Use consistent ternary expression style

Update all ternary expressions so that the condition is always in
parentheses and "not equals" is used in the test. This helps to bring
consistency across the codebase which makes ternary expression easier
to scan.

For example: `a = (a != null) ? a : b`

Issue gh-8945

acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java

@@ -125,7 +125,7 @@ public class AccessControlEntryImpl implements AccessControlEntry, AuditableAcce
 	@Override
 	public int hashCode() {
 		int result = this.permission.hashCode();
-		result = 31 * result + (this.id != null ? this.id.hashCode() : 0);
+		result = 31 * result + ((this.id != null) ? this.id.hashCode() : 0);
 		result = 31 * result + (this.sid.hashCode());
 		result = 31 * result + (this.auditFailure ? 1 : 0);
 		result = 31 * result + (this.auditSuccess ? 1 : 0);

acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java

@@ -307,15 +307,15 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
 
 	@Override
 	public int hashCode() {
-		int result = this.parentAcl != null ? this.parentAcl.hashCode() : 0;
+		int result = (this.parentAcl != null) ? this.parentAcl.hashCode() : 0;
 		result = 31 * result + this.aclAuthorizationStrategy.hashCode();
 		result = 31 * result
-				+ (this.permissionGrantingStrategy != null ? this.permissionGrantingStrategy.hashCode() : 0);
+				+ ((this.permissionGrantingStrategy != null) ? this.permissionGrantingStrategy.hashCode() : 0);
-		result = 31 * result + (this.aces != null ? this.aces.hashCode() : 0);
+		result = 31 * result + ((this.aces != null) ? this.aces.hashCode() : 0);
 		result = 31 * result + this.objectIdentity.hashCode();
 		result = 31 * result + this.id.hashCode();
-		result = 31 * result + (this.owner != null ? this.owner.hashCode() : 0);
+		result = 31 * result + ((this.owner != null) ? this.owner.hashCode() : 0);
-		result = 31 * result + (this.loadedSids != null ? this.loadedSids.hashCode() : 0);
+		result = 31 * result + ((this.loadedSids != null) ? this.loadedSids.hashCode() : 0);
 		result = 31 * result + (this.entriesInheriting ? 1 : 0);
 		return result;
 	}

cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java

@@ -26,6 +26,7 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.SpringSecurityCoreVersion;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.util.Assert;
+import org.springframework.util.ObjectUtils;
 
 /**
  * Represents a successful CAS <code>Authentication</code>.
@@ -141,7 +142,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen
 		result = 31 * result + this.principal.hashCode();
 		result = 31 * result + this.userDetails.hashCode();
 		result = 31 * result + this.keyHash;
-		result = 31 * result + (this.assertion != null ? this.assertion.hashCode() : 0);
+		result = 31 * result + ObjectUtils.nullSafeHashCode(this.assertion);
 		return result;
 	}
 

cas/src/main/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCache.java

@@ -49,7 +49,7 @@ public class EhCacheBasedTicketCache implements StatelessTicketCache, Initializi
 			logger.debug("Cache hit: " + (element != null) + "; service ticket: " + serviceTicket);
 		}
 
-		return element == null ? null : (CasAuthenticationToken) element.getValue();
+		return (element != null) ? (CasAuthenticationToken) element.getValue() : null;
 	}
 
 	public Ehcache getCache() {

cas/src/main/java/org/springframework/security/cas/authentication/SpringCacheBasedTicketCache.java

@@ -42,13 +42,13 @@ public class SpringCacheBasedTicketCache implements StatelessTicketCache {
 
 	@Override
 	public CasAuthenticationToken getByTicketId(final String serviceTicket) {
-		final Cache.ValueWrapper element = serviceTicket != null ? this.cache.get(serviceTicket) : null;
+		final Cache.ValueWrapper element = (serviceTicket != null) ? this.cache.get(serviceTicket) : null;
 
 		if (logger.isDebugEnabled()) {
 			logger.debug("Cache hit: " + (element != null) + "; service ticket: " + serviceTicket);
 		}
 
-		return element == null ? null : (CasAuthenticationToken) element.get();
+		return (element != null) ? (CasAuthenticationToken) element.get() : null;
 	}
 
 	@Override

config/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java

@@ -151,7 +151,7 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
 
 	private void reportUnsupportedNodeType(String name, ParserContext pc, Node node) {
 		pc.getReaderContext().fatal("Security namespace does not support decoration of "
-				+ (node instanceof Element ? "element" : "attribute") + " [" + name + "]", node);
+				+ ((node instanceof Element) ? "element" : "attribute") + " [" + name + "]", node);
 	}
 
 	private void reportMissingWebClasses(String nodeName, ParserContext pc, Node node) {

config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java

@@ -187,8 +187,8 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
 	 * @return the {@link LdapAuthenticator} to use
 	 */
 	private LdapAuthenticator createLdapAuthenticator(BaseLdapPathContextSource contextSource) {
-		AbstractLdapAuthenticator ldapAuthenticator = this.passwordEncoder == null
+		AbstractLdapAuthenticator ldapAuthenticator = (this.passwordEncoder != null)
-				? createBindAuthenticator(contextSource) : createPasswordCompareAuthenticator(contextSource);
+				? createPasswordCompareAuthenticator(contextSource) : createBindAuthenticator(contextSource);
 		LdapUserSearch userSearch = createUserSearch();
 		if (userSearch != null) {
 			ldapAuthenticator.setUserSearch(userSearch);

config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java

@@ -247,7 +247,7 @@ public abstract class AbstractRequestMatcherRegistry<C> {
 		 * @return a {@link List} of {@link AntPathRequestMatcher} instances
 		 */
 		static List<RequestMatcher> antMatchers(HttpMethod httpMethod, String... antPatterns) {
-			String method = httpMethod == null ? null : httpMethod.toString();
+			String method = (httpMethod != null) ? httpMethod.toString() : null;
 			List<RequestMatcher> matchers = new ArrayList<>();
 			for (String pattern : antPatterns) {
 				matchers.add(new AntPathRequestMatcher(pattern, method));
@@ -275,7 +275,7 @@ public abstract class AbstractRequestMatcherRegistry<C> {
 		 * @return a {@link List} of {@link RegexRequestMatcher} instances
 		 */
 		static List<RequestMatcher> regexMatchers(HttpMethod httpMethod, String... regexPatterns) {
-			String method = httpMethod == null ? null : httpMethod.toString();
+			String method = (httpMethod != null) ? httpMethod.toString() : null;
 			List<RequestMatcher> matchers = new ArrayList<>();
 			for (String pattern : regexPatterns) {
 				matchers.add(new RegexRequestMatcher(pattern, method));

config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java

@@ -242,8 +242,8 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
 		if (this.privilegeEvaluator != null) {
 			return this.privilegeEvaluator;
 		}
-		return this.filterSecurityInterceptor == null ? null
+		return (this.filterSecurityInterceptor != null)
-				: new DefaultWebInvocationPrivilegeEvaluator(this.filterSecurityInterceptor);
+				? new DefaultWebInvocationPrivilegeEvaluator(this.filterSecurityInterceptor) : null;
 	}
 
 	/**

config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java

@@ -227,7 +227,7 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
 				return ((Ordered) obj).getOrder();
 			}
 			if (obj != null) {
-				Class<?> clazz = (obj instanceof Class ? (Class<?>) obj : obj.getClass());
+				Class<?> clazz = ((obj instanceof Class) ? (Class<?>) obj : obj.getClass());
 				Order order = AnnotationUtils.findAnnotation(clazz, Order.class);
 				if (order != null) {
 					return order.value();

config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java

@@ -230,7 +230,7 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
 	 * @return the {@link AuthenticationUserDetailsService} to use
 	 */
 	private AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> getUserDetailsService() {
-		return this.authenticationUserDetailsService == null
+		return (this.authenticationUserDetailsService != null)
 				? new PreAuthenticatedGrantedAuthoritiesUserDetailsService() : this.authenticationUserDetailsService;
 	}
 

config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java

@@ -369,8 +369,8 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
 	 * @return the {@link RememberMeServices} to use
 	 */
 	private AbstractRememberMeServices createRememberMeServices(H http, String key) {
-		return this.tokenRepository == null ? createTokenBasedRememberMeServices(http, key)
+		return (this.tokenRepository != null) ? createPersistentRememberMeServices(http, key)
-				: createPersistentRememberMeServices(http, key);
+				: createTokenBasedRememberMeServices(http, key);
 	}
 
 	/**

config/src/main/java/org/springframework/security/config/annotation/web/configurers/SecurityContextConfigurer.java

@@ -90,8 +90,8 @@ public final class SecurityContextConfigurer<H extends HttpSecurityBuilder<H>>
 		SecurityContextPersistenceFilter securityContextFilter = new SecurityContextPersistenceFilter(
 				securityContextRepository);
 		SessionManagementConfigurer<?> sessionManagement = http.getConfigurer(SessionManagementConfigurer.class);
-		SessionCreationPolicy sessionCreationPolicy = sessionManagement == null ? null
+		SessionCreationPolicy sessionCreationPolicy = (sessionManagement != null)
-				: sessionManagement.getSessionCreationPolicy();
+				? sessionManagement.getSessionCreationPolicy() : null;
 		if (SessionCreationPolicy.ALWAYS == sessionCreationPolicy) {
 			securityContextFilter.setForceEagerSessionCreation(true);
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurer.java

@@ -80,11 +80,11 @@ public final class ServletApiConfigurer<H extends HttpSecurityBuilder<H>>
 	public void configure(H http) {
 		this.securityContextRequestFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
 		ExceptionHandlingConfigurer<H> exceptionConf = http.getConfigurer(ExceptionHandlingConfigurer.class);
-		AuthenticationEntryPoint authenticationEntryPoint = exceptionConf == null ? null
+		AuthenticationEntryPoint authenticationEntryPoint = (exceptionConf != null)
-				: exceptionConf.getAuthenticationEntryPoint(http);
+				? exceptionConf.getAuthenticationEntryPoint(http) : null;
 		this.securityContextRequestFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
 		LogoutConfigurer<H> logoutConf = http.getConfigurer(LogoutConfigurer.class);
-		List<LogoutHandler> logoutHandlers = logoutConf == null ? null : logoutConf.getLogoutHandlers();
+		List<LogoutHandler> logoutHandlers = (logoutConf != null) ? logoutConf.getLogoutHandlers() : null;
 		this.securityContextRequestFilter.setLogoutHandlers(logoutHandlers);
 		AuthenticationTrustResolver trustResolver = http.getSharedObject(AuthenticationTrustResolver.class);
 		if (trustResolver != null) {

config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java

@@ -451,7 +451,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 		}
 
 		SessionCreationPolicy sessionPolicy = getBuilder().getSharedObject(SessionCreationPolicy.class);
-		return sessionPolicy == null ? SessionCreationPolicy.IF_REQUIRED : sessionPolicy;
+		return (sessionPolicy != null) ? sessionPolicy : SessionCreationPolicy.IF_REQUIRED;
 	}
 
 	/**

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/ImplicitGrantConfigurer.java

@@ -98,7 +98,7 @@ public final class ImplicitGrantConfigurer<B extends HttpSecurityBuilder<B>>
 	}
 
 	private String getAuthorizationRequestBaseUri() {
-		return this.authorizationRequestBaseUri != null ? this.authorizationRequestBaseUri
+		return (this.authorizationRequestBaseUri != null) ? this.authorizationRequestBaseUri
 				: OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
 	}
 

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java

@@ -500,7 +500,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 			return Collections.emptyMap();
 		}
 
-		String authorizationRequestBaseUri = this.authorizationEndpointConfig.authorizationRequestBaseUri != null
+		String authorizationRequestBaseUri = (this.authorizationEndpointConfig.authorizationRequestBaseUri != null)
 				? this.authorizationEndpointConfig.authorizationRequestBaseUri
 				: OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI;
 		Map<String, String> loginUrlToClientName = new HashMap<>();

config/src/main/java/org/springframework/security/config/http/FilterInvocationSecurityMetadataSourceParser.java

@@ -107,8 +107,8 @@ public class FilterInvocationSecurityMetadataSourceParser implements BeanDefinit
 
 		if (useExpressions) {
 			Element expressionHandlerElt = DomUtils.getChildElementByTagName(httpElt, Elements.EXPRESSION_HANDLER);
-			String expressionHandlerRef = expressionHandlerElt == null ? null
+			String expressionHandlerRef = (expressionHandlerElt != null) ? expressionHandlerElt.getAttribute("ref")
-					: expressionHandlerElt.getAttribute("ref");
+					: null;
 
 			if (StringUtils.hasText(expressionHandlerRef)) {
 				logger.info(

config/src/main/java/org/springframework/security/config/http/FormLoginBeanDefinitionParser.java

@@ -168,7 +168,7 @@ public class FormLoginBeanDefinitionParser {
 		BeanDefinitionBuilder entryPointBuilder = BeanDefinitionBuilder
 				.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class);
 		entryPointBuilder.getRawBeanDefinition().setSource(source);
-		entryPointBuilder.addConstructorArgValue(this.loginPage != null ? this.loginPage : DEF_LOGIN_PAGE);
+		entryPointBuilder.addConstructorArgValue((this.loginPage != null) ? this.loginPage : DEF_LOGIN_PAGE);
 		entryPointBuilder.addPropertyValue("portMapper", this.portMapper);
 		entryPointBuilder.addPropertyValue("portResolver", this.portResolver);
 		this.entryPointBean = (RootBeanDefinition) entryPointBuilder.getBeanDefinition();

config/src/main/java/org/springframework/security/config/http/HeadersBeanDefinitionParser.java

@@ -177,8 +177,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseCacheControlElement(boolean addIfNotPresent, Element element) {
-		Element cacheControlElement = element == null ? null
+		Element cacheControlElement = (element != null)
-				: DomUtils.getChildElementByTagName(element, CACHE_CONTROL_ELEMENT);
+				? DomUtils.getChildElementByTagName(element, CACHE_CONTROL_ELEMENT) : null;
 		boolean disabled = "true".equals(getAttribute(cacheControlElement, ATT_DISABLED, "false"));
 		if (disabled) {
 			return;
@@ -195,7 +195,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseHstsElement(boolean addIfNotPresent, Element element, ParserContext context) {
-		Element hstsElement = element == null ? null : DomUtils.getChildElementByTagName(element, HSTS_ELEMENT);
+		Element hstsElement = (element != null) ? DomUtils.getChildElementByTagName(element, HSTS_ELEMENT) : null;
 		if (addIfNotPresent || hstsElement != null) {
 			addHsts(addIfNotPresent, hstsElement, context);
 		}
@@ -244,7 +244,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseHpkpElement(boolean addIfNotPresent, Element element, ParserContext context) {
-		Element hpkpElement = element == null ? null : DomUtils.getChildElementByTagName(element, HPKP_ELEMENT);
+		Element hpkpElement = (element != null) ? DomUtils.getChildElementByTagName(element, HPKP_ELEMENT) : null;
 		if (addIfNotPresent || hpkpElement != null) {
 			addHpkp(addIfNotPresent, hpkpElement, context);
 		}
@@ -342,8 +342,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseReferrerPolicyElement(Element element, ParserContext context) {
-		Element referrerPolicyElement = (element == null) ? null
+		Element referrerPolicyElement = (element != null)
-				: DomUtils.getChildElementByTagName(element, REFERRER_POLICY_ELEMENT);
+				? DomUtils.getChildElementByTagName(element, REFERRER_POLICY_ELEMENT) : null;
 		if (referrerPolicyElement != null) {
 			addReferrerPolicy(referrerPolicyElement, context);
 		}
@@ -361,8 +361,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseFeaturePolicyElement(Element element, ParserContext context) {
-		Element featurePolicyElement = (element == null) ? null
+		Element featurePolicyElement = (element != null)
-				: DomUtils.getChildElementByTagName(element, FEATURE_POLICY_ELEMENT);
+				? DomUtils.getChildElementByTagName(element, FEATURE_POLICY_ELEMENT) : null;
 		if (featurePolicyElement != null) {
 			addFeaturePolicy(featurePolicyElement, context);
 		}
@@ -390,8 +390,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseHeaderElements(Element element) {
-		List<Element> headerElts = element == null ? Collections.<Element>emptyList()
+		List<Element> headerElts = (element != null)
-				: DomUtils.getChildElementsByTagName(element, GENERIC_HEADER_ELEMENT);
+				? DomUtils.getChildElementsByTagName(element, GENERIC_HEADER_ELEMENT) : Collections.emptyList();
 		for (Element headerElt : headerElts) {
 			String headerFactoryRef = headerElt.getAttribute(ATT_REF);
 			if (StringUtils.hasText(headerFactoryRef)) {
@@ -407,8 +407,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseContentTypeOptionsElement(boolean addIfNotPresent, Element element) {
-		Element contentTypeElt = element == null ? null
+		Element contentTypeElt = (element != null) ? DomUtils.getChildElementByTagName(element, CONTENT_TYPE_ELEMENT)
-				: DomUtils.getChildElementByTagName(element, CONTENT_TYPE_ELEMENT);
+				: null;
 		boolean disabled = "true".equals(getAttribute(contentTypeElt, ATT_DISABLED, "false"));
 		if (disabled) {
 			return;
@@ -504,7 +504,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void parseXssElement(boolean addIfNotPresent, Element element, ParserContext parserContext) {
-		Element xssElt = element == null ? null : DomUtils.getChildElementByTagName(element, XSS_ELEMENT);
+		Element xssElt = (element != null) ? DomUtils.getChildElementByTagName(element, XSS_ELEMENT) : null;
 		BeanDefinitionBuilder builder = BeanDefinitionBuilder.genericBeanDefinition(XXssProtectionHeaderWriter.class);
 		if (xssElt != null) {
 			boolean disabled = "true".equals(getAttribute(xssElt, ATT_DISABLED, "false"));

config/src/main/java/org/springframework/security/config/http/OAuth2ClientBeanDefinitionParser.java

@@ -83,7 +83,7 @@ final class OAuth2ClientBeanDefinitionParser implements BeanDefinitionParser {
 
 		BeanDefinitionBuilder authorizationRequestRedirectFilterBuilder = BeanDefinitionBuilder
 				.rootBeanDefinition(OAuth2AuthorizationRequestRedirectFilter.class);
-		String authorizationRequestResolverRef = authorizationCodeGrantElt != null
+		String authorizationRequestResolverRef = (authorizationCodeGrantElt != null)
 				? authorizationCodeGrantElt.getAttribute(ATT_AUTHORIZATION_REQUEST_RESOLVER_REF) : null;
 		if (!StringUtils.isEmpty(authorizationRequestResolverRef)) {
 			authorizationRequestRedirectFilterBuilder.addConstructorArgReference(authorizationRequestResolverRef);
@@ -112,7 +112,7 @@ final class OAuth2ClientBeanDefinitionParser implements BeanDefinitionParser {
 
 	private BeanMetadataElement getAuthorizationRequestRepository(Element element) {
 		BeanMetadataElement authorizationRequestRepository;
-		String authorizationRequestRepositoryRef = element != null
+		String authorizationRequestRepositoryRef = (element != null)
 				? element.getAttribute(ATT_AUTHORIZATION_REQUEST_REPOSITORY_REF) : null;
 		if (!StringUtils.isEmpty(authorizationRequestRepositoryRef)) {
 			authorizationRequestRepository = new RuntimeBeanReference(authorizationRequestRepositoryRef);
@@ -127,7 +127,7 @@ final class OAuth2ClientBeanDefinitionParser implements BeanDefinitionParser {
 
 	private BeanMetadataElement getAccessTokenResponseClient(Element element) {
 		BeanMetadataElement accessTokenResponseClient;
-		String accessTokenResponseClientRef = element != null
+		String accessTokenResponseClientRef = (element != null)
 				? element.getAttribute(ATT_ACCESS_TOKEN_RESPONSE_CLIENT_REF) : null;
 		if (!StringUtils.isEmpty(accessTokenResponseClientRef)) {
 			accessTokenResponseClient = new RuntimeBeanReference(accessTokenResponseClientRef);

config/src/main/java/org/springframework/security/config/method/GlobalMethodSecurityBeanDefinitionParser.java

@@ -178,8 +178,8 @@ public class GlobalMethodSecurityBeanDefinitionParser implements BeanDefinitionP
 			}
 			else {
 				// The default expression-based system
-				String expressionHandlerRef = expressionHandlerElt == null ? null
+				String expressionHandlerRef = (expressionHandlerElt != null) ? expressionHandlerElt.getAttribute("ref")
-						: expressionHandlerElt.getAttribute("ref");
+						: null;
 
 				if (StringUtils.hasText(expressionHandlerRef)) {
 					this.logger.info(

config/src/main/java/org/springframework/security/config/oauth2/client/ClientRegistrationsBeanDefinitionParser.java

@@ -168,7 +168,7 @@ public final class ClientRegistrationsBeanDefinitionParser implements BeanDefini
 
 	private static ClientRegistration.Builder getBuilderFromIssuerIfPossible(String registrationId,
 			String configuredProviderId, Map<String, Map<String, String>> providers) {
-		String providerId = configuredProviderId != null ? configuredProviderId : registrationId;
+		String providerId = (configuredProviderId != null) ? configuredProviderId : registrationId;
 		if (providers.containsKey(providerId)) {
 			Map<String, String> provider = providers.get(providerId);
 			String issuer = provider.get(ATT_ISSUER_URI);
@@ -188,7 +188,7 @@ public final class ClientRegistrationsBeanDefinitionParser implements BeanDefini
 		if (provider == null && !providers.containsKey(providerId)) {
 			return null;
 		}
-		ClientRegistration.Builder builder = provider != null ? provider.getBuilder(registrationId)
+		ClientRegistration.Builder builder = (provider != null) ? provider.getBuilder(registrationId)
 				: ClientRegistration.withRegistrationId(registrationId);
 		if (providers.containsKey(providerId)) {
 			return getBuilder(builder, providers.get(providerId));
@@ -251,7 +251,7 @@ public final class ClientRegistrationsBeanDefinitionParser implements BeanDefini
 	}
 
 	private static String getErrorMessage(String configuredProviderId, String registrationId) {
-		return configuredProviderId != null ? "Unknown provider ID '" + configuredProviderId + "'"
+		return (configuredProviderId != null) ? "Unknown provider ID '" + configuredProviderId + "'"
 				: "Provider ID must be specified for client registration '" + registrationId + "'";
 	}
 

config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java

@@ -1467,8 +1467,8 @@ public class ServerHttpSecurity {
 	}
 
 	private WebFilter securityContextRepositoryWebFilter() {
-		ServerSecurityContextRepository repository = this.securityContextRepository == null
+		ServerSecurityContextRepository repository = (this.securityContextRepository != null)
-				? new WebSessionServerSecurityContextRepository() : this.securityContextRepository;
+				? this.securityContextRepository : new WebSessionServerSecurityContextRepository();
 		WebFilter result = new ReactorContextWebFilter(repository);
 		return new OrderedWebFilter(result, SecurityWebFiltersOrder.REACTOR_CONTEXT.getOrder());
 	}

config/src/main/java/org/springframework/security/config/websocket/WebSocketMessageBrokerSecurityBeanDefinitionParser.java

@@ -121,7 +121,7 @@ public final class WebSocketMessageBrokerSecurityBeanDefinitionParser implements
 
 		String id = element.getAttribute(ID_ATTR);
 		Element expressionHandlerElt = DomUtils.getChildElementByTagName(element, Elements.EXPRESSION_HANDLER);
-		String expressionHandlerRef = expressionHandlerElt == null ? null : expressionHandlerElt.getAttribute("ref");
+		String expressionHandlerRef = (expressionHandlerElt != null) ? expressionHandlerElt.getAttribute("ref") : null;
 		boolean expressionHandlerDefined = StringUtils.hasText(expressionHandlerRef);
 
 		boolean sameOriginDisabled = Boolean.parseBoolean(element.getAttribute(DISABLED_ATTR));
@@ -252,7 +252,7 @@ public final class WebSocketMessageBrokerSecurityBeanDefinitionParser implements
 
 					if (!registry.containsBeanDefinition(PATH_MATCHER_BEAN_NAME)) {
 						PropertyValue pathMatcherProp = bd.getPropertyValues().getPropertyValue("pathMatcher");
-						Object pathMatcher = pathMatcherProp == null ? null : pathMatcherProp.getValue();
+						Object pathMatcher = (pathMatcherProp != null) ? pathMatcherProp.getValue() : null;
 						if (pathMatcher instanceof BeanReference) {
 							registry.registerAlias(((BeanReference) pathMatcher).getBeanName(), PATH_MATCHER_BEAN_NAME);
 						}

config/src/test/java/org/springframework/security/config/annotation/web/configuration/OAuth2ClientConfigurationTests.java

@@ -237,7 +237,7 @@ public class OAuth2ClientConfigurationTests {
 			@GetMapping("/authorized-client")
 			String authorizedClient(
 					@RegisteredOAuth2AuthorizedClient("client1") OAuth2AuthorizedClient authorizedClient) {
-				return authorizedClient != null ? "resolved" : "not-resolved";
+				return (authorizedClient != null) ? "resolved" : "not-resolved";
 			}
 
 		}
@@ -405,7 +405,7 @@ public class OAuth2ClientConfigurationTests {
 			@GetMapping("/authorized-client")
 			String authorizedClient(
 					@RegisteredOAuth2AuthorizedClient("client1") OAuth2AuthorizedClient authorizedClient) {
-				return authorizedClient != null ? "resolved" : "not-resolved";
+				return (authorizedClient != null) ? "resolved" : "not-resolved";
 			}
 
 		}

config/src/test/java/org/springframework/security/config/http/OAuth2ClientBeanDefinitionParserTests.java

@@ -229,7 +229,7 @@ public class OAuth2ClientBeanDefinitionParserTests {
 		@GetMapping("/authorized-client")
 		String authorizedClient(Model model,
 				@RegisteredOAuth2AuthorizedClient("google") OAuth2AuthorizedClient authorizedClient) {
-			return authorizedClient != null ? "resolved" : "not-resolved";
+			return (authorizedClient != null) ? "resolved" : "not-resolved";
 		}
 
 	}

config/src/test/java/org/springframework/security/config/http/OAuth2LoginBeanDefinitionParserTests.java

@@ -523,7 +523,7 @@ public class OAuth2LoginBeanDefinitionParserTests {
 		@GetMapping("/authorized-client")
 		String authorizedClient(Model model,
 				@RegisteredOAuth2AuthorizedClient("google") OAuth2AuthorizedClient authorizedClient) {
-			return authorizedClient != null ? "resolved" : "not-resolved";
+			return (authorizedClient != null) ? "resolved" : "not-resolved";
 		}
 
 	}

config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java

@@ -93,7 +93,7 @@ final class HtmlUnitWebTestClient {
 				contentType = encodingType.getName();
 			}
 		}
-		MediaType mediaType = contentType == null ? MediaType.ALL : MediaType.parseMediaType(contentType);
+		MediaType mediaType = (contentType != null) ? MediaType.parseMediaType(contentType) : MediaType.ALL;
 		request.contentType(mediaType);
 	}
 

core/src/main/java/org/springframework/security/access/expression/method/AbstractExpressionBasedMethodConfigAttribute.java

@@ -47,16 +47,16 @@ abstract class AbstractExpressionBasedMethodConfigAttribute implements ConfigAtt
 		Assert.isTrue(filterExpression != null || authorizeExpression != null,
 				"Filter and authorization Expressions cannot both be null");
 		SpelExpressionParser parser = new SpelExpressionParser();
-		this.filterExpression = filterExpression == null ? null : parser.parseExpression(filterExpression);
+		this.filterExpression = (filterExpression != null) ? parser.parseExpression(filterExpression) : null;
-		this.authorizeExpression = authorizeExpression == null ? null : parser.parseExpression(authorizeExpression);
+		this.authorizeExpression = (authorizeExpression != null) ? parser.parseExpression(authorizeExpression) : null;
 	}
 
 	AbstractExpressionBasedMethodConfigAttribute(Expression filterExpression, Expression authorizeExpression)
 			throws ParseException {
 		Assert.isTrue(filterExpression != null || authorizeExpression != null,
 				"Filter and authorization Expressions cannot both be null");
-		this.filterExpression = filterExpression == null ? null : filterExpression;
+		this.filterExpression = (filterExpression != null) ? filterExpression : null;
-		this.authorizeExpression = authorizeExpression == null ? null : authorizeExpression;
+		this.authorizeExpression = (authorizeExpression != null) ? authorizeExpression : null;
 	}
 
 	Expression getFilterExpression() {

core/src/main/java/org/springframework/security/access/expression/method/ExpressionBasedAnnotationAttributeFactory.java

@@ -49,10 +49,10 @@ public class ExpressionBasedAnnotationAttributeFactory implements PrePostInvocat
 		try {
 			// TODO: Optimization of permitAll
 			ExpressionParser parser = getParser();
-			Expression preAuthorizeExpression = preAuthorizeAttribute == null ? parser.parseExpression("permitAll")
+			Expression preAuthorizeExpression = (preAuthorizeAttribute != null)
-					: parser.parseExpression(preAuthorizeAttribute);
+					? parser.parseExpression(preAuthorizeAttribute) : parser.parseExpression("permitAll");
-			Expression preFilterExpression = preFilterAttribute == null ? null
+			Expression preFilterExpression = (preFilterAttribute != null) ? parser.parseExpression(preFilterAttribute)
-					: parser.parseExpression(preFilterAttribute);
+					: null;
 			return new PreInvocationExpressionAttribute(preFilterExpression, filterObject, preAuthorizeExpression);
 		}
 		catch (ParseException ex) {
@@ -65,11 +65,10 @@ public class ExpressionBasedAnnotationAttributeFactory implements PrePostInvocat
 			String postAuthorizeAttribute) {
 		try {
 			ExpressionParser parser = getParser();
-			Expression postAuthorizeExpression = postAuthorizeAttribute == null ? null
+			Expression postAuthorizeExpression = (postAuthorizeAttribute != null)
-					: parser.parseExpression(postAuthorizeAttribute);
+					? parser.parseExpression(postAuthorizeAttribute) : null;
-			Expression postFilterExpression = postFilterAttribute == null ? null
+			Expression postFilterExpression = (postFilterAttribute != null)
-					: parser.parseExpression(postFilterAttribute);
+					? parser.parseExpression(postFilterAttribute) : null;
-
 			if (postFilterExpression != null || postAuthorizeExpression != null) {
 				return new PostInvocationExpressionAttribute(postFilterExpression, postAuthorizeExpression);
 			}

core/src/main/java/org/springframework/security/access/expression/method/PostInvocationExpressionAttribute.java

@@ -41,8 +41,8 @@ class PostInvocationExpressionAttribute extends AbstractExpressionBasedMethodCon
 		StringBuilder sb = new StringBuilder();
 		Expression authorize = getAuthorizeExpression();
 		Expression filter = getFilterExpression();
-		sb.append("[authorize: '").append(authorize == null ? "null" : authorize.getExpressionString());
+		sb.append("[authorize: '").append((authorize != null) ? authorize.getExpressionString() : "null");
-		sb.append("', filter: '").append(filter == null ? "null" : filter.getExpressionString()).append("']");
+		sb.append("', filter: '").append((filter != null) ? filter.getExpressionString() : "null").append("']");
 		return sb.toString();
 	}
 

core/src/main/java/org/springframework/security/access/expression/method/PreInvocationExpressionAttribute.java

@@ -57,8 +57,8 @@ class PreInvocationExpressionAttribute extends AbstractExpressionBasedMethodConf
 		StringBuilder sb = new StringBuilder();
 		Expression authorize = getAuthorizeExpression();
 		Expression filter = getFilterExpression();
-		sb.append("[authorize: '").append(authorize == null ? "null" : authorize.getExpressionString());
+		sb.append("[authorize: '").append((authorize != null) ? authorize.getExpressionString() : "null");
-		sb.append("', filter: '").append(filter == null ? "null" : filter.getExpressionString());
+		sb.append("', filter: '").append((filter != null) ? filter.getExpressionString() : "null");
 		sb.append("', filterTarget: '").append(this.filterTarget).append("']");
 		return sb.toString();
 	}

core/src/main/java/org/springframework/security/access/intercept/RunAsUserToken.java

@@ -73,7 +73,7 @@ public class RunAsUserToken extends AbstractAuthenticationToken {
 	@Override
 	public String toString() {
 		StringBuilder sb = new StringBuilder(super.toString());
-		String className = this.originalAuthentication == null ? null : this.originalAuthentication.getName();
+		String className = (this.originalAuthentication != null) ? this.originalAuthentication.getName() : null;
 		sb.append("; Original Class: ").append(className);
 
 		return sb.toString();

core/src/main/java/org/springframework/security/access/method/AbstractMethodSecurityMetadataSource.java

@@ -44,7 +44,7 @@ public abstract class AbstractMethodSecurityMetadataSource implements MethodSecu
 			Class<?> targetClass = null;
 
 			if (target != null) {
-				targetClass = target instanceof Class<?> ? (Class<?>) target
+				targetClass = (target instanceof Class<?>) ? (Class<?>) target
 						: AopProxyUtils.ultimateTargetClass(target);
 			}
 			Collection<ConfigAttribute> attrs = getAttributes(mi.getMethod(), targetClass);

core/src/main/java/org/springframework/security/access/method/DelegatingMethodSecurityMetadataSource.java

@@ -122,12 +122,12 @@ public final class DelegatingMethodSecurityMetadataSource extends AbstractMethod
 
 		@Override
 		public int hashCode() {
-			return this.method.hashCode() * 21 + (this.targetClass != null ? this.targetClass.hashCode() : 0);
+			return this.method.hashCode() * 21 + ((this.targetClass != null) ? this.targetClass.hashCode() : 0);
 		}
 
 		@Override
 		public String toString() {
-			return "CacheKey[" + (this.targetClass == null ? "-" : this.targetClass.getName()) + "; " + this.method
+			return "CacheKey[" + ((this.targetClass != null) ? this.targetClass.getName() : "-") + "; " + this.method
 					+ "]";
 		}
 

core/src/main/java/org/springframework/security/access/prepost/PrePostAdviceReactiveMethodInterceptor.java

@@ -93,17 +93,17 @@ public class PrePostAdviceReactiveMethodInterceptor implements MethodInterceptor
 
 		if (Mono.class.isAssignableFrom(returnType)) {
 			return toInvoke.flatMap((auth) -> PrePostAdviceReactiveMethodInterceptor.<Mono<?>>proceed(invocation)
-					.map((r) -> attr == null ? r : this.postAdvice.after(auth, invocation, attr, r)));
+					.map((r) -> (attr != null) ? this.postAdvice.after(auth, invocation, attr, r) : r));
 		}
 
 		if (Flux.class.isAssignableFrom(returnType)) {
 			return toInvoke.flatMapMany((auth) -> PrePostAdviceReactiveMethodInterceptor.<Flux<?>>proceed(invocation)
-					.map((r) -> attr == null ? r : this.postAdvice.after(auth, invocation, attr, r)));
+					.map((r) -> (attr != null) ? this.postAdvice.after(auth, invocation, attr, r) : r));
 		}
 
 		return toInvoke.flatMapMany(
 				(auth) -> Flux.from(PrePostAdviceReactiveMethodInterceptor.<Publisher<?>>proceed(invocation))
-						.map((r) -> attr == null ? r : this.postAdvice.after(auth, invocation, attr, r)));
+						.map((r) -> (attr != null) ? this.postAdvice.after(auth, invocation, attr, r) : r));
 	}
 
 	private static <T extends Publisher<?>> T proceed(final MethodInvocation invocation) {

core/src/main/java/org/springframework/security/access/prepost/PrePostAnnotationSecurityMetadataSource.java

@@ -76,11 +76,11 @@ public class PrePostAnnotationSecurityMetadataSource extends AbstractMethodSecur
 			return Collections.emptyList();
 		}
 
-		String preFilterAttribute = preFilter == null ? null : preFilter.value();
+		String preFilterAttribute = (preFilter != null) ? preFilter.value() : null;
-		String filterObject = preFilter == null ? null : preFilter.filterTarget();
+		String filterObject = (preFilter != null) ? preFilter.filterTarget() : null;
-		String preAuthorizeAttribute = preAuthorize == null ? null : preAuthorize.value();
+		String preAuthorizeAttribute = (preAuthorize != null) ? preAuthorize.value() : null;
-		String postFilterAttribute = postFilter == null ? null : postFilter.value();
+		String postFilterAttribute = (postFilter != null) ? postFilter.value() : null;
-		String postAuthorizeAttribute = postAuthorize == null ? null : postAuthorize.value();
+		String postAuthorizeAttribute = (postAuthorize != null) ? postAuthorize.value() : null;
 
 		ArrayList<ConfigAttribute> attrs = new ArrayList<>(2);
 

core/src/main/java/org/springframework/security/authentication/DefaultAuthenticationEventPublisher.java

@@ -129,7 +129,7 @@ public class DefaultAuthenticationEventPublisher
 	private Constructor<? extends AbstractAuthenticationEvent> getEventConstructor(AuthenticationException exception) {
 		Constructor<? extends AbstractAuthenticationEvent> eventConstructor = this.exceptionMappings
 				.get(exception.getClass().getName());
-		return (eventConstructor == null ? this.defaultAuthenticationFailureEventConstructor : eventConstructor);
+		return (eventConstructor != null) ? eventConstructor : this.defaultAuthenticationFailureEventConstructor;
 	}
 
 	@Override

core/src/main/java/org/springframework/security/authentication/jaas/memory/InMemoryConfiguration.java

@@ -80,7 +80,7 @@ public class InMemoryConfiguration extends Configuration {
 	@Override
 	public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
 		AppConfigurationEntry[] mappedResult = this.mappedConfigurations.get(name);
-		return mappedResult == null ? this.defaultConfiguration : mappedResult;
+		return (mappedResult != null) ? mappedResult : this.defaultConfiguration;
 	}
 
 	/**

core/src/main/java/org/springframework/security/authentication/rcp/RemoteAuthenticationProvider.java

@@ -63,7 +63,7 @@ public class RemoteAuthenticationProvider implements AuthenticationProvider, Ini
 	public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 		String username = authentication.getPrincipal().toString();
 		Object credentials = authentication.getCredentials();
-		String password = credentials == null ? null : credentials.toString();
+		String password = (credentials != null) ? credentials.toString() : null;
 		Collection<? extends GrantedAuthority> authorities = this.remoteAuthenticationManager
 				.attemptAuthentication(username, password);
 

core/src/main/java/org/springframework/security/concurrent/DelegatingSecurityContextCallable.java

@@ -113,8 +113,8 @@ public final class DelegatingSecurityContextCallable<V> implements Callable<V> {
 	 * @return
 	 */
 	public static <V> Callable<V> create(Callable<V> delegate, SecurityContext securityContext) {
-		return securityContext == null ? new DelegatingSecurityContextCallable<>(delegate)
+		return (securityContext != null) ? new DelegatingSecurityContextCallable<>(delegate, securityContext)
-				: new DelegatingSecurityContextCallable<>(delegate, securityContext);
+				: new DelegatingSecurityContextCallable<>(delegate);
 	}
 
 }

core/src/main/java/org/springframework/security/concurrent/DelegatingSecurityContextRunnable.java

@@ -111,8 +111,8 @@ public final class DelegatingSecurityContextRunnable implements Runnable {
 	 */
 	public static Runnable create(Runnable delegate, SecurityContext securityContext) {
 		Assert.notNull(delegate, "delegate cannot be  null");
-		return securityContext == null ? new DelegatingSecurityContextRunnable(delegate)
+		return (securityContext != null) ? new DelegatingSecurityContextRunnable(delegate, securityContext)
-				: new DelegatingSecurityContextRunnable(delegate, securityContext);
+				: new DelegatingSecurityContextRunnable(delegate);
 	}
 
 }

core/src/main/java/org/springframework/security/core/SpringSecurityCoreVersion.java

@@ -55,7 +55,7 @@ public final class SpringSecurityCoreVersion {
 
 	public static String getVersion() {
 		Package pkg = SpringSecurityCoreVersion.class.getPackage();
-		return (pkg != null ? pkg.getImplementationVersion() : null);
+		return (pkg != null) ? pkg.getImplementationVersion() : null;
 	}
 
 	/**

core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAttributes2GrantedAuthoritiesMapper.java

@@ -109,7 +109,7 @@ public class SimpleAttributes2GrantedAuthoritiesMapper
 	}
 
 	private String getAttributePrefix() {
-		return this.attributePrefix == null ? "" : this.attributePrefix;
+		return (this.attributePrefix != null) ? this.attributePrefix : "";
 	}
 
 	public void setAttributePrefix(String string) {

core/src/main/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsService.java

@@ -67,7 +67,7 @@ public class MapReactiveUserDetailsService implements ReactiveUserDetailsService
 	public Mono<UserDetails> findByUsername(String username) {
 		String key = getKey(username);
 		UserDetails result = this.users.get(key);
-		return result == null ? Mono.empty() : Mono.just(User.withUserDetails(result).build());
+		return (result != null) ? Mono.just(User.withUserDetails(result).build()) : Mono.empty();
 	}
 
 	@Override

core/src/main/java/org/springframework/security/core/userdetails/cache/SpringCacheBasedUserCache.java

@@ -43,7 +43,7 @@ public class SpringCacheBasedUserCache implements UserCache {
 
 	@Override
 	public UserDetails getUserFromCache(String username) {
-		Cache.ValueWrapper element = username != null ? this.cache.get(username) : null;
+		Cache.ValueWrapper element = (username != null) ? this.cache.get(username) : null;
 
 		if (logger.isDebugEnabled()) {
 			logger.debug("Cache hit: " + (element != null) + "; username: " + username);

core/src/main/java/org/springframework/security/util/SimpleMethodInvocation.java

@@ -37,7 +37,7 @@ public class SimpleMethodInvocation implements MethodInvocation {
 	public SimpleMethodInvocation(Object targetObject, Method method, Object... arguments) {
 		this.targetObject = targetObject;
 		this.method = method;
-		this.arguments = arguments == null ? new Object[0] : arguments;
+		this.arguments = (arguments != null) ? arguments : new Object[0];
 	}
 
 	public SimpleMethodInvocation() {

crypto/src/main/java/org/springframework/security/crypto/bcrypt/BCryptPasswordEncoder.java

@@ -97,7 +97,7 @@ public class BCryptPasswordEncoder implements PasswordEncoder {
 			throw new IllegalArgumentException("Bad strength");
 		}
 		this.version = version;
-		this.strength = strength == -1 ? 10 : strength;
+		this.strength = (strength == -1) ? 10 : strength;
 		this.random = random;
 	}
 

crypto/src/main/java/org/springframework/security/crypto/codec/Base64.java

@@ -333,9 +333,9 @@ public final class Base64 {
 		// significant bytes passed in the array.
 		// We have to shift left 24 in order to flush out the 1's that appear
 		// when Java treats a value as negative that is cast from a byte to an int.
-		int inBuff = (numSigBytes > 0 ? ((source[srcOffset] << 24) >>> 8) : 0)
+		int inBuff = ((numSigBytes > 0) ? ((source[srcOffset] << 24) >>> 8) : 0)
-				| (numSigBytes > 1 ? ((source[srcOffset + 1] << 24) >>> 16) : 0)
+				| ((numSigBytes > 1) ? ((source[srcOffset + 1] << 24) >>> 16) : 0)
-				| (numSigBytes > 2 ? ((source[srcOffset + 2] << 24) >>> 24) : 0);
+				| ((numSigBytes > 2) ? ((source[srcOffset + 2] << 24) >>> 24) : 0);
 
 		switch (numSigBytes) {
 		case 3:
@@ -404,8 +404,10 @@ public final class Base64 {
 		// Try to determine more precisely how big the array needs to be.
 		// If we get it right, we don't have to do an array copy, and
 		// we save a bunch of memory.
-		int encLen = (len / 3) * 4 + (len % 3 > 0 ? 4 : 0); // Bytes needed for actual
+
-															// encoding
+		// Bytes needed for actual encoding
+		int encLen = (len / 3) * 4 + ((len % 3 > 0) ? 4 : 0);
+
 		if (breakLines) {
 			encLen += encLen / MAX_LINE_LENGTH; // Plus extra newline characters
 		}

crypto/src/main/java/org/springframework/security/crypto/encrypt/AesBytesEncryptor.java

@@ -71,7 +71,7 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 		}
 
 		public AlgorithmParameterSpec getParameterSpec(byte[] iv) {
-			return this == CBC ? new IvParameterSpec(iv) : new GCMParameterSpec(128, iv);
+			return (this != CBC) ? new GCMParameterSpec(128, iv) : new IvParameterSpec(iv);
 		}
 
 		public Cipher createCipher() {
@@ -110,7 +110,7 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 		this.alg = alg;
 		this.encryptor = alg.createCipher();
 		this.decryptor = alg.createCipher();
-		this.ivGenerator = ivGenerator != null ? ivGenerator : alg.defaultIvGenerator();
+		this.ivGenerator = (ivGenerator != null) ? ivGenerator : alg.defaultIvGenerator();
 	}
 
 	@Override
@@ -119,7 +119,7 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 			byte[] iv = this.ivGenerator.generateKey();
 			CipherUtils.initCipher(this.encryptor, Cipher.ENCRYPT_MODE, this.secretKey, this.alg.getParameterSpec(iv));
 			byte[] encrypted = CipherUtils.doFinal(this.encryptor, bytes);
-			return this.ivGenerator != NULL_IV_GENERATOR ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
+			return (this.ivGenerator != NULL_IV_GENERATOR) ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
 		}
 	}
 
@@ -129,12 +129,12 @@ public final class AesBytesEncryptor implements BytesEncryptor {
 			byte[] iv = iv(encryptedBytes);
 			CipherUtils.initCipher(this.decryptor, Cipher.DECRYPT_MODE, this.secretKey, this.alg.getParameterSpec(iv));
 			return CipherUtils.doFinal(this.decryptor,
-					this.ivGenerator != NULL_IV_GENERATOR ? encrypted(encryptedBytes, iv.length) : encryptedBytes);
+					(this.ivGenerator != NULL_IV_GENERATOR) ? encrypted(encryptedBytes, iv.length) : encryptedBytes);
 		}
 	}
 
 	private byte[] iv(byte[] encrypted) {
-		return this.ivGenerator != NULL_IV_GENERATOR
+		return (this.ivGenerator != NULL_IV_GENERATOR)
 				? EncodingUtils.subArray(encrypted, 0, this.ivGenerator.getKeyLength())
 				: NULL_IV_GENERATOR.generateKey();
 	}

crypto/src/main/java/org/springframework/security/crypto/encrypt/BouncyCastleAesCbcBytesEncryptor.java

@@ -54,7 +54,7 @@ public class BouncyCastleAesCbcBytesEncryptor extends BouncyCastleAesBytesEncryp
 				new CBCBlockCipher(new org.bouncycastle.crypto.engines.AESFastEngine()), new PKCS7Padding());
 		blockCipher.init(true, new ParametersWithIV(this.secretKey, iv));
 		byte[] encrypted = process(blockCipher, bytes);
-		return iv != null ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
+		return (iv != null) ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
 	}
 
 	@Override

crypto/src/main/java/org/springframework/security/crypto/encrypt/BouncyCastleAesGcmBytesEncryptor.java

@@ -52,7 +52,7 @@ public class BouncyCastleAesGcmBytesEncryptor extends BouncyCastleAesBytesEncryp
 		blockCipher.init(true, new AEADParameters(this.secretKey, 128, iv, null));
 
 		byte[] encrypted = process(blockCipher, bytes);
-		return iv != null ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
+		return (iv != null) ? EncodingUtils.concatenate(iv, encrypted) : encrypted;
 	}
 
 	@Override

crypto/src/main/java/org/springframework/security/crypto/password/LdapShaPasswordEncoder.java

@@ -146,7 +146,7 @@ public class LdapShaPasswordEncoder implements PasswordEncoder {
 	 */
 	@Override
 	public boolean matches(CharSequence rawPassword, String encodedPassword) {
-		return matches(rawPassword == null ? null : rawPassword.toString(), encodedPassword);
+		return matches((rawPassword != null) ? rawPassword.toString() : null, encodedPassword);
 	}
 
 	private boolean matches(String rawPassword, String encodedPassword) {

etc/checkstyle/checkstyle-suppressions.xml

@@ -3,7 +3,6 @@
 		"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
 		"https://checkstyle.org/dtds/suppressions_1_2.dtd">
 <suppressions>
-	<suppress files=".*" checks="SpringTernary" />
 	<suppress files=".*" checks="WhitespaceAfter" />
 	<suppress files=".*" checks="WhitespaceAround" />
 	<suppress files=".*" checks="JavadocMethod" />

itest/context/src/integration-test/java/org/springframework/security/performance/FilterChainPerformanceTests.java

@@ -128,7 +128,7 @@ public class FilterChainPerformanceTests {
 	public void provideDataOnScalingWithNumberOfAuthoritiesUserHas() throws Exception {
 		StopWatch sw = new StopWatch("Scaling with nAuthorities");
 		for (int user = 0; user < N_AUTHORITIES / 10; user++) {
-			int nAuthorities = user == 0 ? 1 : user * 10;
+			int nAuthorities = (user != 0) ? user * 10 : 1;
 			SecurityContextHolder.getContext().setAuthentication(
 					new UsernamePasswordAuthenticationToken("bob", "bobspassword", createRoles(nAuthorities)));
 			this.session.setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,

ldap/src/main/java/org/springframework/security/ldap/SpringSecurityLdapTemplate.java

@@ -214,7 +214,7 @@ public class SpringSecurityLdapTemplate extends LdapTemplate {
 
 		SearchControls ctls = new SearchControls();
 		ctls.setSearchScope(this.searchControls.getSearchScope());
-		ctls.setReturningAttributes(attributeNames != null && attributeNames.length > 0 ? attributeNames : null);
+		ctls.setReturningAttributes((attributeNames != null && attributeNames.length > 0) ? attributeNames : null);
 
 		search(base, formattedFilter, ctls, roleMapper);
 

ldap/src/main/java/org/springframework/security/ldap/authentication/ad/ActiveDirectoryLdapAuthenticationProvider.java

@@ -153,7 +153,7 @@ public final class ActiveDirectoryLdapAuthenticationProvider extends AbstractLda
 		Assert.isTrue(StringUtils.hasText(url), "Url cannot be empty");
 		this.domain = StringUtils.hasText(domain) ? domain.toLowerCase() : null;
 		this.url = url;
-		this.rootDn = this.domain == null ? null : rootDnFromDomain(this.domain);
+		this.rootDn = (this.domain != null) ? rootDnFromDomain(this.domain) : null;
 	}
 
 	@Override
@@ -336,7 +336,7 @@ public final class ActiveDirectoryLdapAuthenticationProvider extends AbstractLda
 		searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
 
 		String bindPrincipal = createBindPrincipal(username);
-		String searchRoot = this.rootDn != null ? this.rootDn : searchRootFromPrincipal(bindPrincipal);
+		String searchRoot = (this.rootDn != null) ? this.rootDn : searchRootFromPrincipal(bindPrincipal);
 
 		try {
 			return SpringSecurityLdapTemplate.searchForSingleEntryInternal(context, searchControls, searchRoot,

ldap/src/main/java/org/springframework/security/ldap/search/FilterBasedLdapUserSearch.java

@@ -165,7 +165,7 @@ public class FilterBasedLdapUserSearch implements LdapUserSearch {
 		sb.append("[ searchFilter: '").append(this.searchFilter).append("', ");
 		sb.append("searchBase: '").append(this.searchBase).append("'");
 		sb.append(", scope: ").append(
-				this.searchControls.getSearchScope() == SearchControls.SUBTREE_SCOPE ? "subtree" : "single-level, ");
+				(this.searchControls.getSearchScope() != SearchControls.SUBTREE_SCOPE) ? "single-level, " : "subtree");
 		sb.append(", searchTimeLimit: ").append(this.searchControls.getTimeLimit());
 		sb.append(", derefLinkFlag: ").append(this.searchControls.getDerefLinkFlag()).append(" ]");
 		return sb.toString();

ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapAuthority.java

@@ -140,7 +140,7 @@ public class LdapAuthority implements GrantedAuthority {
 	@Override
 	public int hashCode() {
 		int result = this.dn.hashCode();
-		result = 31 * result + (this.role != null ? this.role.hashCode() : 0);
+		result = 31 * result + ((this.role != null) ? this.role.hashCode() : 0);
 		return result;
 	}
 

ldap/src/main/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulator.java

@@ -216,7 +216,7 @@ public class NestedLdapAuthoritiesPopulator extends DefaultLdapAuthoritiesPopula
 				// this prevents a forever loop for a misconfigured ldap directory
 				circular = circular | (!authorities.add(new LdapAuthority(role, dn, record)));
 			}
-			String roleName = roles.size() > 0 ? roles.iterator().next() : dn;
+			String roleName = (roles.size() > 0) ? roles.iterator().next() : dn;
 			if (!circular) {
 				performNestedSearch(dn, roleName, authorities, (depth - 1));
 			}

messaging/src/main/java/org/springframework/security/messaging/handler/invocation/reactive/AuthenticationPrincipalArgumentResolver.java

@@ -128,7 +128,7 @@ public class AuthenticationPrincipalArgumentResolver implements HandlerMethodArg
 		return ReactiveSecurityContextHolder.getContext().map(SecurityContext::getAuthentication).flatMap((a) -> {
 			Object p = resolvePrincipal(parameter, a.getPrincipal());
 			Mono<Object> principal = Mono.justOrEmpty(p);
-			return adapter == null ? principal : Mono.just(adapter.fromPublisher(principal));
+			return (adapter != null) ? Mono.just(adapter.fromPublisher(principal)) : principal;
 		});
 	}
 

messaging/src/main/java/org/springframework/security/messaging/handler/invocation/reactive/CurrentSecurityContextArgumentResolver.java

@@ -127,7 +127,7 @@ public class CurrentSecurityContextArgumentResolver implements HandlerMethodArgu
 		return ReactiveSecurityContextHolder.getContext().flatMap((securityContext) -> {
 			Object sc = resolveSecurityContext(parameter, securityContext);
 			Mono<Object> result = Mono.justOrEmpty(sc);
-			return adapter == null ? result : Mono.just(adapter.fromPublisher(result));
+			return (adapter != null) ? Mono.just(adapter.fromPublisher(result)) : result;
 		});
 	}
 

messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcher.java

@@ -113,7 +113,7 @@ public final class SimpDestinationMessageMatcher implements MessageMatcher<Objec
 		}
 
 		this.matcher = pathMatcher;
-		this.messageTypeMatcher = type == null ? ANY_MESSAGE : new SimpMessageTypeMatcher(type);
+		this.messageTypeMatcher = (type != null) ? new SimpMessageTypeMatcher(type) : ANY_MESSAGE;
 		this.pattern = pattern;
 	}
 
@@ -129,7 +129,7 @@ public final class SimpDestinationMessageMatcher implements MessageMatcher<Objec
 
 	public Map<String, String> extractPathVariables(Message<?> message) {
 		final String destination = SimpMessageHeaderAccessor.getDestination(message.getHeaders());
-		return destination != null ? this.matcher.extractUriTemplateVariables(this.pattern, destination)
+		return (destination != null) ? this.matcher.extractUriTemplateVariables(this.pattern, destination)
 				: Collections.emptyMap();
 	}
 

messaging/src/main/java/org/springframework/security/messaging/web/csrf/CsrfChannelInterceptor.java

@@ -48,8 +48,8 @@ public final class CsrfChannelInterceptor extends ChannelInterceptorAdapter {
 		}
 
 		Map<String, Object> sessionAttributes = SimpMessageHeaderAccessor.getSessionAttributes(message.getHeaders());
-		CsrfToken expectedToken = sessionAttributes == null ? null
+		CsrfToken expectedToken = (sessionAttributes != null)
-				: (CsrfToken) sessionAttributes.get(CsrfToken.class.getName());
+				? (CsrfToken) sessionAttributes.get(CsrfToken.class.getName()) : null;
 
 		if (expectedToken == null) {
 			throw new MissingCsrfTokenException(null);

messaging/src/test/java/org/springframework/security/messaging/handler/invocation/ResolvableMethod.java

@@ -220,10 +220,10 @@ public final class ResolvableMethod {
 
 	private String formatParameter(Parameter param) {
 		Annotation[] anns = param.getAnnotations();
-		return (anns.length > 0
+		return (anns.length > 0)
 				? Arrays.stream(anns).map(this::formatAnnotation).collect(Collectors.joining(",", "[", "]")) + " "
 						+ param
-				: param.toString());
+				: param.toString();
 	}
 
 	private String formatAnnotation(Annotation annotation) {
@@ -591,9 +591,9 @@ public final class ResolvableMethod {
 		 */
 		@SafeVarargs
 		public final ArgResolver annotNotPresent(Class<? extends Annotation>... annotationTypes) {
-			this.filters.add((param) -> (annotationTypes.length > 0
+			this.filters.add((param) -> (annotationTypes.length > 0)
 					? Arrays.stream(annotationTypes).noneMatch(param::hasParameterAnnotation)
-					: param.getParameterAnnotations().length == 0));
+					: param.getParameterAnnotations().length == 0);
 			return this;
 		}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/authentication/OAuth2AuthorizationCodeAuthenticationToken.java

@@ -114,7 +114,7 @@ public class OAuth2AuthorizationCodeAuthenticationToken extends AbstractAuthenti
 
 	@Override
 	public Object getCredentials() {
-		return this.accessToken != null ? this.accessToken.getTokenValue()
+		return (this.accessToken != null) ? this.accessToken.getTokenValue()
 				: this.authorizationExchange.getAuthorizationResponse().getCode();
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/NimbusAuthorizationCodeTokenResponseClient.java

@@ -128,9 +128,9 @@ public class NimbusAuthorizationCodeTokenResponseClient
 			}
 			else {
 				oauth2Error = new OAuth2Error(
-						errorObject.getCode() != null ? errorObject.getCode() : OAuth2ErrorCodes.SERVER_ERROR,
+						(errorObject.getCode() != null) ? errorObject.getCode() : OAuth2ErrorCodes.SERVER_ERROR,
 						errorObject.getDescription(),
-						errorObject.getURI() != null ? errorObject.getURI().toString() : null);
+						(errorObject.getURI() != null) ? errorObject.getURI().toString() : null);
 			}
 			throw new OAuth2AuthorizationException(oauth2Error);
 		}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/endpoint/OAuth2RefreshTokenGrantRequest.java

@@ -75,7 +75,7 @@ public class OAuth2RefreshTokenGrantRequest extends AbstractOAuth2AuthorizationG
 		this.accessToken = accessToken;
 		this.refreshToken = refreshToken;
 		this.scopes = Collections
-				.unmodifiableSet(scopes != null ? new LinkedHashSet<>(scopes) : Collections.emptySet());
+				.unmodifiableSet((scopes != null) ? new LinkedHashSet<>(scopes) : Collections.emptySet());
 	}
 
 	/**

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/http/OAuth2ErrorResponseErrorHandler.java

@@ -80,10 +80,10 @@ public class OAuth2ErrorResponseErrorHandler implements ResponseErrorHandler {
 			return null;
 		}
 
-		String errorCode = bearerTokenError.getCode() != null ? bearerTokenError.getCode()
+		String errorCode = (bearerTokenError.getCode() != null) ? bearerTokenError.getCode()
 				: OAuth2ErrorCodes.SERVER_ERROR;
 		String errorDescription = bearerTokenError.getDescription();
-		String errorUri = bearerTokenError.getURI() != null ? bearerTokenError.getURI().toString() : null;
+		String errorUri = (bearerTokenError.getURI() != null) ? bearerTokenError.getURI().toString() : null;
 
 		return new OAuth2Error(errorCode, errorDescription, errorUri);
 	}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcReactiveOAuth2UserService.java

@@ -138,7 +138,7 @@ public class OidcReactiveOAuth2UserService implements ReactiveOAuth2UserService<
 	private Map<String, Object> convertClaims(Map<String, Object> claims, ClientRegistration clientRegistration) {
 		Converter<Map<String, Object>, Map<String, Object>> claimTypeConverter = this.claimTypeConverterFactory
 				.apply(clientRegistration);
-		return claimTypeConverter != null ? claimTypeConverter.convert(claims)
+		return (claimTypeConverter != null) ? claimTypeConverter.convert(claims)
 				: DEFAULT_CLAIM_TYPE_CONVERTER.convert(claims);
 	}
 

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/registration/ClientRegistration.java

@@ -368,7 +368,7 @@ public final class ClientRegistration implements Serializable {
 			this.clientAuthenticationMethod = clientRegistration.clientAuthenticationMethod;
 			this.authorizationGrantType = clientRegistration.authorizationGrantType;
 			this.redirectUri = clientRegistration.redirectUri;
-			this.scopes = clientRegistration.scopes == null ? null : new HashSet<>(clientRegistration.scopes);
+			this.scopes = (clientRegistration.scopes != null) ? new HashSet<>(clientRegistration.scopes) : null;
 			this.authorizationUri = clientRegistration.providerDetails.authorizationUri;
 			this.tokenUri = clientRegistration.providerDetails.tokenUri;
 			this.userInfoUri = clientRegistration.providerDetails.userInfoEndpoint.uri;

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java

@@ -224,22 +224,22 @@ public final class DefaultOAuth2AuthorizationRequestResolver implements OAuth2Au
 		UriComponents uriComponents = UriComponentsBuilder.fromHttpUrl(UrlUtils.buildFullRequestUrl(request))
 				.replacePath(request.getContextPath()).replaceQuery(null).fragment(null).build();
 		String scheme = uriComponents.getScheme();
-		uriVariables.put("baseScheme", scheme == null ? "" : scheme);
+		uriVariables.put("baseScheme", (scheme != null) ? scheme : "");
 		String host = uriComponents.getHost();
-		uriVariables.put("baseHost", host == null ? "" : host);
+		uriVariables.put("baseHost", (host != null) ? host : "");
 		// following logic is based on HierarchicalUriComponents#toUriString()
 		int port = uriComponents.getPort();
-		uriVariables.put("basePort", port == -1 ? "" : ":" + port);
+		uriVariables.put("basePort", (port == -1) ? "" : ":" + port);
 		String path = uriComponents.getPath();
 		if (StringUtils.hasLength(path)) {
 			if (path.charAt(0) != PATH_DELIMITER) {
 				path = PATH_DELIMITER + path;
 			}
 		}
-		uriVariables.put("basePath", path == null ? "" : path);
+		uriVariables.put("basePath", (path != null) ? path : "");
 		uriVariables.put("baseUrl", uriComponents.toUriString());
 
-		uriVariables.put("action", action == null ? "" : action);
+		uriVariables.put("action", (action != null) ? action : "");
 
 		return UriComponentsBuilder.fromUriString(clientRegistration.getRedirectUri()).buildAndExpand(uriVariables)
 				.toUriString();

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultReactiveOAuth2AuthorizedClientManager.java

@@ -151,7 +151,7 @@ public final class DefaultReactiveOAuth2AuthorizedClientManager implements React
 								(authorizationContext) -> authorize(authorizationContext, principal, serverWebExchange))
 								// Default to the existing authorizedClient if the
 								// client was not re-authorized
-								.defaultIfEmpty(authorizeRequest.getAuthorizedClient() != null
+								.defaultIfEmpty((authorizeRequest.getAuthorizedClient() != null)
 										? authorizeRequest.getAuthorizedClient() : authorizedClient))
 						.switchIfEmpty(Mono.defer(() ->
 						// Authorize

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizationRequestRepository.java

@@ -115,8 +115,8 @@ public final class HttpSessionOAuth2AuthorizationRequestRepository
 	 */
 	private Map<String, OAuth2AuthorizationRequest> getAuthorizationRequests(HttpServletRequest request) {
 		HttpSession session = request.getSession(false);
-		Map<String, OAuth2AuthorizationRequest> authorizationRequests = session == null ? null
+		Map<String, OAuth2AuthorizationRequest> authorizationRequests = (session != null)
-				: (Map<String, OAuth2AuthorizationRequest>) session.getAttribute(this.sessionAttributeName);
+				? (Map<String, OAuth2AuthorizationRequest>) session.getAttribute(this.sessionAttributeName) : null;
 		if (authorizationRequests == null) {
 			return new HashMap<>();
 		}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/HttpSessionOAuth2AuthorizedClientRepository.java

@@ -84,8 +84,8 @@ public final class HttpSessionOAuth2AuthorizedClientRepository implements OAuth2
 	@SuppressWarnings("unchecked")
 	private Map<String, OAuth2AuthorizedClient> getAuthorizedClients(HttpServletRequest request) {
 		HttpSession session = request.getSession(false);
-		Map<String, OAuth2AuthorizedClient> authorizedClients = session == null ? null
+		Map<String, OAuth2AuthorizedClient> authorizedClients = (session != null)
-				: (Map<String, OAuth2AuthorizedClient>) session.getAttribute(this.sessionAttributeName);
+				? (Map<String, OAuth2AuthorizedClient>) session.getAttribute(this.sessionAttributeName) : null;
 		if (authorizedClients == null) {
 			authorizedClients = new HashMap<>();
 		}

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationCodeGrantFilter.java

@@ -244,7 +244,7 @@ public class OAuth2AuthorizationCodeGrantFilter extends OncePerRequestFilter {
 		}
 
 		Authentication currentAuthentication = SecurityContextHolder.getContext().getAuthentication();
-		String principalName = currentAuthentication != null ? currentAuthentication.getName() : "anonymousUser";
+		String principalName = (currentAuthentication != null) ? currentAuthentication.getName() : "anonymousUser";
 
 		OAuth2AuthorizedClient authorizedClient = new OAuth2AuthorizedClient(
 				authenticationResult.getClientRegistration(), principalName, authenticationResult.getAccessToken(),

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/reactive/function/client/ServerOAuth2AuthorizedClientExchangeFilterFunction.java

@@ -572,7 +572,7 @@ public final class ServerOAuth2AuthorizedClientExchangeFilterFunction implements
 							.build()).flatMap((authorizationContext) -> authorize(authorizationContext, principal))
 							// Default to the existing authorizedClient if the client
 							// was not re-authorized
-							.defaultIfEmpty(authorizeRequest.getAuthorizedClient() != null
+							.defaultIfEmpty((authorizeRequest.getAuthorizedClient() != null)
 									? authorizeRequest.getAuthorizedClient() : authorizedClient))
 					.switchIfEmpty(Mono.defer(() ->
 					// Authorize

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/DefaultServerOAuth2AuthorizationRequestResolver.java

@@ -217,19 +217,19 @@ public class DefaultServerOAuth2AuthorizationRequestResolver implements ServerOA
 		UriComponents uriComponents = UriComponentsBuilder.fromUri(request.getURI())
 				.replacePath(request.getPath().contextPath().value()).replaceQuery(null).fragment(null).build();
 		String scheme = uriComponents.getScheme();
-		uriVariables.put("baseScheme", scheme == null ? "" : scheme);
+		uriVariables.put("baseScheme", (scheme != null) ? scheme : "");
 		String host = uriComponents.getHost();
-		uriVariables.put("baseHost", host == null ? "" : host);
+		uriVariables.put("baseHost", (host != null) ? host : "");
 		// following logic is based on HierarchicalUriComponents#toUriString()
 		int port = uriComponents.getPort();
-		uriVariables.put("basePort", port == -1 ? "" : ":" + port);
+		uriVariables.put("basePort", (port == -1) ? "" : ":" + port);
 		String path = uriComponents.getPath();
 		if (StringUtils.hasLength(path)) {
 			if (path.charAt(0) != PATH_DELIMITER) {
 				path = PATH_DELIMITER + path;
 			}
 		}
-		uriVariables.put("basePath", path == null ? "" : path);
+		uriVariables.put("basePath", (path != null) ? path : "");
 		uriVariables.put("baseUrl", uriComponents.toUriString());
 
 		String action = "";

oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/server/WebSessionServerOAuth2AuthorizedClientRepository.java

@@ -85,8 +85,8 @@ public final class WebSessionServerOAuth2AuthorizedClientRepository implements S
 
 	@SuppressWarnings("unchecked")
 	private Map<String, OAuth2AuthorizedClient> getAuthorizedClients(WebSession session) {
-		Map<String, OAuth2AuthorizedClient> authorizedClients = session == null ? null
+		Map<String, OAuth2AuthorizedClient> authorizedClients = (session != null)
-				: (Map<String, OAuth2AuthorizedClient>) session.getAttribute(this.sessionAttributeName);
+				? (Map<String, OAuth2AuthorizedClient>) session.getAttribute(this.sessionAttributeName) : null;
 		if (authorizedClients == null) {
 			authorizedClients = new HashMap<>();
 		}

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/jackson2/OAuth2AuthenticationExceptionMixinTests.java

@@ -129,7 +129,7 @@ public class OAuth2AuthenticationExceptionMixinTests {
 	}
 
 	private String jsonStringOrNull(String input) {
-		return input != null ? "\"" + input + "\"" : "null";
+		return (input != null) ? "\"" + input + "\"" : "null";
 	}
 
 }

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/jackson2/OAuth2AuthenticationTokenMixinTests.java

@@ -169,7 +169,7 @@ public class OAuth2AuthenticationTokenMixinTests {
 	}
 
 	private static String asJson(OAuth2AuthenticationToken authentication) {
-		String principalJson = authentication.getPrincipal() instanceof DefaultOidcUser
+		String principalJson = (authentication.getPrincipal() instanceof DefaultOidcUser)
 				? asJson((DefaultOidcUser) authentication.getPrincipal())
 				: asJson((DefaultOAuth2User) authentication.getPrincipal());
 		// @formatter:off
@@ -224,8 +224,8 @@ public class OAuth2AuthenticationTokenMixinTests {
 				simpleAuthorities.add((SimpleGrantedAuthority) authority);
 			}
 		}
-		String authoritiesJson = oidcUserAuthority != null ? asJson(oidcUserAuthority)
+		String authoritiesJson = (oidcUserAuthority != null) ? asJson(oidcUserAuthority)
-				: oauth2UserAuthority != null ? asJson(oauth2UserAuthority) : "";
+				: (oauth2UserAuthority != null) ? asJson(oauth2UserAuthority) : "";
 		if (!simpleAuthorities.isEmpty()) {
 			if (!StringUtils.isEmpty(authoritiesJson)) {
 				authoritiesJson += ",";

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/jackson2/OAuth2AuthorizationRequestMixinTests.java

@@ -165,7 +165,7 @@ public class OAuth2AuthorizationRequestMixinTests {
 				"    \"java.util.Collections$UnmodifiableSet\",\n" +
 				"    [" + scopes + "]\n" +
 				"  ],\n" +
-				"  \"state\": " + (authorizationRequest.getState() != null ? "\"" + authorizationRequest.getState() + "\"" : "null") + ",\n" +
+				"  \"state\": " + ((authorizationRequest.getState() != null) ? "\"" + authorizationRequest.getState() + "\"" : "null") + ",\n" +
 				"  \"additionalParameters\": {\n" +
 				"    " + additionalParameters + "\n" +
 				"  },\n" +

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/jackson2/OAuth2AuthorizedClientMixinTests.java

@@ -241,14 +241,14 @@ public class OAuth2AuthorizedClientMixinTests {
 				"      \"tokenUri\": \"" + providerDetails.getTokenUri() + "\",\n" +
 				"      \"userInfoEndpoint\": {\n" +
 				"        \"@class\": \"org.springframework.security.oauth2.client.registration.ClientRegistration$ProviderDetails$UserInfoEndpoint\",\n" +
-				"        \"uri\": " + (userInfoEndpoint.getUri() != null ? "\"" + userInfoEndpoint.getUri() + "\"" : null) + ",\n" +
+				"        \"uri\": " + ((userInfoEndpoint.getUri() != null) ? "\"" + userInfoEndpoint.getUri() + "\"" : null) + ",\n" +
 				"        \"authenticationMethod\": {\n" +
 				"          \"value\": \"" + userInfoEndpoint.getAuthenticationMethod().getValue() + "\"\n" +
 				"        },\n" +
-				"        \"userNameAttributeName\": " + (userInfoEndpoint.getUserNameAttributeName() != null ? "\"" + userInfoEndpoint.getUserNameAttributeName() + "\"" : null) + "\n" +
+				"        \"userNameAttributeName\": " + ((userInfoEndpoint.getUserNameAttributeName() != null) ? "\"" + userInfoEndpoint.getUserNameAttributeName() + "\"" : null) + "\n" +
 				"      },\n" +
-				"      \"jwkSetUri\": " + (providerDetails.getJwkSetUri() != null ? "\"" + providerDetails.getJwkSetUri() + "\"" : null) + ",\n" +
+				"      \"jwkSetUri\": " + ((providerDetails.getJwkSetUri() != null) ? "\"" + providerDetails.getJwkSetUri() + "\"" : null) + ",\n" +
-				"      \"issuerUri\": " + (providerDetails.getIssuerUri() != null ? "\"" + providerDetails.getIssuerUri() + "\"" : null) + ",\n" +
+				"      \"issuerUri\": " + ((providerDetails.getIssuerUri() != null) ? "\"" + providerDetails.getIssuerUri() + "\"" : null) + ",\n" +
 				"      \"configurationMetadata\": {\n" +
 				"        " + configurationMetadata + "\n" +
 				"      }\n" +

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/registration/ClientRegistrationsTests.java

@@ -393,7 +393,7 @@ public class ClientRegistrationsTests {
 		this.issuer = createIssuerFromServer(path);
 		this.response.put("issuer", this.issuer);
 		this.issuer = this.server.url(path).toString();
-		final String responseBody = body != null ? body : this.mapper.writeValueAsString(this.response);
+		final String responseBody = (body != null) ? body : this.mapper.writeValueAsString(this.response);
 
 		final Dispatcher dispatcher = new Dispatcher() {
 			@Override
@@ -429,7 +429,7 @@ public class ClientRegistrationsTests {
 		this.issuer = createIssuerFromServer(path);
 		this.response.put("issuer", this.issuer);
 
-		String responseBody = body != null ? body : this.mapper.writeValueAsString(this.response);
+		String responseBody = (body != null) ? body : this.mapper.writeValueAsString(this.response);
 
 		final Dispatcher dispatcher = new Dispatcher() {
 			@Override

oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/reactive/result/method/annotation/OAuth2AuthorizedClientArgumentResolverTests.java

@@ -175,8 +175,8 @@ public class OAuth2AuthorizedClientArgumentResolverTests {
 
 	private Object resolveArgument(MethodParameter methodParameter) {
 		return this.argumentResolver.resolveArgument(methodParameter, null, null)
-				.subscriberContext(this.authentication == null ? Context.empty()
+				.subscriberContext((this.authentication != null)
-						: ReactiveSecurityContextHolder.withAuthentication(this.authentication))
+						? ReactiveSecurityContextHolder.withAuthentication(this.authentication) : Context.empty())
 				.subscriberContext(serverWebExchange()).block();
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java

@@ -98,23 +98,24 @@ public abstract class AbstractOAuth2Token implements Serializable {
 			return false;
 		}
 
-		AbstractOAuth2Token that = (AbstractOAuth2Token) obj;
+		AbstractOAuth2Token other = (AbstractOAuth2Token) obj;
 
-		if (!this.getTokenValue().equals(that.getTokenValue())) {
+		if (!this.getTokenValue().equals(other.getTokenValue())) {
 			return false;
 		}
-		if (this.getIssuedAt() != null ? !this.getIssuedAt().equals(that.getIssuedAt()) : that.getIssuedAt() != null) {
+		if ((this.getIssuedAt() != null) ? !this.getIssuedAt().equals(other.getIssuedAt())
+				: other.getIssuedAt() != null) {
 			return false;
 		}
-		return this.getExpiresAt() != null ? this.getExpiresAt().equals(that.getExpiresAt())
+		return (this.getExpiresAt() != null) ? this.getExpiresAt().equals(other.getExpiresAt())
-				: that.getExpiresAt() == null;
+				: other.getExpiresAt() == null;
 	}
 
 	@Override
 	public int hashCode() {
 		int result = this.getTokenValue().hashCode();
-		result = 31 * result + (this.getIssuedAt() != null ? this.getIssuedAt().hashCode() : 0);
+		result = 31 * result + ((this.getIssuedAt() != null) ? this.getIssuedAt().hashCode() : 0);
-		result = 31 * result + (this.getExpiresAt() != null ? this.getExpiresAt().hashCode() : 0);
+		result = 31 * result + ((this.getExpiresAt() != null) ? this.getExpiresAt().hashCode() : 0);
 		return result;
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DefaultOAuth2AuthenticatedPrincipal.java

@@ -64,9 +64,9 @@ public final class DefaultOAuth2AuthenticatedPrincipal implements OAuth2Authenti
 
 		Assert.notEmpty(attributes, "attributes cannot be empty");
 		this.attributes = Collections.unmodifiableMap(attributes);
-		this.authorities = authorities == null ? AuthorityUtils.NO_AUTHORITIES
+		this.authorities = (authorities != null) ? Collections.unmodifiableCollection(authorities)
-				: Collections.unmodifiableCollection(authorities);
+				: AuthorityUtils.NO_AUTHORITIES;
-		this.name = name == null ? (String) this.attributes.get("sub") : name;
+		this.name = (name != null) ? name : (String) this.attributes.get("sub");
 	}
 
 	/**

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java

@@ -71,7 +71,7 @@ public class OAuth2AccessToken extends AbstractOAuth2Token {
 		super(tokenValue, issuedAt, expiresAt);
 		Assert.notNull(tokenType, "tokenType cannot be null");
 		this.tokenType = tokenType;
-		this.scopes = Collections.unmodifiableSet(scopes != null ? scopes : Collections.emptySet());
+		this.scopes = Collections.unmodifiableSet((scopes != null) ? scopes : Collections.emptySet());
 	}
 
 	/**

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Error.java

@@ -93,7 +93,7 @@ public class OAuth2Error implements Serializable {
 
 	@Override
 	public String toString() {
-		return "[" + this.getErrorCode() + "] " + (this.getDescription() != null ? this.getDescription() : "");
+		return "[" + this.getErrorCode() + "] " + ((this.getDescription() != null) ? this.getDescription() : "");
 	}
 
 }

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/converter/ObjectToStringConverter.java

@@ -35,7 +35,7 @@ final class ObjectToStringConverter implements GenericConverter {
 
 	@Override
 	public Object convert(Object source, TypeDescriptor sourceType, TypeDescriptor targetType) {
-		return source == null ? null : source.toString();
+		return (source != null) ? source.toString() : null;
 	}
 
 }

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java

@@ -120,7 +120,8 @@ public final class OAuth2AccessTokenResponse {
 			this.issuedAt = accessToken.getIssuedAt();
 			this.expiresAt = accessToken.getExpiresAt();
 			this.scopes = accessToken.getScopes();
-			this.refreshToken = response.getRefreshToken() == null ? null : response.getRefreshToken().getTokenValue();
+			this.refreshToken = (response.getRefreshToken() != null) ? response.getRefreshToken().getTokenValue()
+					: null;
 			this.additionalParameters = response.getAdditionalParameters();
 		}
 
@@ -217,7 +218,7 @@ public final class OAuth2AccessTokenResponse {
 		private Instant getExpiresAt() {
 			if (this.expiresAt == null) {
 				Instant issuedAt = getIssuedAt();
-				this.expiresAt = this.expiresIn > 0 ? issuedAt.plusSeconds(this.expiresIn) : issuedAt.plusSeconds(1);
+				this.expiresAt = (this.expiresIn > 0) ? issuedAt.plusSeconds(this.expiresIn) : issuedAt.plusSeconds(1);
 			}
 			return this.expiresAt;
 		}

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java

@@ -81,37 +81,38 @@ public final class DefaultAddressStandardClaim implements AddressStandardClaim {
 			return false;
 		}
 
-		AddressStandardClaim that = (AddressStandardClaim) obj;
+		AddressStandardClaim other = (AddressStandardClaim) obj;
 
-		if (this.getFormatted() != null ? !this.getFormatted().equals(that.getFormatted())
+		if ((this.getFormatted() != null) ? !this.getFormatted().equals(other.getFormatted())
-				: that.getFormatted() != null) {
+				: other.getFormatted() != null) {
 			return false;
 		}
-		if (this.getStreetAddress() != null ? !this.getStreetAddress().equals(that.getStreetAddress())
+		if ((this.getStreetAddress() != null) ? !this.getStreetAddress().equals(other.getStreetAddress())
-				: that.getStreetAddress() != null) {
+				: other.getStreetAddress() != null) {
 			return false;
 		}
-		if (this.getLocality() != null ? !this.getLocality().equals(that.getLocality()) : that.getLocality() != null) {
+		if ((this.getLocality() != null) ? !this.getLocality().equals(other.getLocality())
+				: other.getLocality() != null) {
 			return false;
 		}
-		if (this.getRegion() != null ? !this.getRegion().equals(that.getRegion()) : that.getRegion() != null) {
+		if ((this.getRegion() != null) ? !this.getRegion().equals(other.getRegion()) : other.getRegion() != null) {
 			return false;
 		}
-		if (this.getPostalCode() != null ? !this.getPostalCode().equals(that.getPostalCode())
+		if ((this.getPostalCode() != null) ? !this.getPostalCode().equals(other.getPostalCode())
-				: that.getPostalCode() != null) {
+				: other.getPostalCode() != null) {
 			return false;
 		}
-		return this.getCountry() != null ? this.getCountry().equals(that.getCountry()) : that.getCountry() == null;
+		return (this.getCountry() != null) ? this.getCountry().equals(other.getCountry()) : other.getCountry() == null;
 	}
 
 	@Override
 	public int hashCode() {
-		int result = this.getFormatted() != null ? this.getFormatted().hashCode() : 0;
+		int result = (this.getFormatted() != null) ? this.getFormatted().hashCode() : 0;
-		result = 31 * result + (this.getStreetAddress() != null ? this.getStreetAddress().hashCode() : 0);
+		result = 31 * result + ((this.getStreetAddress() != null) ? this.getStreetAddress().hashCode() : 0);
-		result = 31 * result + (this.getLocality() != null ? this.getLocality().hashCode() : 0);
+		result = 31 * result + ((this.getLocality() != null) ? this.getLocality().hashCode() : 0);
-		result = 31 * result + (this.getRegion() != null ? this.getRegion().hashCode() : 0);
+		result = 31 * result + ((this.getRegion() != null) ? this.getRegion().hashCode() : 0);
-		result = 31 * result + (this.getPostalCode() != null ? this.getPostalCode().hashCode() : 0);
+		result = 31 * result + ((this.getPostalCode() != null) ? this.getPostalCode().hashCode() : 0);
-		result = 31 * result + (this.getCountry() != null ? this.getCountry().hashCode() : 0);
+		result = 31 * result + ((this.getCountry() != null) ? this.getCountry().hashCode() : 0);
 		return result;
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/user/OidcUserAuthority.java

@@ -104,14 +104,15 @@ public class OidcUserAuthority extends OAuth2UserAuthority {
 		if (!this.getIdToken().equals(that.getIdToken())) {
 			return false;
 		}
-		return this.getUserInfo() != null ? this.getUserInfo().equals(that.getUserInfo()) : that.getUserInfo() == null;
+		return (this.getUserInfo() != null) ? this.getUserInfo().equals(that.getUserInfo())
+				: that.getUserInfo() == null;
 	}
 
 	@Override
 	public int hashCode() {
 		int result = super.hashCode();
 		result = 31 * result + this.getIdToken().hashCode();
-		result = 31 * result + (this.getUserInfo() != null ? this.getUserInfo().hashCode() : 0);
+		result = 31 * result + ((this.getUserInfo() != null) ? this.getUserInfo().hashCode() : 0);
 		return result;
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/web/reactive/function/OAuth2AccessTokenResponseBodyExtractor.java

@@ -99,9 +99,9 @@ class OAuth2AccessTokenResponseBodyExtractor
 		}
 		else {
 			oauth2Error = new OAuth2Error(
-					errorObject.getCode() != null ? errorObject.getCode() : OAuth2ErrorCodes.SERVER_ERROR,
+					(errorObject.getCode() != null) ? errorObject.getCode() : OAuth2ErrorCodes.SERVER_ERROR,
 					errorObject.getDescription(),
-					errorObject.getURI() != null ? errorObject.getURI().toString() : null);
+					(errorObject.getURI() != null) ? errorObject.getURI().toString() : null);
 		}
 		return Mono.error(new OAuth2AuthorizationException(oauth2Error));
 	}
@@ -114,8 +114,8 @@ class OAuth2AccessTokenResponseBodyExtractor
 		}
 		long expiresIn = accessToken.getLifetime();
 
-		Set<String> scopes = accessToken.getScope() == null ? Collections.emptySet()
+		Set<String> scopes = (accessToken.getScope() != null)
-				: new LinkedHashSet<>(accessToken.getScope().toStringList());
+				? new LinkedHashSet<>(accessToken.getScope().toStringList()) : Collections.emptySet();
 
 		String refreshToken = null;
 		if (accessTokenResponse.getTokens().getRefreshToken() != null) {

openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java

@@ -164,7 +164,7 @@ public class OpenID4JavaConsumer implements OpenIDConsumer {
 		if (verified == null) {
 			Identifier id = discovered.getClaimedIdentifier();
 			return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE,
-					id == null ? "Unknown" : id.getIdentifier(),
+					(id != null) ? id.getIdentifier() : "Unknown",
 					"Verification status message: [" + verification.getStatusMsg() + "]",
 					Collections.<OpenIDAttribute>emptyList());
 		}

remoting/src/main/java/org/springframework/security/remoting/rmi/ContextPropagatingRemoteInvocation.java

@@ -65,7 +65,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation {
 		if (currentUser != null) {
 			this.principal = currentUser.getName();
 			Object userCredentials = currentUser.getCredentials();
-			this.credentials = userCredentials == null ? null : userCredentials.toString();
+			this.credentials = (userCredentials != null) ? userCredentials.toString() : null;
 		}
 		else {
 			this.credentials = null;

rsocket/src/main/java/org/springframework/security/rsocket/util/matcher/PayloadExchangeMatcher.java

@@ -81,7 +81,9 @@ public interface PayloadExchangeMatcher {
 		 * @return
 		 */
 		public static Mono<MatchResult> match(Map<String, ? extends Object> variables) {
-			return Mono.just(new MatchResult(true, variables == null ? null : new HashMap<String, Object>(variables)));
+			MatchResult result = new MatchResult(true,
+					(variables != null) ? new HashMap<String, Object>(variables) : null);
+			return Mono.just(result);
 		}
 
 		/**

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/core/Saml2Error.java

@@ -69,7 +69,7 @@ public class Saml2Error implements Serializable {
 
 	@Override
 	public String toString() {
-		return "[" + this.getErrorCode() + "] " + (this.getDescription() != null ? this.getDescription() : "");
+		return "[" + this.getErrorCode() + "] " + ((this.getDescription() != null) ? this.getDescription() : "");
 	}
 
 }

saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProvider.java

@@ -536,11 +536,11 @@ public final class OpenSamlAuthenticationProvider implements AuthenticationProvi
 		}
 		if (xmlObject instanceof XSBoolean) {
 			XSBooleanValue xsBooleanValue = ((XSBoolean) xmlObject).getValue();
-			return xsBooleanValue != null ? xsBooleanValue.getValue() : null;
+			return (xsBooleanValue != null) ? xsBooleanValue.getValue() : null;
 		}
 		if (xmlObject instanceof XSDateTime) {
 			DateTime dateTime = ((XSDateTime) xmlObject).getValue();
-			return dateTime != null ? Instant.ofEpochMilli(dateTime.getMillis()) : null;
+			return (dateTime != null) ? Instant.ofEpochMilli(dateTime.getMillis()) : null;
 		}
 		return null;
 	}