager implements ReactiveAuthorizationManager { +public final class DelegatingReactiveAuthorizationManager implements ReactiveAuthorizationManager { private static final Log logger = LogFactory.getLog(DelegatingReactiveAuthorizationManager.class); @@ -63,7 +63,7 @@ public class DelegatingReactiveAuthorizationManager implements ReactiveAuthoriza return new DelegatingReactiveAuthorizationManager.Builder(); } - public static class Builder { + public static final class Builder { private final List>> mappings = new ArrayList<>(); diff --git a/web/src/main/java/org/springframework/security/web/server/context/NoOpServerSecurityContextRepository.java b/web/src/main/java/org/springframework/security/web/server/context/NoOpServerSecurityContextRepository.java index 42e1ee275e..06d7ff0cc8 100644 --- a/web/src/main/java/org/springframework/security/web/server/context/NoOpServerSecurityContextRepository.java +++ b/web/src/main/java/org/springframework/security/web/server/context/NoOpServerSecurityContextRepository.java @@ -28,13 +28,15 @@ import org.springframework.web.server.ServerWebExchange; * @author Rob Winch * @since 5.0 */ -public class NoOpServerSecurityContextRepository implements ServerSecurityContextRepository { +public final class NoOpServerSecurityContextRepository implements ServerSecurityContextRepository { private static final NoOpServerSecurityContextRepository INSTANCE = new NoOpServerSecurityContextRepository(); + private NoOpServerSecurityContextRepository() { + } + public Mono save(ServerWebExchange exchange, SecurityContext context) { return Mono.empty(); - } public Mono load(ServerWebExchange exchange) { @@ -45,7 +47,4 @@ public class NoOpServerSecurityContextRepository implements ServerSecurityContex return INSTANCE; } - private NoOpServerSecurityContextRepository() { - } - } diff --git a/web/src/main/java/org/springframework/security/web/server/savedrequest/NoOpServerRequestCache.java b/web/src/main/java/org/springframework/security/web/server/savedrequest/NoOpServerRequestCache.java index b14c64db85..3155e69845 100644 --- a/web/src/main/java/org/springframework/security/web/server/savedrequest/NoOpServerRequestCache.java +++ b/web/src/main/java/org/springframework/security/web/server/savedrequest/NoOpServerRequestCache.java @@ -30,7 +30,10 @@ import org.springframework.web.server.ServerWebExchange; * @author Rob Winch * @since 5.0 */ -public class NoOpServerRequestCache implements ServerRequestCache { +public final class NoOpServerRequestCache implements ServerRequestCache { + + private NoOpServerRequestCache() { + } @Override public Mono saveRequest(ServerWebExchange exchange) { @@ -51,7 +54,4 @@ public class NoOpServerRequestCache implements ServerRequestCache { return new NoOpServerRequestCache(); } - private NoOpServerRequestCache() { - } - } diff --git a/web/src/main/java/org/springframework/security/web/util/matcher/AntPathRequestMatcher.java b/web/src/main/java/org/springframework/security/web/util/matcher/AntPathRequestMatcher.java index f995c831da..5005f6a140 100644 --- a/web/src/main/java/org/springframework/security/web/util/matcher/AntPathRequestMatcher.java +++ b/web/src/main/java/org/springframework/security/web/util/matcher/AntPathRequestMatcher.java @@ -263,7 +263,7 @@ public final class AntPathRequestMatcher implements RequestMatcher, RequestVaria } - private static class SpringAntMatcher implements Matcher { + private static final class SpringAntMatcher implements Matcher { private final AntPathMatcher antMatcher; @@ -296,7 +296,7 @@ public final class AntPathRequestMatcher implements RequestMatcher, RequestVaria /** * Optimized matcher for trailing wildcards */ - private static class SubpathMatcher implements Matcher { + private static final class SubpathMatcher implements Matcher { private final String subpath; diff --git a/web/src/test/java/org/springframework/security/test/web/reactive/server/WebTestHandler.java b/web/src/test/java/org/springframework/security/test/web/reactive/server/WebTestHandler.java index a92872d685..166e893415 100644 --- a/web/src/test/java/org/springframework/security/test/web/reactive/server/WebTestHandler.java +++ b/web/src/test/java/org/springframework/security/test/web/reactive/server/WebTestHandler.java @@ -30,7 +30,7 @@ import org.springframework.web.server.handler.FilteringWebHandler; * @author Rob Winch * @since 5.0 */ -public class WebTestHandler { +public final class WebTestHandler { private final MockWebHandler webHandler = new MockWebHandler(); @@ -50,7 +50,7 @@ public class WebTestHandler { return new WebHandlerResult(webHandler.exchange); } - public static class WebHandlerResult { + public static final class WebHandlerResult { private final ServerWebExchange exchange; diff --git a/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java b/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java index 77a0d51b79..6d72826eb5 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.java @@ -138,7 +138,7 @@ public class PersistentTokenBasedRememberMeServicesTests { return services; } - private class MockTokenRepository implements PersistentTokenRepository { + private final class MockTokenRepository implements PersistentTokenRepository { private PersistentRememberMeToken storedToken; diff --git a/web/src/test/java/org/springframework/security/web/method/ResolvableMethod.java b/web/src/test/java/org/springframework/security/web/method/ResolvableMethod.java index b0950c542e..605a796c27 100644 --- a/web/src/test/java/org/springframework/security/web/method/ResolvableMethod.java +++ b/web/src/test/java/org/springframework/security/web/method/ResolvableMethod.java @@ -126,7 +126,7 @@ import static java.util.stream.Collectors.joining; * @author Rossen Stoyanchev * @since 5.0 */ -public class ResolvableMethod { +public final class ResolvableMethod { private static final Log logger = LogFactory.getLog(ResolvableMethod.class); @@ -253,7 +253,7 @@ public class ResolvableMethod { /** * Builder for {@code ResolvableMethod}. */ - public static class Builder { + public static final class Builder { private final Class objectClass; @@ -386,7 +386,7 @@ public class ResolvableMethod { *

* {@code build().method()} */ - public final Method resolveMethod() { + public Method resolveMethod() { return build().method(); } @@ -404,7 +404,7 @@ public class ResolvableMethod { *

* {@code build().returnType()} */ - public final MethodParameter resolveReturnType() { + public MethodParameter resolveReturnType() { return build().returnType(); } @@ -452,7 +452,7 @@ public class ResolvableMethod { /** * Predicate with a descriptive label. */ - private static class LabeledPredicate implements Predicate { + private static final class LabeledPredicate implements Predicate { private final String label; @@ -493,7 +493,7 @@ public class ResolvableMethod { /** * Resolver for method arguments. */ - public class ArgResolver { + public final class ArgResolver { private final List> filters = new ArrayList<>(4); @@ -564,7 +564,7 @@ public class ResolvableMethod { /** * Resolve the argument. */ - public final MethodParameter arg() { + public MethodParameter arg() { List matches = applyFilters(); Assert.state(!matches.isEmpty(), () -> "No matching arg in method\n" + formatMethod()); Assert.state(matches.size() == 1,