After adding jspecify support in the module that contains the
DaoAuthenticationProvider class, we actually changed the contract logic,
which is a good thing, and this commit fixes it.
Closes: gh-18781
Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
- Fix checkstyle
- Fix the test to use Collection that throws NullPointerException on .contains(null) to replicate the reported issue
Closes gh-18544
Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
- Saml2RuntimeHints consistently uses String in separate method for
to ensure no classpath issues
- Fix Whitespace/Checkstyle
- Add Missing Nullability Annotations
There are setters and builder methods that initialize members that are
`@Nullable` but do not accept `@Nullable` parameters.
For example:
```
private @Nullable Object foo;
public void setFoo(Object foo) {
this.foo = foo;
}
```
It is an unnecessary restriction that the parameter is unable to be null
since the field can be null.
This commit fixes these inconsistencies.
Closes gh-18618
- Update package-info to reference AuthorizationManager instead of AccessDecisionManager
- Improve RoleHierarchyUtils documentation with fromHierarchy() and builder-based alternatives
- Refine AuthenticationTrustResolver return description by removing redundant comma and symbol
Signed-off-by: chanjin-lee <chanjin23@naver.com>
1. Removed comment about not changing field name in a
serialized object as this is true for all fields in a
Java-serialize POJO
2. Added example value for the constructor that demonstrates
the relationship between a role and an authority
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1. Add Javadoc to state that role is prefixed.
2. Rename constructor argument from `role` to `authority` for better readability.
Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
This commit does not cover webauthn which is a special case (uses
jackson sub-package for Jackson 2 support) which will be handled in
a distinct commit.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
This commit adds support for Jackson 3 which has the following
major differences with the Jackson 2 one:
- jackson subpackage instead of jackson2
- Jackson type prefix instead of Jackson2
- JsonMapper instead of ObjectMapper
- For configuration, JsonMapper.Builder instead of ObjectMapper
since the latter is now immutable
- Remove custom support for unmodifiable collections
- Use safe default typing via a PolymorphicTypeValidator
Jackson 3 changes compared to Jackson 2 are documented in
https://cowtowncoder.medium.com/jackson-3-0-0-ga-released-1f669cda529a
and
https://github.com/FasterXML/jackson/blob/main/jackson3/MIGRATING_TO_JACKSON_3.md.
This commit does not cover webauthn which is a special case (uses
jackson sub-package for Jackson 2 support) which will be handled in
a distinct commit.
See gh-17832
Signed-off-by: Sébastien Deleuze <sdeleuze@users.noreply.github.com>
Since RC1 is right around the corner, let's change the API
footprint as little as possible by using reflection to check
if a class has declared toBuilder themselves. If they have, we
can assume that that class's builder will produce that class.
Issue gh-18052
