diff --git a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java index 7bc3ba7406..df4f9c5c81 100644 --- a/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java +++ b/acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java @@ -495,7 +495,7 @@ public class AclImplTests { assertThat(acl.isSidLoaded(Arrays.asList(new GrantedAuthoritySid("ROLE_IGNORED"), new PrincipalSid("ben")))) .isTrue(); - assertThat(acl.isSidLoaded(Arrays.asList((Sid)new GrantedAuthoritySid( + assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_IGNORED")))) .isTrue(); assertThat(acl.isSidLoaded(BEN)).isTrue(); @@ -507,7 +507,7 @@ public class AclImplTests { assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_GENERAL"), new GrantedAuthoritySid("ROLE_IGNORED")))) .isFalse(); - assertThat(acl.isSidLoaded(Arrays.asList((Sid)new GrantedAuthoritySid( + assertThat(acl.isSidLoaded(Arrays.asList((Sid) new GrantedAuthoritySid( "ROLE_IGNORED"), new GrantedAuthoritySid("ROLE_GENERAL")))) .isFalse(); } diff --git a/cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java b/cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java index 665e1a8a7e..56b618ca30 100644 --- a/cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java +++ b/cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java @@ -124,7 +124,7 @@ public class CasAuthenticationTokenMixinTests { @Test public void deserializeCasAuthenticationTestAfterEraseCredentialInvoked() throws Exception { CasAuthenticationToken token = mapper.readValue(CAS_TOKEN_CLEARED_JSON, CasAuthenticationToken.class); - assertThat(((UserDetails)token.getPrincipal()).getPassword()).isNull(); + assertThat(((UserDetails) token.getPrincipal()).getPassword()).isNull(); } @Test diff --git a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java index 7d8708bf88..4b9725abdb 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java @@ -64,7 +64,7 @@ public class LdapAuthenticationProviderConfigurer attributes = importingClassMetadata.getAllAnnotationAttributes(EnableGlobalMethodSecurity.class.getName()); + MultiValueMap attributes = importingClassMetadata.getAllAnnotationAttributes(EnableGlobalMethodSecurity.class.getName()); Integer order = (Integer) attributes.getFirst("order"); if(order != null) { advisor.addPropertyValue("order", order); @@ -59,4 +59,4 @@ class MethodSecurityMetadataSourceAdvisorRegistrar implements registry.registerBeanDefinition("metaDataSourceAdvisor", advisor.getBeanDefinition()); } -} \ No newline at end of file +} diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java index e0119e89e8..221721fa1a 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java @@ -201,7 +201,7 @@ public final class JeeConfigurer> extends // @formatter:off http .authenticationProvider(authenticationProvider) - .setSharedObject(AuthenticationEntryPoint.class,new Http403ForbiddenEntryPoint()); + .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); // @formatter:on } @@ -259,4 +259,4 @@ public final class JeeConfigurer> extends detailsSource = postProcess(detailsSource); return detailsSource; } -} \ No newline at end of file +} diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java index 5f7f896b03..13dec07a82 100644 --- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java @@ -163,7 +163,7 @@ public final class X509Configurer> extends http .authenticationProvider(authenticationProvider) - .setSharedObject(AuthenticationEntryPoint.class,new Http403ForbiddenEntryPoint()); + .setSharedObject(AuthenticationEntryPoint.class, new Http403ForbiddenEntryPoint()); } // @formatter:on @@ -201,4 +201,4 @@ public final class X509Configurer> extends return authenticationUserDetailsService; } -} \ No newline at end of file +} diff --git a/config/src/main/java/org/springframework/security/config/core/userdetails/UserDetailsResourceFactoryBean.java b/config/src/main/java/org/springframework/security/config/core/userdetails/UserDetailsResourceFactoryBean.java index d51d924397..333481f531 100644 --- a/config/src/main/java/org/springframework/security/config/core/userdetails/UserDetailsResourceFactoryBean.java +++ b/config/src/main/java/org/springframework/security/config/core/userdetails/UserDetailsResourceFactoryBean.java @@ -57,7 +57,7 @@ public class UserDetailsResourceFactoryBean implements ResourceLoaderAware, Fact @Override public void setResourceLoader(ResourceLoader resourceLoader) { - Assert.notNull(resourceLoader,"resourceLoader cannot be null"); + Assert.notNull(resourceLoader, "resourceLoader cannot be null"); this.resourceLoader = resourceLoader; } diff --git a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java index fad2b0c522..8f597e34a9 100644 --- a/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java +++ b/config/src/main/java/org/springframework/security/config/http/AuthenticationConfigBuilder.java @@ -836,7 +836,7 @@ final class AuthenticationConfigBuilder { } private static class CsrfTokenHiddenInputFunction implements - Function> { + Function> { @Override public Map apply(HttpServletRequest request) { diff --git a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java index b52b3fc849..00daeb7761 100644 --- a/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java +++ b/config/src/main/java/org/springframework/security/config/web/server/ServerHttpSecurity.java @@ -261,7 +261,7 @@ public class ServerHttpSecurity { List sortedWebFilters = new ArrayList<>(); this.webFilters.forEach( f -> { if(f instanceof OrderedWebFilter) { - f = ((OrderedWebFilter)f).webFilter; + f = ((OrderedWebFilter) f).webFilter; } sortedWebFilters.add(f); }); @@ -354,11 +354,11 @@ public class ServerHttpSecurity { public final class Access { public AuthorizeExchangeSpec permitAll() { - return access( (a,e) -> Mono.just(new AuthorizationDecision(true))); + return access( (a, e) -> Mono.just(new AuthorizationDecision(true))); } public AuthorizeExchangeSpec denyAll() { - return access( (a,e) -> Mono.just(new AuthorizationDecision(false))); + return access( (a, e) -> Mono.just(new AuthorizationDecision(false))); } public AuthorizeExchangeSpec hasRole(String role) { diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/DisableUseExpressionsConfig.java b/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/DisableUseExpressionsConfig.java index 35cc4b20b0..d82a5cf3ef 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/DisableUseExpressionsConfig.java +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/builders/DisableUseExpressionsConfig.java @@ -26,7 +26,7 @@ public class DisableUseExpressionsConfig extends BaseWebConfig { // This config is also on UrlAuthorizationConfigurer javadoc http .apply(new UrlAuthorizationConfigurer(getApplicationContext())).getRegistry() - .antMatchers("/users**","/sessions/**").hasRole("USER") + .antMatchers("/users**", "/sessions/**").hasRole("USER") .antMatchers("/signup").hasRole("ANONYMOUS") .anyRequest().hasRole("USER"); } diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerConfigs.java b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerConfigs.java index 853fe15dd6..2b2603a1ad 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerConfigs.java +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerConfigs.java @@ -59,7 +59,7 @@ public class ExpressionUrlAuthorizationConfigurerConfigs { .expressionHandler(handler) .accessDecisionManager(adm) .filterSecurityInterceptorOncePerRequest(true) - .antMatchers("/a","/b").hasRole("ADMIN") + .antMatchers("/a", "/b").hasRole("ADMIN") .anyRequest().permitAll() .and() .formLogin(); diff --git a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java index 249e9301d8..c19f3a6089 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/EnableReactiveMethodSecurityTests.java @@ -47,8 +47,8 @@ public class EnableReactiveMethodSecurityTests { ReactiveMessageService delegate; TestPublisher result = TestPublisher.create(); - Context withAdmin = ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("admin","password","ROLE_USER", "ROLE_ADMIN")); - Context withUser = ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("user","password","ROLE_USER")); + Context withAdmin = ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("admin", "password", "ROLE_USER", "ROLE_ADMIN")); + Context withUser = ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("user", "password", "ROLE_USER")); @After public void cleanup() { diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/HttpSecurityHeadersTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/HttpSecurityHeadersTests.java index f4d7b55b3d..4cc27a2192 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/HttpSecurityHeadersTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/HttpSecurityHeadersTests.java @@ -70,7 +70,7 @@ public class HttpSecurityHeadersTests { public void headerWhenSpringMvcResourceThenCacheRelatedHeadersReset() throws Exception { mockMvc.perform(get("/resources/file.js")) .andExpect(status().isOk()) - .andExpect(header().string(HttpHeaders.CACHE_CONTROL,"max-age=12345")) + .andExpect(header().string(HttpHeaders.CACHE_CONTROL, "max-age=12345")) .andExpect(header().string(HttpHeaders.PRAGMA, "")) .andExpect(header().string(HttpHeaders.EXPIRES, "")); } @@ -78,7 +78,7 @@ public class HttpSecurityHeadersTests { @Test public void headerWhenNotSpringResourceThenCacheRelatedHeadersSet() throws Exception { mockMvc.perform(get("/notresource")) - .andExpect(header().string(HttpHeaders.CACHE_CONTROL,"no-cache, no-store, max-age=0, must-revalidate")) + .andExpect(header().string(HttpHeaders.CACHE_CONTROL, "no-cache, no-store, max-age=0, must-revalidate")) .andExpect(header().string(HttpHeaders.PRAGMA, "no-cache")) .andExpect(header().string(HttpHeaders.EXPIRES, "0")); } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterPowermockTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterPowermockTests.java index a3795b3b94..04cc51d345 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterPowermockTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/WebSecurityConfigurerAdapterPowermockTests.java @@ -79,7 +79,7 @@ public class WebSecurityConfigurerAdapterPowermockTests { } } - static class DefaultConfigurer extends AbstractHttpConfigurer { + static class DefaultConfigurer extends AbstractHttpConfigurer { boolean init; boolean configure; diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java index 60b4d5ec38..b327926ab6 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/HttpSecurityLogoutTests.java @@ -70,7 +70,7 @@ public class HttpSecurityLogoutTests { loadConfig(ClearAuthenticationFalseConfig.class); SecurityContext currentContext = SecurityContextHolder.createEmptyContext(); - currentContext.setAuthentication(new TestingAuthenticationToken("user", "password","ROLE_USER")); + currentContext.setAuthentication(new TestingAuthenticationToken("user", "password", "ROLE_USER")); request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, currentContext); request.setMethod("POST"); diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java index 1831ac5811..dd67d3878d 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/reactive/EnableWebFluxSecurityTests.java @@ -134,7 +134,7 @@ public class EnableWebFluxSecurityTests { .switchIfEmpty(chain.filter(exchange)) .flatMap(e -> chain.filter(exchange)), this.springSecurityFilterChain, - (exchange,chain) -> + (exchange, chain) -> ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication) .flatMap( principal -> exchange.getResponse() @@ -154,7 +154,7 @@ public class EnableWebFluxSecurityTests { this.spring.register(Config.class).autowire(); WebTestClient client = WebTestClientBuilder.bindToWebFilters( this.springSecurityFilterChain, - (exchange,chain) -> + (exchange, chain) -> ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication) .flatMap( principal -> exchange.getResponse() @@ -166,7 +166,7 @@ public class EnableWebFluxSecurityTests { client .get() .uri("/") - .attributes(basicAuthenticationCredentials("user","password")) + .attributes(basicAuthenticationCredentials("user", "password")) .exchange() .expectStatus().isOk() .expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user")); @@ -191,7 +191,7 @@ public class EnableWebFluxSecurityTests { this.spring.register(CustomPasswordEncoderConfig.class).autowire(); WebTestClient client = WebTestClientBuilder.bindToWebFilters( this.springSecurityFilterChain, - (exchange,chain) -> + (exchange, chain) -> ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication) .flatMap( principal -> exchange.getResponse() @@ -203,7 +203,7 @@ public class EnableWebFluxSecurityTests { client .get() .uri("/") - .attributes(basicAuthenticationCredentials("user","password")) + .attributes(basicAuthenticationCredentials("user", "password")) .exchange() .expectStatus().isOk() .expectBody(String.class).consumeWith( result -> assertThat(result.getResponseBody()).isEqualTo("user")); @@ -231,7 +231,7 @@ public class EnableWebFluxSecurityTests { this.spring.register(Config.class).autowire(); WebTestClient client = WebTestClientBuilder.bindToWebFilters( this.springSecurityFilterChain, - (exchange,chain) -> + (exchange, chain) -> Mono.subscriberContext() .flatMap( c -> c.>get(Authentication.class)) .flatMap( principal -> exchange.getResponse() diff --git a/config/src/test/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParserTests.java b/config/src/test/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParserTests.java index 38960e5484..2039afa655 100644 --- a/config/src/test/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParserTests.java +++ b/config/src/test/java/org/springframework/security/config/authentication/JdbcUserServiceBeanDefinitionParserTests.java @@ -91,7 +91,7 @@ public class JdbcUserServiceBeanDefinitionParserTests { + "'/>" + DATA_SOURCE); JdbcUserDetailsManager mgr = (JdbcUserDetailsManager) appContext .getBean("myUserService"); - assertThat(FieldUtils.getFieldValue(mgr,"usersByUsernameQuery")).isEqualTo(userQuery); + assertThat(FieldUtils.getFieldValue(mgr, "usersByUsernameQuery")).isEqualTo(userQuery); assertThat(FieldUtils.getFieldValue(mgr, "authoritiesByUsernameQuery")).isEqualTo(authoritiesQuery); assertThat(mgr.loadUserByUsername("rod") != null).isTrue(); } diff --git a/config/src/test/java/org/springframework/security/config/http/HttpInterceptUrlTests.java b/config/src/test/java/org/springframework/security/config/http/HttpInterceptUrlTests.java index e8c2a0c027..8061e2581f 100644 --- a/config/src/test/java/org/springframework/security/config/http/HttpInterceptUrlTests.java +++ b/config/src/test/java/org/springframework/security/config/http/HttpInterceptUrlTests.java @@ -57,7 +57,7 @@ public class HttpInterceptUrlTests { } private void loadConfig(String... configLocations) { - for(int i=0;i { +public class CustomConfigurer extends SecurityConfigurerAdapter { @Value("${permitAllPattern}") private String permitAllPattern; @@ -64,4 +64,4 @@ public class CustomConfigurer extends SecurityConfigurerAdapter> responseHeaders = response.getResponseHeaders(); + Map> responseHeaders = response.getResponseHeaders(); this.ignoredHeaderNames.stream().forEach(responseHeaders::remove); assertThat(responseHeaders).describedAs(response.toString()).isEqualTo( diff --git a/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java b/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java index 428050f921..f9dfab2092 100644 --- a/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java +++ b/config/src/test/java/org/springframework/security/htmlunit/server/HtmlUnitWebTestClient.java @@ -85,8 +85,8 @@ final class HtmlUnitWebTestClient { return request.body(BodyInserters.fromObject(requestBody)); } - private MultiValueMap formData(List params) { - MultiValueMap result = new LinkedMultiValueMap<>(params.size()); + private MultiValueMap formData(List params) { + MultiValueMap result = new LinkedMultiValueMap<>(params.size()); params.forEach( pair -> result.add(pair.getName(), pair.getValue())); return result; } @@ -129,7 +129,7 @@ final class HtmlUnitWebTestClient { } private void headers(WebTestClient.RequestBodySpec request, WebRequest webRequest) { - webRequest.getAdditionalHeaders().forEach( (name,value) -> request.header(name, value)); + webRequest.getAdditionalHeaders().forEach( (name, value) -> request.header(name, value)); } private HttpMethod httpMethod(WebRequest webRequest) { @@ -191,8 +191,8 @@ final class HtmlUnitWebTestClient { }).build(); } - private MultiValueMap clientCookies() { - MultiValueMap result = new LinkedMultiValueMap<>(this.cookies.size()); + private MultiValueMap clientCookies() { + MultiValueMap result = new LinkedMultiValueMap<>(this.cookies.size()); this.cookies.values().forEach( cookie -> result.add(cookie.getName(), cookie.getValue()) ); diff --git a/core/src/main/java/org/springframework/security/core/context/ReactiveSecurityContextHolder.java b/core/src/main/java/org/springframework/security/core/context/ReactiveSecurityContextHolder.java index 49c8c06170..5cb424d5af 100644 --- a/core/src/main/java/org/springframework/security/core/context/ReactiveSecurityContextHolder.java +++ b/core/src/main/java/org/springframework/security/core/context/ReactiveSecurityContextHolder.java @@ -47,7 +47,7 @@ public class ReactiveSecurityContextHolder { * @return Return a {@code Mono} which only replays complete and error signals * from clearing the context. */ - public static Function clearContext() { + public static Function clearContext() { return context -> context.delete(SECURITY_CONTEXT_KEY); } diff --git a/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java b/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java index e4464bdf45..f39c21299c 100644 --- a/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java +++ b/core/src/main/java/org/springframework/security/core/session/SessionRegistryImpl.java @@ -60,7 +60,7 @@ public class SessionRegistryImpl implements SessionRegistry, this.sessionIds = new ConcurrentHashMap(); } - public SessionRegistryImpl(ConcurrentMap> principals,Map sessionIds) { + public SessionRegistryImpl(ConcurrentMap> principals, Map sessionIds) { this.principals=principals; this.sessionIds=sessionIds; } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsService.java b/core/src/main/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsService.java index 309a7137c2..a0cb3e0373 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsService.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/MapReactiveUserDetailsService.java @@ -31,9 +31,9 @@ import reactor.core.publisher.Mono; * @since 5.0 */ public class MapReactiveUserDetailsService implements ReactiveUserDetailsService { - private final Map users; + private final Map users; - public MapReactiveUserDetailsService(Map users) { + public MapReactiveUserDetailsService(Map users) { this.users = users; } diff --git a/core/src/main/java/org/springframework/security/core/userdetails/User.java b/core/src/main/java/org/springframework/security/core/userdetails/User.java index ebbf61132c..2b4e3d4794 100644 --- a/core/src/main/java/org/springframework/security/core/userdetails/User.java +++ b/core/src/main/java/org/springframework/security/core/userdetails/User.java @@ -293,7 +293,7 @@ public class User implements UserDetails, CredentialsContainer { private boolean accountLocked; private boolean credentialsExpired; private boolean disabled; - private Function passwordEncoder = password -> password; + private Function passwordEncoder = password -> password; /** * Creates a new instance @@ -335,7 +335,7 @@ public class User implements UserDetails, CredentialsContainer { * @return the {@link UserBuilder} for method chaining (i.e. to populate * additional attributes for this user) */ - public UserBuilder passwordEncoder(Function encoder) { + public UserBuilder passwordEncoder(Function encoder) { Assert.notNull(encoder, "encoder cannot be null"); this.passwordEncoder = encoder; return this; diff --git a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java index 709efe1940..5f2a1293c7 100644 --- a/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java +++ b/core/src/main/java/org/springframework/security/provisioning/JdbcUserDetailsManager.java @@ -13,514 +13,514 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.springframework.security.provisioning; - -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.UserCache; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.cache.NullUserCache; -import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl; -import org.springframework.context.ApplicationContextException; -import org.springframework.dao.IncorrectResultSizeDataAccessException; -import org.springframework.jdbc.core.PreparedStatementSetter; -import org.springframework.jdbc.core.RowMapper; -import org.springframework.util.Assert; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import java.sql.PreparedStatement; -import java.sql.ResultSet; -import java.sql.SQLException; -import java.util.Collection; -import java.util.List; - -/** - * Jdbc user management service, based on the same table structure as its parent class, - * JdbcDaoImpl. - *

- * Provides CRUD operations for both users and groups. Note that if the - * {@link #setEnableAuthorities(boolean) enableAuthorities} property is set to false, - * calls to createUser, updateUser and deleteUser will not store the authorities from the - * UserDetails or delete authorities for the user. Since this class cannot - * differentiate between authorities which were loaded for an individual or for a group of - * which the individual is a member, it's important that you take this into account when - * using this implementation for managing your users. - * - * @author Luke Taylor - * @since 2.0 - */ -public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager, - GroupManager { - // ~ Static fields/initializers - // ===================================================================================== - - // UserDetailsManager SQL - public static final String DEF_CREATE_USER_SQL = "insert into users (username, password, enabled) values (?,?,?)"; - public static final String DEF_DELETE_USER_SQL = "delete from users where username = ?"; - public static final String DEF_UPDATE_USER_SQL = "update users set password = ?, enabled = ? where username = ?"; - public static final String DEF_INSERT_AUTHORITY_SQL = "insert into authorities (username, authority) values (?,?)"; - public static final String DEF_DELETE_USER_AUTHORITIES_SQL = "delete from authorities where username = ?"; - public static final String DEF_USER_EXISTS_SQL = "select username from users where username = ?"; - public static final String DEF_CHANGE_PASSWORD_SQL = "update users set password = ? where username = ?"; - - // GroupManager SQL - public static final String DEF_FIND_GROUPS_SQL = "select group_name from groups"; - public static final String DEF_FIND_USERS_IN_GROUP_SQL = "select username from group_members gm, groups g " - + "where gm.group_id = g.id" + " and g.group_name = ?"; - public static final String DEF_INSERT_GROUP_SQL = "insert into groups (group_name) values (?)"; - public static final String DEF_FIND_GROUP_ID_SQL = "select id from groups where group_name = ?"; - public static final String DEF_INSERT_GROUP_AUTHORITY_SQL = "insert into group_authorities (group_id, authority) values (?,?)"; - public static final String DEF_DELETE_GROUP_SQL = "delete from groups where id = ?"; - public static final String DEF_DELETE_GROUP_AUTHORITIES_SQL = "delete from group_authorities where group_id = ?"; - public static final String DEF_DELETE_GROUP_MEMBERS_SQL = "delete from group_members where group_id = ?"; - public static final String DEF_RENAME_GROUP_SQL = "update groups set group_name = ? where group_name = ?"; - public static final String DEF_INSERT_GROUP_MEMBER_SQL = "insert into group_members (group_id, username) values (?,?)"; - public static final String DEF_DELETE_GROUP_MEMBER_SQL = "delete from group_members where group_id = ? and username = ?"; - public static final String DEF_GROUP_AUTHORITIES_QUERY_SQL = "select g.id, g.group_name, ga.authority " - + "from groups g, group_authorities ga " - + "where g.group_name = ? " - + "and g.id = ga.group_id "; - public static final String DEF_DELETE_GROUP_AUTHORITY_SQL = "delete from group_authorities where group_id = ? and authority = ?"; - - // ~ Instance fields - // ================================================================================================ - - protected final Log logger = LogFactory.getLog(getClass()); - - private String createUserSql = DEF_CREATE_USER_SQL; - private String deleteUserSql = DEF_DELETE_USER_SQL; - private String updateUserSql = DEF_UPDATE_USER_SQL; - private String createAuthoritySql = DEF_INSERT_AUTHORITY_SQL; - private String deleteUserAuthoritiesSql = DEF_DELETE_USER_AUTHORITIES_SQL; - private String userExistsSql = DEF_USER_EXISTS_SQL; - private String changePasswordSql = DEF_CHANGE_PASSWORD_SQL; - - private String findAllGroupsSql = DEF_FIND_GROUPS_SQL; - private String findUsersInGroupSql = DEF_FIND_USERS_IN_GROUP_SQL; - private String insertGroupSql = DEF_INSERT_GROUP_SQL; - private String findGroupIdSql = DEF_FIND_GROUP_ID_SQL; - private String insertGroupAuthoritySql = DEF_INSERT_GROUP_AUTHORITY_SQL; - private String deleteGroupSql = DEF_DELETE_GROUP_SQL; - private String deleteGroupAuthoritiesSql = DEF_DELETE_GROUP_AUTHORITIES_SQL; - private String deleteGroupMembersSql = DEF_DELETE_GROUP_MEMBERS_SQL; - private String renameGroupSql = DEF_RENAME_GROUP_SQL; - private String insertGroupMemberSql = DEF_INSERT_GROUP_MEMBER_SQL; - private String deleteGroupMemberSql = DEF_DELETE_GROUP_MEMBER_SQL; - private String groupAuthoritiesSql = DEF_GROUP_AUTHORITIES_QUERY_SQL; - private String deleteGroupAuthoritySql = DEF_DELETE_GROUP_AUTHORITY_SQL; - - private AuthenticationManager authenticationManager; - - private UserCache userCache = new NullUserCache(); - - // ~ Methods - // ======================================================================================================== - - protected void initDao() throws ApplicationContextException { - if (authenticationManager == null) { - logger.info("No authentication manager set. Reauthentication of users when changing passwords will " - + "not be performed."); - } - - super.initDao(); - } - - // ~ UserDetailsManager implementation - // ============================================================================== - - public void createUser(final UserDetails user) { - validateUserDetails(user); - getJdbcTemplate().update(createUserSql, new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setString(1, user.getUsername()); - ps.setString(2, user.getPassword()); - ps.setBoolean(3, user.isEnabled()); - } - - }); - - if (getEnableAuthorities()) { - insertUserAuthorities(user); - } - } - - public void updateUser(final UserDetails user) { - validateUserDetails(user); - getJdbcTemplate().update(updateUserSql, new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setString(1, user.getPassword()); - ps.setBoolean(2, user.isEnabled()); - ps.setString(3, user.getUsername()); - } - }); - - if (getEnableAuthorities()) { - deleteUserAuthorities(user.getUsername()); - insertUserAuthorities(user); - } - - userCache.removeUserFromCache(user.getUsername()); - } - - private void insertUserAuthorities(UserDetails user) { - for (GrantedAuthority auth : user.getAuthorities()) { - getJdbcTemplate().update(createAuthoritySql, user.getUsername(), - auth.getAuthority()); - } - } - - public void deleteUser(String username) { - if (getEnableAuthorities()) { - deleteUserAuthorities(username); - } - getJdbcTemplate().update(deleteUserSql, username); - userCache.removeUserFromCache(username); - } - - private void deleteUserAuthorities(String username) { - getJdbcTemplate().update(deleteUserAuthoritiesSql, username); - } - - public void changePassword(String oldPassword, String newPassword) - throws AuthenticationException { - Authentication currentUser = SecurityContextHolder.getContext() - .getAuthentication(); - - if (currentUser == null) { - // This would indicate bad coding somewhere - throw new AccessDeniedException( - "Can't change password as no Authentication object found in context " - + "for current user."); - } - - String username = currentUser.getName(); - - // If an authentication manager has been set, re-authenticate the user with the - // supplied password. - if (authenticationManager != null) { - logger.debug("Reauthenticating user '" + username - + "' for password change request."); - - authenticationManager.authenticate(new UsernamePasswordAuthenticationToken( - username, oldPassword)); - } - else { - logger.debug("No authentication manager set. Password won't be re-checked."); - } - - logger.debug("Changing password for user '" + username + "'"); - - getJdbcTemplate().update(changePasswordSql, newPassword, username); - - SecurityContextHolder.getContext().setAuthentication( - createNewAuthentication(currentUser, newPassword)); - - userCache.removeUserFromCache(username); - } - - protected Authentication createNewAuthentication(Authentication currentAuth, - String newPassword) { - UserDetails user = loadUserByUsername(currentAuth.getName()); - - UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken( - user, null, user.getAuthorities()); - newAuthentication.setDetails(currentAuth.getDetails()); - - return newAuthentication; - } - - public boolean userExists(String username) { - List users = getJdbcTemplate().queryForList(userExistsSql, - new String[] { username }, String.class); - - if (users.size() > 1) { - throw new IncorrectResultSizeDataAccessException( - "More than one user found with name '" + username + "'", 1); - } - - return users.size() == 1; - } - - // ~ GroupManager implementation - // ==================================================================================== - - public List findAllGroups() { - return getJdbcTemplate().queryForList(findAllGroupsSql, String.class); - } - - public List findUsersInGroup(String groupName) { - Assert.hasText(groupName, "groupName should have text"); - return getJdbcTemplate().queryForList(findUsersInGroupSql, - new String[] { groupName }, String.class); - } - - public void createGroup(final String groupName, - final List authorities) { - Assert.hasText(groupName, "groupName should have text"); - Assert.notNull(authorities, "authorities cannot be null"); - - logger.debug("Creating new group '" + groupName + "' with authorities " - + AuthorityUtils.authorityListToSet(authorities)); - - getJdbcTemplate().update(insertGroupSql, groupName); - - final int groupId = findGroupId(groupName); - - for (GrantedAuthority a : authorities) { - final String authority = a.getAuthority(); - getJdbcTemplate().update(insertGroupAuthoritySql, - new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setInt(1, groupId); - ps.setString(2, authority); - } - }); - } - } - - public void deleteGroup(String groupName) { - logger.debug("Deleting group '" + groupName + "'"); - Assert.hasText(groupName, "groupName should have text"); - - final int id = findGroupId(groupName); - PreparedStatementSetter groupIdPSS = new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setInt(1, id); - } - }; - getJdbcTemplate().update(deleteGroupMembersSql, groupIdPSS); - getJdbcTemplate().update(deleteGroupAuthoritiesSql, groupIdPSS); - getJdbcTemplate().update(deleteGroupSql, groupIdPSS); - } - - public void renameGroup(String oldName, String newName) { - logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'"); - Assert.hasText(oldName,"oldName should have text");; - Assert.hasText(newName,"newName should have text");; - - getJdbcTemplate().update(renameGroupSql, newName, oldName); - } - - public void addUserToGroup(final String username, final String groupName) { - logger.debug("Adding user '" + username + "' to group '" + groupName + "'"); - Assert.hasText(username,"username should have text");; - Assert.hasText(groupName,"groupName should have text");; - - final int id = findGroupId(groupName); - getJdbcTemplate().update(insertGroupMemberSql, new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setInt(1, id); - ps.setString(2, username); - } - }); - - userCache.removeUserFromCache(username); - } - - public void removeUserFromGroup(final String username, final String groupName) { - logger.debug("Removing user '" + username + "' to group '" + groupName + "'"); - Assert.hasText(username,"username should have text");; - Assert.hasText(groupName,"groupName should have text");; - - final int id = findGroupId(groupName); - - getJdbcTemplate().update(deleteGroupMemberSql, new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setInt(1, id); - ps.setString(2, username); - } - }); - - userCache.removeUserFromCache(username); - } - - public List findGroupAuthorities(String groupName) { - logger.debug("Loading authorities for group '" + groupName + "'"); - Assert.hasText(groupName,"groupName should have text");; - - return getJdbcTemplate().query(groupAuthoritiesSql, new String[] { groupName }, - new RowMapper() { - public GrantedAuthority mapRow(ResultSet rs, int rowNum) - throws SQLException { - String roleName = getRolePrefix() + rs.getString(3); - - return new SimpleGrantedAuthority(roleName); - } - }); - } - - public void removeGroupAuthority(String groupName, final GrantedAuthority authority) { - logger.debug("Removing authority '" + authority + "' from group '" + groupName - + "'"); - Assert.hasText(groupName,"groupName should have text"); - Assert.notNull(authority, "authority cannot be null"); - - final int id = findGroupId(groupName); - - getJdbcTemplate().update(deleteGroupAuthoritySql, new PreparedStatementSetter() { - - public void setValues(PreparedStatement ps) throws SQLException { - ps.setInt(1, id); - ps.setString(2, authority.getAuthority()); - } - }); - } - - public void addGroupAuthority(final String groupName, final GrantedAuthority authority) { - logger.debug("Adding authority '" + authority + "' to group '" + groupName + "'"); - Assert.hasText(groupName,"groupName should have text");; - Assert.notNull(authority, "authority cannot be null"); - - final int id = findGroupId(groupName); - getJdbcTemplate().update(insertGroupAuthoritySql, new PreparedStatementSetter() { - public void setValues(PreparedStatement ps) throws SQLException { - ps.setInt(1, id); - ps.setString(2, authority.getAuthority()); - } - }); - } - - private int findGroupId(String group) { - return getJdbcTemplate().queryForObject(findGroupIdSql, Integer.class, group); - } - - public void setAuthenticationManager(AuthenticationManager authenticationManager) { - this.authenticationManager = authenticationManager; - } - - public void setCreateUserSql(String createUserSql) { - Assert.hasText(createUserSql,"createUserSql should have text");; - this.createUserSql = createUserSql; - } - - public void setDeleteUserSql(String deleteUserSql) { - Assert.hasText(deleteUserSql,"deleteUserSql should have text");; - this.deleteUserSql = deleteUserSql; - } - - public void setUpdateUserSql(String updateUserSql) { - Assert.hasText(updateUserSql,"updateUserSql should have text");; - this.updateUserSql = updateUserSql; - } - - public void setCreateAuthoritySql(String createAuthoritySql) { - Assert.hasText(createAuthoritySql,"createAuthoritySql should have text");; - this.createAuthoritySql = createAuthoritySql; - } - - public void setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql) { - Assert.hasText(deleteUserAuthoritiesSql,"deleteUserAuthoritiesSql should have text");; - this.deleteUserAuthoritiesSql = deleteUserAuthoritiesSql; - } - - public void setUserExistsSql(String userExistsSql) { - Assert.hasText(userExistsSql,"userExistsSql should have text");; - this.userExistsSql = userExistsSql; - } - - public void setChangePasswordSql(String changePasswordSql) { - Assert.hasText(changePasswordSql,"changePasswordSql should have text");; - this.changePasswordSql = changePasswordSql; - } - - public void setFindAllGroupsSql(String findAllGroupsSql) { - Assert.hasText(findAllGroupsSql,"findAllGroupsSql should have text");; - this.findAllGroupsSql = findAllGroupsSql; - } - - public void setFindUsersInGroupSql(String findUsersInGroupSql) { - Assert.hasText(findUsersInGroupSql,"findUsersInGroupSql should have text");; - this.findUsersInGroupSql = findUsersInGroupSql; - } - - public void setInsertGroupSql(String insertGroupSql) { - Assert.hasText(insertGroupSql,"insertGroupSql should have text");; - this.insertGroupSql = insertGroupSql; - } - - public void setFindGroupIdSql(String findGroupIdSql) { - Assert.hasText(findGroupIdSql,"findGroupIdSql should have text");; - this.findGroupIdSql = findGroupIdSql; - } - - public void setInsertGroupAuthoritySql(String insertGroupAuthoritySql) { - Assert.hasText(insertGroupAuthoritySql,"insertGroupAuthoritySql should have text");; - this.insertGroupAuthoritySql = insertGroupAuthoritySql; - } - - public void setDeleteGroupSql(String deleteGroupSql) { - Assert.hasText(deleteGroupSql,"deleteGroupSql should have text");; - this.deleteGroupSql = deleteGroupSql; - } - - public void setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql) { - Assert.hasText(deleteGroupAuthoritiesSql,"deleteGroupAuthoritiesSql should have text");; - this.deleteGroupAuthoritiesSql = deleteGroupAuthoritiesSql; - } - - public void setDeleteGroupMembersSql(String deleteGroupMembersSql) { - Assert.hasText(deleteGroupMembersSql,"deleteGroupMembersSql should have text");; - this.deleteGroupMembersSql = deleteGroupMembersSql; - } - - public void setRenameGroupSql(String renameGroupSql) { - Assert.hasText(renameGroupSql,"renameGroupSql should have text");; - this.renameGroupSql = renameGroupSql; - } - - public void setInsertGroupMemberSql(String insertGroupMemberSql) { - Assert.hasText(insertGroupMemberSql,"insertGroupMemberSql should have text");; - this.insertGroupMemberSql = insertGroupMemberSql; - } - - public void setDeleteGroupMemberSql(String deleteGroupMemberSql) { - Assert.hasText(deleteGroupMemberSql,"deleteGroupMemberSql should have text");; - this.deleteGroupMemberSql = deleteGroupMemberSql; - } - - public void setGroupAuthoritiesSql(String groupAuthoritiesSql) { - Assert.hasText(groupAuthoritiesSql,"groupAuthoritiesSql should have text");; - this.groupAuthoritiesSql = groupAuthoritiesSql; - } - - public void setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql) { - Assert.hasText(deleteGroupAuthoritySql,"deleteGroupAuthoritySql should have text");; - this.deleteGroupAuthoritySql = deleteGroupAuthoritySql; - } - - /** - * Optionally sets the UserCache if one is in use in the application. This allows the - * user to be removed from the cache after updates have taken place to avoid stale - * data. - * - * @param userCache the cache used by the AuthenticationManager. - */ - public void setUserCache(UserCache userCache) { - Assert.notNull(userCache, "userCache cannot be null"); - this.userCache = userCache; - } - - private void validateUserDetails(UserDetails user) { - Assert.hasText(user.getUsername(), "Username may not be empty or null"); - validateAuthorities(user.getAuthorities()); - } - - private void validateAuthorities(Collection authorities) { - Assert.notNull(authorities, "Authorities list must not be null"); - - for (GrantedAuthority authority : authorities) { - Assert.notNull(authority, "Authorities list contains a null entry"); - Assert.hasText(authority.getAuthority(), - "getAuthority() method must return a non-empty string"); - } - } -} +package org.springframework.security.provisioning; + +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.AuthorityUtils; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UserCache; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.cache.NullUserCache; +import org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl; +import org.springframework.context.ApplicationContextException; +import org.springframework.dao.IncorrectResultSizeDataAccessException; +import org.springframework.jdbc.core.PreparedStatementSetter; +import org.springframework.jdbc.core.RowMapper; +import org.springframework.util.Assert; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.Collection; +import java.util.List; + +/** + * Jdbc user management service, based on the same table structure as its parent class, + * JdbcDaoImpl. + *

+ * Provides CRUD operations for both users and groups. Note that if the + * {@link #setEnableAuthorities(boolean) enableAuthorities} property is set to false, + * calls to createUser, updateUser and deleteUser will not store the authorities from the + * UserDetails or delete authorities for the user. Since this class cannot + * differentiate between authorities which were loaded for an individual or for a group of + * which the individual is a member, it's important that you take this into account when + * using this implementation for managing your users. + * + * @author Luke Taylor + * @since 2.0 + */ +public class JdbcUserDetailsManager extends JdbcDaoImpl implements UserDetailsManager, + GroupManager { + // ~ Static fields/initializers + // ===================================================================================== + + // UserDetailsManager SQL + public static final String DEF_CREATE_USER_SQL = "insert into users (username, password, enabled) values (?,?,?)"; + public static final String DEF_DELETE_USER_SQL = "delete from users where username = ?"; + public static final String DEF_UPDATE_USER_SQL = "update users set password = ?, enabled = ? where username = ?"; + public static final String DEF_INSERT_AUTHORITY_SQL = "insert into authorities (username, authority) values (?,?)"; + public static final String DEF_DELETE_USER_AUTHORITIES_SQL = "delete from authorities where username = ?"; + public static final String DEF_USER_EXISTS_SQL = "select username from users where username = ?"; + public static final String DEF_CHANGE_PASSWORD_SQL = "update users set password = ? where username = ?"; + + // GroupManager SQL + public static final String DEF_FIND_GROUPS_SQL = "select group_name from groups"; + public static final String DEF_FIND_USERS_IN_GROUP_SQL = "select username from group_members gm, groups g " + + "where gm.group_id = g.id" + " and g.group_name = ?"; + public static final String DEF_INSERT_GROUP_SQL = "insert into groups (group_name) values (?)"; + public static final String DEF_FIND_GROUP_ID_SQL = "select id from groups where group_name = ?"; + public static final String DEF_INSERT_GROUP_AUTHORITY_SQL = "insert into group_authorities (group_id, authority) values (?,?)"; + public static final String DEF_DELETE_GROUP_SQL = "delete from groups where id = ?"; + public static final String DEF_DELETE_GROUP_AUTHORITIES_SQL = "delete from group_authorities where group_id = ?"; + public static final String DEF_DELETE_GROUP_MEMBERS_SQL = "delete from group_members where group_id = ?"; + public static final String DEF_RENAME_GROUP_SQL = "update groups set group_name = ? where group_name = ?"; + public static final String DEF_INSERT_GROUP_MEMBER_SQL = "insert into group_members (group_id, username) values (?,?)"; + public static final String DEF_DELETE_GROUP_MEMBER_SQL = "delete from group_members where group_id = ? and username = ?"; + public static final String DEF_GROUP_AUTHORITIES_QUERY_SQL = "select g.id, g.group_name, ga.authority " + + "from groups g, group_authorities ga " + + "where g.group_name = ? " + + "and g.id = ga.group_id "; + public static final String DEF_DELETE_GROUP_AUTHORITY_SQL = "delete from group_authorities where group_id = ? and authority = ?"; + + // ~ Instance fields + // ================================================================================================ + + protected final Log logger = LogFactory.getLog(getClass()); + + private String createUserSql = DEF_CREATE_USER_SQL; + private String deleteUserSql = DEF_DELETE_USER_SQL; + private String updateUserSql = DEF_UPDATE_USER_SQL; + private String createAuthoritySql = DEF_INSERT_AUTHORITY_SQL; + private String deleteUserAuthoritiesSql = DEF_DELETE_USER_AUTHORITIES_SQL; + private String userExistsSql = DEF_USER_EXISTS_SQL; + private String changePasswordSql = DEF_CHANGE_PASSWORD_SQL; + + private String findAllGroupsSql = DEF_FIND_GROUPS_SQL; + private String findUsersInGroupSql = DEF_FIND_USERS_IN_GROUP_SQL; + private String insertGroupSql = DEF_INSERT_GROUP_SQL; + private String findGroupIdSql = DEF_FIND_GROUP_ID_SQL; + private String insertGroupAuthoritySql = DEF_INSERT_GROUP_AUTHORITY_SQL; + private String deleteGroupSql = DEF_DELETE_GROUP_SQL; + private String deleteGroupAuthoritiesSql = DEF_DELETE_GROUP_AUTHORITIES_SQL; + private String deleteGroupMembersSql = DEF_DELETE_GROUP_MEMBERS_SQL; + private String renameGroupSql = DEF_RENAME_GROUP_SQL; + private String insertGroupMemberSql = DEF_INSERT_GROUP_MEMBER_SQL; + private String deleteGroupMemberSql = DEF_DELETE_GROUP_MEMBER_SQL; + private String groupAuthoritiesSql = DEF_GROUP_AUTHORITIES_QUERY_SQL; + private String deleteGroupAuthoritySql = DEF_DELETE_GROUP_AUTHORITY_SQL; + + private AuthenticationManager authenticationManager; + + private UserCache userCache = new NullUserCache(); + + // ~ Methods + // ======================================================================================================== + + protected void initDao() throws ApplicationContextException { + if (authenticationManager == null) { + logger.info("No authentication manager set. Reauthentication of users when changing passwords will " + + "not be performed."); + } + + super.initDao(); + } + + // ~ UserDetailsManager implementation + // ============================================================================== + + public void createUser(final UserDetails user) { + validateUserDetails(user); + getJdbcTemplate().update(createUserSql, new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setString(1, user.getUsername()); + ps.setString(2, user.getPassword()); + ps.setBoolean(3, user.isEnabled()); + } + + }); + + if (getEnableAuthorities()) { + insertUserAuthorities(user); + } + } + + public void updateUser(final UserDetails user) { + validateUserDetails(user); + getJdbcTemplate().update(updateUserSql, new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setString(1, user.getPassword()); + ps.setBoolean(2, user.isEnabled()); + ps.setString(3, user.getUsername()); + } + }); + + if (getEnableAuthorities()) { + deleteUserAuthorities(user.getUsername()); + insertUserAuthorities(user); + } + + userCache.removeUserFromCache(user.getUsername()); + } + + private void insertUserAuthorities(UserDetails user) { + for (GrantedAuthority auth : user.getAuthorities()) { + getJdbcTemplate().update(createAuthoritySql, user.getUsername(), + auth.getAuthority()); + } + } + + public void deleteUser(String username) { + if (getEnableAuthorities()) { + deleteUserAuthorities(username); + } + getJdbcTemplate().update(deleteUserSql, username); + userCache.removeUserFromCache(username); + } + + private void deleteUserAuthorities(String username) { + getJdbcTemplate().update(deleteUserAuthoritiesSql, username); + } + + public void changePassword(String oldPassword, String newPassword) + throws AuthenticationException { + Authentication currentUser = SecurityContextHolder.getContext() + .getAuthentication(); + + if (currentUser == null) { + // This would indicate bad coding somewhere + throw new AccessDeniedException( + "Can't change password as no Authentication object found in context " + + "for current user."); + } + + String username = currentUser.getName(); + + // If an authentication manager has been set, re-authenticate the user with the + // supplied password. + if (authenticationManager != null) { + logger.debug("Reauthenticating user '" + username + + "' for password change request."); + + authenticationManager.authenticate(new UsernamePasswordAuthenticationToken( + username, oldPassword)); + } + else { + logger.debug("No authentication manager set. Password won't be re-checked."); + } + + logger.debug("Changing password for user '" + username + "'"); + + getJdbcTemplate().update(changePasswordSql, newPassword, username); + + SecurityContextHolder.getContext().setAuthentication( + createNewAuthentication(currentUser, newPassword)); + + userCache.removeUserFromCache(username); + } + + protected Authentication createNewAuthentication(Authentication currentAuth, + String newPassword) { + UserDetails user = loadUserByUsername(currentAuth.getName()); + + UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken( + user, null, user.getAuthorities()); + newAuthentication.setDetails(currentAuth.getDetails()); + + return newAuthentication; + } + + public boolean userExists(String username) { + List users = getJdbcTemplate().queryForList(userExistsSql, + new String[] { username }, String.class); + + if (users.size() > 1) { + throw new IncorrectResultSizeDataAccessException( + "More than one user found with name '" + username + "'", 1); + } + + return users.size() == 1; + } + + // ~ GroupManager implementation + // ==================================================================================== + + public List findAllGroups() { + return getJdbcTemplate().queryForList(findAllGroupsSql, String.class); + } + + public List findUsersInGroup(String groupName) { + Assert.hasText(groupName, "groupName should have text"); + return getJdbcTemplate().queryForList(findUsersInGroupSql, + new String[] { groupName }, String.class); + } + + public void createGroup(final String groupName, + final List authorities) { + Assert.hasText(groupName, "groupName should have text"); + Assert.notNull(authorities, "authorities cannot be null"); + + logger.debug("Creating new group '" + groupName + "' with authorities " + + AuthorityUtils.authorityListToSet(authorities)); + + getJdbcTemplate().update(insertGroupSql, groupName); + + final int groupId = findGroupId(groupName); + + for (GrantedAuthority a : authorities) { + final String authority = a.getAuthority(); + getJdbcTemplate().update(insertGroupAuthoritySql, + new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setInt(1, groupId); + ps.setString(2, authority); + } + }); + } + } + + public void deleteGroup(String groupName) { + logger.debug("Deleting group '" + groupName + "'"); + Assert.hasText(groupName, "groupName should have text"); + + final int id = findGroupId(groupName); + PreparedStatementSetter groupIdPSS = new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setInt(1, id); + } + }; + getJdbcTemplate().update(deleteGroupMembersSql, groupIdPSS); + getJdbcTemplate().update(deleteGroupAuthoritiesSql, groupIdPSS); + getJdbcTemplate().update(deleteGroupSql, groupIdPSS); + } + + public void renameGroup(String oldName, String newName) { + logger.debug("Changing group name from '" + oldName + "' to '" + newName + "'"); + Assert.hasText(oldName, "oldName should have text");; + Assert.hasText(newName, "newName should have text");; + + getJdbcTemplate().update(renameGroupSql, newName, oldName); + } + + public void addUserToGroup(final String username, final String groupName) { + logger.debug("Adding user '" + username + "' to group '" + groupName + "'"); + Assert.hasText(username, "username should have text");; + Assert.hasText(groupName, "groupName should have text");; + + final int id = findGroupId(groupName); + getJdbcTemplate().update(insertGroupMemberSql, new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setInt(1, id); + ps.setString(2, username); + } + }); + + userCache.removeUserFromCache(username); + } + + public void removeUserFromGroup(final String username, final String groupName) { + logger.debug("Removing user '" + username + "' to group '" + groupName + "'"); + Assert.hasText(username, "username should have text");; + Assert.hasText(groupName, "groupName should have text");; + + final int id = findGroupId(groupName); + + getJdbcTemplate().update(deleteGroupMemberSql, new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setInt(1, id); + ps.setString(2, username); + } + }); + + userCache.removeUserFromCache(username); + } + + public List findGroupAuthorities(String groupName) { + logger.debug("Loading authorities for group '" + groupName + "'"); + Assert.hasText(groupName, "groupName should have text");; + + return getJdbcTemplate().query(groupAuthoritiesSql, new String[] { groupName }, + new RowMapper() { + public GrantedAuthority mapRow(ResultSet rs, int rowNum) + throws SQLException { + String roleName = getRolePrefix() + rs.getString(3); + + return new SimpleGrantedAuthority(roleName); + } + }); + } + + public void removeGroupAuthority(String groupName, final GrantedAuthority authority) { + logger.debug("Removing authority '" + authority + "' from group '" + groupName + + "'"); + Assert.hasText(groupName, "groupName should have text"); + Assert.notNull(authority, "authority cannot be null"); + + final int id = findGroupId(groupName); + + getJdbcTemplate().update(deleteGroupAuthoritySql, new PreparedStatementSetter() { + + public void setValues(PreparedStatement ps) throws SQLException { + ps.setInt(1, id); + ps.setString(2, authority.getAuthority()); + } + }); + } + + public void addGroupAuthority(final String groupName, final GrantedAuthority authority) { + logger.debug("Adding authority '" + authority + "' to group '" + groupName + "'"); + Assert.hasText(groupName, "groupName should have text");; + Assert.notNull(authority, "authority cannot be null"); + + final int id = findGroupId(groupName); + getJdbcTemplate().update(insertGroupAuthoritySql, new PreparedStatementSetter() { + public void setValues(PreparedStatement ps) throws SQLException { + ps.setInt(1, id); + ps.setString(2, authority.getAuthority()); + } + }); + } + + private int findGroupId(String group) { + return getJdbcTemplate().queryForObject(findGroupIdSql, Integer.class, group); + } + + public void setAuthenticationManager(AuthenticationManager authenticationManager) { + this.authenticationManager = authenticationManager; + } + + public void setCreateUserSql(String createUserSql) { + Assert.hasText(createUserSql, "createUserSql should have text");; + this.createUserSql = createUserSql; + } + + public void setDeleteUserSql(String deleteUserSql) { + Assert.hasText(deleteUserSql, "deleteUserSql should have text");; + this.deleteUserSql = deleteUserSql; + } + + public void setUpdateUserSql(String updateUserSql) { + Assert.hasText(updateUserSql, "updateUserSql should have text");; + this.updateUserSql = updateUserSql; + } + + public void setCreateAuthoritySql(String createAuthoritySql) { + Assert.hasText(createAuthoritySql, "createAuthoritySql should have text");; + this.createAuthoritySql = createAuthoritySql; + } + + public void setDeleteUserAuthoritiesSql(String deleteUserAuthoritiesSql) { + Assert.hasText(deleteUserAuthoritiesSql, "deleteUserAuthoritiesSql should have text");; + this.deleteUserAuthoritiesSql = deleteUserAuthoritiesSql; + } + + public void setUserExistsSql(String userExistsSql) { + Assert.hasText(userExistsSql, "userExistsSql should have text");; + this.userExistsSql = userExistsSql; + } + + public void setChangePasswordSql(String changePasswordSql) { + Assert.hasText(changePasswordSql, "changePasswordSql should have text");; + this.changePasswordSql = changePasswordSql; + } + + public void setFindAllGroupsSql(String findAllGroupsSql) { + Assert.hasText(findAllGroupsSql, "findAllGroupsSql should have text");; + this.findAllGroupsSql = findAllGroupsSql; + } + + public void setFindUsersInGroupSql(String findUsersInGroupSql) { + Assert.hasText(findUsersInGroupSql, "findUsersInGroupSql should have text");; + this.findUsersInGroupSql = findUsersInGroupSql; + } + + public void setInsertGroupSql(String insertGroupSql) { + Assert.hasText(insertGroupSql, "insertGroupSql should have text");; + this.insertGroupSql = insertGroupSql; + } + + public void setFindGroupIdSql(String findGroupIdSql) { + Assert.hasText(findGroupIdSql, "findGroupIdSql should have text");; + this.findGroupIdSql = findGroupIdSql; + } + + public void setInsertGroupAuthoritySql(String insertGroupAuthoritySql) { + Assert.hasText(insertGroupAuthoritySql, "insertGroupAuthoritySql should have text");; + this.insertGroupAuthoritySql = insertGroupAuthoritySql; + } + + public void setDeleteGroupSql(String deleteGroupSql) { + Assert.hasText(deleteGroupSql, "deleteGroupSql should have text");; + this.deleteGroupSql = deleteGroupSql; + } + + public void setDeleteGroupAuthoritiesSql(String deleteGroupAuthoritiesSql) { + Assert.hasText(deleteGroupAuthoritiesSql, "deleteGroupAuthoritiesSql should have text");; + this.deleteGroupAuthoritiesSql = deleteGroupAuthoritiesSql; + } + + public void setDeleteGroupMembersSql(String deleteGroupMembersSql) { + Assert.hasText(deleteGroupMembersSql, "deleteGroupMembersSql should have text");; + this.deleteGroupMembersSql = deleteGroupMembersSql; + } + + public void setRenameGroupSql(String renameGroupSql) { + Assert.hasText(renameGroupSql, "renameGroupSql should have text");; + this.renameGroupSql = renameGroupSql; + } + + public void setInsertGroupMemberSql(String insertGroupMemberSql) { + Assert.hasText(insertGroupMemberSql, "insertGroupMemberSql should have text");; + this.insertGroupMemberSql = insertGroupMemberSql; + } + + public void setDeleteGroupMemberSql(String deleteGroupMemberSql) { + Assert.hasText(deleteGroupMemberSql, "deleteGroupMemberSql should have text");; + this.deleteGroupMemberSql = deleteGroupMemberSql; + } + + public void setGroupAuthoritiesSql(String groupAuthoritiesSql) { + Assert.hasText(groupAuthoritiesSql, "groupAuthoritiesSql should have text");; + this.groupAuthoritiesSql = groupAuthoritiesSql; + } + + public void setDeleteGroupAuthoritySql(String deleteGroupAuthoritySql) { + Assert.hasText(deleteGroupAuthoritySql, "deleteGroupAuthoritySql should have text");; + this.deleteGroupAuthoritySql = deleteGroupAuthoritySql; + } + + /** + * Optionally sets the UserCache if one is in use in the application. This allows the + * user to be removed from the cache after updates have taken place to avoid stale + * data. + * + * @param userCache the cache used by the AuthenticationManager. + */ + public void setUserCache(UserCache userCache) { + Assert.notNull(userCache, "userCache cannot be null"); + this.userCache = userCache; + } + + private void validateUserDetails(UserDetails user) { + Assert.hasText(user.getUsername(), "Username may not be empty or null"); + validateAuthorities(user.getAuthorities()); + } + + private void validateAuthorities(Collection authorities) { + Assert.notNull(authorities, "Authorities list must not be null"); + + for (GrantedAuthority authority : authorities) { + Assert.notNull(authority, "Authorities list contains a null entry"); + Assert.hasText(authority.getAuthority(), + "getAuthority() method must return a non-empty string"); + } + } +} diff --git a/core/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java b/core/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java index 669c6bcf6e..f3e2ccf9f9 100644 --- a/core/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java +++ b/core/src/test/java/org/springframework/security/access/annotation/SecuredAnnotationSecurityMetadataSourceTests.java @@ -248,7 +248,7 @@ public class SecuredAnnotationSecurityMetadataSourceTests { class CustomAnnotatedServiceImpl implements CustomAnnotatedService { } - enum SecurityEnum implements ConfigAttribute,GrantedAuthority { + enum SecurityEnum implements ConfigAttribute, GrantedAuthority { ADMIN, USER; public String getAttribute() { diff --git a/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java b/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java index 855ab666ff..0c36074b97 100644 --- a/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java +++ b/core/src/test/java/org/springframework/security/access/expression/method/MethodExpressionVoterTests.java @@ -88,7 +88,7 @@ public class MethodExpressionVoterTests { am.vote(joe, mi, createAttributes(new PreInvocationExpressionAttribute( "(filterObject == 'joe' or filterObject == 'sam')", "collection", "permitAll"))); - assertThat(arg).containsExactly("joe","sam"); + assertThat(arg).containsExactly("joe", "sam"); } @Test(expected = IllegalArgumentException.class) diff --git a/core/src/test/java/org/springframework/security/core/SpringSecurityCoreVersionTests.java b/core/src/test/java/org/springframework/security/core/SpringSecurityCoreVersionTests.java index 03962243d1..a41b3d084e 100644 --- a/core/src/test/java/org/springframework/security/core/SpringSecurityCoreVersionTests.java +++ b/core/src/test/java/org/springframework/security/core/SpringSecurityCoreVersionTests.java @@ -85,8 +85,8 @@ public class SpringSecurityCoreVersionTests { String version = "1"; spy(SpringSecurityCoreVersion.class); spy(SpringVersion.class); - doReturn(version).when(SpringSecurityCoreVersion.class,"getVersion"); - doReturn(version).when(SpringVersion.class,"getVersion"); + doReturn(version).when(SpringSecurityCoreVersion.class, "getVersion"); + doReturn(version).when(SpringVersion.class, "getVersion"); performChecks(); @@ -97,8 +97,8 @@ public class SpringSecurityCoreVersionTests { public void noLoggingIfSpringVersionNull() throws Exception { spy(SpringSecurityCoreVersion.class); spy(SpringVersion.class); - doReturn("1").when(SpringSecurityCoreVersion.class,"getVersion"); - doReturn(null).when(SpringVersion.class,"getVersion"); + doReturn("1").when(SpringSecurityCoreVersion.class, "getVersion"); + doReturn(null).when(SpringVersion.class, "getVersion"); performChecks(); @@ -109,8 +109,8 @@ public class SpringSecurityCoreVersionTests { public void warnIfSpringVersionTooSmall() throws Exception { spy(SpringSecurityCoreVersion.class); spy(SpringVersion.class); - doReturn("3").when(SpringSecurityCoreVersion.class,"getVersion"); - doReturn("2").when(SpringVersion.class,"getVersion"); + doReturn("3").when(SpringSecurityCoreVersion.class, "getVersion"); + doReturn("2").when(SpringVersion.class, "getVersion"); performChecks(); @@ -121,8 +121,8 @@ public class SpringSecurityCoreVersionTests { public void noWarnIfSpringVersionLarger() throws Exception { spy(SpringSecurityCoreVersion.class); spy(SpringVersion.class); - doReturn("4.0.0.RELEASE").when(SpringSecurityCoreVersion.class,"getVersion"); - doReturn("4.0.0.RELEASE").when(SpringVersion.class,"getVersion"); + doReturn("4.0.0.RELEASE").when(SpringSecurityCoreVersion.class, "getVersion"); + doReturn("4.0.0.RELEASE").when(SpringVersion.class, "getVersion"); performChecks(); @@ -135,8 +135,8 @@ public class SpringSecurityCoreVersionTests { String minSpringVersion = "3.2.8.RELEASE"; spy(SpringSecurityCoreVersion.class); spy(SpringVersion.class); - doReturn("3.2.0.RELEASE").when(SpringSecurityCoreVersion.class,"getVersion"); - doReturn("3.2.10.RELEASE").when(SpringVersion.class,"getVersion"); + doReturn("3.2.0.RELEASE").when(SpringSecurityCoreVersion.class, "getVersion"); + doReturn("3.2.10.RELEASE").when(SpringVersion.class, "getVersion"); performChecks(minSpringVersion); @@ -147,8 +147,8 @@ public class SpringSecurityCoreVersionTests { public void noLoggingIfPropertySet() throws Exception { spy(SpringSecurityCoreVersion.class); spy(SpringVersion.class); - doReturn("3").when(SpringSecurityCoreVersion.class,"getVersion"); - doReturn("2").when(SpringVersion.class,"getVersion"); + doReturn("3").when(SpringSecurityCoreVersion.class, "getVersion"); + doReturn("2").when(SpringVersion.class, "getVersion"); System.setProperty(getDisableChecksProperty(), Boolean.TRUE.toString()); performChecks(); diff --git a/core/src/test/java/org/springframework/security/core/userdetails/PasswordEncodedUser.java b/core/src/test/java/org/springframework/security/core/userdetails/PasswordEncodedUser.java index 9627290203..783ee3a4ad 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/PasswordEncodedUser.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/PasswordEncodedUser.java @@ -25,7 +25,7 @@ import java.util.function.Function; public class PasswordEncodedUser { private static final UserDetails USER = withUsername("user").password("password").roles("USER").build(); - private static final UserDetails ADMIN = withUsername("admin").password("password").roles("USER","ADMIN").build(); + private static final UserDetails ADMIN = withUsername("admin").password("password").roles("USER", "ADMIN").build(); public static UserDetails user() { return User.withUserDetails(USER).build(); @@ -48,7 +48,7 @@ public class PasswordEncodedUser { .passwordEncoder(passwordEncoder()); } - private static Function passwordEncoder() { + private static Function passwordEncoder() { return rawPassword -> "{noop}" + rawPassword; } diff --git a/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java b/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java index 95825bdd8f..f2026b09a8 100644 --- a/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java +++ b/core/src/test/java/org/springframework/security/core/userdetails/UserTests.java @@ -150,7 +150,7 @@ public class UserTests { @Test public void withUserDetailsWhenAllEnabled() throws Exception { - User expected = new User("rob","pass", true, true, true, true, ROLE_12); + User expected = new User("rob", "pass", true, true, true, true, ROLE_12); UserDetails actual = User.withUserDetails(expected).build(); @@ -166,7 +166,7 @@ public class UserTests { @Test public void withUserDetailsWhenAllDisabled() throws Exception { - User expected = new User("rob","pass", false, false, false, false, ROLE_12); + User expected = new User("rob", "pass", false, false, false, false, ROLE_12); UserDetails actual = User.withUserDetails(expected).build(); diff --git a/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java b/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java index b25655bd78..c30484d499 100644 --- a/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java +++ b/core/src/test/java/org/springframework/security/jackson2/RememberMeAuthenticationTokenMixinTests.java @@ -107,8 +107,8 @@ public class RememberMeAuthenticationTokenMixinTests extends AbstractMixinTests .readValue(String.format(REMEMBERME_AUTH_JSON, "\"password\""), RememberMeAuthenticationToken.class); assertThat(token).isNotNull(); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); - assertThat(((User)token.getPrincipal()).getUsername()).isEqualTo("admin"); - assertThat(((User)token.getPrincipal()).getPassword()).isEqualTo("1234"); + assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin"); + assertThat(((User) token.getPrincipal()).getPassword()).isEqualTo("1234"); assertThat(((User) token.getPrincipal()).getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(((User) token.getPrincipal()).isEnabled()).isEqualTo(true); diff --git a/core/src/test/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenMixinTests.java b/core/src/test/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenMixinTests.java index de0cba9918..32d520abcf 100644 --- a/core/src/test/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenMixinTests.java +++ b/core/src/test/java/org/springframework/security/jackson2/UsernamePasswordAuthenticationTokenMixinTests.java @@ -120,7 +120,7 @@ public class UsernamePasswordAuthenticationTokenMixinTests extends AbstractMixin .readValue(AUTHENTICATED_JSON, UsernamePasswordAuthenticationToken.class); assertThat(token).isNotNull(); assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class); - assertThat(((User)token.getPrincipal()).getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); + assertThat(((User) token.getPrincipal()).getAuthorities()).isNotNull().hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); assertThat(token.isAuthenticated()).isEqualTo(true); assertThat(token.getAuthorities()).hasSize(1).contains(new SimpleGrantedAuthority("ROLE_USER")); } diff --git a/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java b/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java index 3cb27dd54f..2c6d932295 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java +++ b/crypto/src/main/java/org/springframework/security/crypto/factory/PasswordEncoderFactories.java @@ -60,7 +60,7 @@ public class PasswordEncoderFactories { */ public static PasswordEncoder createDelegatingPasswordEncoder() { String encodingId = "bcrypt"; - Map encoders = new HashMap<>(); + Map encoders = new HashMap<>(); encoders.put(encodingId, new BCryptPasswordEncoder()); encoders.put("ldap", new LdapShaPasswordEncoder()); encoders.put("MD4", new Md4PasswordEncoder()); diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java index 94b197eb3f..256d18f2ae 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java +++ b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java @@ -123,7 +123,7 @@ public class DelegatingPasswordEncoder implements PasswordEncoder { private static final String SUFFIX = "}"; private final String idForEncode; private final PasswordEncoder passwordEncoderForEncode; - private final Map idToPasswordEncoder; + private final Map idToPasswordEncoder; private PasswordEncoder defaultPasswordEncoderForMatches = new UnmappedIdPasswordEncoder(); /** diff --git a/crypto/src/test/java/org/springframework/security/crypto/codec/HexTests.java b/crypto/src/test/java/org/springframework/security/crypto/codec/HexTests.java index 8e8018308f..e464d7171e 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/codec/HexTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/codec/HexTests.java @@ -34,7 +34,7 @@ public class HexTests { @Test public void encode() { assertThat(Hex.encode(new byte[] { (byte) 'A', (byte) 'B', (byte) 'C', - (byte) 'D' })).isEqualTo(new char[] {'4','1','4','2','4','3','4','4'}); + (byte) 'D' })).isEqualTo(new char[] {'4', '1', '4', '2', '4', '3', '4', '4'}); } @Test diff --git a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java index dd474e164f..db8a8b4e82 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java @@ -55,7 +55,7 @@ public class DelegatingPasswordEncoderTests { private String noopEncodedPassword = "{noop}" + this.encodedPassword; - private Map delegates; + private Map delegates; private DelegatingPasswordEncoder passwordEncoder; diff --git a/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java index 67d5894617..be0f8f328c 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/password/LdapShaPasswordEncoderTests.java @@ -100,7 +100,7 @@ public class LdapShaPasswordEncoderTests { @Test(expected = IllegalArgumentException.class) public void invalidPrefixIsRejected() { - this.sha.matches("somepassword","{MD9}xxxxxxxxxx"); + this.sha.matches("somepassword", "{MD9}xxxxxxxxxx"); } @Test(expected = IllegalArgumentException.class) diff --git a/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java index 09d5128a53..39e9e025ac 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/scrypt/SCryptPasswordEncoderTests.java @@ -1,120 +1,120 @@ -/* - * Copyright 2002-2017 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.crypto.scrypt; - -import static org.assertj.core.api.Assertions.*; - -import org.junit.Test; - -/** - * @author Shazin Sadakath - * - */ -public class SCryptPasswordEncoderTests { - - @Test - public void matches() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - String result = encoder.encode("password"); - assertThat(result).isNotEqualTo("password"); - assertThat(encoder.matches("password", result)).isTrue(); - } - - @Test - public void unicode() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - String result = encoder.encode("passw\u9292rd"); - assertThat(encoder.matches("pass\u9292\u9292rd", result)).isFalse(); - assertThat(encoder.matches("passw\u9292rd", result)).isTrue(); - } - - @Test - public void notMatches() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - String result = encoder.encode("password"); - assertThat(encoder.matches("bogus", result)).isFalse(); - } - - @Test - public void customParameters() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(512, 8, 4, 32, 16); - String result = encoder.encode("password"); - assertThat(result).isNotEqualTo("password"); - assertThat(encoder.matches("password", result)).isTrue(); - } - - @Test - public void differentPasswordHashes() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - String password = "secret"; - assertThat(encoder.encode(password)).isNotEqualTo(encoder.encode(password)); - } - - @Test - public void samePasswordWithDifferentParams() { - SCryptPasswordEncoder oldEncoder = new SCryptPasswordEncoder(16384, 8, 1, 32,64); - SCryptPasswordEncoder newEncoder = new SCryptPasswordEncoder(); - - String password = "secret"; - String oldEncodedPassword = oldEncoder.encode(password); - assertThat(newEncoder.matches(password, oldEncodedPassword)).isTrue(); - } - - @Test - public void doesntMatchNullEncodedValue() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - assertThat(encoder.matches("password", null)).isFalse(); - } - - @Test - public void doesntMatchEmptyEncodedValue() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - assertThat(encoder.matches("password", "")).isFalse(); - } - - @Test - public void doesntMatchBogusEncodedValue() { - SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); - assertThat(encoder.matches("password", "012345678901234567890123456789")).isFalse(); - } - - @Test(expected = IllegalArgumentException.class) - public void invalidCpuCostParameter() { - new SCryptPasswordEncoder(Integer.MIN_VALUE, 16, 2, 32, 16); - } - - @Test(expected = IllegalArgumentException.class) - public void invalidMemoryCostParameter() { - new SCryptPasswordEncoder(2, Integer.MAX_VALUE, 2, 32, 16); - } - - @Test(expected = IllegalArgumentException.class) - public void invalidParallelizationParameter() { - new SCryptPasswordEncoder(2, 8, Integer.MAX_VALUE, 32, 16); - } - - @Test(expected = IllegalArgumentException.class) - public void invalidSaltLengthParameter() { - new SCryptPasswordEncoder(2, 8, 1, 16, -1); - } - - @Test(expected = IllegalArgumentException.class) - public void invalidKeyLengthParameter() { - new SCryptPasswordEncoder(2, 8, 1, -1, 16); - } - -} - +/* + * Copyright 2002-2017 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.crypto.scrypt; + +import static org.assertj.core.api.Assertions.*; + +import org.junit.Test; + +/** + * @author Shazin Sadakath + * + */ +public class SCryptPasswordEncoderTests { + + @Test + public void matches() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + String result = encoder.encode("password"); + assertThat(result).isNotEqualTo("password"); + assertThat(encoder.matches("password", result)).isTrue(); + } + + @Test + public void unicode() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + String result = encoder.encode("passw\u9292rd"); + assertThat(encoder.matches("pass\u9292\u9292rd", result)).isFalse(); + assertThat(encoder.matches("passw\u9292rd", result)).isTrue(); + } + + @Test + public void notMatches() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + String result = encoder.encode("password"); + assertThat(encoder.matches("bogus", result)).isFalse(); + } + + @Test + public void customParameters() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(512, 8, 4, 32, 16); + String result = encoder.encode("password"); + assertThat(result).isNotEqualTo("password"); + assertThat(encoder.matches("password", result)).isTrue(); + } + + @Test + public void differentPasswordHashes() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + String password = "secret"; + assertThat(encoder.encode(password)).isNotEqualTo(encoder.encode(password)); + } + + @Test + public void samePasswordWithDifferentParams() { + SCryptPasswordEncoder oldEncoder = new SCryptPasswordEncoder(16384, 8, 1, 32, 64); + SCryptPasswordEncoder newEncoder = new SCryptPasswordEncoder(); + + String password = "secret"; + String oldEncodedPassword = oldEncoder.encode(password); + assertThat(newEncoder.matches(password, oldEncodedPassword)).isTrue(); + } + + @Test + public void doesntMatchNullEncodedValue() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + assertThat(encoder.matches("password", null)).isFalse(); + } + + @Test + public void doesntMatchEmptyEncodedValue() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + assertThat(encoder.matches("password", "")).isFalse(); + } + + @Test + public void doesntMatchBogusEncodedValue() { + SCryptPasswordEncoder encoder = new SCryptPasswordEncoder(); + assertThat(encoder.matches("password", "012345678901234567890123456789")).isFalse(); + } + + @Test(expected = IllegalArgumentException.class) + public void invalidCpuCostParameter() { + new SCryptPasswordEncoder(Integer.MIN_VALUE, 16, 2, 32, 16); + } + + @Test(expected = IllegalArgumentException.class) + public void invalidMemoryCostParameter() { + new SCryptPasswordEncoder(2, Integer.MAX_VALUE, 2, 32, 16); + } + + @Test(expected = IllegalArgumentException.class) + public void invalidParallelizationParameter() { + new SCryptPasswordEncoder(2, 8, Integer.MAX_VALUE, 32, 16); + } + + @Test(expected = IllegalArgumentException.class) + public void invalidSaltLengthParameter() { + new SCryptPasswordEncoder(2, 8, 1, 16, -1); + } + + @Test(expected = IllegalArgumentException.class) + public void invalidKeyLengthParameter() { + new SCryptPasswordEncoder(2, 8, 1, -1, 16); + } + +} + diff --git a/etc/checkstyle/checkstyle.xml b/etc/checkstyle/checkstyle.xml index cbabad2801..370aba4bbd 100644 --- a/etc/checkstyle/checkstyle.xml +++ b/etc/checkstyle/checkstyle.xml @@ -40,5 +40,8 @@ + + + diff --git a/itest/web/src/integration-test/java/org/springframework/security/integration/ConcurrentSessionManagementTests.java b/itest/web/src/integration-test/java/org/springframework/security/integration/ConcurrentSessionManagementTests.java index 2888be09ae..580a0f91d9 100644 --- a/itest/web/src/integration-test/java/org/springframework/security/integration/ConcurrentSessionManagementTests.java +++ b/itest/web/src/integration-test/java/org/springframework/security/integration/ConcurrentSessionManagementTests.java @@ -47,7 +47,7 @@ public class ConcurrentSessionManagementTests extends AbstractWebServerIntegrati final MockHttpSession session1 = new MockHttpSession(); final MockHttpSession session2 = new MockHttpSession(); - MockMvc mockMvc = createMockMvc("classpath:/spring/http-security-concurrency.xml","classpath:/spring/in-memory-provider.xml", "classpath:/spring/testapp-servlet.xml"); + MockMvc mockMvc = createMockMvc("classpath:/spring/http-security-concurrency.xml", "classpath:/spring/in-memory-provider.xml", "classpath:/spring/testapp-servlet.xml"); mockMvc.perform(get("secure/index").session(session1)) .andExpect(status().is3xxRedirection()); diff --git a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java index e791b4ce31..0db14b234a 100644 --- a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java +++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java @@ -127,7 +127,7 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic return null; } if(passwordAttrValue instanceof byte[]) { - return new String((byte[])passwordAttrValue); + return new String((byte[]) passwordAttrValue); } return String.valueOf(passwordAttrValue); } diff --git a/ldap/src/test/java/org/springframework/security/ldap/LdapUtilsTests.java b/ldap/src/test/java/org/springframework/security/ldap/LdapUtilsTests.java index 75b98eec7e..bcc466ce35 100644 --- a/ldap/src/test/java/org/springframework/security/ldap/LdapUtilsTests.java +++ b/ldap/src/test/java/org/springframework/security/ldap/LdapUtilsTests.java @@ -49,7 +49,7 @@ public class LdapUtilsTests { when(mockCtx.getNameInNamespace()).thenReturn("dc=springframework,dc=org"); - assertThat(LdapUtils.getRelativeName("dc=springframework,dc=org",mockCtx)).isEqualTo(""); + assertThat(LdapUtils.getRelativeName("dc=springframework,dc=org", mockCtx)).isEqualTo(""); } @Test diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java index 9c2dd7bf63..f18df2cc58 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java @@ -125,7 +125,7 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt String redirectUriStr = this.expandRedirectUri(request, clientRegistration); - Map additionalParameters = new HashMap<>(); + Map additionalParameters = new HashMap<>(); additionalParameters.put(OAuth2ParameterNames.REGISTRATION_ID, clientRegistration.getRegistrationId()); OAuth2AuthorizationRequest.Builder builder; diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java index e124646f23..769efce4d5 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.java @@ -117,7 +117,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce } this.authorizationRequestRepository.removeAuthorizationRequest(request); - String registrationId = (String)authorizationRequest.getAdditionalParameters().get(OAuth2ParameterNames.REGISTRATION_ID); + String registrationId = (String) authorizationRequest.getAdditionalParameters().get(OAuth2ParameterNames.REGISTRATION_ID); ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId); OAuth2LoginAuthenticationToken authenticationRequest = new OAuth2LoginAuthenticationToken( @@ -125,7 +125,7 @@ public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProce authenticationRequest.setDetails(this.authenticationDetailsSource.buildDetails(request)); OAuth2LoginAuthenticationToken authenticationResult = - (OAuth2LoginAuthenticationToken)this.getAuthenticationManager().authenticate(authenticationRequest); + (OAuth2LoginAuthenticationToken) this.getAuthenticationManager().authenticate(authenticationRequest); OAuth2AuthenticationToken oauth2Authentication = new OAuth2AuthenticationToken( authenticationResult.getPrincipal(), diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProviderTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProviderTests.java index c5d73638cb..63c54dbf33 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProviderTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/authentication/OAuth2LoginAuthenticationProviderTests.java @@ -119,7 +119,7 @@ public class OAuth2LoginAuthenticationProviderTests { when(this.authorizationRequest.getScopes()).thenReturn(new LinkedHashSet<>(Collections.singleton("openid"))); OAuth2LoginAuthenticationToken authentication = - (OAuth2LoginAuthenticationToken)this.authenticationProvider.authenticate( + (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication).isNull(); @@ -175,7 +175,7 @@ public class OAuth2LoginAuthenticationProviderTests { when(this.userService.loadUser(any())).thenReturn(principal); OAuth2LoginAuthenticationToken authentication = - (OAuth2LoginAuthenticationToken)this.authenticationProvider.authenticate( + (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication.isAuthenticated()).isTrue(); @@ -207,7 +207,7 @@ public class OAuth2LoginAuthenticationProviderTests { this.authenticationProvider.setAuthoritiesMapper(authoritiesMapper); OAuth2LoginAuthenticationToken authentication = - (OAuth2LoginAuthenticationToken)this.authenticationProvider.authenticate( + (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication.getAuthorities()).isEqualTo(mappedAuthorities); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProviderTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProviderTests.java index 109d355eb4..e963bc818e 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProviderTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/authentication/OidcAuthorizationCodeAuthenticationProviderTests.java @@ -143,7 +143,7 @@ public class OidcAuthorizationCodeAuthenticationProviderTests { when(this.authorizationRequest.getScopes()).thenReturn(new LinkedHashSet<>(Collections.singleton("scope1"))); OAuth2LoginAuthenticationToken authentication = - (OAuth2LoginAuthenticationToken)this.authenticationProvider.authenticate( + (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication).isNull(); @@ -355,7 +355,7 @@ public class OidcAuthorizationCodeAuthenticationProviderTests { when(this.userService.loadUser(any())).thenReturn(principal); OAuth2LoginAuthenticationToken authentication = - (OAuth2LoginAuthenticationToken)this.authenticationProvider.authenticate( + (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication.isAuthenticated()).isTrue(); @@ -389,7 +389,7 @@ public class OidcAuthorizationCodeAuthenticationProviderTests { this.authenticationProvider.setAuthoritiesMapper(authoritiesMapper); OAuth2LoginAuthenticationToken authentication = - (OAuth2LoginAuthenticationToken)this.authenticationProvider.authenticate( + (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate( new OAuth2LoginAuthenticationToken(this.clientRegistration, this.authorizationExchange)); assertThat(authentication.getAuthorities()).isEqualTo(mappedAuthorities); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserServiceTests.java index 9cb7e72e73..c15fb9e0ff 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/oidc/userinfo/OidcUserServiceTests.java @@ -159,7 +159,7 @@ public class OidcUserServiceTests { assertThat(user.getAuthorities().size()).isEqualTo(1); assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OidcUserAuthority.class); - OidcUserAuthority userAuthority = (OidcUserAuthority)user.getAuthorities().iterator().next(); + OidcUserAuthority userAuthority = (OidcUserAuthority) user.getAuthorities().iterator().next(); assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER"); assertThat(userAuthority.getIdToken()).isEqualTo(user.getIdToken()); assertThat(userAuthority.getUserInfo()).isEqualTo(user.getUserInfo()); diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserServiceTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserServiceTests.java index f3942101cc..d1c10748bf 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserServiceTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/userinfo/DefaultOAuth2UserServiceTests.java @@ -121,7 +121,7 @@ public class DefaultOAuth2UserServiceTests { assertThat(user.getAuthorities().size()).isEqualTo(1); assertThat(user.getAuthorities().iterator().next()).isInstanceOf(OAuth2UserAuthority.class); - OAuth2UserAuthority userAuthority = (OAuth2UserAuthority)user.getAuthorities().iterator().next(); + OAuth2UserAuthority userAuthority = (OAuth2UserAuthority) user.getAuthorities().iterator().next(); assertThat(userAuthority.getAuthority()).isEqualTo("ROLE_USER"); assertThat(userAuthority.getAttributes()).isEqualTo(user.getAttributes()); } diff --git a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestUriBuilderTests.java b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestUriBuilderTests.java index 00c35784ff..0fde656c87 100644 --- a/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestUriBuilderTests.java +++ b/oauth2/oauth2-client/src/test/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestUriBuilderTests.java @@ -43,7 +43,7 @@ public class OAuth2AuthorizationRequestUriBuilderTests { @Test public void buildWhenScopeMultiThenSeparatedByEncodedSpace() { OAuth2AuthorizationRequest request = OAuth2AuthorizationRequest.implicit() - .additionalParameters(Collections.singletonMap("foo","bar")) + .additionalParameters(Collections.singletonMap("foo", "bar")) .authorizationUri("https://idp.example.com/oauth2/v2/auth") .clientId("client-id") .state("thestate") diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClaimAccessor.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClaimAccessor.java index 0d106f0eb2..51cbc42a2b 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClaimAccessor.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClaimAccessor.java @@ -75,7 +75,7 @@ public interface ClaimAccessor { return null; } Map claimValues = new HashMap<>(); - ((Map)this.getClaims().get(claim)).forEach((k, v) -> claimValues.put(k.toString(), v)); + ((Map) this.getClaims().get(claim)).forEach((k, v) -> claimValues.put(k.toString(), v)); return claimValues; } @@ -84,7 +84,7 @@ public interface ClaimAccessor { return null; } List claimValues = new ArrayList<>(); - ((List)this.getClaims().get(claim)).forEach(e -> claimValues.add(e.toString())); + ((List) this.getClaims().get(claim)).forEach(e -> claimValues.add(e.toString())); return claimValues; } } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java index 13eb9eefda..9d2482a039 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AccessTokenResponse.java @@ -33,7 +33,7 @@ import java.util.Set; */ public final class OAuth2AccessTokenResponse { private OAuth2AccessToken accessToken; - private Map additionalParameters; + private Map additionalParameters; private OAuth2AccessTokenResponse() { } @@ -55,7 +55,7 @@ public final class OAuth2AccessTokenResponse { private OAuth2AccessToken.TokenType tokenType; private long expiresIn; private Set scopes; - private Map additionalParameters; + private Map additionalParameters; private Builder(String tokenValue) { this.tokenValue = tokenValue; @@ -76,7 +76,7 @@ public final class OAuth2AccessTokenResponse { return this; } - public Builder additionalParameters(Map additionalParameters) { + public Builder additionalParameters(Map additionalParameters) { this.additionalParameters = additionalParameters; return this; } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java index a2837857d1..4bf90565de 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/endpoint/OAuth2AuthorizationRequest.java @@ -49,7 +49,7 @@ public final class OAuth2AuthorizationRequest implements Serializable { private String redirectUri; private Set scopes; private String state; - private Map additionalParameters; + private Map additionalParameters; private OAuth2AuthorizationRequest() { } @@ -102,7 +102,7 @@ public final class OAuth2AuthorizationRequest implements Serializable { private String redirectUri; private Set scopes; private String state; - private Map additionalParameters; + private Map additionalParameters; private Builder(AuthorizationGrantType authorizationGrantType) { Assert.notNull(authorizationGrantType, "authorizationGrantType cannot be null"); @@ -147,7 +147,7 @@ public final class OAuth2AuthorizationRequest implements Serializable { return this; } - public Builder additionalParameters(Map additionalParameters) { + public Builder additionalParameters(Map additionalParameters) { this.additionalParameters = additionalParameters; return this; } diff --git a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java index 0a6b36cc98..07a6b44c88 100644 --- a/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java +++ b/oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/oidc/DefaultAddressStandardClaim.java @@ -123,12 +123,12 @@ public final class DefaultAddressStandardClaim implements AddressStandardClaim { } public Builder(Map addressFields) { - this.formatted((String)addressFields.get(FORMATTED_FIELD_NAME)); - this.streetAddress((String)addressFields.get(STREET_ADDRESS_FIELD_NAME)); - this.locality((String)addressFields.get(LOCALITY_FIELD_NAME)); - this.region((String)addressFields.get(REGION_FIELD_NAME)); - this.postalCode((String)addressFields.get(POSTAL_CODE_FIELD_NAME)); - this.country((String)addressFields.get(COUNTRY_FIELD_NAME)); + this.formatted((String) addressFields.get(FORMATTED_FIELD_NAME)); + this.streetAddress((String) addressFields.get(STREET_ADDRESS_FIELD_NAME)); + this.locality((String) addressFields.get(LOCALITY_FIELD_NAME)); + this.region((String) addressFields.get(REGION_FIELD_NAME)); + this.postalCode((String) addressFields.get(POSTAL_CODE_FIELD_NAME)); + this.country((String) addressFields.get(COUNTRY_FIELD_NAME)); } public Builder formatted(String formatted) { diff --git a/samples/javaconfig/hellowebflux-method/src/integration-test/java/sample/HelloWebfluxMethodApplicationITests.java b/samples/javaconfig/hellowebflux-method/src/integration-test/java/sample/HelloWebfluxMethodApplicationITests.java index 037a2ebe71..813614f4bf 100644 --- a/samples/javaconfig/hellowebflux-method/src/integration-test/java/sample/HelloWebfluxMethodApplicationITests.java +++ b/samples/javaconfig/hellowebflux-method/src/integration-test/java/sample/HelloWebfluxMethodApplicationITests.java @@ -87,11 +87,11 @@ public class HelloWebfluxMethodApplicationITests { } private Consumer> robsCredentials() { - return basicAuthenticationCredentials("rob","rob"); + return basicAuthenticationCredentials("rob", "rob"); } private Consumer> adminCredentials() { - return basicAuthenticationCredentials("admin","admin"); + return basicAuthenticationCredentials("admin", "admin"); } private String base64Encode(String value) { diff --git a/samples/javaconfig/hellowebflux-method/src/main/java/sample/SecurityConfig.java b/samples/javaconfig/hellowebflux-method/src/main/java/sample/SecurityConfig.java index 30af1dcec6..27cff1b33e 100644 --- a/samples/javaconfig/hellowebflux-method/src/main/java/sample/SecurityConfig.java +++ b/samples/javaconfig/hellowebflux-method/src/main/java/sample/SecurityConfig.java @@ -49,7 +49,7 @@ public class SecurityConfig { public MapReactiveUserDetailsService userDetailsRepository() { User.UserBuilder userBuilder = User.withDefaultPasswordEncoder(); UserDetails rob = userBuilder.username("rob").password("rob").roles("USER").build(); - UserDetails admin = userBuilder.username("admin").password("admin").roles("USER","ADMIN").build(); + UserDetails admin = userBuilder.username("admin").password("admin").roles("USER", "ADMIN").build(); return new MapReactiveUserDetailsService(rob, admin); } diff --git a/samples/javaconfig/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java b/samples/javaconfig/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java index 593880ae2d..88e2c629c3 100644 --- a/samples/javaconfig/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java +++ b/samples/javaconfig/hellowebflux-method/src/test/java/sample/HelloWebfluxMethodApplicationTests.java @@ -138,10 +138,10 @@ public class HelloWebfluxMethodApplicationTests { } private Consumer> robsCredentials() { - return basicAuthenticationCredentials("rob","rob"); + return basicAuthenticationCredentials("rob", "rob"); } private Consumer> adminCredentials() { - return basicAuthenticationCredentials("admin","admin"); + return basicAuthenticationCredentials("admin", "admin"); } } diff --git a/samples/javaconfig/hellowebflux/src/integration-test/java/sample/HelloWebfluxApplicationITests.java b/samples/javaconfig/hellowebflux/src/integration-test/java/sample/HelloWebfluxApplicationITests.java index a9e282c166..bc1abf00ec 100644 --- a/samples/javaconfig/hellowebflux/src/integration-test/java/sample/HelloWebfluxApplicationITests.java +++ b/samples/javaconfig/hellowebflux/src/integration-test/java/sample/HelloWebfluxApplicationITests.java @@ -87,10 +87,10 @@ public class HelloWebfluxApplicationITests { } private Consumer> userCredentials() { - return basicAuthenticationCredentials("user","user"); + return basicAuthenticationCredentials("user", "user"); } private Consumer> invalidCredentials() { - return basicAuthenticationCredentials("user","INVALID"); + return basicAuthenticationCredentials("user", "INVALID"); } } diff --git a/samples/javaconfig/hellowebflux/src/main/java/sample/HelloUserController.java b/samples/javaconfig/hellowebflux/src/main/java/sample/HelloUserController.java index f5edaf33fa..eb51da2e54 100644 --- a/samples/javaconfig/hellowebflux/src/main/java/sample/HelloUserController.java +++ b/samples/javaconfig/hellowebflux/src/main/java/sample/HelloUserController.java @@ -32,13 +32,13 @@ import reactor.core.publisher.Mono; public class HelloUserController { @GetMapping("/") - public Mono> hello(Mono principal) { + public Mono> hello(Mono principal) { return principal .map(Principal::getName) .map(this::helloMessage); } - private Map helloMessage(String username) { + private Map helloMessage(String username) { return Collections.singletonMap("message", "Hello " + username + "!"); } } diff --git a/samples/javaconfig/hellowebflux/src/test/java/sample/HelloWebfluxApplicationTests.java b/samples/javaconfig/hellowebflux/src/test/java/sample/HelloWebfluxApplicationTests.java index f3ee7bea23..e3a840b05e 100644 --- a/samples/javaconfig/hellowebflux/src/test/java/sample/HelloWebfluxApplicationTests.java +++ b/samples/javaconfig/hellowebflux/src/test/java/sample/HelloWebfluxApplicationTests.java @@ -112,10 +112,10 @@ public class HelloWebfluxApplicationTests { } private Consumer> userCredentials() { - return basicAuthenticationCredentials("user","user"); + return basicAuthenticationCredentials("user", "user"); } private Consumer> invalidCredentials() { - return basicAuthenticationCredentials("user","INVALID"); + return basicAuthenticationCredentials("user", "INVALID"); } } diff --git a/samples/javaconfig/hellowebfluxfn/src/integration-test/java/sample/HelloWebfluxFnApplicationITests.java b/samples/javaconfig/hellowebfluxfn/src/integration-test/java/sample/HelloWebfluxFnApplicationITests.java index 385e7774ab..280f8d7cc7 100644 --- a/samples/javaconfig/hellowebfluxfn/src/integration-test/java/sample/HelloWebfluxFnApplicationITests.java +++ b/samples/javaconfig/hellowebfluxfn/src/integration-test/java/sample/HelloWebfluxFnApplicationITests.java @@ -86,10 +86,10 @@ public class HelloWebfluxFnApplicationITests { } private Consumer> userCredentials() { - return basicAuthenticationCredentials("user","user"); + return basicAuthenticationCredentials("user", "user"); } private Consumer> invalidCredentials() { - return basicAuthenticationCredentials("user","INVALID"); + return basicAuthenticationCredentials("user", "INVALID"); } } diff --git a/samples/javaconfig/hellowebfluxfn/src/test/java/sample/HelloWebfluxFnApplicationTests.java b/samples/javaconfig/hellowebfluxfn/src/test/java/sample/HelloWebfluxFnApplicationTests.java index 5011d938c6..ac549cf79d 100644 --- a/samples/javaconfig/hellowebfluxfn/src/test/java/sample/HelloWebfluxFnApplicationTests.java +++ b/samples/javaconfig/hellowebfluxfn/src/test/java/sample/HelloWebfluxFnApplicationTests.java @@ -115,10 +115,10 @@ public class HelloWebfluxFnApplicationTests { } private Consumer> userCredentials() { - return basicAuthenticationCredentials("user","user"); + return basicAuthenticationCredentials("user", "user"); } private Consumer> invalidCredentials() { - return basicAuthenticationCredentials("user","INVALID"); + return basicAuthenticationCredentials("user", "INVALID"); } } diff --git a/samples/javaconfig/preauth/src/main/java/org/springframework/security/samples/config/SecurityConfig.java b/samples/javaconfig/preauth/src/main/java/org/springframework/security/samples/config/SecurityConfig.java index ce19c3ab13..7f486a09ef 100644 --- a/samples/javaconfig/preauth/src/main/java/org/springframework/security/samples/config/SecurityConfig.java +++ b/samples/javaconfig/preauth/src/main/java/org/springframework/security/samples/config/SecurityConfig.java @@ -27,11 +27,11 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() - .antMatchers("/login","/resources/**").permitAll() + .antMatchers("/login", "/resources/**").permitAll() .anyRequest().authenticated() .and() .jee() - .mappableRoles("USER","ADMIN"); + .mappableRoles("USER", "ADMIN"); } // @formatter:on } diff --git a/samples/javaconfig/x509/src/main/java/org/springframework/security/samples/config/SecurityConfig.java b/samples/javaconfig/x509/src/main/java/org/springframework/security/samples/config/SecurityConfig.java index 08db043033..dd96f64df4 100644 --- a/samples/javaconfig/x509/src/main/java/org/springframework/security/samples/config/SecurityConfig.java +++ b/samples/javaconfig/x509/src/main/java/org/springframework/security/samples/config/SecurityConfig.java @@ -31,7 +31,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { auth. inMemoryAuthentication() .withUser("dianne").password("password").roles("USER").and() - .withUser("rod").password("password").roles("USER","ADMIN").and() + .withUser("rod").password("password").roles("USER", "ADMIN").and() .withUser("scott").password("password").roles("USER"); } // @formatter:on diff --git a/samples/xml/contacts/src/main/java/sample/contact/ClientApplication.java b/samples/xml/contacts/src/main/java/sample/contact/ClientApplication.java index 1834e3b365..121ab51f5f 100644 --- a/samples/xml/contacts/src/main/java/sample/contact/ClientApplication.java +++ b/samples/xml/contacts/src/main/java/sample/contact/ClientApplication.java @@ -58,7 +58,7 @@ public class ClientApplication { SecurityContextHolder.getContext().setAuthentication(authentication); - for (Map.Entry entry : contactServices.entrySet()) { + for (Map.Entry entry : contactServices.entrySet()) { String beanName = entry.getKey(); ContactManager remoteContactManager = entry.getValue(); Object object = this.beanFactory.getBean("&" + beanName); diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AbstractAuthorizeTagTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AbstractAuthorizeTagTests.java index adab1af7aa..6777cbe0d0 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AbstractAuthorizeTagTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AbstractAuthorizeTagTests.java @@ -98,11 +98,11 @@ public class AbstractAuthorizeTagTests { @Test @SuppressWarnings("rawtypes") public void expressionFromChildContext() throws IOException { - SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("user", "pass","USER")); + SecurityContextHolder.getContext().setAuthentication(new TestingAuthenticationToken("user", "pass", "USER")); DefaultWebSecurityExpressionHandler expected = new DefaultWebSecurityExpressionHandler(); tag.setAccess("permitAll"); WebApplicationContext wac = mock(WebApplicationContext.class); - when(wac.getBeansOfType(SecurityExpressionHandler.class)).thenReturn(Collections.singletonMap("wipe", expected)); + when(wac.getBeansOfType(SecurityExpressionHandler.class)).thenReturn(Collections.singletonMap("wipe", expected)); servletContext.setAttribute("org.springframework.web.servlet.FrameworkServlet.CONTEXT.dispatcher", wac); assertThat(tag.authorize()).isTrue(); diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java index 1abdfc693a..1d1d3f38ee 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/Sec2935Tests.java @@ -66,7 +66,7 @@ public class Sec2935Tests { @Test public void postProcessorUserNoUser() throws Exception { mvc - .perform(get("/admin/abc").with(user("user").roles("ADMIN","USER"))) + .perform(get("/admin/abc").with(user("user").roles("ADMIN", "USER"))) .andExpect(status().isNotFound()) .andExpect(authenticated().withUsername("user")); @@ -79,7 +79,7 @@ public class Sec2935Tests { @Test public void postProcessorUserOtherUser() throws Exception { mvc - .perform(get("/admin/abc").with(user("user1").roles("ADMIN","USER"))) + .perform(get("/admin/abc").with(user("user1").roles("ADMIN", "USER"))) .andExpect(status().isNotFound()) .andExpect(authenticated().withUsername("user1")); @@ -93,7 +93,7 @@ public class Sec2935Tests { @Test public void postProcessorUserWithMockUser() throws Exception { mvc - .perform(get("/admin/abc").with(user("user1").roles("ADMIN","USER"))) + .perform(get("/admin/abc").with(user("user1").roles("ADMIN", "USER"))) .andExpect(status().isNotFound()) .andExpect(authenticated().withUsername("user1")); @@ -112,7 +112,7 @@ public class Sec2935Tests { .build(); mvc - .perform(get("/admin/abc").with(user("user1").roles("ADMIN","USER"))) + .perform(get("/admin/abc").with(user("user1").roles("ADMIN", "USER"))) .andExpect(status().isNotFound()) .andExpect(authenticated().withUsername("user1")); @@ -132,7 +132,7 @@ public class Sec2935Tests { .build(); mvc - .perform(get("/admin/abc").with(user("user1").roles("ADMIN","USER"))) + .perform(get("/admin/abc").with(user("user1").roles("ADMIN", "USER"))) .andExpect(status().isNotFound()) .andExpect(authenticated().withUsername("user1")); diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfTests.java index 7a1bf3abe4..856d083a22 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/request/SecurityMockMvcRequestPostProcessorsCsrfTests.java @@ -159,7 +159,7 @@ public class SecurityMockMvcRequestPostProcessorsCsrfTests { MockHttpServletRequestBuilder requestWithCsrf = post("/") .param(token.getParameterName(), token.getToken()) - .session((MockHttpSession)request.getSession()); + .session((MockHttpSession) request.getSession()); this.mockMvc.perform(requestWithCsrf) .andExpect(status().isOk()); // @formatter:on diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithAdminRob.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithAdminRob.java index 6a491be925..664ca88689 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithAdminRob.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithAdminRob.java @@ -28,6 +28,6 @@ import org.springframework.security.test.context.support.WithMockUser; @Retention(RetentionPolicy.RUNTIME) @Inherited @Documented -@WithMockUser(value="rob",roles="ADMIN") +@WithMockUser(value="rob", roles="ADMIN") public @interface WithAdminRob { } diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java index d912cbe963..d8c9abc553 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsAuthenticationTests.java @@ -103,8 +103,8 @@ public class WithUserDetailsAuthenticationTests { auth .inMemoryAuthentication() .withUser("user").password("password").roles("USER").and() - .withUser("admin").password("password").roles("USER","ADMIN"); + .withUser("admin").password("password").roles("USER", "ADMIN"); } // @formatter:on } -} \ No newline at end of file +} diff --git a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java index 48b7bf6464..cd10043e75 100644 --- a/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java +++ b/test/src/test/java/org/springframework/security/test/web/servlet/showcase/secured/WithUserDetailsClassLevelAuthenticationTests.java @@ -103,8 +103,8 @@ public class WithUserDetailsClassLevelAuthenticationTests { auth .inMemoryAuthentication() .withUser("user").password("password").roles("USER").and() - .withUser("admin").password("password").roles("USER","ADMIN"); + .withUser("admin").password("password").roles("USER", "ADMIN"); } // @formatter:on } -} \ No newline at end of file +} diff --git a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java index 21b5332ce0..c876fbab98 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java @@ -62,7 +62,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { private String openIDusernameParameter; private String openIDrememberMeParameter; private Map oauth2AuthenticationUrlToClientName; - private Function> resolveHiddenInputs = request -> Collections + private Function> resolveHiddenInputs = request -> Collections .emptyMap(); @@ -298,7 +298,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { } private void renderHiddenInputs(StringBuilder sb, HttpServletRequest request) { - for(Map.Entry input : this.resolveHiddenInputs.apply(request).entrySet()) { + for(Map.Entry input : this.resolveHiddenInputs.apply(request).entrySet()) { sb.append(" \n"); } diff --git a/web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java b/web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java index 05196ae859..33ff40774d 100644 --- a/web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java +++ b/web/src/main/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverter.java @@ -32,7 +32,7 @@ import org.springframework.web.server.ServerWebExchange; * @author Rob Winch * @since 5.0 */ -public class ServerFormLoginAuthenticationConverter implements Function> { +public class ServerFormLoginAuthenticationConverter implements Function> { private String usernameParameter = "username"; diff --git a/web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java b/web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java index b9ed1b8b03..7210828130 100644 --- a/web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java +++ b/web/src/main/java/org/springframework/security/web/server/ServerHttpBasicAuthenticationConverter.java @@ -31,7 +31,7 @@ import reactor.core.publisher.Mono; * @author Rob Winch * @since 5.0 */ -public class ServerHttpBasicAuthenticationConverter implements Function> { +public class ServerHttpBasicAuthenticationConverter implements Function> { public static final String BASIC = "Basic "; diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java index ba359c9eab..4445fefa43 100644 --- a/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/authentication/AuthenticationWebFilter.java @@ -46,7 +46,7 @@ public class AuthenticationWebFilter implements WebFilter { private ServerAuthenticationSuccessHandler authenticationSuccessHandler = new WebFilterChainServerAuthenticationSuccessHandler(); - private Function> authenticationConverter = new ServerHttpBasicAuthenticationConverter(); + private Function> authenticationConverter = new ServerHttpBasicAuthenticationConverter(); private ServerAuthenticationFailureHandler authenticationFailureHandler = new ServerAuthenticationEntryPointFailureHandler(new HttpBasicServerAuthenticationEntryPoint()); @@ -97,7 +97,7 @@ public class AuthenticationWebFilter implements WebFilter { this.authenticationSuccessHandler = authenticationSuccessHandler; } - public void setAuthenticationConverter(Function> authenticationConverter) { + public void setAuthenticationConverter(Function> authenticationConverter) { this.authenticationConverter = authenticationConverter; } diff --git a/web/src/main/java/org/springframework/security/web/server/authentication/logout/LogoutWebFilter.java b/web/src/main/java/org/springframework/security/web/server/authentication/logout/LogoutWebFilter.java index a2a653117c..f43e0a7a9b 100644 --- a/web/src/main/java/org/springframework/security/web/server/authentication/logout/LogoutWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/authentication/logout/LogoutWebFilter.java @@ -57,7 +57,7 @@ public class LogoutWebFilter implements WebFilter { .map(result -> exchange) .flatMap(this::flatMapAuthentication) .flatMap( authentication -> { - WebFilterExchange webFilterExchange = new WebFilterExchange(exchange,chain); + WebFilterExchange webFilterExchange = new WebFilterExchange(exchange, chain); return logout(webFilterExchange, authentication); }); } diff --git a/web/src/main/java/org/springframework/security/web/server/authorization/AuthorizationContext.java b/web/src/main/java/org/springframework/security/web/server/authorization/AuthorizationContext.java index bebefa6e49..5f7867ac73 100644 --- a/web/src/main/java/org/springframework/security/web/server/authorization/AuthorizationContext.java +++ b/web/src/main/java/org/springframework/security/web/server/authorization/AuthorizationContext.java @@ -27,13 +27,13 @@ import java.util.Map; */ public class AuthorizationContext { private final ServerWebExchange exchange; - private final Map variables; + private final Map variables; public AuthorizationContext(ServerWebExchange exchange) { this(exchange, Collections.emptyMap()); } - public AuthorizationContext(ServerWebExchange exchange, Map variables) { + public AuthorizationContext(ServerWebExchange exchange, Map variables) { this.exchange = exchange; this.variables = variables; } @@ -42,7 +42,7 @@ public class AuthorizationContext { return exchange; } - public Map getVariables() { + public Map getVariables() { return Collections.unmodifiableMap(variables); } } diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/WebSessionServerCsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/server/csrf/WebSessionServerCsrfTokenRepository.java index 80157c7272..5b0b789193 100644 --- a/web/src/main/java/org/springframework/security/web/server/csrf/WebSessionServerCsrfTokenRepository.java +++ b/web/src/main/java/org/springframework/security/web/server/csrf/WebSessionServerCsrfTokenRepository.java @@ -64,14 +64,14 @@ public class WebSessionServerCsrfTokenRepository .flatMap( attrs -> save(attrs, token)); } - private Mono save(Map attributes, CsrfToken token) { + private Mono save(Map attributes, CsrfToken token) { return Mono.defer(() -> { putToken(attributes, token); return Mono.justOrEmpty(token); }); } - private void putToken(Map attributes, CsrfToken token) { + private void putToken(Map attributes, CsrfToken token) { if(token == null) { attributes.remove(this.sessionAttributeName); } else { @@ -118,7 +118,7 @@ public class WebSessionServerCsrfTokenRepository } - private CsrfToken createCsrfToken(Map attributes) { + private CsrfToken createCsrfToken(Map attributes) { return new LazyCsrfToken(attributes, createCsrfToken()); } @@ -131,7 +131,7 @@ public class WebSessionServerCsrfTokenRepository } private class LazyCsrfToken implements CsrfToken { - private final Map attributes; + private final Map attributes; private final CsrfToken delegate; private LazyCsrfToken(Map attributes, CsrfToken delegate) { diff --git a/web/src/main/java/org/springframework/security/web/server/util/matcher/PathPatternParserServerWebExchangeMatcher.java b/web/src/main/java/org/springframework/security/web/server/util/matcher/PathPatternParserServerWebExchangeMatcher.java index 908699a494..381095cb5e 100644 --- a/web/src/main/java/org/springframework/security/web/server/util/matcher/PathPatternParserServerWebExchangeMatcher.java +++ b/web/src/main/java/org/springframework/security/web/server/util/matcher/PathPatternParserServerWebExchangeMatcher.java @@ -68,8 +68,8 @@ public final class PathPatternParserServerWebExchangeMatcher implements ServerWe if(!match) { return MatchResult.notMatch(); } - Map pathVariables = this.pattern.matchAndExtract(path).getUriVariables(); - Map variables = new HashMap<>(pathVariables); + Map pathVariables = this.pattern.matchAndExtract(path).getUriVariables(); + Map variables = new HashMap<>(pathVariables); return MatchResult.match(variables); } diff --git a/web/src/main/java/org/springframework/security/web/server/util/matcher/ServerWebExchangeMatcher.java b/web/src/main/java/org/springframework/security/web/server/util/matcher/ServerWebExchangeMatcher.java index da4902b4bb..a35743cac3 100644 --- a/web/src/main/java/org/springframework/security/web/server/util/matcher/ServerWebExchangeMatcher.java +++ b/web/src/main/java/org/springframework/security/web/server/util/matcher/ServerWebExchangeMatcher.java @@ -32,7 +32,7 @@ public interface ServerWebExchangeMatcher { class MatchResult { private final boolean match; - private final Map variables; + private final Map variables; private MatchResult(boolean match, Map variables) { this.match = match; @@ -43,7 +43,7 @@ public interface ServerWebExchangeMatcher { return match; } - public Map getVariables() { + public Map getVariables() { return variables; } @@ -51,7 +51,7 @@ public interface ServerWebExchangeMatcher { return match(Collections.emptyMap()); } - public static Mono match(Map variables) { + public static Mono match(Map variables) { return Mono.just(new MatchResult(true, variables)); } diff --git a/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthUtilsTests.java b/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthUtilsTests.java index c5e5e0e025..6811d4a54f 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthUtilsTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/www/DigestAuthUtilsTests.java @@ -90,7 +90,7 @@ public class DigestAuthUtilsTests { public void testSplitNormalOperation() { String unsplit = "username=\"rod==\""; assertThat(DigestAuthUtils.split(unsplit, "=")[0]).isEqualTo("username"); - assertThat(DigestAuthUtils.split(unsplit, "=")[1]).isEqualTo("\"rod==\"");// should + assertThat(DigestAuthUtils.split(unsplit, "=")[1]).isEqualTo("\"rod==\""); // should // not // remove // quotes diff --git a/web/src/test/java/org/springframework/security/web/jackson2/SavedCookieMixinTests.java b/web/src/test/java/org/springframework/security/web/jackson2/SavedCookieMixinTests.java index a477d2f02f..b58972c9be 100644 --- a/web/src/test/java/org/springframework/security/web/jackson2/SavedCookieMixinTests.java +++ b/web/src/test/java/org/springframework/security/web/jackson2/SavedCookieMixinTests.java @@ -84,7 +84,7 @@ public class SavedCookieMixinTests extends AbstractMixinTests { @Test @SuppressWarnings("unchecked") public void deserializeSavedCookieWithList() throws IOException, JSONException { - List savedCookies = (List)mapper.readValue(COOKIES_JSON, Object.class); + List savedCookies = (List) mapper.readValue(COOKIES_JSON, Object.class); assertThat(savedCookies).isNotNull().hasSize(1); assertThat(savedCookies.get(0).getName()).isEqualTo("SESSION"); assertThat(savedCookies.get(0).getValue()).isEqualTo("123456789"); diff --git a/web/src/test/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverterTests.java b/web/src/test/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverterTests.java index a3a6caf2b1..b10c1027eb 100644 --- a/web/src/test/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/ServerFormLoginAuthenticationConverterTests.java @@ -39,7 +39,7 @@ public class ServerFormLoginAuthenticationConverterTests { @Mock private ServerWebExchange exchange; - private MultiValueMap data = new LinkedMultiValueMap<>(); + private MultiValueMap data = new LinkedMultiValueMap<>(); private ServerFormLoginAuthenticationConverter converter = new ServerFormLoginAuthenticationConverter(); diff --git a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java index 745cfc9aa4..be21393beb 100644 --- a/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authentication/AuthenticationWebFilterTests.java @@ -56,7 +56,7 @@ public class AuthenticationWebFilterTests { @Mock private ServerAuthenticationSuccessHandler successHandler; @Mock - private Function> authenticationConverter; + private Function> authenticationConverter; @Mock private ReactiveAuthenticationManager authenticationManager; @Mock @@ -96,7 +96,7 @@ public class AuthenticationWebFilterTests { @Test public void filterWhenDefaultsAndAuthenticationSuccessThenContinues() { - when(this.authenticationManager.authenticate(any())).thenReturn(Mono.just(new TestingAuthenticationToken("test","this", "ROLE"))); + when(this.authenticationManager.authenticate(any())).thenReturn(Mono.just(new TestingAuthenticationToken("test", "this", "ROLE"))); this.filter = new AuthenticationWebFilter(this.authenticationManager); WebTestClient client = WebTestClientBuilder @@ -185,7 +185,7 @@ public class AuthenticationWebFilterTests { when(this.authenticationConverter.apply(any())).thenReturn(authentication); when(this.authenticationManager.authenticate(any())).thenReturn(authentication); when(this.successHandler.onAuthenticationSuccess(any(), any())).thenReturn(Mono.empty()); - when(this.securityContextRepository.save(any(),any())).thenAnswer( a -> Mono.just(a.getArguments()[0])); + when(this.securityContextRepository.save(any(), any())).thenAnswer( a -> Mono.just(a.getArguments()[0])); WebTestClient client = WebTestClientBuilder .bindToWebFilters(this.filter) @@ -231,7 +231,7 @@ public class AuthenticationWebFilterTests { Mono authentication = Mono.just(new TestingAuthenticationToken("test", "this", "ROLE_USER")); when(this.authenticationConverter.apply(any())).thenReturn(authentication); when(this.authenticationManager.authenticate(any())).thenReturn(Mono.error(new BadCredentialsException("Failed"))); - when(this.failureHandler.onAuthenticationFailure(any(),any())).thenReturn(Mono.empty()); + when(this.failureHandler.onAuthenticationFailure(any(), any())).thenReturn(Mono.empty()); WebTestClient client = WebTestClientBuilder .bindToWebFilters(this.filter) @@ -244,7 +244,7 @@ public class AuthenticationWebFilterTests { .expectStatus().isOk() .expectBody().isEmpty(); - verify(this.failureHandler).onAuthenticationFailure(any(),any()); + verify(this.failureHandler).onAuthenticationFailure(any(), any()); verify(this.securityContextRepository, never()).save(any(), any()); verifyZeroInteractions(this.successHandler); } diff --git a/web/src/test/java/org/springframework/security/web/server/authorization/AuthorizationWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/authorization/AuthorizationWebFilterTests.java index f44bb20f27..dd5566baa9 100644 --- a/web/src/test/java/org/springframework/security/web/server/authorization/AuthorizationWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/authorization/AuthorizationWebFilterTests.java @@ -50,7 +50,7 @@ public class AuthorizationWebFilterTests { @Test public void filterWhenNoSecurityContextThenThrowsAccessDenied() { when(this.chain.filter(this.exchange)).thenReturn(this.chainResult.mono()); - AuthorizationWebFilter filter = new AuthorizationWebFilter((a,e) -> Mono.error(new AccessDeniedException("Denied"))); + AuthorizationWebFilter filter = new AuthorizationWebFilter((a, e) -> Mono.error(new AccessDeniedException("Denied"))); Mono result = filter.filter(this.exchange, this.chain); @@ -63,7 +63,7 @@ public class AuthorizationWebFilterTests { @Test public void filterWhenNoAuthenticationThenThrowsAccessDenied() { when(this.chain.filter(this.exchange)).thenReturn(this.chainResult.mono()); - AuthorizationWebFilter filter = new AuthorizationWebFilter((a,e) -> Mono.error(new AccessDeniedException("Denied"))); + AuthorizationWebFilter filter = new AuthorizationWebFilter((a, e) -> Mono.error(new AccessDeniedException("Denied"))); Mono result = filter .filter(this.exchange, this.chain) @@ -78,11 +78,11 @@ public class AuthorizationWebFilterTests { @Test public void filterWhenAuthenticationThenThrowsAccessDenied() { when(this.chain.filter(this.exchange)).thenReturn(this.chainResult.mono()); - AuthorizationWebFilter filter = new AuthorizationWebFilter((a,e) -> Mono.error(new AccessDeniedException("Denied"))); + AuthorizationWebFilter filter = new AuthorizationWebFilter((a, e) -> Mono.error(new AccessDeniedException("Denied"))); Mono result = filter .filter(this.exchange, this.chain) - .subscriberContext(ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("a","b", "R"))); + .subscriberContext(ReactiveSecurityContextHolder.withAuthentication(new TestingAuthenticationToken("a", "b", "R"))); StepVerifier.create(result) .expectError(AccessDeniedException.class) @@ -94,7 +94,7 @@ public class AuthorizationWebFilterTests { public void filterWhenDoesNotAccessAuthenticationThenSecurityContextNotSubscribed() { PublisherProbe context = PublisherProbe.empty(); when(this.chain.filter(this.exchange)).thenReturn(this.chainResult.mono()); - AuthorizationWebFilter filter = new AuthorizationWebFilter((a,e) -> Mono.error(new AccessDeniedException("Denied"))); + AuthorizationWebFilter filter = new AuthorizationWebFilter((a, e) -> Mono.error(new AccessDeniedException("Denied"))); Mono result = filter .filter(this.exchange, this.chain) @@ -111,7 +111,7 @@ public class AuthorizationWebFilterTests { public void filterWhenGrantedAndDoesNotAccessAuthenticationThenChainSubscribedAndSecurityContextNotSubscribed() { PublisherProbe context = PublisherProbe.empty(); when(this.chain.filter(this.exchange)).thenReturn(this.chainResult.mono()); - AuthorizationWebFilter filter = new AuthorizationWebFilter((a,e) -> Mono.just(new AuthorizationDecision(true))); + AuthorizationWebFilter filter = new AuthorizationWebFilter((a, e) -> Mono.just(new AuthorizationDecision(true))); Mono result = filter .filter(this.exchange, this.chain) @@ -127,7 +127,7 @@ public class AuthorizationWebFilterTests { public void filterWhenGrantedAndDoeAccessAuthenticationThenChainSubscribedAndSecurityContextSubscribed() { PublisherProbe context = PublisherProbe.empty(); when(this.chain.filter(this.exchange)).thenReturn(this.chainResult.mono()); - AuthorizationWebFilter filter = new AuthorizationWebFilter((a,e) -> a + AuthorizationWebFilter filter = new AuthorizationWebFilter((a, e) -> a .map( auth -> new AuthorizationDecision(true)) .defaultIfEmpty(new AuthorizationDecision(true)) ); diff --git a/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java index c993a9e710..b1d177e032 100644 --- a/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/context/ReactorContextWebFilterTests.java @@ -74,7 +74,7 @@ public class ReactorContextWebFilterTests { @Test public void filterWhenGetPrincipalMonoThenNoInteractions() { - this.handler = WebTestHandler.bindToWebFilters(this.filter, (e,c) -> { + this.handler = WebTestHandler.bindToWebFilters(this.filter, (e, c) -> { ReactiveSecurityContextHolder.getContext(); return c.filter(e); }); @@ -88,7 +88,7 @@ public class ReactorContextWebFilterTests { public void filterWhenPrincipalAndGetPrincipalThenInteractAndUseOriginalPrincipal() { SecurityContextImpl context = new SecurityContextImpl(this.principal); when(this.repository.load(any())).thenReturn(Mono.just(context)); - this.handler = WebTestHandler.bindToWebFilters(this.filter, (e,c) -> + this.handler = WebTestHandler.bindToWebFilters(this.filter, (e, c) -> ReactiveSecurityContextHolder.getContext() .map(SecurityContext::getAuthentication) .doOnSuccess( p -> assertThat(p).isSameAs(this.principal)) diff --git a/web/src/test/java/org/springframework/security/web/server/context/SecurityContextServerWebExchangeWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/context/SecurityContextServerWebExchangeWebFilterTests.java index 80bcc6c140..ac9bd2821d 100644 --- a/web/src/test/java/org/springframework/security/web/server/context/SecurityContextServerWebExchangeWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/context/SecurityContextServerWebExchangeWebFilterTests.java @@ -36,7 +36,7 @@ import static org.assertj.core.api.Assertions.assertThat; public class SecurityContextServerWebExchangeWebFilterTests { SecurityContextServerWebExchangeWebFilter filter = new SecurityContextServerWebExchangeWebFilter(); - Authentication principal = new TestingAuthenticationToken("user","password", "ROLE_USER"); + Authentication principal = new TestingAuthenticationToken("user", "password", "ROLE_USER"); ServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/").build()); @@ -73,7 +73,7 @@ public class SecurityContextServerWebExchangeWebFilterTests { @Test public void filterWhenPrincipalNullThenContextEmpty() { - Authentication defaultAuthentication = new TestingAuthenticationToken("anonymouse","anonymous", "TEST"); + Authentication defaultAuthentication = new TestingAuthenticationToken("anonymouse", "anonymous", "TEST"); Mono result = this.filter.filter(this.exchange, new DefaultWebFilterChain( e -> e.getPrincipal() .defaultIfEmpty(defaultAuthentication) diff --git a/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java b/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java index 8e04159c4a..5d71162549 100644 --- a/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java +++ b/web/src/test/java/org/springframework/security/web/util/OnCommittedResponseWrapperTests.java @@ -94,9 +94,9 @@ public class OnCommittedResponseWrapperTests { int off = 2; int len = 3; - response.getWriter().write(buff,off,len); + response.getWriter().write(buff, off, len); - verify(writer).write(buff,off,len); + verify(writer).write(buff, off, len); } @Test @@ -114,9 +114,9 @@ public class OnCommittedResponseWrapperTests { int off = 2; int len = 3; - response.getWriter().write(s,off,len); + response.getWriter().write(s, off, len); - verify(writer).write(s,off,len); + verify(writer).write(s, off, len); } @Test @@ -602,7 +602,7 @@ public class OnCommittedResponseWrapperTests { int len = 3; response.setContentLength(3); - response.getWriter().write(buff,off,len); + response.getWriter().write(buff, off, len); assertThat(committed).isTrue(); } @@ -624,7 +624,7 @@ public class OnCommittedResponseWrapperTests { int len = 3; response.setContentLength(3); - response.getWriter().write(s,off,len); + response.getWriter().write(s, off, len); assertThat(committed).isTrue(); } @@ -1104,7 +1104,7 @@ public class OnCommittedResponseWrapperTests { @Test public void addHeaderContentLengthPrintWriterWriteStringCommits() throws Exception { int expected = 1234; - response.addHeader("Content-Length",String.valueOf(String.valueOf(expected).length())); + response.addHeader("Content-Length", String.valueOf(String.valueOf(expected).length())); response.getWriter().write(expected);