Merge branch '5.8.x' into 6.0.x

Closes gh-13882

acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java

@@ -49,7 +49,7 @@ import org.springframework.util.Assert;
 public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy {
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	private final GrantedAuthority gaGeneralChanges;
 

acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java

@@ -54,7 +54,7 @@ public class SidRetrievalStrategyImpl implements SidRetrievalStrategy {
 	@Override
 	public List<Sid> getSids(Authentication authentication) {
 		Collection<? extends GrantedAuthority> authorities = this.roleHierarchy
-				.getReachableGrantedAuthorities(authentication.getAuthorities());
+			.getReachableGrantedAuthorities(authentication.getAuthorities());
 		List<Sid> sids = new ArrayList<>(authorities.size() + 1);
 		sids.add(new PrincipalSid(authentication));
 		for (GrantedAuthority authority : authorities) {

acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java

@@ -579,7 +579,7 @@ public class BasicLookupStrategy implements LookupStrategy {
 				Serializable identifier = (Serializable) rs.getObject("object_id_identity");
 				identifier = BasicLookupStrategy.this.aclClassIdUtils.identifierFrom(identifier, rs);
 				ObjectIdentity objectIdentity = BasicLookupStrategy.this.objectIdentityGenerator
-						.createObjectIdentity(identifier, rs.getString("class"));
+					.createObjectIdentity(identifier, rs.getString("class"));
 
 				Acl parentAcl = null;
 				long parentAclId = rs.getLong("parent_object");

acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java

@@ -66,7 +66,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
 	private static final String DEFAULT_INSERT_INTO_ACL_CLASS_WITH_ID = "insert into acl_class (class, class_id_type) values (?, ?)";
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	private boolean foreignKeysInDatabase = true;
 

acl/src/test/java/org/springframework/security/acls/AclFormattingUtilsTests.java

@@ -37,7 +37,7 @@ public class AclFormattingUtilsTests {
 		assertThatIllegalArgumentException().isThrownBy(() -> AclFormattingUtils.demergePatterns(null, "SOME STRING"));
 		assertThatIllegalArgumentException().isThrownBy(() -> AclFormattingUtils.demergePatterns("SOME STRING", null));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> AclFormattingUtils.demergePatterns("SOME STRING", "LONGER SOME STRING"));
+			.isThrownBy(() -> AclFormattingUtils.demergePatterns("SOME STRING", "LONGER SOME STRING"));
 		assertThatNoException().isThrownBy(() -> AclFormattingUtils.demergePatterns("SOME STRING", "SAME LENGTH"));
 	}
 
@@ -46,7 +46,7 @@ public class AclFormattingUtilsTests {
 		String original = "...........................A...R";
 		String removeBits = "...............................R";
 		assertThat(AclFormattingUtils.demergePatterns(original, removeBits))
-				.isEqualTo("...........................A....");
+			.isEqualTo("...........................A....");
 		assertThat(AclFormattingUtils.demergePatterns("ABCDEF", "......")).isEqualTo("ABCDEF");
 		assertThat(AclFormattingUtils.demergePatterns("ABCDEF", "GHIJKL")).isEqualTo("......");
 	}
@@ -56,7 +56,7 @@ public class AclFormattingUtilsTests {
 		assertThatIllegalArgumentException().isThrownBy(() -> AclFormattingUtils.mergePatterns(null, "SOME STRING"));
 		assertThatIllegalArgumentException().isThrownBy(() -> AclFormattingUtils.mergePatterns("SOME STRING", null));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> AclFormattingUtils.mergePatterns("SOME STRING", "LONGER SOME STRING"));
+			.isThrownBy(() -> AclFormattingUtils.mergePatterns("SOME STRING", "LONGER SOME STRING"));
 		assertThatNoException().isThrownBy(() -> AclFormattingUtils.mergePatterns("SOME STRING", "SAME LENGTH"));
 	}
 
@@ -73,9 +73,9 @@ public class AclFormattingUtilsTests {
 	public final void testBinaryPrints() {
 		assertThat(AclFormattingUtils.printBinary(15)).isEqualTo("............................****");
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> AclFormattingUtils.printBinary(15, Permission.RESERVED_ON));
+			.isThrownBy(() -> AclFormattingUtils.printBinary(15, Permission.RESERVED_ON));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> AclFormattingUtils.printBinary(15, Permission.RESERVED_OFF));
+			.isThrownBy(() -> AclFormattingUtils.printBinary(15, Permission.RESERVED_OFF));
 		assertThat(AclFormattingUtils.printBinary(15, 'x')).isEqualTo("............................xxxx");
 	}
 

acl/src/test/java/org/springframework/security/acls/afterinvocation/AclEntryAfterInvocationCollectionFilteringProviderTests.java

@@ -85,7 +85,8 @@ public class AclEntryAfterInvocationCollectionFilteringProviderTests {
 		AclEntryAfterInvocationCollectionFilteringProvider provider = new AclEntryAfterInvocationCollectionFilteringProvider(
 				service, Arrays.asList(mock(Permission.class)));
 		assertThat(provider.decide(mock(Authentication.class), new Object(),
-				SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"), null)).isNull();
+				SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"), null))
+			.isNull();
 		verify(service, never()).readAclById(any(ObjectIdentity.class), any(List.class));
 	}
 

acl/src/test/java/org/springframework/security/acls/afterinvocation/AclEntryAfterInvocationProviderTests.java

@@ -54,7 +54,7 @@ public class AclEntryAfterInvocationProviderTests {
 	@Test
 	public void rejectsMissingPermissions() {
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new AclEntryAfterInvocationProvider(mock(AclService.class), null));
+			.isThrownBy(() -> new AclEntryAfterInvocationProvider(mock(AclService.class), null));
 		assertThatIllegalArgumentException().isThrownBy(
 				() -> new AclEntryAfterInvocationProvider(mock(AclService.class), Collections.<Permission>emptyList()));
 	}
@@ -112,12 +112,12 @@ public class AclEntryAfterInvocationProviderTests {
 		provider.setProcessDomainObjectClass(Object.class);
 		provider.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
 		assertThatExceptionOfType(AccessDeniedException.class)
-				.isThrownBy(() -> provider.decide(mock(Authentication.class), new Object(),
+			.isThrownBy(() -> provider.decide(mock(Authentication.class), new Object(),
-						SecurityConfig.createList("UNSUPPORTED", "MY_ATTRIBUTE"), new Object()));
+					SecurityConfig.createList("UNSUPPORTED", "MY_ATTRIBUTE"), new Object()));
 		// Second scenario with no acls found
 		assertThatExceptionOfType(AccessDeniedException.class)
-				.isThrownBy(() -> provider.decide(mock(Authentication.class), new Object(),
+			.isThrownBy(() -> provider.decide(mock(Authentication.class), new Object(),
-						SecurityConfig.createList("UNSUPPORTED", "MY_ATTRIBUTE"), new Object()));
+					SecurityConfig.createList("UNSUPPORTED", "MY_ATTRIBUTE"), new Object()));
 	}
 
 	@Test
@@ -126,7 +126,8 @@ public class AclEntryAfterInvocationProviderTests {
 		AclEntryAfterInvocationProvider provider = new AclEntryAfterInvocationProvider(service,
 				Arrays.asList(mock(Permission.class)));
 		assertThat(provider.decide(mock(Authentication.class), new Object(),
-				SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"), null)).isNull();
+				SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"), null))
+			.isNull();
 		verify(service, never()).readAclById(any(ObjectIdentity.class), any(List.class));
 	}
 

acl/src/test/java/org/springframework/security/acls/domain/AccessControlImplEntryTests.java

@@ -77,14 +77,14 @@ public class AccessControlImplEntryTests {
 		assertThat(ace).isNotNull();
 		assertThat(ace).isNotEqualTo(100L);
 		assertThat(ace).isEqualTo(ace);
-		assertThat(ace).isEqualTo(
+		assertThat(ace)
-				new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.ADMINISTRATION, true, true, true));
+			.isEqualTo(new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.ADMINISTRATION, true, true, true));
 		assertThat(ace).isNotEqualTo(
 				new AccessControlEntryImpl(2L, mockAcl, sid, BasePermission.ADMINISTRATION, true, true, true));
 		assertThat(ace).isNotEqualTo(new AccessControlEntryImpl(1L, mockAcl, new PrincipalSid("scott"),
 				BasePermission.ADMINISTRATION, true, true, true));
 		assertThat(ace)
-				.isNotEqualTo(new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.WRITE, true, true, true));
+			.isNotEqualTo(new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.WRITE, true, true, true));
 		assertThat(ace).isNotEqualTo(
 				new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.ADMINISTRATION, false, true, true));
 		assertThat(ace).isNotEqualTo(

acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java

@@ -103,7 +103,7 @@ public class AclImplTests {
 		assertThatIllegalArgumentException().isThrownBy(
 				() -> new AclImpl(null, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe")));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new AclImpl(null, 1, this.authzStrategy, this.mockAuditLogger));
+			.isThrownBy(() -> new AclImpl(null, 1, this.authzStrategy, this.mockAuditLogger));
 	}
 
 	@Test
@@ -111,7 +111,7 @@ public class AclImplTests {
 		assertThatIllegalArgumentException().isThrownBy(() -> new AclImpl(this.objectIdentity, null, this.authzStrategy,
 				this.pgs, null, null, true, new PrincipalSid("joe")));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new AclImpl(this.objectIdentity, null, this.authzStrategy, this.mockAuditLogger));
+			.isThrownBy(() -> new AclImpl(this.objectIdentity, null, this.authzStrategy, this.mockAuditLogger));
 	}
 
 	@Test
@@ -120,7 +120,7 @@ public class AclImplTests {
 				new DefaultPermissionGrantingStrategy(this.mockAuditLogger), null, null, true,
 				new PrincipalSid("joe")));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new AclImpl(this.objectIdentity, 1, null, this.mockAuditLogger));
+			.isThrownBy(() -> new AclImpl(this.objectIdentity, 1, null, this.mockAuditLogger));
 	}
 
 	@Test
@@ -128,7 +128,7 @@ public class AclImplTests {
 		MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
 				new PrincipalSid("joe"));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> acl.insertAce(0, null, new GrantedAuthoritySid("ROLE_IGNORED"), true));
+			.isThrownBy(() -> acl.insertAce(0, null, new GrantedAuthoritySid("ROLE_IGNORED"), true));
 		assertThatIllegalArgumentException().isThrownBy(() -> acl.insertAce(0, BasePermission.READ, null, true));
 	}
 
@@ -175,7 +175,7 @@ public class AclImplTests {
 		acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true);
 		service.updateAcl(acl);
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> acl.insertAce(55, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true));
+			.isThrownBy(() -> acl.insertAce(55, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true));
 	}
 
 	@Test
@@ -223,7 +223,7 @@ public class AclImplTests {
 				new PrincipalSid("joe"));
 		Sid ben = new PrincipalSid("ben");
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> acl.isGranted(new ArrayList<>(0), Arrays.asList(ben), false));
+			.isThrownBy(() -> acl.isGranted(new ArrayList<>(0), Arrays.asList(ben), false));
 		assertThatIllegalArgumentException().isThrownBy(() -> acl.isGranted(READ, new ArrayList<>(0), false));
 	}
 
@@ -246,12 +246,14 @@ public class AclImplTests {
 		List<Sid> sids = Arrays.asList(new PrincipalSid("ben"), new GrantedAuthoritySid("ROLE_GUEST"));
 		assertThat(rootAcl.isGranted(permissions, sids, false)).isFalse();
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> rootAcl.isGranted(permissions, SCOTT, false));
+			.isThrownBy(() -> rootAcl.isGranted(permissions, SCOTT, false));
 		assertThat(rootAcl.isGranted(WRITE, SCOTT, false)).isTrue();
 		assertThat(rootAcl.isGranted(WRITE,
-				Arrays.asList(new PrincipalSid("rod"), new GrantedAuthoritySid("WRITE_ACCESS_ROLE")), false)).isFalse();
+				Arrays.asList(new PrincipalSid("rod"), new GrantedAuthoritySid("WRITE_ACCESS_ROLE")), false))
+			.isFalse();
 		assertThat(rootAcl.isGranted(WRITE,
-				Arrays.asList(new GrantedAuthoritySid("WRITE_ACCESS_ROLE"), new PrincipalSid("rod")), false)).isTrue();
+				Arrays.asList(new GrantedAuthoritySid("WRITE_ACCESS_ROLE"), new PrincipalSid("rod")), false))
+			.isTrue();
 		// Change the type of the Sid and check the granting process
 		assertThatExceptionOfType(NotFoundException.class).isThrownBy(() -> rootAcl.isGranted(WRITE,
 				Arrays.asList(new GrantedAuthoritySid("rod"), new PrincipalSid("WRITE_ACCESS_ROLE")), false));
@@ -292,7 +294,7 @@ public class AclImplTests {
 		// Check granting process for parent1
 		assertThat(parentAcl1.isGranted(READ, SCOTT, false)).isTrue();
 		assertThat(parentAcl1.isGranted(READ, Arrays.asList((Sid) new GrantedAuthoritySid("ROLE_USER_READ")), false))
-				.isTrue();
+			.isTrue();
 		assertThat(parentAcl1.isGranted(WRITE, BEN, false)).isTrue();
 		assertThat(parentAcl1.isGranted(DELETE, BEN, false)).isFalse();
 		assertThat(parentAcl1.isGranted(DELETE, SCOTT, false)).isFalse();
@@ -303,13 +305,13 @@ public class AclImplTests {
 		// Check granting process for child1
 		assertThat(childAcl1.isGranted(CREATE, SCOTT, false)).isTrue();
 		assertThat(childAcl1.isGranted(READ, Arrays.asList((Sid) new GrantedAuthoritySid("ROLE_USER_READ")), false))
-				.isTrue();
+			.isTrue();
 		assertThat(childAcl1.isGranted(DELETE, BEN, false)).isFalse();
 		// Check granting process for child2 (doesn't inherit the permissions from its
 		// parent)
 		assertThatExceptionOfType(NotFoundException.class).isThrownBy(() -> childAcl2.isGranted(CREATE, SCOTT, false));
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> childAcl2.isGranted(CREATE, Arrays.asList((Sid) new PrincipalSid("joe")), false));
+			.isThrownBy(() -> childAcl2.isGranted(CREATE, Arrays.asList((Sid) new PrincipalSid("joe")), false));
 	}
 
 	@Test
@@ -396,20 +398,20 @@ public class AclImplTests {
 				new PrincipalSid("joe"));
 		assertThat(acl.isSidLoaded(loadedSids)).isTrue();
 		assertThat(acl.isSidLoaded(Arrays.asList(new GrantedAuthoritySid("ROLE_IGNORED"), new PrincipalSid("ben"))))
-				.isTrue();
+			.isTrue();
 		assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid("ROLE_IGNORED")))).isTrue();
 		assertThat(acl.isSidLoaded(BEN)).isTrue();
 		assertThat(acl.isSidLoaded(null)).isTrue();
 		assertThat(acl.isSidLoaded(new ArrayList<>(0))).isTrue();
 		assertThat(acl.isSidLoaded(
 				Arrays.asList(new GrantedAuthoritySid("ROLE_IGNORED"), new GrantedAuthoritySid("ROLE_IGNORED"))))
-						.isTrue();
+			.isTrue();
 		assertThat(acl.isSidLoaded(
 				Arrays.asList(new GrantedAuthoritySid("ROLE_GENERAL"), new GrantedAuthoritySid("ROLE_IGNORED"))))
-						.isFalse();
+			.isFalse();
 		assertThat(acl.isSidLoaded(
 				Arrays.asList(new GrantedAuthoritySid("ROLE_IGNORED"), new GrantedAuthoritySid("ROLE_GENERAL"))))
-						.isFalse();
+			.isFalse();
 	}
 
 	@Test
@@ -417,7 +419,7 @@ public class AclImplTests {
 		AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
 				new PrincipalSid("joe"));
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> acl.insertAce(-1, mock(Permission.class), mock(Sid.class), true));
+			.isThrownBy(() -> acl.insertAce(-1, mock(Permission.class), mock(Sid.class), true));
 	}
 
 	@Test
@@ -435,7 +437,7 @@ public class AclImplTests {
 		acl.insertAce(0, mock(Permission.class), mock(Sid.class), true);
 		// Size is now 1
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> acl.insertAce(2, mock(Permission.class), mock(Sid.class), true));
+			.isThrownBy(() -> acl.insertAce(2, mock(Permission.class), mock(Sid.class), true));
 	}
 
 	// SEC-1151
@@ -466,7 +468,7 @@ public class AclImplTests {
 		AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, maskPgs, null, null, true,
 				new PrincipalSid("joe"));
 		Permission permission = this.permissionFactory
-				.buildFromMask(BasePermission.READ.getMask() | BasePermission.WRITE.getMask());
+			.buildFromMask(BasePermission.READ.getMask() | BasePermission.WRITE.getMask());
 		Sid sid = new PrincipalSid("ben");
 		acl.insertAce(0, permission, sid, true);
 		service.updateAcl(acl);

acl/src/test/java/org/springframework/security/acls/domain/AclImplementationSecurityCheckTests.java

@@ -73,12 +73,12 @@ public class AclImplementationSecurityCheckTests {
 				new SimpleGrantedAuthority("ROLE_THREE"));
 		Acl acl2 = new AclImpl(identity, 1L, aclAuthorizationStrategy2, new ConsoleAuditLogger());
 		// Check access in case the principal has no authorization rights
-		assertThatExceptionOfType(NotFoundException.class).isThrownBy(
+		assertThatExceptionOfType(NotFoundException.class)
-				() -> aclAuthorizationStrategy2.securityCheck(acl2, AclAuthorizationStrategy.CHANGE_GENERAL));
+			.isThrownBy(() -> aclAuthorizationStrategy2.securityCheck(acl2, AclAuthorizationStrategy.CHANGE_GENERAL));
-		assertThatExceptionOfType(NotFoundException.class).isThrownBy(
+		assertThatExceptionOfType(NotFoundException.class)
-				() -> aclAuthorizationStrategy2.securityCheck(acl2, AclAuthorizationStrategy.CHANGE_AUDITING));
+			.isThrownBy(() -> aclAuthorizationStrategy2.securityCheck(acl2, AclAuthorizationStrategy.CHANGE_AUDITING));
-		assertThatExceptionOfType(NotFoundException.class).isThrownBy(
+		assertThatExceptionOfType(NotFoundException.class)
-				() -> aclAuthorizationStrategy2.securityCheck(acl2, AclAuthorizationStrategy.CHANGE_OWNERSHIP));
+			.isThrownBy(() -> aclAuthorizationStrategy2.securityCheck(acl2, AclAuthorizationStrategy.CHANGE_OWNERSHIP));
 	}
 
 	@Test
@@ -181,11 +181,11 @@ public class AclImplementationSecurityCheckTests {
 				new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()), null, null, false,
 				new PrincipalSid(auth));
 		assertThatNoException()
-				.isThrownBy(() -> aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL));
+			.isThrownBy(() -> aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL));
-		assertThatExceptionOfType(NotFoundException.class).isThrownBy(
+		assertThatExceptionOfType(NotFoundException.class)
-				() -> aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_AUDITING));
+			.isThrownBy(() -> aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_AUDITING));
-		assertThatNoException().isThrownBy(
+		assertThatNoException()
-				() -> aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_OWNERSHIP));
+			.isThrownBy(() -> aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_OWNERSHIP));
 	}
 
 }

acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java

@@ -60,7 +60,7 @@ public class ObjectIdentityImplTests {
 	public void testGetIdMethodConstraints() {
 		// Check the getId() method is present
 		assertThatExceptionOfType(IdentityUnavailableException.class)
-				.isThrownBy(() -> new ObjectIdentityImpl("A_STRING_OBJECT"));
+			.isThrownBy(() -> new ObjectIdentityImpl("A_STRING_OBJECT"));
 		// getId() should return a non-null value
 		MockIdDomainObject mockId = new MockIdDomainObject();
 		assertThatIllegalArgumentException().isThrownBy(() -> new ObjectIdentityImpl(mockId));

acl/src/test/java/org/springframework/security/acls/domain/PermissionTests.java

@@ -47,10 +47,12 @@ public class PermissionTests {
 	public void expectedIntegerValues() {
 		assertThat(BasePermission.READ.getMask()).isEqualTo(1);
 		assertThat(BasePermission.ADMINISTRATION.getMask()).isEqualTo(16);
-		assertThat(new CumulativePermission().set(BasePermission.READ).set(BasePermission.WRITE)
+		assertThat(new CumulativePermission().set(BasePermission.READ)
-				.set(BasePermission.CREATE).getMask()).isEqualTo(7);
+			.set(BasePermission.WRITE)
+			.set(BasePermission.CREATE)
+			.getMask()).isEqualTo(7);
 		assertThat(new CumulativePermission().set(BasePermission.READ).set(BasePermission.ADMINISTRATION).getMask())
-				.isEqualTo(17);
+			.isEqualTo(17);
 	}
 
 	@Test
@@ -64,20 +66,23 @@ public class PermissionTests {
 		this.permissionFactory.registerPublicPermissions(SpecialPermission.class);
 		assertThat(BasePermission.READ.toString()).isEqualTo("BasePermission[...............................R=1]");
 		assertThat(BasePermission.ADMINISTRATION.toString())
-				.isEqualTo("BasePermission[...........................A....=16]");
+			.isEqualTo("BasePermission[...........................A....=16]");
 		assertThat(new CumulativePermission().set(BasePermission.READ).toString())
-				.isEqualTo("CumulativePermission[...............................R=1]");
+			.isEqualTo("CumulativePermission[...............................R=1]");
 		assertThat(
 				new CumulativePermission().set(SpecialPermission.ENTER).set(BasePermission.ADMINISTRATION).toString())
-						.isEqualTo("CumulativePermission[..........................EA....=48]");
+			.isEqualTo("CumulativePermission[..........................EA....=48]");
 		assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION).set(BasePermission.READ).toString())
-				.isEqualTo("CumulativePermission[...........................A...R=17]");
+			.isEqualTo("CumulativePermission[...........................A...R=17]");
-		assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION).set(BasePermission.READ)
+		assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION)
-				.clear(BasePermission.ADMINISTRATION).toString())
+			.set(BasePermission.READ)
-						.isEqualTo("CumulativePermission[...............................R=1]");
+			.clear(BasePermission.ADMINISTRATION)
-		assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION).set(BasePermission.READ)
+			.toString()).isEqualTo("CumulativePermission[...............................R=1]");
-				.clear(BasePermission.ADMINISTRATION).clear(BasePermission.READ).toString())
+		assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION)
-						.isEqualTo("CumulativePermission[................................=0]");
+			.set(BasePermission.READ)
+			.clear(BasePermission.ADMINISTRATION)
+			.clear(BasePermission.READ)
+			.toString()).isEqualTo("CumulativePermission[................................=0]");
 	}
 
 }

acl/src/test/java/org/springframework/security/acls/jdbc/AbstractBasicLookupStrategyTests.java

@@ -149,7 +149,7 @@ public abstract class AbstractBasicLookupStrategyTests {
 		// Deliberately use an integer for the child, to reproduce bug report in SEC-819
 		ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 102);
 		Map<ObjectIdentity, Acl> map = this.strategy
-				.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
+			.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
 		checkEntries(topParentOid, middleParentOid, childOid, map);
 	}
 
@@ -163,7 +163,7 @@ public abstract class AbstractBasicLookupStrategyTests {
 		// Let's empty the database to force acls retrieval from cache
 		emptyDatabase();
 		Map<ObjectIdentity, Acl> map = this.strategy
-				.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
+			.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
 		checkEntries(topParentOid, middleParentOid, childOid, map);
 	}
 
@@ -176,7 +176,7 @@ public abstract class AbstractBasicLookupStrategyTests {
 		// acls
 		this.strategy.setBatchSize(1);
 		Map<ObjectIdentity, Acl> map = this.strategy
-				.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
+			.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
 		checkEntries(topParentOid, middleParentOid, childOid, map);
 	}
 
@@ -303,7 +303,7 @@ public abstract class AbstractBasicLookupStrategyTests {
 		getJdbcTemplate().execute(query);
 		ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 104L);
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> this.strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID)));
+			.isThrownBy(() -> this.strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID)));
 	}
 
 	@Test

acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyWithAclClassTypeTests.java

@@ -116,7 +116,7 @@ public class BasicLookupStrategyWithAclClassTypeTests extends AbstractBasicLooku
 	public void testReadObjectIdentityUsingNonUuidInDatabase() {
 		ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, OBJECT_IDENTITY_LONG_AS_UUID);
 		assertThatExceptionOfType(ConversionFailedException.class)
-				.isThrownBy(() -> this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID)));
+			.isThrownBy(() -> this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID)));
 	}
 
 }

acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java

@@ -101,7 +101,7 @@ public class JdbcAclServiceTests {
 		ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 1);
 		List<Sid> sids = Arrays.<Sid>asList(new PrincipalSid("user"));
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> this.aclService.readAclById(objectIdentity, sids));
+			.isThrownBy(() -> this.aclService.readAclById(objectIdentity, sids));
 	}
 
 	@Test
@@ -168,20 +168,20 @@ public class JdbcAclServiceTests {
 		assertThat(objectIdentities.size()).isEqualTo(1);
 		assertThat(objectIdentities.get(0).getType()).isEqualTo("costcenter");
 		assertThat(objectIdentities.get(0).getIdentifier())
-				.isEqualTo(UUID.fromString("25d93b3f-c3aa-4814-9d5e-c7c96ced7762"));
+			.isEqualTo(UUID.fromString("25d93b3f-c3aa-4814-9d5e-c7c96ced7762"));
 	}
 
 	@Test
 	public void setObjectIdentityGeneratorWhenNullThenThrowsIllegalArgumentException() {
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> this.aclServiceIntegration.setObjectIdentityGenerator(null))
+			.isThrownBy(() -> this.aclServiceIntegration.setObjectIdentityGenerator(null))
-				.withMessage("objectIdentityGenerator cannot be null");
+			.withMessage("objectIdentityGenerator cannot be null");
 	}
 
 	@Test
 	public void findChildrenWhenObjectIdentityGeneratorSetThenUsed() {
 		this.aclServiceIntegration
-				.setObjectIdentityGenerator((id, type) -> new ObjectIdentityImpl(type, "prefix:" + id));
+			.setObjectIdentityGenerator((id, type) -> new ObjectIdentityImpl(type, "prefix:" + id));
 
 		ObjectIdentity objectIdentity = new ObjectIdentityImpl("location", "US");
 		this.aclServiceIntegration.setAclClassIdSupported(true);

acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java

@@ -168,7 +168,7 @@ public class JdbcMutableAclServiceTests {
 		this.jdbcMutableAclService.updateAcl(child);
 		// Let's check if we can read them back correctly
 		Map<ObjectIdentity, Acl> map = this.jdbcMutableAclService
-				.readAclsById(Arrays.asList(getTopParentOid(), getMiddleParentOid(), getChildOid()));
+			.readAclsById(Arrays.asList(getTopParentOid(), getMiddleParentOid(), getChildOid()));
 		assertThat(map).hasSize(3);
 		// Get the retrieved versions
 		MutableAcl retrievedTopParent = (MutableAcl) map.get(getTopParentOid());
@@ -196,7 +196,7 @@ public class JdbcMutableAclServiceTests {
 		assertThat(retrievedMiddleParent.isGranted(delete, pSid, false)).isTrue();
 		assertThat(retrievedChild.isGranted(delete, pSid, false)).isFalse();
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> retrievedChild.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), pSid, false));
+			.isThrownBy(() -> retrievedChild.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), pSid, false));
 		// Now check the inherited rights (when not explicitly overridden) also look OK
 		assertThat(retrievedChild.isGranted(read, pSid, false)).isTrue();
 		assertThat(retrievedChild.isGranted(write, pSid, false)).isFalse();
@@ -209,9 +209,9 @@ public class JdbcMutableAclServiceTests {
 		// Check the child permissions no longer inherit
 		assertThat(nonInheritingChild.isGranted(delete, pSid, true)).isFalse();
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> nonInheritingChild.isGranted(read, pSid, true));
+			.isThrownBy(() -> nonInheritingChild.isGranted(read, pSid, true));
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> nonInheritingChild.isGranted(write, pSid, true));
+			.isThrownBy(() -> nonInheritingChild.isGranted(write, pSid, true));
 		// Let's add an identical permission to the child, but it'll appear AFTER the
 		// current permission, so has no impact
 		nonInheritingChild.insertAce(1, BasePermission.DELETE, new PrincipalSid(this.auth), true);
@@ -266,9 +266,9 @@ public class JdbcMutableAclServiceTests {
 		// Delete the mid-parent and test if the child was deleted, as well
 		this.jdbcMutableAclService.deleteAcl(getMiddleParentOid(), true);
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> this.jdbcMutableAclService.readAclById(getMiddleParentOid()));
+			.isThrownBy(() -> this.jdbcMutableAclService.readAclById(getMiddleParentOid()));
 		assertThatExceptionOfType(NotFoundException.class)
-				.isThrownBy(() -> this.jdbcMutableAclService.readAclById(getChildOid()));
+			.isThrownBy(() -> this.jdbcMutableAclService.readAclById(getChildOid()));
 		Acl acl = this.jdbcMutableAclService.readAclById(getTopParentOid());
 		assertThat(acl).isNotNull();
 		assertThat(getTopParentOid()).isEqualTo(acl.getObjectIdentity());
@@ -277,11 +277,11 @@ public class JdbcMutableAclServiceTests {
 	@Test
 	public void constructorRejectsNullParameters() {
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new JdbcMutableAclService(null, this.lookupStrategy, this.aclCache));
+			.isThrownBy(() -> new JdbcMutableAclService(null, this.lookupStrategy, this.aclCache));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new JdbcMutableAclService(this.dataSource, null, this.aclCache));
+			.isThrownBy(() -> new JdbcMutableAclService(this.dataSource, null, this.aclCache));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new JdbcMutableAclService(this.dataSource, this.lookupStrategy, null));
+			.isThrownBy(() -> new JdbcMutableAclService(this.dataSource, this.lookupStrategy, null));
 	}
 
 	@Test
@@ -297,7 +297,7 @@ public class JdbcMutableAclServiceTests {
 		this.jdbcMutableAclService.createAcl(duplicateOid);
 		// Try to add the same object second time
 		assertThatExceptionOfType(AlreadyExistsException.class)
-				.isThrownBy(() -> this.jdbcMutableAclService.createAcl(duplicateOid));
+			.isThrownBy(() -> this.jdbcMutableAclService.createAcl(duplicateOid));
 	}
 
 	@Test
@@ -320,7 +320,7 @@ public class JdbcMutableAclServiceTests {
 		try {
 			// checking in the class, not database
 			assertThatExceptionOfType(ChildrenExistException.class)
-					.isThrownBy(() -> this.jdbcMutableAclService.deleteAcl(getTopParentOid(), false));
+				.isThrownBy(() -> this.jdbcMutableAclService.deleteAcl(getTopParentOid(), false));
 		}
 		finally {
 			// restore to the default
@@ -392,7 +392,7 @@ public class JdbcMutableAclServiceTests {
 		child = (MutableAcl) this.jdbcMutableAclService.readAclById(childOid);
 		parent = (MutableAcl) child.getParentAcl();
 		assertThat(parent.getEntries()).hasSize(2)
-				.withFailMessage("Fails because child has a stale reference to its parent");
+			.withFailMessage("Fails because child has a stale reference to its parent");
 		assertThat(parent.getEntries().get(0).getPermission().getMask()).isEqualTo(1);
 		assertThat(parent.getEntries().get(0).getSid()).isEqualTo(new PrincipalSid("ben"));
 		assertThat(parent.getEntries().get(1).getPermission().getMask()).isEqualTo(1);

acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTestsWithAclClassId.java

@@ -79,7 +79,7 @@ public class JdbcMutableAclServiceTestsWithAclClassId extends JdbcMutableAclServ
 		ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, id);
 		getJdbcMutableAclService().createAcl(oid);
 		assertThat(getJdbcMutableAclService().readAclById(new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, id)))
-				.isNotNull();
+			.isNotNull();
 	}
 
 }

acl/src/test/java/org/springframework/security/acls/sid/SidTests.java

@@ -46,9 +46,9 @@ public class SidTests {
 		// Check one Authentication-argument constructor
 		assertThatIllegalArgumentException().isThrownBy(() -> new PrincipalSid((Authentication) null));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new PrincipalSid(new TestingAuthenticationToken(null, "password")));
+			.isThrownBy(() -> new PrincipalSid(new TestingAuthenticationToken(null, "password")));
 		assertThatNoException()
-				.isThrownBy(() -> new PrincipalSid(new TestingAuthenticationToken("johndoe", "password")));
+			.isThrownBy(() -> new PrincipalSid(new TestingAuthenticationToken("johndoe", "password")));
 	}
 
 	@Test
@@ -60,7 +60,7 @@ public class SidTests {
 		// Check one GrantedAuthority-argument constructor
 		assertThatIllegalArgumentException().isThrownBy(() -> new GrantedAuthoritySid((GrantedAuthority) null));
 		assertThatIllegalArgumentException()
-				.isThrownBy(() -> new GrantedAuthoritySid(new SimpleGrantedAuthority(null)));
+			.isThrownBy(() -> new GrantedAuthoritySid(new SimpleGrantedAuthority(null)));
 		assertThatNoException().isThrownBy(() -> new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST")));
 	}
 
@@ -100,7 +100,7 @@ public class SidTests {
 		assertThat(principalSid.hashCode()).isEqualTo(new PrincipalSid("johndoe").hashCode());
 		assertThat(principalSid.hashCode()).isNotEqualTo(new PrincipalSid("scott").hashCode());
 		assertThat(principalSid.hashCode())
-				.isNotEqualTo(new PrincipalSid(new TestingAuthenticationToken("scott", "password")).hashCode());
+			.isNotEqualTo(new PrincipalSid(new TestingAuthenticationToken("scott", "password")).hashCode());
 	}
 
 	@Test
@@ -111,7 +111,7 @@ public class SidTests {
 		assertThat(gaSid.hashCode()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST").hashCode());
 		assertThat(gaSid.hashCode()).isNotEqualTo(new GrantedAuthoritySid("ROLE_TEST_2").hashCode());
 		assertThat(gaSid.hashCode())
-				.isNotEqualTo(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST_2")).hashCode());
+			.isNotEqualTo(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST_2")).hashCode());
 	}
 
 	@Test

aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java

@@ -101,7 +101,7 @@ public class AnnotationSecurityAspectTests {
 	@Test
 	public void securedClassMethodDeniesUnauthenticatedAccess() {
 		assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
-				.isThrownBy(() -> this.secured.securedClassMethod());
+			.isThrownBy(() -> this.secured.securedClassMethod());
 	}
 
 	@Test

aspects/src/test/java/org/springframework/security/authorization/method/aspectj/PostAuthorizeAspectTests.java

@@ -68,7 +68,7 @@ public class PostAuthorizeAspectTests {
 	@Test
 	public void securedClassMethodDeniesUnauthenticatedAccess() {
 		assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
-				.isThrownBy(() -> this.secured.securedClassMethod());
+			.isThrownBy(() -> this.secured.securedClassMethod());
 	}
 
 	@Test

aspects/src/test/java/org/springframework/security/authorization/method/aspectj/PreAuthorizeAspectTests.java

@@ -68,7 +68,7 @@ public class PreAuthorizeAspectTests {
 	@Test
 	public void securedClassMethodDeniesUnauthenticatedAccess() {
 		assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
-				.isThrownBy(() -> this.secured.securedClassMethod());
+			.isThrownBy(() -> this.secured.securedClassMethod());
 	}
 
 	@Test

aspects/src/test/java/org/springframework/security/authorization/method/aspectj/SecuredAspectTests.java

@@ -66,7 +66,7 @@ public class SecuredAspectTests {
 	@Test
 	public void securedClassMethodDeniesUnauthenticatedAccess() {
 		assertThatExceptionOfType(AuthenticationCredentialsNotFoundException.class)
-				.isThrownBy(() -> this.secured.securedClassMethod());
+			.isThrownBy(() -> this.secured.securedClassMethod());
 	}
 
 	@Test

config/src/integration-test/java/org/springframework/security/config/annotation/authentication/ldap/LdapAuthenticationProviderBuilderSecurityBuilderTests.java

@@ -74,8 +74,8 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
 		assertThat(authoritiesPopulator).hasFieldOrPropertyWithValue("groupRoleAttribute", "cn");
 		assertThat(authoritiesPopulator).hasFieldOrPropertyWithValue("groupSearchBase", "");
 		assertThat(authoritiesPopulator).hasFieldOrPropertyWithValue("groupSearchFilter", "(uniqueMember={0})");
-		assertThat(authoritiesPopulator).extracting("searchControls").hasFieldOrPropertyWithValue("searchScope",
+		assertThat(authoritiesPopulator).extracting("searchControls")
-				SearchControls.ONELEVEL_SCOPE);
+			.hasFieldOrPropertyWithValue("searchScope", SearchControls.ONELEVEL_SCOPE);
 		assertThat(ReflectionTestUtils.getField(getAuthoritiesMapper(provider), "prefix")).isEqualTo("ROLE_");
 	}
 
@@ -85,7 +85,7 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
 		LdapAuthenticationProvider provider = ldapProvider();
 
 		assertThat(ReflectionTestUtils.getField(getAuthoritiesPopulator(provider), "groupRoleAttribute"))
-				.isEqualTo("group");
+			.isEqualTo("group");
 	}
 
 	@Test
@@ -94,7 +94,7 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
 		LdapAuthenticationProvider provider = ldapProvider();
 
 		assertThat(ReflectionTestUtils.getField(getAuthoritiesPopulator(provider), "groupSearchFilter"))
-				.isEqualTo("ou=groupName");
+			.isEqualTo("ou=groupName");
 	}
 
 	@Test
@@ -103,7 +103,8 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
 		LdapAuthenticationProvider provider = ldapProvider();
 
 		assertThat(ReflectionTestUtils.getField(getAuthoritiesPopulator(provider), "searchControls"))
-				.extracting("searchScope").isEqualTo(SearchControls.SUBTREE_SCOPE);
+			.extracting("searchScope")
+			.isEqualTo(SearchControls.SUBTREE_SCOPE);
 	}
 
 	@Test
@@ -119,8 +120,8 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
 		this.spring.register(BindAuthenticationConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob")
+			.andExpect(authenticated().withUsername("bob")
-						.withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_DEVELOPERS"))));
+				.withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_DEVELOPERS"))));
 	}
 
 	// SEC-2472
@@ -129,13 +130,14 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
 		this.spring.register(PasswordEncoderConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bcrypt").password("password"))
-				.andExpect(authenticated().withUsername("bcrypt")
+			.andExpect(authenticated().withUsername("bcrypt")
-						.withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_DEVELOPERS"))));
+				.withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_DEVELOPERS"))));
 	}
 
 	private LdapAuthenticationProvider ldapProvider() {
 		return ((List<LdapAuthenticationProvider>) ReflectionTestUtils.getField(this.authenticationManager,
-				"providers")).get(0);
+				"providers"))
+			.get(0);
 	}
 
 	private LdapAuthoritiesPopulator getAuthoritiesPopulator(LdapAuthenticationProvider provider) {

config/src/integration-test/java/org/springframework/security/config/annotation/authentication/ldap/LdapAuthenticationProviderConfigurerTests.java

@@ -51,7 +51,7 @@ public class LdapAuthenticationProviderConfigurerTests {
 		this.spring.register(MultiLdapAuthenticationProvidersConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Test

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/JwtITests.java

@@ -122,7 +122,7 @@ public class JwtITests {
 	@Test
 	public void routeWhenAuthenticationBearerThenAuthorized() {
 		MimeType authenticationMimeType = MimeTypeUtils
-				.parseMimeType(WellKnownMimeType.MESSAGE_RSOCKET_AUTHENTICATION.getString());
+			.parseMimeType(WellKnownMimeType.MESSAGE_RSOCKET_AUTHENTICATION.getString());
 		BearerTokenMetadata credentials = new BearerTokenMetadata("token");
 		given(this.decoder.decode(any())).willReturn(Mono.just(jwt()));
 		// @formatter:off
@@ -137,8 +137,11 @@ public class JwtITests {
 	}
 
 	private Jwt jwt() {
-		return TestJwts.jwt().claim(IdTokenClaimNames.ISS, "https://issuer.example.com")
+		return TestJwts.jwt()
-				.claim(IdTokenClaimNames.SUB, "rob").claim(IdTokenClaimNames.AUD, Arrays.asList("client-id")).build();
+			.claim(IdTokenClaimNames.ISS, "https://issuer.example.com")
+			.claim(IdTokenClaimNames.SUB, "rob")
+			.claim(IdTokenClaimNames.AUD, Arrays.asList("client-id"))
+			.build();
 	}
 
 	private RSocketRequester.Builder requester() {
@@ -169,7 +172,7 @@ public class JwtITests {
 		@Bean
 		PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
 			rsocket.authorizePayload((authorize) -> authorize.anyRequest().authenticated().anyExchange().permitAll())
-					.jwt(Customizer.withDefaults());
+				.jwt(Customizer.withDefaults());
 			return rsocket.build();
 		}
 

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerITests.java

@@ -195,7 +195,7 @@ public class RSocketMessageHandlerITests {
 		String data = "a";
 		assertThatExceptionOfType(ApplicationErrorException.class).isThrownBy(
 				() -> this.requester.route("secure.hello").data(data).retrieveFlux(String.class).collectList().block())
-				.withMessageContaining("Access Denied");
+			.withMessageContaining("Access Denied");
 		assertThat(this.controller.payloads).isEmpty();
 	}
 

config/src/integration-test/java/org/springframework/security/config/annotation/rsocket/SimpleAuthenticationITests.java

@@ -117,7 +117,7 @@ public class SimpleAuthenticationITests {
 	@Test
 	public void retrieveMonoWhenAuthorizedThenGranted() {
 		MimeType authenticationMimeType = MimeTypeUtils
-				.parseMimeType(WellKnownMimeType.MESSAGE_RSOCKET_AUTHENTICATION.getString());
+			.parseMimeType(WellKnownMimeType.MESSAGE_RSOCKET_AUTHENTICATION.getString());
 		UsernamePasswordMetadata credentials = new UsernamePasswordMetadata("rob", "password");
 		// @formatter:off
 		this.requester = RSocketRequester.builder()
@@ -161,7 +161,7 @@ public class SimpleAuthenticationITests {
 		@Bean
 		PayloadSocketAcceptorInterceptor rsocketInterceptor(RSocketSecurity rsocket) {
 			rsocket.authorizePayload((authorize) -> authorize.anyRequest().authenticated().anyExchange().permitAll())
-					.simpleAuthentication(Customizer.withDefaults());
+				.simpleAuthentication(Customizer.withDefaults());
 			return rsocket.build();
 		}
 

config/src/integration-test/java/org/springframework/security/config/ldap/EmbeddedLdapServerContextSourceFactoryBeanITests.java

@@ -48,7 +48,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		this.spring.register(FromEmbeddedLdapServerConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Test
@@ -56,7 +56,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		this.spring.register(PortZeroConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Test
@@ -71,15 +71,16 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		this.spring.register(CustomManagerDnConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Test
 	public void contextSourceFactoryBeanWhenManagerDnAndNoPasswordThenException() {
 		assertThatExceptionOfType(UnsatisfiedDependencyException.class)
-				.isThrownBy(() -> this.spring.register(CustomManagerDnNoPasswordConfig.class).autowire())
+			.isThrownBy(() -> this.spring.register(CustomManagerDnNoPasswordConfig.class).autowire())
-				.havingRootCause().isInstanceOf(IllegalStateException.class)
+			.havingRootCause()
-				.withMessageContaining("managerPassword is required if managerDn is supplied");
+			.isInstanceOf(IllegalStateException.class)
+			.withMessageContaining("managerPassword is required if managerDn is supplied");
 	}
 
 	@Configuration
@@ -107,7 +108,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		@Bean
 		EmbeddedLdapServerContextSourceFactoryBean contextSourceFactoryBean() {
 			EmbeddedLdapServerContextSourceFactoryBean factoryBean = EmbeddedLdapServerContextSourceFactoryBean
-					.fromEmbeddedLdapServer();
+				.fromEmbeddedLdapServer();
 			factoryBean.setPort(0);
 			return factoryBean;
 		}
@@ -128,7 +129,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		@Bean
 		EmbeddedLdapServerContextSourceFactoryBean contextSourceFactoryBean() {
 			EmbeddedLdapServerContextSourceFactoryBean factoryBean = EmbeddedLdapServerContextSourceFactoryBean
-					.fromEmbeddedLdapServer();
+				.fromEmbeddedLdapServer();
 			factoryBean.setLdif("classpath*:test-server2.xldif");
 			factoryBean.setRoot("dc=monkeymachine,dc=co,dc=uk");
 			return factoryBean;
@@ -150,7 +151,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		@Bean
 		EmbeddedLdapServerContextSourceFactoryBean contextSourceFactoryBean() {
 			EmbeddedLdapServerContextSourceFactoryBean factoryBean = EmbeddedLdapServerContextSourceFactoryBean
-					.fromEmbeddedLdapServer();
+				.fromEmbeddedLdapServer();
 			factoryBean.setManagerDn("uid=admin,ou=system");
 			factoryBean.setManagerPassword("secret");
 			return factoryBean;
@@ -173,7 +174,7 @@ public class EmbeddedLdapServerContextSourceFactoryBeanITests {
 		@Bean
 		EmbeddedLdapServerContextSourceFactoryBean contextSourceFactoryBean() {
 			EmbeddedLdapServerContextSourceFactoryBean factoryBean = EmbeddedLdapServerContextSourceFactoryBean
-					.fromEmbeddedLdapServer();
+				.fromEmbeddedLdapServer();
 			factoryBean.setManagerDn("uid=admin,ou=system");
 			return factoryBean;
 		}

config/src/integration-test/java/org/springframework/security/config/ldap/LdapBindAuthenticationManagerFactoryITests.java

@@ -66,7 +66,7 @@ public class LdapBindAuthenticationManagerFactoryITests {
 		this.spring.register(FromContextSourceConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Test
@@ -81,19 +81,21 @@ public class LdapBindAuthenticationManagerFactoryITests {
 
 		this.spring.register(CustomAuthoritiesPopulatorConfig.class).autowire();
 
-		this.mockMvc.perform(formLogin().user("bob").password("bobspassword")).andExpect(
+		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				authenticated().withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_EXTRA"))));
+			.andExpect(
+					authenticated().withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_EXTRA"))));
 	}
 
 	@Test
 	public void authenticationManagerFactoryWhenCustomAuthoritiesMapperThenUsed() throws Exception {
 		CustomAuthoritiesMapperConfig.AUTHORITIES_MAPPER = ((authorities) -> AuthorityUtils
-				.createAuthorityList("ROLE_CUSTOM"));
+			.createAuthorityList("ROLE_CUSTOM"));
 
 		this.spring.register(CustomAuthoritiesMapperConfig.class).autowire();
 
-		this.mockMvc.perform(formLogin().user("bob").password("bobspassword")).andExpect(
+		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				authenticated().withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_CUSTOM"))));
+			.andExpect(
+					authenticated().withAuthorities(Collections.singleton(new SimpleGrantedAuthority("ROLE_CUSTOM"))));
 	}
 
 	@Test
@@ -113,7 +115,7 @@ public class LdapBindAuthenticationManagerFactoryITests {
 		this.spring.register(CustomUserDetailsContextMapperConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("other"));
+			.andExpect(authenticated().withUsername("other"));
 	}
 
 	@Test
@@ -121,7 +123,7 @@ public class LdapBindAuthenticationManagerFactoryITests {
 		this.spring.register(CustomUserDnPatternsConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Test
@@ -129,7 +131,7 @@ public class LdapBindAuthenticationManagerFactoryITests {
 		this.spring.register(CustomUserSearchConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bob").password("bobspassword"))
-				.andExpect(authenticated().withUsername("bob"));
+			.andExpect(authenticated().withUsername("bob"));
 	}
 
 	@Configuration

config/src/integration-test/java/org/springframework/security/config/ldap/LdapPasswordComparisonAuthenticationManagerFactoryITests.java

@@ -50,7 +50,7 @@ public class LdapPasswordComparisonAuthenticationManagerFactoryITests {
 		this.spring.register(CustomPasswordEncoderConfig.class).autowire();
 
 		this.mockMvc.perform(formLogin().user("bcrypt").password("password"))
-				.andExpect(authenticated().withUsername("bcrypt"));
+			.andExpect(authenticated().withUsername("bcrypt"));
 	}
 
 	@Test

config/src/integration-test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java

@@ -56,7 +56,7 @@ public class LdapProviderBeanDefinitionParserTests {
 		AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
 				AuthenticationManager.class);
 		Authentication auth = authenticationManager
-				.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("ben", "benspassword"));
+			.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("ben", "benspassword"));
 		UserDetails ben = (UserDetails) auth.getPrincipal();
 		assertThat(ben.getAuthorities()).hasSize(3);
 	}
@@ -71,7 +71,7 @@ public class LdapProviderBeanDefinitionParserTests {
 		ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
 		assertThat(providerManager.getProviders()).hasSize(2);
 		assertThat(providerManager.getProviders()).extracting("authoritiesPopulator.groupSearchFilter")
-				.containsExactly("member={0}", "uniqueMember={0}");
+			.containsExactly("member={0}", "uniqueMember={0}");
 	}
 
 	@Test
@@ -89,7 +89,7 @@ public class LdapProviderBeanDefinitionParserTests {
 		AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
 				AuthenticationManager.class);
 		Authentication auth = authenticationManager
-				.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("ben", "benspassword"));
+			.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("ben", "benspassword"));
 
 		assertThat(auth).isNotNull();
 	}
@@ -105,7 +105,7 @@ public class LdapProviderBeanDefinitionParserTests {
 		AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
 				AuthenticationManager.class);
 		Authentication auth = authenticationManager
-				.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("ben", "ben"));
+			.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("ben", "ben"));
 
 		assertThat(auth).isNotNull();
 	}
@@ -122,7 +122,7 @@ public class LdapProviderBeanDefinitionParserTests {
 		AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
 				AuthenticationManager.class);
 		Authentication auth = authenticationManager
-				.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("bcrypt", "password"));
+			.authenticate(UsernamePasswordAuthenticationToken.unauthenticated("bcrypt", "password"));
 
 		assertThat(auth).isNotNull();
 	}
@@ -137,8 +137,8 @@ public class LdapProviderBeanDefinitionParserTests {
 
 		ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
 		assertThat(providerManager.getProviders()).hasSize(1);
-		assertThat(providerManager.getProviders()).extracting("userDetailsContextMapper").allSatisfy(
+		assertThat(providerManager.getProviders()).extracting("userDetailsContextMapper")
-				(contextMapper) -> assertThat(contextMapper).isInstanceOf(InetOrgPersonContextMapper.class));
+			.allSatisfy((contextMapper) -> assertThat(contextMapper).isInstanceOf(InetOrgPersonContextMapper.class));
 	}
 
 	@Test
@@ -155,10 +155,10 @@ public class LdapProviderBeanDefinitionParserTests {
 
 		AuthenticationProvider authenticationProvider = providerManager.getProviders().get(0);
 		assertThat(authenticationProvider).extracting("authenticator.userDnFormat")
-				.satisfies((messageFormats) -> assertThat(messageFormats)
+			.satisfies((messageFormats) -> assertThat(messageFormats)
-						.isEqualTo(new MessageFormat[] { new MessageFormat("uid={0},ou=people") }));
+				.isEqualTo(new MessageFormat[] { new MessageFormat("uid={0},ou=people") }));
 		assertThat(authenticationProvider).extracting("authoritiesPopulator.groupSearchFilter")
-				.satisfies((searchFilter) -> assertThat(searchFilter).isEqualTo("member={0}"));
+			.satisfies((searchFilter) -> assertThat(searchFilter).isEqualTo("member={0}"));
 	}
 
 }

config/src/integration-test/java/org/springframework/security/config/ldap/LdapServerBeanDefinitionParserTests.java

@@ -52,7 +52,7 @@ public class LdapServerBeanDefinitionParserTests {
 		this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>");
 
 		DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx
-				.getBean(BeanIds.CONTEXT_SOURCE);
+			.getBean(BeanIds.CONTEXT_SOURCE);
 
 		// Check data is loaded
 		LdapTemplate template = new LdapTemplate(contextSource);
@@ -71,7 +71,7 @@ public class LdapServerBeanDefinitionParserTests {
 		this.appCtx.getBean(BeanIds.CONTEXT_SOURCE);
 
 		DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx
-				.getBean("blah");
+			.getBean("blah");
 
 		// Check data is loaded as before
 		LdapTemplate template = new LdapTemplate(contextSource);
@@ -83,7 +83,7 @@ public class LdapServerBeanDefinitionParserTests {
 		this.appCtx = new InMemoryXmlApplicationContext(
 				"<ldap-server ldif='classpath*:test-server2.xldif' root='dc=monkeymachine,dc=co,dc=uk' port='0'/>");
 		DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx
-				.getBean(BeanIds.CONTEXT_SOURCE);
+			.getBean(BeanIds.CONTEXT_SOURCE);
 
 		LdapTemplate template = new LdapTemplate(contextSource);
 		template.lookup("uid=pg,ou=gorillas");

config/src/integration-test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java

@@ -58,17 +58,17 @@ public class LdapUserServiceBeanDefinitionParserTests {
 	@Test
 	public void beanClassNamesAreCorrect() {
 		assertThat(FilterBasedLdapUserSearch.class.getName())
-				.isEqualTo(LdapUserServiceBeanDefinitionParser.LDAP_SEARCH_CLASS);
+			.isEqualTo(LdapUserServiceBeanDefinitionParser.LDAP_SEARCH_CLASS);
 		assertThat(PersonContextMapper.class.getName())
-				.isEqualTo(LdapUserServiceBeanDefinitionParser.PERSON_MAPPER_CLASS);
+			.isEqualTo(LdapUserServiceBeanDefinitionParser.PERSON_MAPPER_CLASS);
 		assertThat(InetOrgPersonContextMapper.class.getName())
-				.isEqualTo(LdapUserServiceBeanDefinitionParser.INET_ORG_PERSON_MAPPER_CLASS);
+			.isEqualTo(LdapUserServiceBeanDefinitionParser.INET_ORG_PERSON_MAPPER_CLASS);
 		assertThat(LdapUserDetailsMapper.class.getName())
-				.isEqualTo(LdapUserServiceBeanDefinitionParser.LDAP_USER_MAPPER_CLASS);
+			.isEqualTo(LdapUserServiceBeanDefinitionParser.LDAP_USER_MAPPER_CLASS);
 		assertThat(DefaultLdapAuthoritiesPopulator.class.getName())
-				.isEqualTo(LdapUserServiceBeanDefinitionParser.LDAP_AUTHORITIES_POPULATOR_CLASS);
+			.isEqualTo(LdapUserServiceBeanDefinitionParser.LDAP_AUTHORITIES_POPULATOR_CLASS);
 		assertThat(new LdapUserServiceBeanDefinitionParser().getBeanClassName(mock(Element.class)))
-				.isEqualTo(LdapUserDetailsService.class.getName());
+			.isEqualTo(LdapUserDetailsService.class.getName());
 	}
 
 	@Test

config/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java

@@ -85,17 +85,19 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
 		String version = pkg.getImplementationVersion();
 		this.logger.info("Spring Security 'config' module version is " + version);
 		if (version.compareTo(coreVersion) != 0) {
-			this.logger.error(
+			this.logger
-					"You are running with different versions of the Spring Security 'core' and 'config' modules");
+				.error("You are running with different versions of the Spring Security 'core' and 'config' modules");
 		}
 	}
 
 	@Override
 	public BeanDefinition parse(Element element, ParserContext pc) {
 		if (!namespaceMatchesVersion(element)) {
-			pc.getReaderContext().fatal("You cannot use a spring-security-2.0.xsd or spring-security-3.0.xsd or "
+			pc.getReaderContext()
-					+ "spring-security-3.1.xsd schema or spring-security-3.2.xsd schema or spring-security-4.0.xsd schema "
+				.fatal("You cannot use a spring-security-2.0.xsd or spring-security-3.0.xsd or "
-					+ "with Spring Security 6.0. Please update your schema declarations to the 6.0 schema.", element);
+						+ "spring-security-3.1.xsd schema or spring-security-3.2.xsd schema or spring-security-4.0.xsd schema "
+						+ "with Spring Security 6.0. Please update your schema declarations to the 6.0 schema.",
+						element);
 		}
 		String name = pc.getDelegate().getLocalName(element);
 		BeanDefinitionParser parser = this.parsers.get(name);
@@ -140,8 +142,9 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
 	}
 
 	private void reportUnsupportedNodeType(String name, ParserContext pc, Node node) {
-		pc.getReaderContext().fatal("Security namespace does not support decoration of "
+		pc.getReaderContext()
-				+ ((node instanceof Element) ? "element" : "attribute") + " [" + name + "]", node);
+			.fatal("Security namespace does not support decoration of "
+					+ ((node instanceof Element) ? "element" : "attribute") + " [" + name + "]", node);
 	}
 
 	private void reportMissingWebClasses(String nodeName, ParserContext pc, Node node) {

config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java

@@ -176,7 +176,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
 	private <C extends SecurityConfigurer<O, B>> void add(C configurer) {
 		Assert.notNull(configurer, "configurer cannot be null");
 		Class<? extends SecurityConfigurer<O, B>> clazz = (Class<? extends SecurityConfigurer<O, B>>) configurer
-				.getClass();
+			.getClass();
 		synchronized (this.configurers) {
 			if (this.buildState.isConfigured()) {
 				throw new IllegalStateException("Cannot apply " + configurer + " to already built object");

config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java

@@ -184,8 +184,9 @@ public class AuthenticationConfiguration {
 			return Collections.emptyList();
 		}
 		for (String beanName : beanNamesForType) {
-			if (((ConfigurableApplicationContext) this.applicationContext).getBeanFactory().getBeanDefinition(beanName)
+			if (((ConfigurableApplicationContext) this.applicationContext).getBeanFactory()
-					.isPrimary()) {
+				.getBeanDefinition(beanName)
+				.isPrimary()) {
 				list.add(beanName);
 			}
 		}
@@ -218,7 +219,7 @@ public class AuthenticationConfiguration {
 		@Override
 		public void init(AuthenticationManagerBuilder auth) {
 			Map<String, Object> beansWithAnnotation = this.context
-					.getBeansWithAnnotation(EnableGlobalAuthentication.class);
+				.getBeansWithAnnotation(EnableGlobalAuthentication.class);
 			if (logger.isTraceEnabled()) {
 				logger.trace(LogMessage.format("Eagerly initializing %s", beansWithAnnotation));
 			}

config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/EnableGlobalAuthentication.java

@@ -97,7 +97,6 @@ import org.springframework.security.config.annotation.web.servlet.configuration.
  * @see EnableWebMvcSecurity
  * @see EnableWebSecurity
  * @see EnableGlobalMethodSecurity
- *
  * @author Rob Winch
  *
  */

config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/InitializeAuthenticationProviderBeanManagerConfigurer.java

@@ -67,7 +67,7 @@ class InitializeAuthenticationProviderBeanManagerConfigurer extends GlobalAuthen
 		 */
 		private <T> T getBeanOrNull(Class<T> type) {
 			String[] beanNames = InitializeAuthenticationProviderBeanManagerConfigurer.this.context
-					.getBeanNamesForType(type);
+				.getBeanNamesForType(type);
 			if (beanNames.length != 1) {
 				return null;
 			}

config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java

@@ -401,7 +401,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
 	 */
 	public PasswordCompareConfigurer passwordCompare() {
 		return new PasswordCompareConfigurer().passwordAttribute("password")
-				.passwordEncoder(NoOpPasswordEncoder.getInstance());
+			.passwordEncoder(NoOpPasswordEncoder.getInstance());
 	}
 
 	/**

config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableMethodSecurity.java

@@ -32,6 +32,7 @@ import org.springframework.security.access.prepost.PreFilter;
 
 /**
  * Enables Spring Security Method Security.
+ *
  * @author Evgeniy Cheban
  * @author Josh Cummings
  * @since 5.6

config/src/main/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurity.java

@@ -28,7 +28,6 @@ import org.springframework.core.Ordered;
 import org.springframework.security.authorization.ReactiveAuthorizationManager;
 
 /**
- *
  * @author Rob Winch
  * @since 5.0
  */

config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java

@@ -108,7 +108,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
 	};
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	private DefaultMethodSecurityExpressionHandler defaultMethodExpressionHandler = new DefaultMethodSecurityExpressionHandler();
 
@@ -320,7 +320,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
 	protected AuthenticationManager authenticationManager() throws Exception {
 		if (this.authenticationManager == null) {
 			DefaultAuthenticationEventPublisher eventPublisher = this.objectPostProcessor
-					.postProcess(new DefaultAuthenticationEventPublisher());
+				.postProcess(new DefaultAuthenticationEventPublisher());
 			this.auth = new AuthenticationManagerBuilder(this.objectPostProcessor);
 			this.auth.authenticationEventPublisher(eventPublisher);
 			configure(this.auth);
@@ -375,7 +375,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
 		if (isJsr250Enabled) {
 			GrantedAuthorityDefaults grantedAuthorityDefaults = getSingleBeanOrNull(GrantedAuthorityDefaults.class);
 			Jsr250MethodSecurityMetadataSource jsr250MethodSecurityMetadataSource = this.context
-					.getBean(Jsr250MethodSecurityMetadataSource.class);
+				.getBean(Jsr250MethodSecurityMetadataSource.class);
 			if (grantedAuthorityDefaults != null) {
 				jsr250MethodSecurityMetadataSource.setDefaultRolePrefix(grantedAuthorityDefaults.getRolePrefix());
 			}
@@ -403,7 +403,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
 	@Override
 	public final void setImportMetadata(AnnotationMetadata importMetadata) {
 		Map<String, Object> annotationAttributes = importMetadata
-				.getAnnotationAttributes(EnableGlobalMethodSecurity.class.getName());
+			.getAnnotationAttributes(EnableGlobalMethodSecurity.class.getName());
 		this.enableMethodSecurity = AnnotationAttributes.fromMap(annotationAttributes);
 	}
 

config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecuritySelector.java

@@ -51,7 +51,7 @@ final class GlobalMethodSecuritySelector implements ImportSelector {
 		Class<?> importingClass = ClassUtils.resolveClassName(importingClassMetadata.getClassName(),
 				ClassUtils.getDefaultClassLoader());
 		boolean skipMethodSecurityConfiguration = GlobalMethodSecurityConfiguration.class
-				.isAssignableFrom(importingClass);
+			.isAssignableFrom(importingClass);
 		AdviceMode mode = attributes.getEnum("mode");
 		boolean isProxy = AdviceMode.PROXY == mode;
 		String autoProxyClassName = isProxy ? AutoProxyRegistrar.class.getName()

config/src/main/java/org/springframework/security/config/annotation/method/configuration/Jsr250MethodSecurityConfiguration.java

@@ -53,11 +53,11 @@ final class Jsr250MethodSecurityConfiguration {
 		Jsr250AuthorizationManager jsr250 = new Jsr250AuthorizationManager();
 		defaultsProvider.ifAvailable((d) -> jsr250.setRolePrefix(d.getRolePrefix()));
 		SecurityContextHolderStrategy strategy = strategyProvider
-				.getIfAvailable(SecurityContextHolder::getContextHolderStrategy);
+			.getIfAvailable(SecurityContextHolder::getContextHolderStrategy);
 		AuthorizationManager<MethodInvocation> manager = new DeferringObservationAuthorizationManager<>(
 				registryProvider, jsr250);
 		AuthorizationManagerBeforeMethodInterceptor interceptor = AuthorizationManagerBeforeMethodInterceptor
-				.jsr250(manager);
+			.jsr250(manager);
 		interceptor.setSecurityContextHolderStrategy(strategy);
 		return interceptor;
 	}

config/src/main/java/org/springframework/security/config/annotation/method/configuration/MethodSecurityMetadataSourceAdvisorRegistrar.java

@@ -45,13 +45,13 @@ class MethodSecurityMetadataSourceAdvisorRegistrar implements ImportBeanDefiniti
 	@Override
 	public void registerBeanDefinitions(AnnotationMetadata importingClassMetadata, BeanDefinitionRegistry registry) {
 		BeanDefinitionBuilder advisor = BeanDefinitionBuilder
-				.rootBeanDefinition(MethodSecurityMetadataSourceAdvisor.class);
+			.rootBeanDefinition(MethodSecurityMetadataSourceAdvisor.class);
 		advisor.setRole(BeanDefinition.ROLE_INFRASTRUCTURE);
 		advisor.addConstructorArgValue("methodSecurityInterceptor");
 		advisor.addConstructorArgReference("methodSecurityMetadataSource");
 		advisor.addConstructorArgValue("methodSecurityMetadataSource");
 		MultiValueMap<String, Object> attributes = importingClassMetadata
-				.getAllAnnotationAttributes(EnableGlobalMethodSecurity.class.getName());
+			.getAllAnnotationAttributes(EnableGlobalMethodSecurity.class.getName());
 		Integer order = (Integer) attributes.getFirst("order");
 		if (order != null) {
 			advisor.addPropertyValue("order", order);

config/src/main/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfiguration.java

@@ -83,7 +83,7 @@ final class PrePostMethodSecurityConfiguration {
 		manager.setExpressionHandler(
 				new DeferringMethodSecurityExpressionHandler(expressionHandlerProvider, defaultsProvider, context));
 		AuthorizationManagerBeforeMethodInterceptor preAuthorize = AuthorizationManagerBeforeMethodInterceptor
-				.preAuthorize(manager(manager, registryProvider));
+			.preAuthorize(manager(manager, registryProvider));
 		strategyProvider.ifAvailable(preAuthorize::setSecurityContextHolderStrategy);
 		eventPublisherProvider.ifAvailable(preAuthorize::setAuthorizationEventPublisher);
 		return preAuthorize;
@@ -101,7 +101,7 @@ final class PrePostMethodSecurityConfiguration {
 		manager.setExpressionHandler(
 				new DeferringMethodSecurityExpressionHandler(expressionHandlerProvider, defaultsProvider, context));
 		AuthorizationManagerAfterMethodInterceptor postAuthorize = AuthorizationManagerAfterMethodInterceptor
-				.postAuthorize(manager(manager, registryProvider));
+			.postAuthorize(manager(manager, registryProvider));
 		strategyProvider.ifAvailable(postAuthorize::setSecurityContextHolderStrategy);
 		eventPublisherProvider.ifAvailable(postAuthorize::setAuthorizationEventPublisher);
 		return postAuthorize;
@@ -141,7 +141,7 @@ final class PrePostMethodSecurityConfiguration {
 				ObjectProvider<MethodSecurityExpressionHandler> expressionHandlerProvider,
 				ObjectProvider<GrantedAuthorityDefaults> defaultsProvider, ApplicationContext applicationContext) {
 			this.expressionHandler = SingletonSupplier.of(() -> expressionHandlerProvider
-					.getIfAvailable(() -> defaultExpressionHandler(defaultsProvider, applicationContext)));
+				.getIfAvailable(() -> defaultExpressionHandler(defaultsProvider, applicationContext)));
 		}
 
 		@Override

config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveMethodSecurityConfiguration.java

@@ -91,7 +91,7 @@ class ReactiveMethodSecurityConfiguration implements ImportAware {
 	@Override
 	public void setImportMetadata(AnnotationMetadata importMetadata) {
 		this.advisorOrder = (int) importMetadata.getAnnotationAttributes(EnableReactiveMethodSecurity.class.getName())
-				.get("order");
+			.get("order");
 	}
 
 	@Autowired(required = false)

config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveMethodSecuritySelector.java

@@ -42,7 +42,8 @@ class ReactiveMethodSecuritySelector implements ImportSelector {
 			return new String[0];
 		}
 		EnableReactiveMethodSecurity annotation = importMetadata.getAnnotations()
-				.get(EnableReactiveMethodSecurity.class).synthesize();
+			.get(EnableReactiveMethodSecurity.class)
+			.synthesize();
 		List<String> imports = new ArrayList<>(Arrays.asList(this.autoProxy.selectImports(importMetadata)));
 		if (annotation.useAuthorizationManager()) {
 			imports.add(ReactiveAuthorizationManagerMethodSecurityConfiguration.class.getName());

config/src/main/java/org/springframework/security/config/annotation/method/configuration/SecuredMethodSecurityConfiguration.java

@@ -51,11 +51,11 @@ final class SecuredMethodSecurityConfiguration {
 			ObjectProvider<ObservationRegistry> registryProvider) {
 		SecuredAuthorizationManager secured = new SecuredAuthorizationManager();
 		SecurityContextHolderStrategy strategy = strategyProvider
-				.getIfAvailable(SecurityContextHolder::getContextHolderStrategy);
+			.getIfAvailable(SecurityContextHolder::getContextHolderStrategy);
 		AuthorizationManager<MethodInvocation> manager = new DeferringObservationAuthorizationManager<>(
 				registryProvider, secured);
 		AuthorizationManagerBeforeMethodInterceptor interceptor = AuthorizationManagerBeforeMethodInterceptor
-				.secured(manager);
+			.secured(manager);
 		interceptor.setSecurityContextHolderStrategy(strategy);
 		return interceptor;
 	}

config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java

@@ -353,7 +353,7 @@ public class RSocketSecurity {
 	public class AuthorizePayloadsSpec {
 
 		private PayloadExchangeMatcherReactiveAuthorizationManager.Builder authzBuilder = PayloadExchangeMatcherReactiveAuthorizationManager
-				.builder();
+			.builder();
 
 		public Access setup() {
 			return matcher(PayloadExchangeMatchers.setup());
@@ -429,7 +429,7 @@ public class RSocketSecurity {
 			public AuthorizePayloadsSpec access(
 					ReactiveAuthorizationManager<PayloadExchangeAuthorizationContext> authorization) {
 				AuthorizePayloadsSpec.this.authzBuilder
-						.add(new PayloadExchangeMatcherEntry<>(this.matcher, authorization));
+					.add(new PayloadExchangeMatcherEntry<>(this.matcher, authorization));
 				return AuthorizePayloadsSpec.this;
 			}
 

config/src/main/java/org/springframework/security/config/annotation/rsocket/SecuritySocketAcceptorInterceptorConfiguration.java

@@ -37,7 +37,7 @@ class SecuritySocketAcceptorInterceptorConfiguration {
 			ObjectProvider<PayloadSocketAcceptorInterceptor> rsocketInterceptor,
 			ObjectProvider<RSocketSecurity> rsocketSecurity) {
 		PayloadSocketAcceptorInterceptor delegate = rsocketInterceptor
-				.getIfAvailable(() -> defaultInterceptor(rsocketSecurity));
+			.getIfAvailable(() -> defaultInterceptor(rsocketSecurity));
 		return new SecuritySocketAcceptorInterceptor(delegate);
 	}
 

config/src/main/java/org/springframework/security/config/annotation/web/AbstractRequestMatcherRegistry.java

@@ -213,7 +213,7 @@ public abstract class AbstractRequestMatcherRegistry<C> {
 	private Map<String, ? extends ServletRegistration> mappableServletRegistrations(ServletContext servletContext) {
 		Map<String, ServletRegistration> mappable = new LinkedHashMap<>();
 		for (Map.Entry<String, ? extends ServletRegistration> entry : servletContext.getServletRegistrations()
-				.entrySet()) {
+			.entrySet()) {
 			if (!entry.getValue().getMappings().isEmpty()) {
 				mappable.put(entry.getKey(), entry.getValue());
 			}

config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java

@@ -1194,7 +1194,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 			throws Exception {
 		ApplicationContext context = getContext();
 		authorizeRequestsCustomizer
-				.customize(getOrApply(new ExpressionUrlAuthorizationConfigurer<>(context)).getRegistry());
+			.customize(getOrApply(new ExpressionUrlAuthorizationConfigurer<>(context)).getRegistry());
 		return HttpSecurity.this;
 	}
 
@@ -1421,7 +1421,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
 			throws Exception {
 		ApplicationContext context = getContext();
 		authorizeHttpRequestsCustomizer
-				.customize(getOrApply(new AuthorizeHttpRequestsConfigurer<>(context)).getRegistry());
+			.customize(getOrApply(new AuthorizeHttpRequestsConfigurer<>(context)).getRegistry());
 		return HttpSecurity.this;
 	}
 

config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java

@@ -291,13 +291,13 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
 			SecurityFilterChain securityFilterChain = new DefaultSecurityFilterChain(ignoredRequest);
 			securityFilterChains.add(securityFilterChain);
 			requestMatcherPrivilegeEvaluatorsEntries
-					.add(getRequestMatcherPrivilegeEvaluatorsEntry(securityFilterChain));
+				.add(getRequestMatcherPrivilegeEvaluatorsEntry(securityFilterChain));
 		}
 		for (SecurityBuilder<? extends SecurityFilterChain> securityFilterChainBuilder : this.securityFilterChainBuilders) {
 			SecurityFilterChain securityFilterChain = securityFilterChainBuilder.build();
 			securityFilterChains.add(securityFilterChain);
 			requestMatcherPrivilegeEvaluatorsEntries
-					.add(getRequestMatcherPrivilegeEvaluatorsEntry(securityFilterChain));
+				.add(getRequestMatcherPrivilegeEvaluatorsEntry(securityFilterChain));
 		}
 		if (this.privilegeEvaluator == null) {
 			this.privilegeEvaluator = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator(
@@ -346,7 +346,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
 			}
 			if (filter instanceof AuthorizationFilter) {
 				AuthorizationManager<HttpServletRequest> authorizationManager = ((AuthorizationFilter) filter)
-						.getAuthorizationManager();
+					.getAuthorizationManager();
 				AuthorizationManagerWebInvocationPrivilegeEvaluator evaluator = new AuthorizationManagerWebInvocationPrivilegeEvaluator(
 						authorizationManager);
 				evaluator.setServletContext(this.servletContext);
@@ -366,7 +366,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
 		}
 		try {
 			this.defaultWebSecurityExpressionHandler
-					.setPermissionEvaluator(applicationContext.getBean(PermissionEvaluator.class));
+				.setPermissionEvaluator(applicationContext.getBean(PermissionEvaluator.class));
 		}
 		catch (NoSuchBeanDefinitionException ex) {
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configuration/EnableWebSecurity.java

@@ -75,7 +75,6 @@ import org.springframework.security.web.SecurityFilterChain;
  * </pre>
  *
  * @see WebSecurityConfigurer
- *
  * @author Rob Winch
  * @since 3.2
  */

config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java

@@ -70,7 +70,7 @@ class HttpSecurityConfiguration {
 	private ApplicationContext context;
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	private ContentNegotiationStrategy contentNegotiationStrategy = new HeaderContentNegotiationStrategy();
 
@@ -142,7 +142,7 @@ class HttpSecurityConfiguration {
 	private void applyDefaultConfigurers(HttpSecurity http) throws Exception {
 		ClassLoader classLoader = this.context.getClassLoader();
 		List<AbstractHttpConfigurer> defaultHttpConfigurers = SpringFactoriesLoader
-				.loadFactories(AbstractHttpConfigurer.class, classLoader);
+			.loadFactories(AbstractHttpConfigurer.class, classLoader);
 		for (AbstractHttpConfigurer configurer : defaultHttpConfigurers) {
 			http.apply(configurer);
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configuration/OAuth2ImportSelector.java

@@ -48,11 +48,11 @@ final class OAuth2ImportSelector implements ImportSelector {
 		Set<String> imports = new LinkedHashSet<>();
 		ClassLoader classLoader = getClass().getClassLoader();
 		boolean oauth2ClientPresent = ClassUtils
-				.isPresent("org.springframework.security.oauth2.client.registration.ClientRegistration", classLoader);
+			.isPresent("org.springframework.security.oauth2.client.registration.ClientRegistration", classLoader);
 		boolean webfluxPresent = ClassUtils
-				.isPresent("org.springframework.web.reactive.function.client.ExchangeFilterFunction", classLoader);
+			.isPresent("org.springframework.web.reactive.function.client.ExchangeFilterFunction", classLoader);
 		boolean oauth2ResourceServerPresent = ClassUtils
-				.isPresent("org.springframework.security.oauth2.server.resource.BearerTokenError", classLoader);
+			.isPresent("org.springframework.security.oauth2.server.resource.BearerTokenError", classLoader);
 		if (oauth2ClientPresent) {
 			imports.add("org.springframework.security.config.annotation.web.configuration.OAuth2ClientConfiguration");
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configuration/SecurityReactorContextConfiguration.java

@@ -65,7 +65,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 class SecurityReactorContextConfiguration {
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	@Bean
 	SecurityReactorContextSubscriberRegistrar securityReactorContextSubscriberRegistrar() {
@@ -87,7 +87,7 @@ class SecurityReactorContextConfiguration {
 		private final Map<Object, Supplier<Object>> CONTEXT_ATTRIBUTE_VALUE_LOADERS = new HashMap<>();
 
 		private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-				.getContextHolderStrategy();
+			.getContextHolderStrategy();
 
 		SecurityReactorContextSubscriberRegistrar() {
 			this.CONTEXT_ATTRIBUTE_VALUE_LOADERS.put(HttpServletRequest.class,
@@ -100,7 +100,7 @@ class SecurityReactorContextConfiguration {
 		@Override
 		public void afterPropertiesSet() throws Exception {
 			Function<? super Publisher<Object>, ? extends Publisher<Object>> lifter = Operators
-					.liftPublisher((pub, sub) -> createSubscriberIfNecessary(sub));
+				.liftPublisher((pub, sub) -> createSubscriberIfNecessary(sub));
 			Hooks.onLastOperator(SECURITY_REACTOR_CONTEXT_OPERATOR_KEY, lifter::apply);
 		}
 

config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java

@@ -39,8 +39,8 @@ import org.springframework.web.servlet.support.RequestDataValueProcessor;
  * Used to add a {@link RequestDataValueProcessor} for Spring MVC and Spring Security CSRF
  * integration. This configuration is added whenever {@link EnableWebMvc} is added by
  * <a href="
- * {@docRoot}/org/springframework/security/config/annotation/web/configuration/SpringWebMvcImportSelector.html">SpringWebMvcImportSelector</a>
+ * {@docRoot}/org/springframework/security/config/annotation/web/configuration/SpringWebMvcImportSelector.html">SpringWebMvcImportSelector</a> and
- * and the DispatcherServlet is present on the classpath. It also adds the
+ * the DispatcherServlet is present on the classpath. It also adds the
  * {@link AuthenticationPrincipalArgumentResolver} as a
  * {@link HandlerMethodArgumentResolver}.
  *
@@ -53,7 +53,7 @@ class WebMvcSecurityConfiguration implements WebMvcConfigurer, ApplicationContex
 	private BeanResolver beanResolver;
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	@Override
 	@SuppressWarnings("deprecation")
@@ -63,7 +63,7 @@ class WebMvcSecurityConfiguration implements WebMvcConfigurer, ApplicationContex
 		authenticationPrincipalResolver.setSecurityContextHolderStrategy(this.securityContextHolderStrategy);
 		argumentResolvers.add(authenticationPrincipalResolver);
 		argumentResolvers
-				.add(new org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver());
+			.add(new org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver());
 		CurrentSecurityContextArgumentResolver currentSecurityContextArgumentResolver = new CurrentSecurityContextArgumentResolver();
 		currentSecurityContextArgumentResolver.setBeanResolver(this.beanResolver);
 		currentSecurityContextArgumentResolver.setSecurityContextHolderStrategy(this.securityContextHolderStrategy);

config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java

@@ -150,7 +150,8 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
 			this.webSecurity.debug(this.debugEnabled);
 		}
 		List<SecurityConfigurer<Filter, WebSecurity>> webSecurityConfigurers = new AutowiredWebSecurityConfigurersIgnoreParents(
-				beanFactory).getWebSecurityConfigurers();
+				beanFactory)
+			.getWebSecurityConfigurers();
 		webSecurityConfigurers.sort(AnnotationAwareOrderComparator.INSTANCE);
 		Integer previousOrder = null;
 		Object previousConfig = null;
@@ -187,7 +188,7 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
 	@Override
 	public void setImportMetadata(AnnotationMetadata importMetadata) {
 		Map<String, Object> enableWebSecurityAttrMap = importMetadata
-				.getAnnotationAttributes(EnableWebSecurity.class.getName());
+			.getAnnotationAttributes(EnableWebSecurity.class.getName());
 		AnnotationAttributes enableWebSecurityAttrs = AnnotationAttributes.fromMap(enableWebSecurityAttrMap);
 		this.debugEnabled = enableWebSecurityAttrs.getBoolean("debug");
 		if (this.webSecurity != null) {

config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java

@@ -283,7 +283,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
 			this.authFilter.setAuthenticationDetailsSource(this.authenticationDetailsSource);
 		}
 		SessionAuthenticationStrategy sessionAuthenticationStrategy = http
-				.getSharedObject(SessionAuthenticationStrategy.class);
+			.getSharedObject(SessionAuthenticationStrategy.class);
 		if (sessionAuthenticationStrategy != null) {
 			this.authFilter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy);
 		}
@@ -294,7 +294,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
 		SecurityContextConfigurer securityContextConfigurer = http.getConfigurer(SecurityContextConfigurer.class);
 		if (securityContextConfigurer != null && securityContextConfigurer.isRequireExplicitSave()) {
 			SecurityContextRepository securityContextRepository = securityContextConfigurer
-					.getSecurityContextRepository();
+				.getSecurityContextRepository();
 			this.authFilter.setSecurityContextRepository(securityContextRepository);
 		}
 		this.authFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());

config/src/main/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java

@@ -124,7 +124,7 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
 			extends AbstractRequestMatcherRegistry<AuthorizedUrl> {
 
 		private final RequestMatcherDelegatingAuthorizationManager.Builder managerBuilder = RequestMatcherDelegatingAuthorizationManager
-				.builder();
+			.builder();
 
 		private List<RequestMatcher> unmappedMatchers;
 

config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java

@@ -174,7 +174,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
 			String[] grantedAuthorityDefaultsBeanNames = context.getBeanNamesForType(GrantedAuthorityDefaults.class);
 			if (grantedAuthorityDefaultsBeanNames.length == 1) {
 				GrantedAuthorityDefaults grantedAuthorityDefaults = context
-						.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
+					.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
 				defaultHandler.setDefaultRolePrefix(grantedAuthorityDefaults.getRolePrefix());
 			}
 			String[] permissionEvaluatorBeanNames = context.getBeanNamesForType(PermissionEvaluator.class);
@@ -294,7 +294,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
 		 */
 		public ExpressionInterceptUrlRegistry hasRole(String role) {
 			return access(ExpressionUrlAuthorizationConfigurer
-					.hasRole(ExpressionUrlAuthorizationConfigurer.this.rolePrefix, role));
+				.hasRole(ExpressionUrlAuthorizationConfigurer.this.rolePrefix, role));
 		}
 
 		/**
@@ -308,7 +308,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
 		 */
 		public ExpressionInterceptUrlRegistry hasAnyRole(String... roles) {
 			return access(ExpressionUrlAuthorizationConfigurer
-					.hasAnyRole(ExpressionUrlAuthorizationConfigurer.this.rolePrefix, roles));
+				.hasAnyRole(ExpressionUrlAuthorizationConfigurer.this.rolePrefix, roles));
 		}
 
 		/**

config/src/main/java/org/springframework/security/config/annotation/web/configurers/FormLoginConfigurer.java

@@ -260,7 +260,7 @@ public final class FormLoginConfigurer<H extends HttpSecurityBuilder<H>> extends
 	 */
 	private void initDefaultLoginFilter(H http) {
 		DefaultLoginPageGeneratingFilter loginPageGeneratingFilter = http
-				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
+			.getSharedObject(DefaultLoginPageGeneratingFilter.class);
 		if (loginPageGeneratingFilter != null && !isCustomLoginPage()) {
 			loginPageGeneratingFilter.setFormLoginEnabled(true);
 			loginPageGeneratingFilter.setUsernameParameter(getUsernameParameter());

config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java

@@ -192,8 +192,8 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
 		PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider();
 		authenticationProvider.setPreAuthenticatedUserDetailsService(getUserDetailsService());
 		authenticationProvider = postProcess(authenticationProvider);
-		http.authenticationProvider(authenticationProvider).setSharedObject(AuthenticationEntryPoint.class,
+		http.authenticationProvider(authenticationProvider)
-				new Http403ForbiddenEntryPoint());
+			.setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint());
 	}
 
 	@Override
@@ -214,9 +214,9 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
 			this.j2eePreAuthenticatedProcessingFilter = new J2eePreAuthenticatedProcessingFilter();
 			this.j2eePreAuthenticatedProcessingFilter.setAuthenticationManager(authenticationManager);
 			this.j2eePreAuthenticatedProcessingFilter
-					.setAuthenticationDetailsSource(createWebAuthenticationDetailsSource());
+				.setAuthenticationDetailsSource(createWebAuthenticationDetailsSource());
 			this.j2eePreAuthenticatedProcessingFilter
-					.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());
+				.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());
 			this.j2eePreAuthenticatedProcessingFilter = postProcess(this.j2eePreAuthenticatedProcessingFilter);
 		}
 

config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java

@@ -280,7 +280,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
 			PermitAllSupport.permitAll(http, this.getLogoutRequestMatcher(http));
 		}
 		DefaultLoginPageGeneratingFilter loginPageGeneratingFilter = http
-				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
+			.getSharedObject(DefaultLoginPageGeneratingFilter.class);
 		if (loginPageGeneratingFilter != null && !isCustomLogoutSuccess()) {
 			loginPageGeneratingFilter.setLogoutSuccessUrl(getLogoutSuccessUrl());
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupport.java

@@ -47,7 +47,7 @@ final class PermitAllSupport {
 	static void permitAll(HttpSecurityBuilder<? extends HttpSecurityBuilder<?>> http,
 			RequestMatcher... requestMatchers) {
 		ExpressionUrlAuthorizationConfigurer<?> configurer = http
-				.getConfigurer(ExpressionUrlAuthorizationConfigurer.class);
+			.getConfigurer(ExpressionUrlAuthorizationConfigurer.class);
 		AuthorizeHttpRequestsConfigurer<?> httpConfigurer = http.getConfigurer(AuthorizeHttpRequestsConfigurer.class);
 
 		boolean oneConfigurerPresent = configurer == null ^ httpConfigurer == null;
@@ -58,8 +58,9 @@ final class PermitAllSupport {
 		for (RequestMatcher matcher : requestMatchers) {
 			if (matcher != null) {
 				if (configurer != null) {
-					configurer.getRegistry().addMapping(0, new UrlMapping(matcher,
+					configurer.getRegistry()
-							SecurityConfig.createList(ExpressionUrlAuthorizationConfigurer.permitAll)));
+						.addMapping(0, new UrlMapping(matcher,
+								SecurityConfig.createList(ExpressionUrlAuthorizationConfigurer.permitAll)));
 				}
 				else {
 					httpConfigurer.addFirst(matcher, AuthorizeHttpRequestsConfigurer.permitAllAuthorizationManager);

config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java

@@ -292,7 +292,7 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
 		SecurityContextConfigurer<?> securityContextConfigurer = http.getConfigurer(SecurityContextConfigurer.class);
 		if (securityContextConfigurer != null && securityContextConfigurer.isRequireExplicitSave()) {
 			SecurityContextRepository securityContextRepository = securityContextConfigurer
-					.getSecurityContextRepository();
+				.getSecurityContextRepository();
 			rememberMeFilter.setSecurityContextRepository(securityContextRepository);
 		}
 		rememberMeFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());
@@ -325,7 +325,7 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
 	 */
 	private void initDefaultLoginFilter(H http) {
 		DefaultLoginPageGeneratingFilter loginPageGeneratingFilter = http
-				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
+			.getSharedObject(DefaultLoginPageGeneratingFilter.class);
 		if (loginPageGeneratingFilter != null) {
 			loginPageGeneratingFilter.setRememberMeParameter(getRememberMeParameter());
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/SecurityContextConfigurer.java

@@ -96,7 +96,7 @@ public final class SecurityContextConfigurer<H extends HttpSecurityBuilder<H>>
 
 	SecurityContextRepository getSecurityContextRepository() {
 		SecurityContextRepository securityContextRepository = getBuilder()
-				.getSharedObject(SecurityContextRepository.class);
+			.getSharedObject(SecurityContextRepository.class);
 		if (securityContextRepository == null) {
 			securityContextRepository = new DelegatingSecurityContextRepository(
 					new RequestAttributeSecurityContextRepository(), new HttpSessionSecurityContextRepository());

config/src/main/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurer.java

@@ -95,7 +95,7 @@ public final class ServletApiConfigurer<H extends HttpSecurityBuilder<H>>
 			String[] grantedAuthorityDefaultsBeanNames = context.getBeanNamesForType(GrantedAuthorityDefaults.class);
 			if (grantedAuthorityDefaultsBeanNames.length == 1) {
 				GrantedAuthorityDefaults grantedAuthorityDefaults = context
-						.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
+					.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
 				this.securityContextRequestFilter.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
 			}
 			this.securityContextRequestFilter.setSecurityContextHolderStrategy(getSecurityContextHolderStrategy());

config/src/main/java/org/springframework/security/config/annotation/web/configurers/SessionManagementConfigurer.java

@@ -210,7 +210,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 	public SessionManagementConfigurer<H> sessionAuthenticationErrorUrl(String sessionAuthenticationErrorUrl) {
 		this.sessionAuthenticationErrorUrl = sessionAuthenticationErrorUrl;
 		this.propertiesThatRequireImplicitAuthentication
-				.add("sessionAuthenticationErrorUrl = " + sessionAuthenticationErrorUrl);
+			.add("sessionAuthenticationErrorUrl = " + sessionAuthenticationErrorUrl);
 		return this;
 	}
 
@@ -227,7 +227,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 			AuthenticationFailureHandler sessionAuthenticationFailureHandler) {
 		this.sessionAuthenticationFailureHandler = sessionAuthenticationFailureHandler;
 		this.propertiesThatRequireImplicitAuthentication
-				.add("sessionAuthenticationFailureHandler = " + sessionAuthenticationFailureHandler);
+			.add("sessionAuthenticationFailureHandler = " + sessionAuthenticationFailureHandler);
 		return this;
 	}
 
@@ -286,7 +286,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 			SessionAuthenticationStrategy sessionAuthenticationStrategy) {
 		this.providedSessionAuthenticationStrategy = sessionAuthenticationStrategy;
 		this.propertiesThatRequireImplicitAuthentication
-				.add("sessionAuthenticationStrategy = " + sessionAuthenticationStrategy);
+			.add("sessionAuthenticationStrategy = " + sessionAuthenticationStrategy);
 		return this;
 	}
 
@@ -415,7 +415,7 @@ public final class SessionManagementConfigurer<H extends HttpSecurityBuilder<H>>
 
 	private boolean shouldRequireExplicitAuthenticationStrategy() {
 		boolean defaultRequireExplicitAuthenticationStrategy = this.propertiesThatRequireImplicitAuthentication
-				.isEmpty();
+			.isEmpty();
 		if (this.requireExplicitAuthenticationStrategy == null) {
 			// explicit is not set, use default
 			return defaultRequireExplicitAuthenticationStrategy;

config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java

@@ -173,8 +173,8 @@ public final class X509Configurer<H extends HttpSecurityBuilder<H>>
 	public void init(H http) {
 		PreAuthenticatedAuthenticationProvider authenticationProvider = new PreAuthenticatedAuthenticationProvider();
 		authenticationProvider.setPreAuthenticatedUserDetailsService(getAuthenticationUserDetailsService(http));
-		http.authenticationProvider(authenticationProvider).setSharedObject(AuthenticationEntryPoint.class,
+		http.authenticationProvider(authenticationProvider)
-				new Http403ForbiddenEntryPoint());
+			.setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint());
 	}
 
 	@Override

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurer.java

@@ -259,7 +259,7 @@ public final class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
 					resolver);
 			if (this.authorizationRequestRepository != null) {
 				authorizationRequestRedirectFilter
-						.setAuthorizationRequestRepository(this.authorizationRequestRepository);
+					.setAuthorizationRequestRepository(this.authorizationRequestRepository);
 			}
 			if (this.authorizationRedirectStrategy != null) {
 				authorizationRequestRedirectFilter.setAuthorizationRedirectStrategy(this.authorizationRedirectStrategy);
@@ -276,7 +276,7 @@ public final class OAuth2ClientConfigurer<B extends HttpSecurityBuilder<B>>
 				return this.authorizationRequestResolver;
 			}
 			ClientRegistrationRepository clientRegistrationRepository = OAuth2ClientConfigurerUtils
-					.getClientRegistrationRepository(getBuilder());
+				.getClientRegistrationRepository(getBuilder());
 			return new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository,
 					OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2ClientConfigurerUtils.java

@@ -43,7 +43,7 @@ final class OAuth2ClientConfigurerUtils {
 
 	static <B extends HttpSecurityBuilder<B>> ClientRegistrationRepository getClientRegistrationRepository(B builder) {
 		ClientRegistrationRepository clientRegistrationRepository = builder
-				.getSharedObject(ClientRegistrationRepository.class);
+			.getSharedObject(ClientRegistrationRepository.class);
 		if (clientRegistrationRepository == null) {
 			clientRegistrationRepository = getClientRegistrationRepositoryBean(builder);
 			builder.setSharedObject(ClientRegistrationRepository.class, clientRegistrationRepository);
@@ -59,7 +59,7 @@ final class OAuth2ClientConfigurerUtils {
 	static <B extends HttpSecurityBuilder<B>> OAuth2AuthorizedClientRepository getAuthorizedClientRepository(
 			B builder) {
 		OAuth2AuthorizedClientRepository authorizedClientRepository = builder
-				.getSharedObject(OAuth2AuthorizedClientRepository.class);
+			.getSharedObject(OAuth2AuthorizedClientRepository.class);
 		if (authorizedClientRepository == null) {
 			authorizedClientRepository = getAuthorizedClientRepositoryBean(builder);
 			if (authorizedClientRepository == null) {
@@ -74,8 +74,8 @@ final class OAuth2ClientConfigurerUtils {
 	private static <B extends HttpSecurityBuilder<B>> OAuth2AuthorizedClientRepository getAuthorizedClientRepositoryBean(
 			B builder) {
 		Map<String, OAuth2AuthorizedClientRepository> authorizedClientRepositoryMap = BeanFactoryUtils
-				.beansOfTypeIncludingAncestors(builder.getSharedObject(ApplicationContext.class),
+			.beansOfTypeIncludingAncestors(builder.getSharedObject(ApplicationContext.class),
-						OAuth2AuthorizedClientRepository.class);
+					OAuth2AuthorizedClientRepository.class);
 		if (authorizedClientRepositoryMap.size() > 1) {
 			throw new NoUniqueBeanDefinitionException(OAuth2AuthorizedClientRepository.class,
 					authorizedClientRepositoryMap.size(),
@@ -100,8 +100,8 @@ final class OAuth2ClientConfigurerUtils {
 	private static <B extends HttpSecurityBuilder<B>> OAuth2AuthorizedClientService getAuthorizedClientServiceBean(
 			B builder) {
 		Map<String, OAuth2AuthorizedClientService> authorizedClientServiceMap = BeanFactoryUtils
-				.beansOfTypeIncludingAncestors(builder.getSharedObject(ApplicationContext.class),
+			.beansOfTypeIncludingAncestors(builder.getSharedObject(ApplicationContext.class),
-						OAuth2AuthorizedClientService.class);
+					OAuth2AuthorizedClientService.class);
 		if (authorizedClientServiceMap.size() > 1) {
 			throw new NoUniqueBeanDefinitionException(OAuth2AuthorizedClientService.class,
 					authorizedClientServiceMap.size(),

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/client/OAuth2LoginConfigurer.java

@@ -325,7 +325,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		}
 		http.authenticationProvider(this.postProcess(oauth2LoginAuthenticationProvider));
 		boolean oidcAuthenticationProviderEnabled = ClassUtils
-				.isPresent("org.springframework.security.oauth2.jwt.JwtDecoder", this.getClass().getClassLoader());
+			.isPresent("org.springframework.security.oauth2.jwt.JwtDecoder", this.getClass().getClassLoader());
 		if (oidcAuthenticationProviderEnabled) {
 			OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService = getOidcUserService();
 			OidcAuthorizationCodeAuthenticationProvider oidcAuthorizationCodeAuthenticationProvider = new OidcAuthorizationCodeAuthenticationProvider(
@@ -363,11 +363,11 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		}
 		if (this.authorizationEndpointConfig.authorizationRequestRepository != null) {
 			authorizationRequestFilter
-					.setAuthorizationRequestRepository(this.authorizationEndpointConfig.authorizationRequestRepository);
+				.setAuthorizationRequestRepository(this.authorizationEndpointConfig.authorizationRequestRepository);
 		}
 		if (this.authorizationEndpointConfig.authorizationRedirectStrategy != null) {
 			authorizationRequestFilter
-					.setAuthorizationRedirectStrategy(this.authorizationEndpointConfig.authorizationRedirectStrategy);
+				.setAuthorizationRedirectStrategy(this.authorizationEndpointConfig.authorizationRedirectStrategy);
 		}
 		RequestCache requestCache = http.getSharedObject(RequestCache.class);
 		if (requestCache != null) {
@@ -380,7 +380,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		}
 		if (this.authorizationEndpointConfig.authorizationRequestRepository != null) {
 			authenticationFilter
-					.setAuthorizationRequestRepository(this.authorizationEndpointConfig.authorizationRequestRepository);
+				.setAuthorizationRequestRepository(this.authorizationEndpointConfig.authorizationRequestRepository);
 		}
 		super.configure(http);
 	}
@@ -398,15 +398,16 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 			throw new NoUniqueBeanDefinitionException(type, names);
 		}
 		if (names.length == 1) {
-			return (JwtDecoderFactory<ClientRegistration>) this.getBuilder().getSharedObject(ApplicationContext.class)
+			return (JwtDecoderFactory<ClientRegistration>) this.getBuilder()
-					.getBean(names[0]);
+				.getSharedObject(ApplicationContext.class)
+				.getBean(names[0]);
 		}
 		return null;
 	}
 
 	private GrantedAuthoritiesMapper getGrantedAuthoritiesMapper() {
 		GrantedAuthoritiesMapper grantedAuthoritiesMapper = this.getBuilder()
-				.getSharedObject(GrantedAuthoritiesMapper.class);
+			.getSharedObject(GrantedAuthoritiesMapper.class);
 		if (grantedAuthoritiesMapper == null) {
 			grantedAuthoritiesMapper = this.getGrantedAuthoritiesMapperBean();
 			if (grantedAuthoritiesMapper != null) {
@@ -418,8 +419,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 
 	private GrantedAuthoritiesMapper getGrantedAuthoritiesMapperBean() {
 		Map<String, GrantedAuthoritiesMapper> grantedAuthoritiesMapperMap = BeanFactoryUtils
-				.beansOfTypeIncludingAncestors(this.getBuilder().getSharedObject(ApplicationContext.class),
+			.beansOfTypeIncludingAncestors(this.getBuilder().getSharedObject(ApplicationContext.class),
-						GrantedAuthoritiesMapper.class);
+					GrantedAuthoritiesMapper.class);
 		return (!grantedAuthoritiesMapperMap.isEmpty() ? grantedAuthoritiesMapperMap.values().iterator().next() : null);
 	}
 
@@ -456,7 +457,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 
 	private void initDefaultLoginFilter(B http) {
 		DefaultLoginPageGeneratingFilter loginPageGeneratingFilter = http
-				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
+			.getSharedObject(DefaultLoginPageGeneratingFilter.class);
 		if (loginPageGeneratingFilter == null || this.isCustomLoginPage()) {
 			return;
 		}
@@ -470,7 +471,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 	private Map<String, String> getLoginLinks() {
 		Iterable<ClientRegistration> clientRegistrations = null;
 		ClientRegistrationRepository clientRegistrationRepository = OAuth2ClientConfigurerUtils
-				.getClientRegistrationRepository(this.getBuilder());
+			.getClientRegistrationRepository(this.getBuilder());
 		ResolvableType type = ResolvableType.forInstance(clientRegistrationRepository).as(Iterable.class);
 		if (type != ResolvableType.NONE && ClientRegistration.class.isAssignableFrom(type.resolveGenerics()[0])) {
 			clientRegistrations = (Iterable<ClientRegistration>) clientRegistrationRepository;
@@ -510,13 +511,13 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 
 	private RequestMatcher getFormLoginNotEnabledRequestMatcher(B http) {
 		DefaultLoginPageGeneratingFilter defaultLoginPageGeneratingFilter = http
-				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
+			.getSharedObject(DefaultLoginPageGeneratingFilter.class);
 		Field formLoginEnabledField = (defaultLoginPageGeneratingFilter != null)
 				? ReflectionUtils.findField(DefaultLoginPageGeneratingFilter.class, "formLoginEnabled") : null;
 		if (formLoginEnabledField != null) {
 			ReflectionUtils.makeAccessible(formLoginEnabledField);
 			return (request) -> Boolean.FALSE
-					.equals(ReflectionUtils.getField(formLoginEnabledField, defaultLoginPageGeneratingFilter));
+				.equals(ReflectionUtils.getField(formLoginEnabledField, defaultLoginPageGeneratingFilter));
 		}
 		return AnyRequestMatcher.INSTANCE;
 	}
@@ -710,8 +711,8 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		 */
 		public UserInfoEndpointConfig userAuthoritiesMapper(GrantedAuthoritiesMapper userAuthoritiesMapper) {
 			Assert.notNull(userAuthoritiesMapper, "userAuthoritiesMapper cannot be null");
-			OAuth2LoginConfigurer.this.getBuilder().setSharedObject(GrantedAuthoritiesMapper.class,
+			OAuth2LoginConfigurer.this.getBuilder()
-					userAuthoritiesMapper);
+				.setSharedObject(GrantedAuthoritiesMapper.class, userAuthoritiesMapper);
 			return this;
 		}
 
@@ -731,7 +732,7 @@ public final class OAuth2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		public Authentication authenticate(Authentication authentication) throws AuthenticationException {
 			OAuth2LoginAuthenticationToken authorizationCodeAuthentication = (OAuth2LoginAuthenticationToken) authentication;
 			OAuth2AuthorizationRequest authorizationRequest = authorizationCodeAuthentication.getAuthorizationExchange()
-					.getAuthorizationRequest();
+				.getAuthorizationRequest();
 			if (authorizationRequest.getScopes().contains(OidcScopes.OPENID)) {
 				// Section 3.1.2.1 Authentication Request -
 				// https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest scope

config/src/main/java/org/springframework/security/config/annotation/web/configurers/oauth2/server/resource/OAuth2ResourceServerConfigurer.java

@@ -298,7 +298,7 @@ public final class OAuth2ResourceServerConfigurer<H extends HttpSecurityBuilder<
 		ExceptionHandlingConfigurer<H> exceptionHandling = http.getConfigurer(ExceptionHandlingConfigurer.class);
 		if (exceptionHandling != null) {
 			ContentNegotiationStrategy contentNegotiationStrategy = http
-					.getSharedObject(ContentNegotiationStrategy.class);
+				.getSharedObject(ContentNegotiationStrategy.class);
 			if (contentNegotiationStrategy == null) {
 				contentNegotiationStrategy = new HeaderContentNegotiationStrategy();
 			}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurer.java

@@ -341,7 +341,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 		OpenSaml4AuthenticationRequestResolver openSaml4AuthenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(
 				relyingPartyRegistrationResolver(http));
 		openSaml4AuthenticationRequestResolver
-				.setRequestMatcher(new AntPathRequestMatcher(this.authenticationRequestUri));
+			.setRequestMatcher(new AntPathRequestMatcher(this.authenticationRequestUri));
 		return openSaml4AuthenticationRequestResolver;
 	}
 
@@ -377,7 +377,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
 
 	private void initDefaultLoginFilter(B http) {
 		DefaultLoginPageGeneratingFilter loginPageGeneratingFilter = http
-				.getSharedObject(DefaultLoginPageGeneratingFilter.class);
+			.getSharedObject(DefaultLoginPageGeneratingFilter.class);
 		if (loginPageGeneratingFilter == null || this.isCustomLoginPage()) {
 			return;
 		}

config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LogoutConfigurer.java

@@ -292,7 +292,7 @@ public final class Saml2LogoutConfigurer<H extends HttpSecurityBuilder<H>>
 	private Saml2RelyingPartyInitiatedLogoutSuccessHandler createSaml2LogoutRequestSuccessHandler(
 			RelyingPartyRegistrationResolver relyingPartyRegistrationResolver) {
 		Saml2LogoutRequestResolver logoutRequestResolver = this.logoutRequestConfigurer
-				.logoutRequestResolver(relyingPartyRegistrationResolver);
+			.logoutRequestResolver(relyingPartyRegistrationResolver);
 		return new Saml2RelyingPartyInitiatedLogoutSuccessHandler(logoutRequestResolver);
 	}
 

config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java

@@ -235,7 +235,7 @@ public class MessageSecurityMetadataSourceRegistry {
 			matcherToExpression.put(entry.getKey().build(), entry.getValue());
 		}
 		return ExpressionBasedMessageSecurityMetadataSourceFactory
-				.createExpressionMessageMetadataSource(matcherToExpression, this.expressionHandler);
+			.createExpressionMessageMetadataSource(matcherToExpression, this.expressionHandler);
 	}
 
 	/**

config/src/main/java/org/springframework/security/config/annotation/web/reactive/ReactiveOAuth2ClientImportSelector.java

@@ -124,7 +124,12 @@ final class ReactiveOAuth2ClientImportSelector implements ImportSelector {
 			ReactiveOAuth2AuthorizedClientManager authorizedClientManager = null;
 			if (this.authorizedClientRepository != null && this.clientRegistrationRepository != null) {
 				ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider = ReactiveOAuth2AuthorizedClientProviderBuilder
-						.builder().authorizationCode().refreshToken().clientCredentials().password().build();
+					.builder()
+					.authorizationCode()
+					.refreshToken()
+					.clientCredentials()
+					.password()
+					.build();
 				DefaultReactiveOAuth2AuthorizedClientManager defaultReactiveOAuth2AuthorizedClientManager = new DefaultReactiveOAuth2AuthorizedClientManager(
 						this.clientRegistrationRepository, getAuthorizedClientRepository());
 				defaultReactiveOAuth2AuthorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);

config/src/main/java/org/springframework/security/config/annotation/web/reactive/WebFluxSecurityConfiguration.java

@@ -138,7 +138,7 @@ class WebFluxSecurityConfiguration {
 		static boolean shouldConfigure(ApplicationContext context) {
 			ClassLoader loader = context.getClassLoader();
 			Class<?> reactiveClientRegistrationRepositoryClass = ClassUtils
-					.resolveClassName(REACTIVE_CLIENT_REGISTRATION_REPOSITORY_CLASSNAME, loader);
+				.resolveClassName(REACTIVE_CLIENT_REGISTRATION_REPOSITORY_CLASSNAME, loader);
 			return context.getBeanNamesForType(reactiveClientRegistrationRepositoryClass).length == 1;
 		}
 

config/src/main/java/org/springframework/security/config/annotation/web/servlet/configuration/EnableWebMvcSecurity.java

@@ -28,6 +28,7 @@ import org.springframework.security.config.annotation.authentication.configurati
 /**
  * Add this annotation to an {@code @Configuration} class to have the Spring Security
  * configuration integrate with Spring MVC.
+ *
  * @deprecated Use EnableWebSecurity instead which will automatically add the Spring MVC
  * related Security items.
  * @author Rob Winch

config/src/main/java/org/springframework/security/config/annotation/web/servlet/configuration/WebMvcSecurityConfiguration.java

@@ -32,8 +32,8 @@ import org.springframework.web.servlet.support.RequestDataValueProcessor;
  * Used to add a {@link RequestDataValueProcessor} for Spring MVC and Spring Security CSRF
  * integration. This configuration is added whenever {@link EnableWebMvc} is added by
  * <a href="
- * {@docRoot}/org/springframework/security/config/annotation/web/configuration/SpringWebMvcImportSelector.html">SpringWebMvcImportSelector</a>
+ * {@docRoot}/org/springframework/security/config/annotation/web/configuration/SpringWebMvcImportSelector.html">SpringWebMvcImportSelector</a> and
- * and the DispatcherServlet is present on the classpath. It also adds the
+ * the DispatcherServlet is present on the classpath. It also adds the
  * {@link AuthenticationPrincipalArgumentResolver} as a
  * {@link HandlerMethodArgumentResolver}.
  *
@@ -51,7 +51,7 @@ public class WebMvcSecurityConfiguration implements WebMvcConfigurer {
 	public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
 		argumentResolvers.add(new AuthenticationPrincipalArgumentResolver());
 		argumentResolvers
-				.add(new org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver());
+			.add(new org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver());
 	}
 
 	@Bean

config/src/main/java/org/springframework/security/config/annotation/web/socket/MessageMatcherAuthorizationManagerConfiguration.java

@@ -29,10 +29,11 @@ final class MessageMatcherAuthorizationManagerConfiguration {
 	@Scope("prototype")
 	MessageMatcherDelegatingAuthorizationManager.Builder messageAuthorizationManagerBuilder(
 			ApplicationContext context) {
-		return MessageMatcherDelegatingAuthorizationManager.builder().simpDestPathMatcher(
+		return MessageMatcherDelegatingAuthorizationManager.builder()
-				() -> (context.getBeanNamesForType(SimpAnnotationMethodMessageHandler.class).length > 0)
+			.simpDestPathMatcher(
-						? context.getBean(SimpAnnotationMethodMessageHandler.class).getPathMatcher()
+					() -> (context.getBeanNamesForType(SimpAnnotationMethodMessageHandler.class).length > 0)
-						: new AntPathMatcher());
+							? context.getBean(SimpAnnotationMethodMessageHandler.class).getPathMatcher()
+							: new AntPathMatcher());
 	}
 
 }

config/src/main/java/org/springframework/security/config/annotation/web/socket/WebSocketMessageBrokerSecurityConfiguration.java

@@ -64,10 +64,13 @@ final class WebSocketMessageBrokerSecurityConfiguration
 	private MessageMatcherDelegatingAuthorizationManager b;
 
 	private static final AuthorizationManager<Message<?>> ANY_MESSAGE_AUTHENTICATED = MessageMatcherDelegatingAuthorizationManager
-			.builder().anyMessage().authenticated().build();
+		.builder()
+		.anyMessage()
+		.authenticated()
+		.build();
 
 	private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-			.getContextHolderStrategy();
+		.getContextHolderStrategy();
 
 	private final SecurityContextChannelInterceptor securityContextChannelInterceptor = new SecurityContextChannelInterceptor();
 

config/src/main/java/org/springframework/security/config/aot/hint/OAuth2LoginRuntimeHints.java

@@ -31,8 +31,9 @@ class OAuth2LoginRuntimeHints implements RuntimeHintsRegistrar {
 
 	@Override
 	public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
-		hints.reflection().registerTypeIfPresent(classLoader, "org.springframework.security.oauth2.jwt.JwtDecoder",
+		hints.reflection()
-				MemberCategory.INVOKE_PUBLIC_METHODS);
+			.registerTypeIfPresent(classLoader, "org.springframework.security.oauth2.jwt.JwtDecoder",
+					MemberCategory.INVOKE_PUBLIC_METHODS);
 	}
 
 }

config/src/main/java/org/springframework/security/config/authentication/AbstractUserDetailsServiceBeanDefinitionParser.java

@@ -55,12 +55,12 @@ public abstract class AbstractUserDetailsServiceBeanDefinitionParser implements
 		// Register a caching version of the user service if there's a cache-ref
 		if (StringUtils.hasText(cacheRef)) {
 			BeanDefinitionBuilder cachingUSBuilder = BeanDefinitionBuilder
-					.rootBeanDefinition(CachingUserDetailsService.class);
+				.rootBeanDefinition(CachingUserDetailsService.class);
 			cachingUSBuilder.addConstructorArgReference(beanId);
 			cachingUSBuilder.addPropertyValue("userCache", new RuntimeBeanReference(cacheRef));
 			BeanDefinition cachingUserService = cachingUSBuilder.getBeanDefinition();
 			parserContext
-					.registerBeanComponent(new BeanComponentDefinition(cachingUserService, beanId + CACHING_SUFFIX));
+				.registerBeanComponent(new BeanComponentDefinition(cachingUserService, beanId + CACHING_SUFFIX));
 		}
 		return null;
 	}

config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerBeanDefinitionParser.java

@@ -64,8 +64,8 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 		String id = element.getAttribute("id");
 		if (!StringUtils.hasText(id)) {
 			if (pc.getRegistry().containsBeanDefinition(BeanIds.AUTHENTICATION_MANAGER)) {
-				pc.getReaderContext().warning("Overriding globally registered AuthenticationManager",
+				pc.getReaderContext()
-						pc.extractSource(element));
+					.warning("Overriding globally registered AuthenticationManager", pc.extractSource(element));
 			}
 			id = BeanIds.AUTHENTICATION_MANAGER;
 		}
@@ -124,14 +124,16 @@ public class AuthenticationManagerBeanDefinitionParser implements BeanDefinition
 			return new RuntimeBeanReference(providerId);
 		}
 		if (providerElement.getAttributes().getLength() > 1) {
-			pc.getReaderContext().error("authentication-provider element cannot be used with other attributes "
+			pc.getReaderContext()
-					+ "when using 'ref' attribute", pc.extractSource(element));
+				.error("authentication-provider element cannot be used with other attributes "
+						+ "when using 'ref' attribute", pc.extractSource(element));
 		}
 		NodeList providerChildren = providerElement.getChildNodes();
 		for (int i = 0; i < providerChildren.getLength(); i++) {
 			if (providerChildren.item(i) instanceof Element) {
-				pc.getReaderContext().error("authentication-provider element cannot have child elements when used "
+				pc.getReaderContext()
-						+ "with 'ref' attribute", pc.extractSource(element));
+					.error("authentication-provider element cannot have child elements when used "
+							+ "with 'ref' attribute", pc.extractSource(element));
 			}
 		}
 		return new RuntimeBeanReference(ref);

config/src/main/java/org/springframework/security/config/authentication/AuthenticationProviderBeanDefinitionParser.java

@@ -60,9 +60,9 @@ public class AuthenticationProviderBeanDefinitionParser implements BeanDefinitio
 		if (StringUtils.hasText(ref)) {
 			if (userServiceElt != null) {
 				pc.getReaderContext()
-						.error("The " + ATT_USER_DETAILS_REF + " attribute cannot be used in combination with child"
+					.error("The " + ATT_USER_DETAILS_REF + " attribute cannot be used in combination with child"
-								+ "elements '" + Elements.USER_SERVICE + "', '" + Elements.JDBC_USER_SERVICE + "' or '"
+							+ "elements '" + Elements.USER_SERVICE + "', '" + Elements.JDBC_USER_SERVICE + "' or '"
-								+ Elements.LDAP_USER_SERVICE + "'", element);
+							+ Elements.LDAP_USER_SERVICE + "'", element);
 			}
 			authProvider.getPropertyValues().add("userDetailsService", new RuntimeBeanReference(ref));
 		}

config/src/main/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParser.java

@@ -46,8 +46,9 @@ public class JdbcUserServiceBeanDefinitionParser extends AbstractUserDetailsServ
 			builder.addPropertyReference("dataSource", dataSource);
 		}
 		else {
-			parserContext.getReaderContext().error(ATT_DATA_SOURCE + " is required for " + Elements.JDBC_USER_SERVICE,
+			parserContext.getReaderContext()
-					parserContext.extractSource(element));
+				.error(ATT_DATA_SOURCE + " is required for " + Elements.JDBC_USER_SERVICE,
+						parserContext.extractSource(element));
 		}
 		String usersQuery = element.getAttribute(ATT_USERS_BY_USERNAME_QUERY);
 		String authoritiesQuery = element.getAttribute(ATT_AUTHORITIES_BY_USERNAME_QUERY);

config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java

@@ -299,11 +299,12 @@ final class AuthenticationConfigBuilder {
 			formFilter.getPropertyValues().addPropertyValue("allowSessionCreation", this.allowSessionCreation);
 			formFilter.getPropertyValues().addPropertyValue("authenticationManager", authManager);
 			if (authenticationFilterSecurityContextRepositoryRef != null) {
-				formFilter.getPropertyValues().addPropertyValue("securityContextRepository",
+				formFilter.getPropertyValues()
-						authenticationFilterSecurityContextRepositoryRef);
+					.addPropertyValue("securityContextRepository", authenticationFilterSecurityContextRepositoryRef);
 			}
-			formFilter.getPropertyValues().addPropertyValue("securityContextHolderStrategy",
+			formFilter.getPropertyValues()
-					authenticationFilterSecurityContextHolderStrategyRef);
+				.addPropertyValue("securityContextHolderStrategy",
+						authenticationFilterSecurityContextHolderStrategyRef);
 			// Id is required by login page filter
 			this.formFilterId = this.pc.getReaderContext().generateBeanName(formFilter);
 			this.pc.registerBeanComponent(new BeanComponentDefinition(formFilter, this.formFilterId));
@@ -337,8 +338,8 @@ final class AuthenticationConfigBuilder {
 		registerDefaultAuthorizedClientRepositoryIfNecessary(defaultAuthorizedClientRepository);
 		oauth2LoginFilterBean.getPropertyValues().addPropertyValue("authenticationManager", authManager);
 		if (authenticationFilterSecurityContextRepositoryRef != null) {
-			oauth2LoginFilterBean.getPropertyValues().addPropertyValue("securityContextRepository",
+			oauth2LoginFilterBean.getPropertyValues()
-					authenticationFilterSecurityContextRepositoryRef);
+				.addPropertyValue("securityContextRepository", authenticationFilterSecurityContextRepositoryRef);
 		}
 
 		// retrieve the other bean result
@@ -350,7 +351,7 @@ final class AuthenticationConfigBuilder {
 		String oauth2LoginAuthProviderId = this.pc.getReaderContext().generateBeanName(oauth2LoginAuthProvider);
 		this.oauth2LoginFilterId = this.pc.getReaderContext().generateBeanName(oauth2LoginFilterBean);
 		String oauth2AuthorizationRequestRedirectFilterId = this.pc.getReaderContext()
-				.generateBeanName(this.oauth2AuthorizationRequestRedirectFilter);
+			.generateBeanName(this.oauth2AuthorizationRequestRedirectFilter);
 		this.oauth2LoginLinks = parser.getOAuth2LoginLinks();
 
 		// register the component
@@ -385,17 +386,17 @@ final class AuthenticationConfigBuilder {
 		registerDefaultAuthorizedClientRepositoryIfNecessary(defaultAuthorizedClientRepository);
 		this.authorizationRequestRedirectFilter = parser.getAuthorizationRequestRedirectFilter();
 		String authorizationRequestRedirectFilterId = this.pc.getReaderContext()
-				.generateBeanName(this.authorizationRequestRedirectFilter);
+			.generateBeanName(this.authorizationRequestRedirectFilter);
 		this.pc.registerBeanComponent(new BeanComponentDefinition(this.authorizationRequestRedirectFilter,
 				authorizationRequestRedirectFilterId));
 		this.authorizationCodeGrantFilter = parser.getAuthorizationCodeGrantFilter();
 		String authorizationCodeGrantFilterId = this.pc.getReaderContext()
-				.generateBeanName(this.authorizationCodeGrantFilter);
+			.generateBeanName(this.authorizationCodeGrantFilter);
 		this.pc.registerBeanComponent(
 				new BeanComponentDefinition(this.authorizationCodeGrantFilter, authorizationCodeGrantFilterId));
 		BeanDefinition authorizationCodeAuthenticationProvider = parser.getAuthorizationCodeAuthenticationProvider();
 		String authorizationCodeAuthenticationProviderId = this.pc.getReaderContext()
-				.generateBeanName(authorizationCodeAuthenticationProvider);
+			.generateBeanName(authorizationCodeAuthenticationProvider);
 		this.pc.registerBeanComponent(new BeanComponentDefinition(authorizationCodeAuthenticationProvider,
 				authorizationCodeAuthenticationProviderId));
 		this.authorizationCodeAuthenticationProviderRef = new RuntimeBeanReference(
@@ -405,7 +406,7 @@ final class AuthenticationConfigBuilder {
 	void registerDefaultAuthorizedClientRepositoryIfNecessary(BeanDefinition defaultAuthorizedClientRepository) {
 		if (!this.defaultAuthorizedClientRepositoryRegistered && defaultAuthorizedClientRepository != null) {
 			String authorizedClientRepositoryId = this.pc.getReaderContext()
-					.generateBeanName(defaultAuthorizedClientRepository);
+				.generateBeanName(defaultAuthorizedClientRepository);
 			this.pc.registerBeanComponent(
 					new BeanComponentDefinition(defaultAuthorizedClientRepository, authorizedClientRepositoryId));
 			this.defaultAuthorizedClientRepositoryRegistered = true;
@@ -418,7 +419,7 @@ final class AuthenticationConfigBuilder {
 		}
 		if (webMvcPresent) {
 			this.pc.getReaderContext()
-					.registerWithGeneratedName(new RootBeanDefinition(OAuth2ClientWebMvcSecurityPostProcessor.class));
+				.registerWithGeneratedName(new RootBeanDefinition(OAuth2ClientWebMvcSecurityPostProcessor.class));
 		}
 	}
 
@@ -437,7 +438,7 @@ final class AuthenticationConfigBuilder {
 
 		this.saml2AuthenticationFilterId = this.pc.getReaderContext().generateBeanName(saml2WebSsoAuthenticationFilter);
 		this.saml2AuthenticationRequestFilterId = this.pc.getReaderContext()
-				.generateBeanName(this.saml2AuthorizationRequestFilter);
+			.generateBeanName(this.saml2AuthorizationRequestFilter);
 		this.saml2AuthenticationUrlToProviderName = parser.getSaml2AuthenticationUrlToProviderName();
 
 		// register the component
@@ -449,8 +450,8 @@ final class AuthenticationConfigBuilder {
 
 	private void injectRememberMeServicesRef(RootBeanDefinition bean, String rememberMeServicesId) {
 		if (rememberMeServicesId != null) {
-			bean.getPropertyValues().addPropertyValue("rememberMeServices",
+			bean.getPropertyValues()
-					new RuntimeBeanReference(rememberMeServicesId));
+				.addPropertyValue("rememberMeServices", new RuntimeBeanReference(rememberMeServicesId));
 		}
 	}
 
@@ -508,7 +509,7 @@ final class AuthenticationConfigBuilder {
 		RootBeanDefinition filter = null;
 		if (x509Elt != null) {
 			BeanDefinitionBuilder filterBuilder = BeanDefinitionBuilder
-					.rootBeanDefinition(X509AuthenticationFilter.class);
+				.rootBeanDefinition(X509AuthenticationFilter.class);
 			filterBuilder.getRawBeanDefinition().setSource(this.pc.extractSource(x509Elt));
 			filterBuilder.addPropertyValue("authenticationManager", authManager);
 			filterBuilder.addPropertyValue("securityContextHolderStrategy",
@@ -516,7 +517,7 @@ final class AuthenticationConfigBuilder {
 			String regex = x509Elt.getAttribute("subject-principal-regex");
 			if (StringUtils.hasText(regex)) {
 				BeanDefinitionBuilder extractor = BeanDefinitionBuilder
-						.rootBeanDefinition(SubjectDnX509PrincipalExtractor.class);
+					.rootBeanDefinition(SubjectDnX509PrincipalExtractor.class);
 				extractor.addPropertyValue("subjectDnRegex", regex);
 				filterBuilder.addPropertyValue("principalExtractor", extractor.getBeanDefinition());
 			}
@@ -559,13 +560,13 @@ final class AuthenticationConfigBuilder {
 		RootBeanDefinition filter = null;
 		if (jeeElt != null) {
 			BeanDefinitionBuilder filterBuilder = BeanDefinitionBuilder
-					.rootBeanDefinition(J2eePreAuthenticatedProcessingFilter.class);
+				.rootBeanDefinition(J2eePreAuthenticatedProcessingFilter.class);
 			filterBuilder.getRawBeanDefinition().setSource(this.pc.extractSource(jeeElt));
 			filterBuilder.addPropertyValue("authenticationManager", authManager);
 			filterBuilder.addPropertyValue("securityContextHolderStrategy",
 					authenticationFilterSecurityContextHolderStrategyRef);
 			BeanDefinitionBuilder adsBldr = BeanDefinitionBuilder
-					.rootBeanDefinition(J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.class);
+				.rootBeanDefinition(J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource.class);
 			adsBldr.addPropertyValue("userRoles2GrantedAuthoritiesMapper",
 					new RootBeanDefinition(SimpleAttributes2GrantedAuthoritiesMapper.class));
 			String roles = jeeElt.getAttribute(ATT_MAPPABLE_ROLES);
@@ -574,8 +575,8 @@ final class AuthenticationConfigBuilder {
 			rolesBuilder.addConstructorArgValue(roles);
 			rolesBuilder.setFactoryMethod("commaDelimitedListToSet");
 			RootBeanDefinition mappableRolesRetriever = new RootBeanDefinition(SimpleMappableAttributesRetriever.class);
-			mappableRolesRetriever.getPropertyValues().addPropertyValue("mappableAttributes",
+			mappableRolesRetriever.getPropertyValues()
-					rolesBuilder.getBeanDefinition());
+				.addPropertyValue("mappableAttributes", rolesBuilder.getBeanDefinition());
 			adsBldr.addPropertyValue("mappableRolesRetriever", mappableRolesRetriever);
 			filterBuilder.addPropertyValue("authenticationDetailsSource", adsBldr.getBeanDefinition());
 			filter = (RootBeanDefinition) filterBuilder.getBeanDefinition();
@@ -609,11 +610,11 @@ final class AuthenticationConfigBuilder {
 			this.logger.info("No login page configured. The default internal one will be used. Use the '"
 					+ FormLoginBeanDefinitionParser.ATT_LOGIN_PAGE + "' attribute to set the URL of the login page.");
 			BeanDefinitionBuilder loginPageFilter = BeanDefinitionBuilder
-					.rootBeanDefinition(DefaultLoginPageGeneratingFilter.class);
+				.rootBeanDefinition(DefaultLoginPageGeneratingFilter.class);
 			loginPageFilter.addPropertyValue("resolveHiddenInputs", new CsrfTokenHiddenInputFunction());
 
 			BeanDefinitionBuilder logoutPageFilter = BeanDefinitionBuilder
-					.rootBeanDefinition(DefaultLogoutPageGeneratingFilter.class);
+				.rootBeanDefinition(DefaultLogoutPageGeneratingFilter.class);
 			logoutPageFilter.addPropertyValue("resolveHiddenInputs", new CsrfTokenHiddenInputFunction());
 			if (this.formFilterId != null) {
 				loginPageFilter.addConstructorArgReference(this.formFilterId);
@@ -726,10 +727,10 @@ final class AuthenticationConfigBuilder {
 		this.anonymousFilter = new RootBeanDefinition(AnonymousAuthenticationFilter.class);
 		this.anonymousFilter.getConstructorArgumentValues().addIndexedArgumentValue(0, key);
 		this.anonymousFilter.getConstructorArgumentValues().addIndexedArgumentValue(1, username);
-		this.anonymousFilter.getConstructorArgumentValues().addIndexedArgumentValue(2,
+		this.anonymousFilter.getConstructorArgumentValues()
-				AuthorityUtils.commaSeparatedStringToAuthorityList(grantedAuthority));
+			.addIndexedArgumentValue(2, AuthorityUtils.commaSeparatedStringToAuthorityList(grantedAuthority));
-		this.anonymousFilter.getPropertyValues().addPropertyValue("securityContextHolderStrategy",
+		this.anonymousFilter.getPropertyValues()
-				authenticationFilterSecurityContextHolderStrategyRef);
+			.addPropertyValue("securityContextHolderStrategy", authenticationFilterSecurityContextHolderStrategyRef);
 		this.anonymousFilter.setSource(source);
 		RootBeanDefinition anonymousProviderBean = new RootBeanDefinition(AnonymousAuthenticationProvider.class);
 		anonymousProviderBean.getConstructorArgumentValues().addIndexedArgumentValue(0, key);
@@ -760,16 +761,16 @@ final class AuthenticationConfigBuilder {
 	private BeanMetadataElement createAccessDeniedHandler(Element element, ParserContext pc) {
 		Element accessDeniedElt = DomUtils.getChildElementByTagName(element, Elements.ACCESS_DENIED_HANDLER);
 		BeanDefinitionBuilder accessDeniedHandler = BeanDefinitionBuilder
-				.rootBeanDefinition(AccessDeniedHandlerImpl.class);
+			.rootBeanDefinition(AccessDeniedHandlerImpl.class);
 		if (accessDeniedElt != null) {
 			String errorPage = accessDeniedElt.getAttribute("error-page");
 			String ref = accessDeniedElt.getAttribute("ref");
 			if (StringUtils.hasText(errorPage)) {
 				if (StringUtils.hasText(ref)) {
 					pc.getReaderContext()
-							.error("The attribute " + ATT_ACCESS_DENIED_ERROR_PAGE
+						.error("The attribute " + ATT_ACCESS_DENIED_ERROR_PAGE
-									+ " cannot be used together with the 'ref' attribute within <"
+								+ " cannot be used together with the 'ref' attribute within <"
-									+ Elements.ACCESS_DENIED_HANDLER + ">", pc.extractSource(accessDeniedElt));
+								+ Elements.ACCESS_DENIED_HANDLER + ">", pc.extractSource(accessDeniedElt));
 
 				}
 				accessDeniedHandler.addPropertyValue("errorPage", errorPage);
@@ -786,10 +787,10 @@ final class AuthenticationConfigBuilder {
 			return this.defaultDeniedHandlerMappings.values().iterator().next();
 		}
 		accessDeniedHandler = BeanDefinitionBuilder
-				.rootBeanDefinition(RequestMatcherDelegatingAccessDeniedHandler.class);
+			.rootBeanDefinition(RequestMatcherDelegatingAccessDeniedHandler.class);
 		accessDeniedHandler.addConstructorArgValue(this.defaultDeniedHandlerMappings);
 		accessDeniedHandler
-				.addConstructorArgValue(BeanDefinitionBuilder.rootBeanDefinition(AccessDeniedHandlerImpl.class));
+			.addConstructorArgValue(BeanDefinitionBuilder.rootBeanDefinition(AccessDeniedHandlerImpl.class));
 		return accessDeniedHandler.getBeanDefinition();
 	}
 
@@ -805,7 +806,7 @@ final class AuthenticationConfigBuilder {
 				return this.defaultEntryPointMappings.values().iterator().next();
 			}
 			BeanDefinitionBuilder delegatingEntryPoint = BeanDefinitionBuilder
-					.rootBeanDefinition(DelegatingAuthenticationEntryPoint.class);
+				.rootBeanDefinition(DelegatingAuthenticationEntryPoint.class);
 			delegatingEntryPoint.addConstructorArgValue(this.defaultEntryPointMappings);
 			return delegatingEntryPoint.getBeanDefinition();
 		}
@@ -836,10 +837,11 @@ final class AuthenticationConfigBuilder {
 		if (this.oauth2LoginEntryPoint != null) {
 			return this.oauth2LoginEntryPoint;
 		}
-		this.pc.getReaderContext().error("No AuthenticationEntryPoint could be established. Please "
+		this.pc.getReaderContext()
-				+ "make sure you have a login mechanism configured through the namespace (such as form-login) or "
+			.error("No AuthenticationEntryPoint could be established. Please "
-				+ "specify a custom AuthenticationEntryPoint with the '" + ATT_ENTRY_POINT_REF + "' attribute ",
+					+ "make sure you have a login mechanism configured through the namespace (such as form-login) or "
-				this.pc.extractSource(this.httpElt));
+					+ "specify a custom AuthenticationEntryPoint with the '" + ATT_ENTRY_POINT_REF + "' attribute ",
+					this.pc.extractSource(this.httpElt));
 		return null;
 	}
 

config/src/main/java/org/springframework/security/config/http/AuthorizationFilterParser.java

@@ -75,13 +75,14 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 	@Override
 	public BeanDefinition parse(Element element, ParserContext parserContext) {
 		if (!isUseExpressions(element)) {
-			parserContext.getReaderContext().error("AuthorizationManager must be used with `use-expressions=\"true\"",
+			parserContext.getReaderContext()
-					element);
+				.error("AuthorizationManager must be used with `use-expressions=\"true\"", element);
 			return null;
 		}
 		if (StringUtils.hasText(element.getAttribute(ATT_ACCESS_DECISION_MANAGER_REF))) {
-			parserContext.getReaderContext().error(
+			parserContext.getReaderContext()
-					"AuthorizationManager cannot be used in conjunction with `access-decision-manager-ref`", element);
+				.error("AuthorizationManager cannot be used in conjunction with `access-decision-manager-ref`",
+						element);
 			return null;
 		}
 		this.authorizationManagerRef = createAuthorizationManager(element, parserContext);
@@ -92,8 +93,8 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 			filterBuilder.addPropertyValue("shouldFilterAllDispatcherTypes", Boolean.FALSE);
 		}
 		BeanDefinition filter = filterBuilder
-				.addPropertyValue("securityContextHolderStrategy", this.securityContextHolderStrategy)
+			.addPropertyValue("securityContextHolderStrategy", this.securityContextHolderStrategy)
-				.getBeanDefinition();
+			.getBeanDefinition();
 		String id = element.getAttribute(AbstractBeanDefinitionParser.ID_ATTRIBUTE);
 		if (StringUtils.hasText(id)) {
 			parserContext.registerComponent(new BeanComponentDefinition(filter, id));
@@ -123,16 +124,16 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 		for (Element interceptMessage : interceptMessages) {
 			String accessExpression = interceptMessage.getAttribute(ATT_ACCESS);
 			BeanDefinitionBuilder authorizationManager = BeanDefinitionBuilder
-					.rootBeanDefinition(WebExpressionAuthorizationManager.class);
+				.rootBeanDefinition(WebExpressionAuthorizationManager.class);
 			authorizationManager.addPropertyReference("expressionHandler", expressionHandlerRef);
 			authorizationManager.addConstructorArgValue(accessExpression);
 			BeanMetadataElement matcher = createMatcher(matcherType, interceptMessage, parserContext);
 			matcherToExpression.put(matcher, authorizationManager.getBeanDefinition());
 		}
 		BeanDefinitionBuilder mds = BeanDefinitionBuilder
-				.rootBeanDefinition(RequestMatcherDelegatingAuthorizationManagerFactory.class)
+			.rootBeanDefinition(RequestMatcherDelegatingAuthorizationManagerFactory.class)
-				.addPropertyValue("requestMatcherMap", matcherToExpression)
+			.addPropertyValue("requestMatcherMap", matcherToExpression)
-				.addPropertyValue("observationRegistry", getObservationRegistry(element));
+			.addPropertyValue("observationRegistry", getObservationRegistry(element));
 		return context.registerWithGeneratedName(mds.getBeanDefinition());
 	}
 
@@ -152,8 +153,9 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 			servletPath = null;
 		}
 		else if (!MatcherType.mvc.equals(matcherType)) {
-			parserContext.getReaderContext().error(
+			parserContext.getReaderContext()
-					ATT_SERVLET_PATH + " is not applicable for request-matcher: '" + matcherType.name() + "'", urlElt);
+				.error(ATT_SERVLET_PATH + " is not applicable for request-matcher: '" + matcherType.name() + "'",
+						urlElt);
 		}
 		return hasMatcherRef ? new RuntimeBeanReference(matcherRef)
 				: matcherType.createMatcher(parserContext, path, method, servletPath);
@@ -190,9 +192,9 @@ class AuthorizationFilterParser implements BeanDefinitionParser {
 		@Override
 		public AuthorizationManager<HttpServletRequest> getObject() throws Exception {
 			RequestMatcherDelegatingAuthorizationManager.Builder builder = RequestMatcherDelegatingAuthorizationManager
-					.builder();
+				.builder();
 			for (Map.Entry<RequestMatcher, AuthorizationManager<RequestAuthorizationContext>> entry : this.beans
-					.entrySet()) {
+				.entrySet()) {
 				builder.add(entry.getKey(), entry.getValue());
 			}
 			AuthorizationManager<HttpServletRequest> manager = builder.build();

config/src/main/java/org/springframework/security/config/http/CsrfBeanDefinitionParser.java

@@ -111,7 +111,7 @@ public class CsrfBeanDefinitionParser implements BeanDefinitionParser {
 		if (!StringUtils.hasText(this.csrfRepositoryRef)) {
 			RootBeanDefinition csrfTokenRepository = new RootBeanDefinition(HttpSessionCsrfTokenRepository.class);
 			BeanDefinitionBuilder lazyTokenRepository = BeanDefinitionBuilder
-					.rootBeanDefinition(LazyCsrfTokenRepository.class);
+				.rootBeanDefinition(LazyCsrfTokenRepository.class);
 			lazyTokenRepository.addConstructorArgValue(csrfTokenRepository);
 			this.csrfRepositoryRef = pc.getReaderContext().generateBeanName(lazyTokenRepository.getBeanDefinition());
 			pc.registerBeanComponent(
@@ -161,19 +161,20 @@ public class CsrfBeanDefinitionParser implements BeanDefinitionParser {
 		}
 		ManagedMap<Class<? extends AccessDeniedException>, BeanDefinition> handlers = new ManagedMap<>();
 		BeanDefinitionBuilder invalidSessionHandlerBldr = BeanDefinitionBuilder
-				.rootBeanDefinition(InvalidSessionAccessDeniedHandler.class);
+			.rootBeanDefinition(InvalidSessionAccessDeniedHandler.class);
 		invalidSessionHandlerBldr.addConstructorArgValue(invalidSessionStrategy);
 		handlers.put(MissingCsrfTokenException.class, invalidSessionHandlerBldr.getBeanDefinition());
 		BeanDefinitionBuilder deniedBldr = BeanDefinitionBuilder
-				.rootBeanDefinition(DelegatingAccessDeniedHandler.class);
+			.rootBeanDefinition(DelegatingAccessDeniedHandler.class);
 		deniedBldr.addConstructorArgValue(handlers);
 		deniedBldr.addConstructorArgValue(defaultDeniedHandler);
 		BeanDefinition denied = deniedBldr.getBeanDefinition();
 		ManagedList compositeList = new ManagedList();
 		BeanDefinitionBuilder compositeBldr = BeanDefinitionBuilder
-				.rootBeanDefinition(CompositeAccessDeniedHandler.class);
+			.rootBeanDefinition(CompositeAccessDeniedHandler.class);
 		BeanDefinition observing = BeanDefinitionBuilder.rootBeanDefinition(ObservationMarkingAccessDeniedHandler.class)
-				.addConstructorArgValue(this.observationRegistry).getBeanDefinition();
+			.addConstructorArgValue(this.observationRegistry)
+			.getBeanDefinition();
 		compositeList.add(denied);
 		compositeList.add(observing);
 		compositeBldr.addConstructorArgValue(compositeList);
@@ -182,14 +183,14 @@ public class CsrfBeanDefinitionParser implements BeanDefinitionParser {
 
 	BeanDefinition getCsrfAuthenticationStrategy() {
 		BeanDefinitionBuilder csrfAuthenticationStrategy = BeanDefinitionBuilder
-				.rootBeanDefinition(CsrfAuthenticationStrategy.class);
+			.rootBeanDefinition(CsrfAuthenticationStrategy.class);
 		csrfAuthenticationStrategy.addConstructorArgReference(this.csrfRepositoryRef);
 		return csrfAuthenticationStrategy.getBeanDefinition();
 	}
 
 	BeanDefinition getCsrfLogoutHandler() {
 		BeanDefinitionBuilder csrfAuthenticationStrategy = BeanDefinitionBuilder
-				.rootBeanDefinition(CsrfLogoutHandler.class);
+			.rootBeanDefinition(CsrfLogoutHandler.class);
 		csrfAuthenticationStrategy.addConstructorArgReference(this.csrfRepositoryRef);
 		return csrfAuthenticationStrategy.getBeanDefinition();
 	}

config/src/main/java/org/springframework/security/config/http/DefaultFilterChainValidator.java

@@ -150,7 +150,7 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
 			return;
 		}
 		String loginPage = ((LoginUrlAuthenticationEntryPoint) exceptions.getAuthenticationEntryPoint())
-				.getLoginFormUrl();
+			.getLoginFormUrl();
 		this.logger.info("Checking whether login URL '" + loginPage + "' is accessible with your configuration");
 		FilterInvocation loginRequest = new FilterInvocation(loginPage, "POST");
 		List<Filter> filters = null;
@@ -219,7 +219,7 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
 		AuthorizationFilter authorizationFilter = getFilter(AuthorizationFilter.class, filters);
 		if (authorizationFilter != null) {
 			AuthorizationManager<HttpServletRequest> authorizationManager = authorizationFilter
-					.getAuthorizationManager();
+				.getAuthorizationManager();
 			try {
 				AuthorizationDecision decision = authorizationManager.check(() -> TEST, loginRequest.getHttpRequest());
 				return decision != null && decision.isGranted();
@@ -251,7 +251,7 @@ public class DefaultFilterChainValidator implements FilterChainProxy.FilterChain
 		if (authorizationFilter != null) {
 			return () -> {
 				AuthorizationManager<HttpServletRequest> authorizationManager = authorizationFilter
-						.getAuthorizationManager();
+					.getAuthorizationManager();
 				AuthorizationDecision decision = authorizationManager.check(() -> token, loginRequest.getHttpRequest());
 				return decision != null && decision.isGranted();
 			};

config/src/main/java/org/springframework/security/config/http/FilterChainMapBeanDefinitionDecorator.java

@@ -53,13 +53,14 @@ public class FilterChainMapBeanDefinitionDecorator implements BeanDefinitionDeco
 			String path = chain.getAttribute(HttpSecurityBeanDefinitionParser.ATT_PATH_PATTERN);
 			String filters = chain.getAttribute(HttpSecurityBeanDefinitionParser.ATT_FILTERS);
 			if (!StringUtils.hasText(path)) {
-				parserContext.getReaderContext().error(
+				parserContext.getReaderContext()
-						"The attribute '" + HttpSecurityBeanDefinitionParser.ATT_PATH_PATTERN + "' must not be empty",
+					.error("The attribute '" + HttpSecurityBeanDefinitionParser.ATT_PATH_PATTERN
-						elt);
+							+ "' must not be empty", elt);
 			}
 			if (!StringUtils.hasText(filters)) {
-				parserContext.getReaderContext().error(
+				parserContext.getReaderContext()
-						"The attribute '" + HttpSecurityBeanDefinitionParser.ATT_FILTERS + "'must not be empty", elt);
+					.error("The attribute '" + HttpSecurityBeanDefinitionParser.ATT_FILTERS + "'must not be empty",
+							elt);
 			}
 			BeanDefinition matcher = matcherType.createMatcher(parserContext, path, null);
 			if (filters.equals(HttpSecurityBeanDefinitionParser.OPT_FILTERS_NONE)) {

config/src/main/java/org/springframework/security/config/http/FilterInvocationSecurityMetadataSourceParser.java

@@ -69,17 +69,18 @@ public class FilterInvocationSecurityMetadataSourceParser implements BeanDefinit
 		// Check for attributes that aren't allowed in this context
 		for (Element elt : interceptUrls) {
 			if (StringUtils.hasLength(elt.getAttribute(HttpSecurityBeanDefinitionParser.ATT_REQUIRES_CHANNEL))) {
-				parserContext.getReaderContext().error("The attribute '"
+				parserContext.getReaderContext()
-						+ HttpSecurityBeanDefinitionParser.ATT_REQUIRES_CHANNEL + "' isn't allowed here.", elt);
+					.error("The attribute '" + HttpSecurityBeanDefinitionParser.ATT_REQUIRES_CHANNEL
+							+ "' isn't allowed here.", elt);
 			}
 			if (StringUtils.hasLength(elt.getAttribute(HttpSecurityBeanDefinitionParser.ATT_FILTERS))) {
-				parserContext.getReaderContext().error(
+				parserContext.getReaderContext()
-						"The attribute '" + HttpSecurityBeanDefinitionParser.ATT_FILTERS + "' isn't allowed here.",
+					.error("The attribute '" + HttpSecurityBeanDefinitionParser.ATT_FILTERS + "' isn't allowed here.",
-						elt);
+							elt);
 			}
 			if (StringUtils.hasLength(elt.getAttribute(ATT_SERVLET_PATH))) {
-				parserContext.getReaderContext().error("The attribute '" + ATT_SERVLET_PATH + "' isn't allowed here.",
+				parserContext.getReaderContext()
-						elt);
+					.error("The attribute '" + ATT_SERVLET_PATH + "' isn't allowed here.", elt);
 			}
 		}
 		BeanDefinition mds = createSecurityMetadataSource(interceptUrls, false, element, parserContext);
@@ -110,7 +111,7 @@ public class FilterInvocationSecurityMetadataSourceParser implements BeanDefinit
 				expressionHandlerRef = registerDefaultExpressionHandler(pc);
 			}
 			fidsBuilder = BeanDefinitionBuilder
-					.rootBeanDefinition(ExpressionBasedFilterInvocationSecurityMetadataSource.class);
+				.rootBeanDefinition(ExpressionBasedFilterInvocationSecurityMetadataSource.class);
 			fidsBuilder.addConstructorArgValue(requestToAttributesMap);
 			fidsBuilder.addConstructorArgReference(expressionHandlerRef);
 		}
@@ -159,9 +160,9 @@ public class FilterInvocationSecurityMetadataSourceParser implements BeanDefinit
 				servletPath = null;
 			}
 			else if (!MatcherType.mvc.equals(matcherType)) {
-				parserContext.getReaderContext().error(
+				parserContext.getReaderContext()
-						ATT_SERVLET_PATH + " is not applicable for request-matcher: '" + matcherType.name() + "'",
+					.error(ATT_SERVLET_PATH + " is not applicable for request-matcher: '" + matcherType.name() + "'",
-						urlElt);
+							urlElt);
 			}
 			BeanMetadataElement matcher = hasMatcherRef ? new RuntimeBeanReference(matcherRef)
 					: matcherType.createMatcher(parserContext, path, method, servletPath);

config/src/main/java/org/springframework/security/config/http/FormLoginBeanDefinitionParser.java

@@ -159,7 +159,7 @@ public class FormLoginBeanDefinitionParser {
 		}
 		this.filterBean.setSource(source);
 		BeanDefinitionBuilder entryPointBuilder = BeanDefinitionBuilder
-				.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class);
+			.rootBeanDefinition(LoginUrlAuthenticationEntryPoint.class);
 		entryPointBuilder.getRawBeanDefinition().setSource(source);
 		entryPointBuilder.addConstructorArgValue((this.loginPage != null) ? this.loginPage : DEF_LOGIN_PAGE);
 		entryPointBuilder.addPropertyValue("portMapper", this.portMapper);
@@ -178,7 +178,7 @@ public class FormLoginBeanDefinitionParser {
 		}
 		this.loginProcessingUrl = loginUrl;
 		BeanDefinitionBuilder matcherBuilder = BeanDefinitionBuilder
-				.rootBeanDefinition("org.springframework.security.web.util.matcher.AntPathRequestMatcher");
+			.rootBeanDefinition("org.springframework.security.web.util.matcher.AntPathRequestMatcher");
 		matcherBuilder.addConstructorArgValue(loginUrl);
 		if (this.loginMethod != null) {
 			matcherBuilder.addConstructorArgValue("POST");
@@ -189,13 +189,13 @@ public class FormLoginBeanDefinitionParser {
 		}
 		else if (StringUtils.hasText(authenticationSuccessForwardUrl)) {
 			BeanDefinitionBuilder forwardSuccessHandler = BeanDefinitionBuilder
-					.rootBeanDefinition(ForwardAuthenticationSuccessHandler.class);
+				.rootBeanDefinition(ForwardAuthenticationSuccessHandler.class);
 			forwardSuccessHandler.addConstructorArgValue(authenticationSuccessForwardUrl);
 			filterBuilder.addPropertyValue("authenticationSuccessHandler", forwardSuccessHandler.getBeanDefinition());
 		}
 		else {
 			BeanDefinitionBuilder successHandler = BeanDefinitionBuilder
-					.rootBeanDefinition(SavedRequestAwareAuthenticationSuccessHandler.class);
+				.rootBeanDefinition(SavedRequestAwareAuthenticationSuccessHandler.class);
 			if ("true".equals(alwaysUseDefault)) {
 				successHandler.addPropertyValue("alwaysUseDefaultTargetUrl", Boolean.TRUE);
 			}
@@ -215,13 +215,13 @@ public class FormLoginBeanDefinitionParser {
 		}
 		else if (StringUtils.hasText(authenticationFailureForwardUrl)) {
 			BeanDefinitionBuilder forwardFailureHandler = BeanDefinitionBuilder
-					.rootBeanDefinition(ForwardAuthenticationFailureHandler.class);
+				.rootBeanDefinition(ForwardAuthenticationFailureHandler.class);
 			forwardFailureHandler.addConstructorArgValue(authenticationFailureForwardUrl);
 			filterBuilder.addPropertyValue("authenticationFailureHandler", forwardFailureHandler.getBeanDefinition());
 		}
 		else {
 			BeanDefinitionBuilder failureHandler = BeanDefinitionBuilder
-					.rootBeanDefinition(SimpleUrlAuthenticationFailureHandler.class);
+				.rootBeanDefinition(SimpleUrlAuthenticationFailureHandler.class);
 			if (!StringUtils.hasText(authenticationFailureUrl)) {
 				// Fall back to re-displaying the custom login page, if one was specified.
 				if (StringUtils.hasText(loginPage)) {

config/src/main/java/org/springframework/security/config/http/GrantedAuthorityDefaultsParserUtils.java

@@ -50,10 +50,10 @@ final class GrantedAuthorityDefaultsParserUtils {
 		@Override
 		public final void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
 			String[] grantedAuthorityDefaultsBeanNames = applicationContext
-					.getBeanNamesForType(GrantedAuthorityDefaults.class);
+				.getBeanNamesForType(GrantedAuthorityDefaults.class);
 			if (grantedAuthorityDefaultsBeanNames.length == 1) {
 				GrantedAuthorityDefaults grantedAuthorityDefaults = applicationContext
-						.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
+					.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
 				this.rolePrefix = grantedAuthorityDefaults.getRolePrefix();
 			}
 		}

config/src/main/java/org/springframework/security/config/http/HeadersBeanDefinitionParser.java

@@ -157,8 +157,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 		parseHeaderElements(element);
 		boolean noWriters = this.headerWriters.isEmpty();
 		if (disabled && !noWriters) {
-			parserContext.getReaderContext().error("Cannot specify <headers disabled=\"true\"> with child elements.",
+			parserContext.getReaderContext()
-					element);
+				.error("Cannot specify <headers disabled=\"true\"> with child elements.", element);
 		}
 		else if (noWriters) {
 			return null;
@@ -192,7 +192,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 
 	private void addCacheControl() {
 		BeanDefinitionBuilder headersWriter = BeanDefinitionBuilder
-				.genericBeanDefinition(CacheControlHeadersWriter.class);
+			.genericBeanDefinition(CacheControlHeadersWriter.class);
 		this.headerWriters.add(headersWriter.getBeanDefinition());
 	}
 
@@ -309,11 +309,11 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 
 	private void addContentSecurityPolicy(Element contentSecurityPolicyElement, ParserContext context) {
 		BeanDefinitionBuilder headersWriter = BeanDefinitionBuilder
-				.genericBeanDefinition(ContentSecurityPolicyHeaderWriter.class);
+			.genericBeanDefinition(ContentSecurityPolicyHeaderWriter.class);
 		String policyDirectives = contentSecurityPolicyElement.getAttribute(ATT_POLICY_DIRECTIVES);
 		if (!StringUtils.hasText(policyDirectives)) {
-			context.getReaderContext().error(ATT_POLICY_DIRECTIVES + " requires a 'value' to be set.",
+			context.getReaderContext()
-					contentSecurityPolicyElement);
+				.error(ATT_POLICY_DIRECTIVES + " requires a 'value' to be set.", contentSecurityPolicyElement);
 		}
 		else {
 			headersWriter.addConstructorArgValue(policyDirectives);
@@ -335,7 +335,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 
 	private void addReferrerPolicy(Element referrerPolicyElement, ParserContext context) {
 		BeanDefinitionBuilder headersWriter = BeanDefinitionBuilder
-				.genericBeanDefinition(ReferrerPolicyHeaderWriter.class);
+			.genericBeanDefinition(ReferrerPolicyHeaderWriter.class);
 		String policy = referrerPolicyElement.getAttribute(ATT_POLICY);
 		if (StringUtils.hasLength(policy)) {
 			headersWriter.addConstructorArgValue(ReferrerPolicy.get(policy));
@@ -353,11 +353,11 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 
 	private void addFeaturePolicy(Element featurePolicyElement, ParserContext context) {
 		BeanDefinitionBuilder headersWriter = BeanDefinitionBuilder
-				.genericBeanDefinition(FeaturePolicyHeaderWriter.class);
+			.genericBeanDefinition(FeaturePolicyHeaderWriter.class);
 		String policyDirectives = featurePolicyElement.getAttribute(ATT_POLICY_DIRECTIVES);
 		if (!StringUtils.hasText(policyDirectives)) {
-			context.getReaderContext().error(ATT_POLICY_DIRECTIVES + " requires a 'value' to be set.",
+			context.getReaderContext()
-					featurePolicyElement);
+				.error(ATT_POLICY_DIRECTIVES + " requires a 'value' to be set.", featurePolicyElement);
 		}
 		else {
 			headersWriter.addConstructorArgValue(policyDirectives);
@@ -375,7 +375,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 
 	private void addPermissionsPolicy(Element permissionsPolicyElement, ParserContext context) {
 		BeanDefinitionBuilder headersWriter = BeanDefinitionBuilder
-				.genericBeanDefinition(PermissionsPolicyHeaderWriter.class);
+			.genericBeanDefinition(PermissionsPolicyHeaderWriter.class);
 		String policyDirectives = permissionsPolicyElement.getAttribute(ATT_POLICY);
 		if (!StringUtils.hasText(policyDirectives)) {
 			context.getReaderContext().error(ATT_POLICY + " requires a 'value' to be set.", permissionsPolicyElement);
@@ -397,7 +397,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 			addCrossOriginOpenerPolicy(crossOriginOpenerPolicyElement, writer);
 		}
 		BeanDefinitionBuilder builder = BeanDefinitionBuilder
-				.genericBeanDefinition(CrossOriginOpenerPolicyHeaderWriter.class, () -> writer);
+			.genericBeanDefinition(CrossOriginOpenerPolicyHeaderWriter.class, () -> writer);
 		this.headerWriters.add(builder.getBeanDefinition());
 	}
 
@@ -412,7 +412,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 			addCrossOriginEmbedderPolicy(crossOriginEmbedderPolicyElement, writer);
 		}
 		BeanDefinitionBuilder builder = BeanDefinitionBuilder
-				.genericBeanDefinition(CrossOriginEmbedderPolicyHeaderWriter.class, () -> writer);
+			.genericBeanDefinition(CrossOriginEmbedderPolicyHeaderWriter.class, () -> writer);
 		this.headerWriters.add(builder.getBeanDefinition());
 	}
 
@@ -427,7 +427,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 			addCrossOriginResourcePolicy(crossOriginResourcePolicyElement, writer);
 		}
 		BeanDefinitionBuilder builder = BeanDefinitionBuilder
-				.genericBeanDefinition(CrossOriginResourcePolicyHeaderWriter.class, () -> writer);
+			.genericBeanDefinition(CrossOriginResourcePolicyHeaderWriter.class, () -> writer);
 		this.headerWriters.add(builder.getBeanDefinition());
 	}
 
@@ -456,8 +456,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	}
 
 	private void attrNotAllowed(ParserContext context, String attrName, String otherAttrName, Element element) {
-		context.getReaderContext().error("Only one of '" + attrName + "' or '" + otherAttrName + "' can be set.",
+		context.getReaderContext()
-				element);
+			.error("Only one of '" + attrName + "' or '" + otherAttrName + "' can be set.", element);
 	}
 
 	private void parseHeaderElements(Element element) {
@@ -491,7 +491,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 
 	private void addContentTypeOptions() {
 		BeanDefinitionBuilder builder = BeanDefinitionBuilder
-				.genericBeanDefinition(XContentTypeOptionsHeaderWriter.class);
+			.genericBeanDefinition(XContentTypeOptionsHeaderWriter.class);
 		this.headerWriters.add(builder.getBeanDefinition());
 	}
 
@@ -527,8 +527,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 		String strategyRef = getAttribute(frameElement, ATT_REF, null);
 		String strategy = getAttribute(frameElement, ATT_STRATEGY, null);
 		if (StringUtils.hasText(strategy) && StringUtils.hasText(strategyRef)) {
-			parserContext.getReaderContext().error("Only one of 'strategy' or 'strategy-ref' can be set.",
+			parserContext.getReaderContext()
-					frameElement);
+				.error("Only one of 'strategy' or 'strategy-ref' can be set.", frameElement);
 			return;
 		}
 		if (strategyRef != null) {
@@ -550,8 +550,8 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 				builder.addConstructorArgValue(new StaticAllowFromStrategy(new URI(value)));
 			}
 			catch (URISyntaxException ex) {
-				parserContext.getReaderContext().error("'value' attribute doesn't represent a valid URI.", frameElement,
+				parserContext.getReaderContext()
-						ex);
+					.error("'value' attribute doesn't represent a valid URI.", frameElement, ex);
 			}
 			return;
 		}
@@ -564,7 +564,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 	private BeanDefinitionBuilder getAllowFromStrategy(String strategy, String value) {
 		if ("whitelist".equals(strategy)) {
 			BeanDefinitionBuilder allowFromStrategy = BeanDefinitionBuilder
-					.rootBeanDefinition(WhiteListedAllowFromStrategy.class);
+				.rootBeanDefinition(WhiteListedAllowFromStrategy.class);
 			allowFromStrategy.addConstructorArgValue(StringUtils.commaDelimitedListToSet(value));
 			return allowFromStrategy;
 		}
@@ -580,7 +580,7 @@ public class HeadersBeanDefinitionParser implements BeanDefinitionParser {
 		if (xssElt != null) {
 			boolean disabled = "true".equals(getAttribute(xssElt, ATT_DISABLED, "false"));
 			XXssProtectionHeaderWriter.HeaderValue headerValue = XXssProtectionHeaderWriter.HeaderValue
-					.from(xssElt.getAttribute(ATT_HEADER_VALUE));
+				.from(xssElt.getAttribute(ATT_HEADER_VALUE));
 			if (headerValue != null) {
 				if (disabled) {
 					attrNotAllowed(parserContext, ATT_HEADER_VALUE, ATT_DISABLED, xssElt);

config/src/main/java/org/springframework/security/config/http/HttpConfigurationBuilder.java

@@ -338,14 +338,14 @@ class HttpConfigurationBuilder {
 	private void createSecurityContextPersistenceFilter() {
 		BeanDefinitionBuilder scpf = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextPersistenceFilter.class);
 		switch (this.sessionPolicy) {
-		case ALWAYS:
+			case ALWAYS:
-			scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
+				scpf.addPropertyValue("forceEagerSessionCreation", Boolean.TRUE);
-			break;
+				break;
-		case NEVER:
+			case NEVER:
-			scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
+				scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
-			break;
+				break;
-		default:
+			default:
-			scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
+				scpf.addPropertyValue("forceEagerSessionCreation", Boolean.FALSE);
 		}
 		scpf.addPropertyValue("securityContextHolderStrategy", this.holderStrategyRef);
 		scpf.addConstructorArgValue(this.contextRepoRef);
@@ -360,7 +360,7 @@ class HttpConfigurationBuilder {
 			return;
 		}
 		this.holderStrategyRef = BeanDefinitionBuilder.rootBeanDefinition(SecurityContextHolderStrategyFactory.class)
-				.getBeanDefinition();
+			.getBeanDefinition();
 	}
 
 	private void createSecurityContextRepository() {
@@ -373,14 +373,14 @@ class HttpConfigurationBuilder {
 			else {
 				contextRepo = BeanDefinitionBuilder.rootBeanDefinition(HttpSessionSecurityContextRepository.class);
 				switch (this.sessionPolicy) {
-				case ALWAYS:
+					case ALWAYS:
-					contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
+						contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
-					break;
+						break;
-				case NEVER:
+					case NEVER:
-					contextRepo.addPropertyValue("allowSessionCreation", Boolean.FALSE);
+						contextRepo.addPropertyValue("allowSessionCreation", Boolean.FALSE);
-					break;
+						break;
-				default:
+					default:
-					contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
+						contextRepo.addPropertyValue("allowSessionCreation", Boolean.TRUE);
 				}
 				if (isDisableUrlRewriting()) {
 					contextRepo.addPropertyValue("disableUrlRewriting", Boolean.TRUE);
@@ -419,9 +419,9 @@ class HttpConfigurationBuilder {
 		if (sessionMgmtElt != null) {
 			if (this.sessionPolicy == SessionCreationPolicy.STATELESS) {
 				this.pc.getReaderContext()
-						.error(Elements.SESSION_MANAGEMENT + "  cannot be used" + " in combination with "
+					.error(Elements.SESSION_MANAGEMENT + "  cannot be used" + " in combination with "
-								+ ATT_CREATE_SESSION + "='" + SessionCreationPolicy.STATELESS + "'",
+							+ ATT_CREATE_SESSION + "='" + SessionCreationPolicy.STATELESS + "'",
-								this.pc.extractSource(sessionMgmtElt));
+							this.pc.extractSource(sessionMgmtElt));
 			}
 			sessionFixationAttribute = sessionMgmtElt.getAttribute(ATT_SESSION_FIXATION_PROTECTION);
 			invalidSessionUrl = sessionMgmtElt.getAttribute(ATT_INVALID_SESSION_URL);
@@ -432,15 +432,14 @@ class HttpConfigurationBuilder {
 			sessionControlEnabled = sessionCtrlElt != null;
 			if (StringUtils.hasText(invalidSessionUrl) && StringUtils.hasText(invalidSessionStrategyRef)) {
 				this.pc.getReaderContext()
-						.error(ATT_INVALID_SESSION_URL + " attribute cannot be used in combination with" + " the "
+					.error(ATT_INVALID_SESSION_URL + " attribute cannot be used in combination with" + " the "
-								+ ATT_INVALID_SESSION_STRATEGY_REF + " attribute.", sessionMgmtElt);
+							+ ATT_INVALID_SESSION_STRATEGY_REF + " attribute.", sessionMgmtElt);
 			}
 			if (sessionControlEnabled) {
 				if (StringUtils.hasText(sessionAuthStratRef)) {
 					this.pc.getReaderContext()
-							.error(ATT_SESSION_AUTH_STRATEGY_REF + " attribute cannot be used"
+						.error(ATT_SESSION_AUTH_STRATEGY_REF + " attribute cannot be used" + " in combination with <"
-									+ " in combination with <" + Elements.CONCURRENT_SESSIONS + ">",
+								+ Elements.CONCURRENT_SESSIONS + ">", this.pc.extractSource(sessionCtrlElt));
-									this.pc.extractSource(sessionCtrlElt));
 				}
 				createConcurrencyControlFilterAndSessionRegistry(sessionCtrlElt);
 			}
@@ -450,8 +449,9 @@ class HttpConfigurationBuilder {
 			sessionFixationAttribute = OPT_CHANGE_SESSION_ID;
 		}
 		else if (StringUtils.hasText(sessionAuthStratRef)) {
-			this.pc.getReaderContext().error(ATT_SESSION_FIXATION_PROTECTION + " attribute cannot be used"
+			this.pc.getReaderContext()
-					+ " in combination with " + ATT_SESSION_AUTH_STRATEGY_REF, this.pc.extractSource(sessionMgmtElt));
+				.error(ATT_SESSION_FIXATION_PROTECTION + " attribute cannot be used" + " in combination with "
+						+ ATT_SESSION_AUTH_STRATEGY_REF, this.pc.extractSource(sessionMgmtElt));
 		}
 
 		if (this.sessionPolicy == SessionCreationPolicy.STATELESS) {
@@ -459,7 +459,7 @@ class HttpConfigurationBuilder {
 			return;
 		}
 		boolean sessionFixationProtectionRequired = !sessionFixationAttribute
-				.equals(OPT_SESSION_FIXATION_NO_PROTECTION);
+			.equals(OPT_SESSION_FIXATION_NO_PROTECTION);
 		ManagedList<BeanMetadataElement> delegateSessionStrategies = new ManagedList<>();
 		BeanDefinitionBuilder concurrentSessionStrategy;
 		BeanDefinitionBuilder sessionFixationStrategy = null;
@@ -470,10 +470,11 @@ class HttpConfigurationBuilder {
 		if (sessionControlEnabled) {
 			Assert.state(this.sessionRegistryRef != null, "No sessionRegistryRef found");
 			concurrentSessionStrategy = BeanDefinitionBuilder
-					.rootBeanDefinition(ConcurrentSessionControlAuthenticationStrategy.class);
+				.rootBeanDefinition(ConcurrentSessionControlAuthenticationStrategy.class);
 			concurrentSessionStrategy.addConstructorArgValue(this.sessionRegistryRef);
-			String maxSessions = this.pc.getReaderContext().getEnvironment()
+			String maxSessions = this.pc.getReaderContext()
-					.resolvePlaceholders(sessionCtrlElt.getAttribute("max-sessions"));
+				.getEnvironment()
+				.resolvePlaceholders(sessionCtrlElt.getAttribute("max-sessions"));
 			if (StringUtils.hasText(maxSessions)) {
 				concurrentSessionStrategy.addPropertyValue("maximumSessions", maxSessions);
 			}
@@ -487,11 +488,11 @@ class HttpConfigurationBuilder {
 		if (sessionFixationProtectionRequired || StringUtils.hasText(invalidSessionUrl)) {
 			if (useChangeSessionId) {
 				sessionFixationStrategy = BeanDefinitionBuilder
-						.rootBeanDefinition(ChangeSessionIdAuthenticationStrategy.class);
+					.rootBeanDefinition(ChangeSessionIdAuthenticationStrategy.class);
 			}
 			else {
 				sessionFixationStrategy = BeanDefinitionBuilder
-						.rootBeanDefinition(SessionFixationProtectionStrategy.class);
+					.rootBeanDefinition(SessionFixationProtectionStrategy.class);
 			}
 			delegateSessionStrategies.add(sessionFixationStrategy.getBeanDefinition());
 		}
@@ -500,7 +501,7 @@ class HttpConfigurationBuilder {
 		}
 		if (sessionControlEnabled) {
 			registerSessionStrategy = BeanDefinitionBuilder
-					.rootBeanDefinition(RegisterSessionAuthenticationStrategy.class);
+				.rootBeanDefinition(RegisterSessionAuthenticationStrategy.class);
 			registerSessionStrategy.addConstructorArgValue(this.sessionRegistryRef);
 			delegateSessionStrategies.add(registerSessionStrategy.getBeanDefinition());
 		}
@@ -509,7 +510,7 @@ class HttpConfigurationBuilder {
 			return;
 		}
 		BeanDefinitionBuilder sessionMgmtFilter = BeanDefinitionBuilder
-				.rootBeanDefinition(SessionManagementFilter.class);
+			.rootBeanDefinition(SessionManagementFilter.class);
 		RootBeanDefinition failureHandler = new RootBeanDefinition(SimpleUrlAuthenticationFailureHandler.class);
 		if (StringUtils.hasText(errorUrl)) {
 			failureHandler.getPropertyValues().addPropertyValue("defaultFailureUrl", errorUrl);
@@ -525,7 +526,7 @@ class HttpConfigurationBuilder {
 		}
 		if (!delegateSessionStrategies.isEmpty()) {
 			BeanDefinitionBuilder sessionStrategy = BeanDefinitionBuilder
-					.rootBeanDefinition(CompositeSessionAuthenticationStrategy.class);
+				.rootBeanDefinition(CompositeSessionAuthenticationStrategy.class);
 			BeanDefinition strategyBean = sessionStrategy.getBeanDefinition();
 			sessionStrategy.addConstructorArgValue(delegateSessionStrategies);
 			sessionAuthStratRef = this.pc.getReaderContext().generateBeanName(strategyBean);
@@ -533,7 +534,7 @@ class HttpConfigurationBuilder {
 		}
 		if (StringUtils.hasText(invalidSessionUrl)) {
 			BeanDefinitionBuilder invalidSessionBldr = BeanDefinitionBuilder
-					.rootBeanDefinition(SimpleRedirectInvalidSessionStrategy.class);
+				.rootBeanDefinition(SimpleRedirectInvalidSessionStrategy.class);
 			invalidSessionBldr.addConstructorArgValue(invalidSessionUrl);
 			this.invalidSession = invalidSessionBldr.getBeanDefinition();
 			sessionMgmtFilter.addPropertyValue("invalidSessionStrategy", this.invalidSession);
@@ -575,13 +576,13 @@ class HttpConfigurationBuilder {
 		String expiryUrl = element.getAttribute(ATT_EXPIRY_URL);
 		String expiredSessionStrategyRef = element.getAttribute(ATT_EXPIRED_SESSION_STRATEGY_REF);
 		if (StringUtils.hasText(expiryUrl) && StringUtils.hasText(expiredSessionStrategyRef)) {
-			this.pc.getReaderContext().error(
+			this.pc.getReaderContext()
-					"Cannot use 'expired-url' attribute and 'expired-session-strategy-ref'" + " attribute together.",
+				.error("Cannot use 'expired-url' attribute and 'expired-session-strategy-ref'" + " attribute together.",
-					source);
+						source);
 		}
 		if (StringUtils.hasText(expiryUrl)) {
 			BeanDefinitionBuilder expiredSessionBldr = BeanDefinitionBuilder
-					.rootBeanDefinition(SimpleRedirectSessionInformationExpiredStrategy.class);
+				.rootBeanDefinition(SimpleRedirectSessionInformationExpiredStrategy.class);
 			expiredSessionBldr.addConstructorArgValue(expiryUrl);
 			filterBuilder.addConstructorArgValue(expiredSessionBldr.getBeanDefinition());
 		}
@@ -623,7 +624,8 @@ class HttpConfigurationBuilder {
 		}
 		if ("true".equals(provideJaasApi)) {
 			this.jaasApiFilter = BeanDefinitionBuilder.rootBeanDefinition(JaasApiIntegrationFilter.class)
-					.addPropertyValue("securityContextHolderStrategy", this.holderStrategyRef).getBeanDefinition();
+				.addPropertyValue("securityContextHolderStrategy", this.holderStrategyRef)
+				.getBeanDefinition();
 		}
 	}
 
@@ -634,10 +636,10 @@ class HttpConfigurationBuilder {
 		}
 		RootBeanDefinition channelFilter = new RootBeanDefinition(ChannelProcessingFilter.class);
 		BeanDefinitionBuilder metadataSourceBldr = BeanDefinitionBuilder
-				.rootBeanDefinition(DefaultFilterInvocationSecurityMetadataSource.class);
+			.rootBeanDefinition(DefaultFilterInvocationSecurityMetadataSource.class);
 		metadataSourceBldr.addConstructorArgValue(channelRequestMap);
-		channelFilter.getPropertyValues().addPropertyValue("securityMetadataSource",
+		channelFilter.getPropertyValues()
-				metadataSourceBldr.getBeanDefinition());
+			.addPropertyValue("securityMetadataSource", metadataSourceBldr.getBeanDefinition());
 		RootBeanDefinition channelDecisionManager = new RootBeanDefinition(ChannelDecisionManagerImpl.class);
 		ManagedList<RootBeanDefinition> channelProcessors = new ManagedList<>(3);
 		RootBeanDefinition secureChannelProcessor = new RootBeanDefinition(SecureChannelProcessor.class);
@@ -703,7 +705,7 @@ class HttpConfigurationBuilder {
 				requestCacheBldr.addPropertyValue("portResolver", this.portResolver);
 				if (this.csrfFilter != null) {
 					BeanDefinitionBuilder requestCacheMatcherBldr = BeanDefinitionBuilder
-							.rootBeanDefinition(AntPathRequestMatcher.class);
+						.rootBeanDefinition(AntPathRequestMatcher.class);
 					requestCacheMatcherBldr.addConstructorArgValue("/**");
 					requestCacheMatcherBldr.addConstructorArgValue("GET");
 					requestCacheBldr.addPropertyValue("requestMatcher", requestCacheMatcherBldr.getBeanDefinition());
@@ -743,8 +745,9 @@ class HttpConfigurationBuilder {
 		// use with
 		// taglibs etc.
 		BeanDefinition wipe = BeanDefinitionBuilder
-				.rootBeanDefinition(AuthorizationManagerWebInvocationPrivilegeEvaluator.class)
+			.rootBeanDefinition(AuthorizationManagerWebInvocationPrivilegeEvaluator.class)
-				.addConstructorArgReference(authorizationFilterParser.getAuthorizationManagerRef()).getBeanDefinition();
+			.addConstructorArgReference(authorizationFilterParser.getAuthorizationManagerRef())
+			.getBeanDefinition();
 		this.pc.registerBeanComponent(
 				new BeanComponentDefinition(wipe, this.pc.getReaderContext().generateBeanName(wipe)));
 		this.fsi = new RuntimeBeanReference(fsiId);
@@ -753,14 +756,15 @@ class HttpConfigurationBuilder {
 	private void createFilterSecurityInterceptor(BeanReference authManager) {
 		boolean useExpressions = FilterInvocationSecurityMetadataSourceParser.isUseExpressions(this.httpElt);
 		RootBeanDefinition securityMds = FilterInvocationSecurityMetadataSourceParser
-				.createSecurityMetadataSource(this.interceptUrls, this.addAllAuth, this.httpElt, this.pc);
+			.createSecurityMetadataSource(this.interceptUrls, this.addAllAuth, this.httpElt, this.pc);
 		RootBeanDefinition accessDecisionMgr;
 		ManagedList<BeanDefinition> voters = new ManagedList<>(2);
 		if (useExpressions) {
 			BeanDefinitionBuilder expressionVoter = BeanDefinitionBuilder.rootBeanDefinition(WebExpressionVoter.class);
 			// Read the expression handler from the FISMS
 			RuntimeBeanReference expressionHandler = (RuntimeBeanReference) securityMds.getConstructorArgumentValues()
-					.getArgumentValue(1, RuntimeBeanReference.class).getValue();
+				.getArgumentValue(1, RuntimeBeanReference.class)
+				.getValue();
 			expressionVoter.addPropertyValue("expressionHandler", expressionHandler);
 			voters.add(expressionVoter.getBeanDefinition());
 		}
@@ -927,7 +931,7 @@ class HttpConfigurationBuilder {
 		private SecurityContextHolderAwareRequestFilter filter = new SecurityContextHolderAwareRequestFilter();
 
 		private SecurityContextHolderStrategy securityContextHolderStrategy = SecurityContextHolder
-				.getContextHolderStrategy();
+			.getContextHolderStrategy();
 
 		@Override
 		public SecurityContextHolderAwareRequestFilter getBean() {