From 817938fa49f567bc6f38b63087378b392ef95fc6 Mon Sep 17 00:00:00 2001
From: huhdy32 <mong3268@gmail.com>
Date: Sat, 10 May 2025 22:51:12 +0900
Subject: [PATCH] Add NullReturningMethodAuthorizationDeniedHandler

This implementation of MethodAuthorizationDeniedHandler returns null
when authorization is denied.

Closes gh-16705

Signed-off-by: huhdy32 <mong3268@gmail.com>
---
 ...rningMethodAuthorizationDeniedHandler.java | 49 ++++++++++++++++
 ...MethodAuthorizationDeniedHandlerTests.java | 58 +++++++++++++++++++
 2 files changed, 107 insertions(+)
 create mode 100644 core/src/main/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandler.java
 create mode 100644 core/src/test/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandlerTests.java

diff --git a/core/src/main/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandler.java b/core/src/main/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandler.java
new file mode 100644
index 0000000000..f81a7cb50b
--- /dev/null
+++ b/core/src/main/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandler.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2002-2025 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.authorization.method;
+
+import org.aopalliance.intercept.MethodInvocation;
+
+import org.springframework.security.authorization.AuthorizationDeniedException;
+import org.springframework.security.authorization.AuthorizationResult;
+
+/**
+ * An implementation of {@link MethodAuthorizationDeniedHandler} that return {@code null}.
+ *
+ * @author Heejong Yoon
+ * @since 6.5.0
+ */
+public final class NullReturningMethodAuthorizationDeniedHandler implements MethodAuthorizationDeniedHandler {
+
+	@Override
+	public Object handleDeniedInvocation(MethodInvocation methodInvocation, AuthorizationResult authorizationResult) {
+		if (authorizationResult instanceof AuthorizationDeniedException exception) {
+			throw exception;
+		}
+		return null;
+	}
+
+	@Override
+	public Object handleDeniedInvocationResult(MethodInvocationResult methodInvocationResult,
+			AuthorizationResult authorizationResult) {
+		if (authorizationResult instanceof AuthorizationDeniedException exception) {
+			throw exception;
+		}
+		return null;
+	}
+
+}
diff --git a/core/src/test/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandlerTests.java b/core/src/test/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandlerTests.java
new file mode 100644
index 0000000000..0064280d1b
--- /dev/null
+++ b/core/src/test/java/org/springframework/security/authorization/method/NullReturningMethodAuthorizationDeniedHandlerTests.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2002-2025 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.authorization.method;
+
+import org.junit.jupiter.api.Test;
+
+import org.springframework.security.authorization.AuthorizationDeniedException;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
+
+/**
+ * Tests for {@link NullReturningMethodAuthorizationDeniedHandler}.
+ *
+ * @author Heejong Yoon
+ */
+class NullReturningMethodAuthorizationDeniedHandlerTests {
+
+	@Test
+	void handleNullReturningMethod() {
+		assertThat(new NullReturningMethodAuthorizationDeniedHandler().handleDeniedInvocation(null, null)).isNull();
+	}
+
+	@Test
+	void handleNullReturningMethodWithException() {
+		assertThatExceptionOfType(AuthorizationDeniedException.class)
+			.isThrownBy(() -> new NullReturningMethodAuthorizationDeniedHandler().handleDeniedInvocation(null,
+					new AuthorizationDeniedException("test")));
+	}
+
+	@Test
+	void handleNullReturningMethodWithInvocationResult() {
+		assertThat(new NullReturningMethodAuthorizationDeniedHandler().handleDeniedInvocationResult(null, null))
+			.isNull();
+	}
+
+	@Test
+	void handleNullReturningMethodWithInvocationResultWithException() {
+		assertThatExceptionOfType(AuthorizationDeniedException.class)
+			.isThrownBy(() -> new NullReturningMethodAuthorizationDeniedHandler().handleDeniedInvocationResult(null,
+					new AuthorizationDeniedException("test")));
+	}
+
+}