Enable null-safety in spring-security-oauth2-core

Closes gh-17820

Author: jgrandja

oauth2/oauth2-core/spring-security-oauth2-core.gradle

@@ -1,5 +1,6 @@
 plugins {
 	id 'compile-warnings-error'
+	id 'security-nullability'
 }
 
 apply plugin: 'io.spring.convention.spring-module'

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/AbstractOAuth2Token.java

@@ -19,7 +19,8 @@
 import java.io.Serializable;
 import java.time.Instant;
 
-import org.springframework.lang.Nullable;
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.util.Assert;
 
 /**
@@ -37,9 +38,9 @@ public abstract class AbstractOAuth2Token implements OAuth2Token, Serializable {
 
 	private final String tokenValue;
 
-	private final Instant issuedAt;
+	private final @Nullable Instant issuedAt;
 
-	private final Instant expiresAt;
+	private final @Nullable Instant expiresAt;
 
 	/**
 	 * Sub-class constructor.
@@ -78,17 +79,15 @@ public String getTokenValue() {
 	 * Returns the time at which the token was issued.
 	 * @return the time the token was issued or {@code null}
 	 */
-	@Nullable
-	public Instant getIssuedAt() {
+	public @Nullable Instant getIssuedAt() {
 		return this.issuedAt;
 	}
 
 	/**
 	 * Returns the expiration time on or after which the token MUST NOT be accepted.
 	 * @return the token expiration time or {@code null}
 	 */
-	@Nullable
-	public Instant getExpiresAt() {
+	public @Nullable Instant getExpiresAt() {
 		return this.expiresAt;
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClaimAccessor.java

@@ -21,6 +21,8 @@
 import java.util.List;
 import java.util.Map;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.core.convert.TypeDescriptor;
 import org.springframework.security.oauth2.core.converter.ClaimConversionService;
 import org.springframework.util.Assert;
@@ -44,11 +46,11 @@ public interface ClaimAccessor {
 	 * type {@code T}.
 	 * @param claim the name of the claim
 	 * @param <T> the type of the claim value
-	 * @return the claim value
+	 * @return the claim value, or {@code null} if the claim does not exist
 	 * @since 5.2
 	 */
 	@SuppressWarnings("unchecked")
-	default <T> T getClaim(String claim) {
+	default <T> @Nullable T getClaim(String claim) {
 		return !hasClaim(claim) ? null : (T) getClaims().get(claim);
 	}
 
@@ -71,7 +73,7 @@ default boolean hasClaim(String claim) {
 	 * @return the claim value or {@code null} if it does not exist or is equal to
 	 * {@code null}
 	 */
-	default String getClaimAsString(String claim) {
+	default @Nullable String getClaimAsString(String claim) {
 		return !hasClaim(claim) ? null
 				: ClaimConversionService.getSharedInstance().convert(getClaims().get(claim), String.class);
 	}
@@ -85,7 +87,8 @@ default String getClaimAsString(String claim) {
 	 * {@code Boolean}
 	 * @throws NullPointerException if the claim value is {@code null}
 	 */
-	default Boolean getClaimAsBoolean(String claim) {
+	@SuppressWarnings("NullAway")
+	default @Nullable Boolean getClaimAsBoolean(String claim) {
 		if (!hasClaim(claim)) {
 			return null;
 		}
@@ -100,8 +103,12 @@ default Boolean getClaimAsBoolean(String claim) {
 	 * Returns the claim value as an {@code Instant} or {@code null} if it does not exist.
 	 * @param claim the name of the claim
 	 * @return the claim value or {@code null} if it does not exist
+	 * @throws IllegalArgumentException if the claim value cannot be converted to an
+	 * {@code Instant}
+	 * @throws NullPointerException if the claim value is {@code null}
 	 */
-	default Instant getClaimAsInstant(String claim) {
+	@SuppressWarnings("NullAway")
+	default @Nullable Instant getClaimAsInstant(String claim) {
 		if (!hasClaim(claim)) {
 			return null;
 		}
@@ -116,8 +123,12 @@ default Instant getClaimAsInstant(String claim) {
 	 * Returns the claim value as an {@code URL} or {@code null} if it does not exist.
 	 * @param claim the name of the claim
 	 * @return the claim value or {@code null} if it does not exist
+	 * @throws IllegalArgumentException if the claim value cannot be converted to a
+	 * {@code URL}
+	 * @throws NullPointerException if the claim value is {@code null}
 	 */
-	default URL getClaimAsURL(String claim) {
+	@SuppressWarnings("NullAway")
+	default @Nullable URL getClaimAsURL(String claim) {
 		if (!hasClaim(claim)) {
 			return null;
 		}
@@ -137,8 +148,8 @@ default URL getClaimAsURL(String claim) {
 	 * {@code Map}
 	 * @throws NullPointerException if the claim value is {@code null}
 	 */
-	@SuppressWarnings("unchecked")
-	default Map<String, Object> getClaimAsMap(String claim) {
+	@SuppressWarnings({ "unchecked", "NullAway" })
+	default @Nullable Map<String, Object> getClaimAsMap(String claim) {
 		if (!hasClaim(claim)) {
 			return null;
 		}
@@ -162,8 +173,8 @@ default Map<String, Object> getClaimAsMap(String claim) {
 	 * {@code List}
 	 * @throws NullPointerException if the claim value is {@code null}
 	 */
-	@SuppressWarnings("unchecked")
-	default List<String> getClaimAsStringList(String claim) {
+	@SuppressWarnings({ "unchecked", "NullAway" })
+	default @Nullable List<String> getClaimAsStringList(String claim) {
 		if (!hasClaim(claim)) {
 			return null;
 		}

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/ClientAuthenticationMethod.java

@@ -18,7 +18,6 @@
 
 import java.io.Serializable;
 
-import org.springframework.lang.NonNull;
 import org.springframework.util.Assert;
 
 /**
@@ -105,7 +104,6 @@ static ClientAuthenticationMethod[] methods() {
 	 * constant, if any
 	 * @since 6.5
 	 */
-	@NonNull
 	public static ClientAuthenticationMethod valueOf(String method) {
 		for (ClientAuthenticationMethod m : methods()) {
 			if (m.getValue().equals(method)) {

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/DefaultOAuth2AuthenticatedPrincipal.java

@@ -22,6 +22,8 @@
 import java.util.Collections;
 import java.util.Map;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.util.Assert;
@@ -58,17 +60,21 @@ public DefaultOAuth2AuthenticatedPrincipal(Map<String, Object> attributes,
 	/**
 	 * Constructs an {@code DefaultOAuth2AuthenticatedPrincipal} using the provided
 	 * parameters.
-	 * @param name the name attached to the OAuth 2.0 token
+	 * @param name the name attached to the OAuth 2.0 token, may be {@code null}
 	 * @param attributes the attributes of the OAuth 2.0 token
-	 * @param authorities the authorities of the OAuth 2.0 token
+	 * @param authorities the authorities of the OAuth 2.0 token, may be {@code null}
 	 */
-	public DefaultOAuth2AuthenticatedPrincipal(String name, Map<String, Object> attributes,
-			Collection<GrantedAuthority> authorities) {
+	public DefaultOAuth2AuthenticatedPrincipal(@Nullable String name, Map<String, Object> attributes,
+			@Nullable Collection<GrantedAuthority> authorities) {
 		Assert.notEmpty(attributes, "attributes cannot be empty");
 		this.attributes = Collections.unmodifiableMap(attributes);
 		this.authorities = (authorities != null) ? Collections.unmodifiableCollection(authorities)
 				: AuthorityUtils.NO_AUTHORITIES;
-		this.name = (name != null) ? name : (String) this.attributes.get("sub");
+		// Ensure name is never null - use 'sub' attribute as fallback, then empty string
+		// This satisfies AuthenticatedPrincipal.getName() contract which never returns
+		// null
+		String resolvedName = (name != null) ? name : (String) this.attributes.get("sub");
+		this.name = (resolvedName != null) ? resolvedName : "";
 	}
 
 	/**

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AccessToken.java

@@ -22,6 +22,8 @@
 import java.util.Collections;
 import java.util.Set;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.util.Assert;
 
 /**
@@ -52,25 +54,26 @@ public class OAuth2AccessToken extends AbstractOAuth2Token {
 	 * Constructs an {@code OAuth2AccessToken} using the provided parameters.
 	 * @param tokenType the token type
 	 * @param tokenValue the token value
-	 * @param issuedAt the time at which the token was issued
+	 * @param issuedAt the time at which the token was issued, may be {@code null}
 	 * @param expiresAt the expiration time on or after which the token MUST NOT be
-	 * accepted
+	 * accepted, may be {@code null}
 	 */
-	public OAuth2AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt) {
+	public OAuth2AccessToken(TokenType tokenType, String tokenValue, @Nullable Instant issuedAt,
+			@Nullable Instant expiresAt) {
 		this(tokenType, tokenValue, issuedAt, expiresAt, Collections.emptySet());
 	}
 
 	/**
 	 * Constructs an {@code OAuth2AccessToken} using the provided parameters.
 	 * @param tokenType the token type
 	 * @param tokenValue the token value
-	 * @param issuedAt the time at which the token was issued
+	 * @param issuedAt the time at which the token was issued, may be {@code null}
 	 * @param expiresAt the expiration time on or after which the token MUST NOT be
-	 * accepted
+	 * accepted, may be {@code null}
 	 * @param scopes the scope(s) associated to the token
 	 */
-	public OAuth2AccessToken(TokenType tokenType, String tokenValue, Instant issuedAt, Instant expiresAt,
-			Set<String> scopes) {
+	public OAuth2AccessToken(TokenType tokenType, String tokenValue, @Nullable Instant issuedAt,
+			@Nullable Instant expiresAt, Set<String> scopes) {
 		super(tokenValue, issuedAt, expiresAt);
 		Assert.notNull(tokenType, "tokenType cannot be null");
 		this.tokenType = tokenType;

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthenticatedPrincipal.java

@@ -19,7 +19,8 @@
 import java.util.Collection;
 import java.util.Map;
 
-import org.springframework.lang.Nullable;
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.security.core.AuthenticatedPrincipal;
 import org.springframework.security.core.GrantedAuthority;
 
@@ -38,9 +39,8 @@ public interface OAuth2AuthenticatedPrincipal extends AuthenticatedPrincipal {
 	 * @param <A> the type of the attribute
 	 * @return the attribute or {@code null} otherwise
 	 */
-	@Nullable
 	@SuppressWarnings("unchecked")
-	default <A> A getAttribute(String name) {
+	default <A> @Nullable A getAttribute(String name) {
 		return (A) getAttributes().get(name);
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2AuthenticationException.java

@@ -18,6 +18,8 @@
 
 import java.io.Serial;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.util.Assert;
@@ -77,22 +79,25 @@ public OAuth2AuthenticationException(OAuth2Error error, Throwable cause) {
 	/**
 	 * Constructs an {@code OAuth2AuthenticationException} using the provided parameters.
 	 * @param error the {@link OAuth2Error OAuth 2.0 Error}
-	 * @param message the detail message
+	 * @param message the detail message, may be {@code null}
 	 */
-	public OAuth2AuthenticationException(OAuth2Error error, String message) {
+	public OAuth2AuthenticationException(OAuth2Error error, @Nullable String message) {
 		this(error, message, null);
 	}
 
 	/**
 	 * Constructs an {@code OAuth2AuthenticationException} using the provided parameters.
 	 * @param error the {@link OAuth2Error OAuth 2.0 Error}
-	 * @param message the detail message
-	 * @param cause the root cause
+	 * @param message the detail message, may be {@code null}
+	 * @param cause the root cause, may be {@code null}
 	 */
-	public OAuth2AuthenticationException(OAuth2Error error, String message, Throwable cause) {
-		super(message, cause);
+	public OAuth2AuthenticationException(OAuth2Error error, @Nullable String message, @Nullable Throwable cause) {
+		super(message);
 		Assert.notNull(error, "error cannot be null");
 		this.error = error;
+		if (cause != null) {
+			initCause(cause);
+		}
 	}
 
 	/**

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2Error.java

@@ -18,6 +18,8 @@
 
 import java.io.Serializable;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.util.Assert;
 
 /**
@@ -41,9 +43,9 @@ public class OAuth2Error implements Serializable {
 
 	private final String errorCode;
 
-	private final String description;
+	private final @Nullable String description;
 
-	private final String uri;
+	private final @Nullable String uri;
 
 	/**
 	 * Constructs an {@code OAuth2Error} using the provided parameters.
@@ -56,10 +58,10 @@ public OAuth2Error(String errorCode) {
 	/**
 	 * Constructs an {@code OAuth2Error} using the provided parameters.
 	 * @param errorCode the error code
-	 * @param description the error description
-	 * @param uri the error uri
+	 * @param description the error description, may be {@code null}
+	 * @param uri the error uri, may be {@code null}
 	 */
-	public OAuth2Error(String errorCode, String description, String uri) {
+	public OAuth2Error(String errorCode, @Nullable String description, @Nullable String uri) {
 		Assert.hasText(errorCode, "errorCode cannot be empty");
 		this.errorCode = errorCode;
 		this.description = description;
@@ -76,17 +78,17 @@ public final String getErrorCode() {
 
 	/**
 	 * Returns the error description.
-	 * @return the error description
+	 * @return the error description, or {@code null} if not available
 	 */
-	public final String getDescription() {
+	public final @Nullable String getDescription() {
 		return this.description;
 	}
 
 	/**
 	 * Returns the error uri.
-	 * @return the error uri
+	 * @return the error uri, or {@code null} if not available
 	 */
-	public final String getUri() {
+	public final @Nullable String getUri() {
 		return this.uri;
 	}
 

oauth2/oauth2-core/src/main/java/org/springframework/security/oauth2/core/OAuth2RefreshToken.java

@@ -19,6 +19,8 @@
 import java.io.Serial;
 import java.time.Instant;
 
+import org.jspecify.annotations.Nullable;
+
 /**
  * An implementation of an {@link AbstractOAuth2Token} representing an OAuth 2.0 Refresh
  * Token.
@@ -43,20 +45,20 @@ public class OAuth2RefreshToken extends AbstractOAuth2Token {
 	/**
 	 * Constructs an {@code OAuth2RefreshToken} using the provided parameters.
 	 * @param tokenValue the token value
-	 * @param issuedAt the time at which the token was issued
+	 * @param issuedAt the time at which the token was issued, may be {@code null}
 	 */
-	public OAuth2RefreshToken(String tokenValue, Instant issuedAt) {
+	public OAuth2RefreshToken(String tokenValue, @Nullable Instant issuedAt) {
 		this(tokenValue, issuedAt, null);
 	}
 
 	/**
 	 * Constructs an {@code OAuth2RefreshToken} using the provided parameters.
 	 * @param tokenValue the token value
-	 * @param issuedAt the time at which the token was issued
-	 * @param expiresAt the time at which the token expires
+	 * @param issuedAt the time at which the token was issued, may be {@code null}
+	 * @param expiresAt the time at which the token expires, may be {@code null}
 	 * @since 5.5
 	 */
-	public OAuth2RefreshToken(String tokenValue, Instant issuedAt, Instant expiresAt) {
+	public OAuth2RefreshToken(String tokenValue, @Nullable Instant issuedAt, @Nullable Instant expiresAt) {
 		super(tokenValue, issuedAt, expiresAt);
 	}