Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Mark GrantedAuthority#getAuthority as @Nullable

Browse Source 
Closes: gh-17999

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
This commit is contained in:
Andrey Litvitski
2025-10-11 18:42:33 +03:00
committed by Josh Cummings
parent eb43830260
commit 9b61533db2
6 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/main/java/org/springframework/security/authorization/AllRequiredFactorsAuthorizationManager.java
+1 -1
View File
@@ -99,7 +99,7 @@ public final class AllRequiredFactorsAuthorizationManager<T> implements Authoriz
private @Nullable RequiredFactorError requiredFactorError(RequiredFactor requiredFactor,
List<GrantedAuthority> currentFactors) {
Optional<GrantedAuthority> matchingAuthority = currentFactors.stream()
.filter((authority) -> authority.getAuthority().equals(requiredFactor.getAuthority()))
.filter((authority) -> Objects.equals(authority.getAuthority(), requiredFactor.getAuthority()))
.findFirst();
if (!matchingAuthority.isPresent()) {
return RequiredFactorError.createMissing(requiredFactor);
core/src/main/java/org/springframework/security/authorization/AuthorityReactiveAuthorizationManager.java
+3 -2
View File
@@ -17,6 +17,7 @@
package org.springframework.security.authorization;
import java.util.List;
import java.util.Objects;
import reactor.core.publisher.Mono;
@@ -47,8 +48,8 @@ public class AuthorityReactiveAuthorizationManager<T> implements ReactiveAuthori
// @formatter:off
return authentication.filter(Authentication::isAuthenticated)
.flatMapIterable(Authentication::getAuthorities)
.map(GrantedAuthority::getAuthority)
.any((grantedAuthority) -> this.authorities.stream().anyMatch((authority) -> authority.getAuthority().equals(grantedAuthority)))
.mapNotNull(GrantedAuthority::getAuthority)
.any((grantedAuthority) -> this.authorities.stream().anyMatch((authority) -> Objects.equals(authority.getAuthority(), grantedAuthority)))
.map((granted) -> ((AuthorizationResult) new AuthorityAuthorizationDecision(granted, this.authorities)))
.defaultIfEmpty(new AuthorityAuthorizationDecision(false, this.authorities));
// @formatter:on
core/src/main/java/org/springframework/security/core/GrantedAuthority.java
+3 -1
View File
@@ -18,6 +18,8 @@ package org.springframework.security.core;
import java.io.Serializable;
import org.jspecify.annotations.Nullable;
import org.springframework.security.authorization.AuthorizationManager;
/**
@@ -46,6 +48,6 @@ public interface GrantedAuthority extends Serializable {
* granted authority cannot be expressed as a <code>String</code> with sufficient
* precision).
*/
String getAuthority();
@Nullable String getAuthority();
}
core/src/main/java/org/springframework/security/core/authority/mapping/SimpleAuthorityMapper.java
+4 -1
View File
@@ -64,7 +64,10 @@ public final class SimpleAuthorityMapper implements GrantedAuthoritiesMapper, In
public Set<GrantedAuthority> mapAuthorities(Collection<? extends GrantedAuthority> authorities) {
HashSet<GrantedAuthority> mapped = new HashSet<>(authorities.size());
for (GrantedAuthority authority : authorities) {
mapped.add(mapAuthority(authority.getAuthority()));
String authorityStr = authority.getAuthority();
if (authorityStr != null) {
mapped.add(mapAuthority(authorityStr));
}
}
if (this.defaultAuthority != null) {
mapped.add(this.defaultAuthority);