Skip to content

Refactor OAuth2 Client Deprecate Calls#18513

Closed
paulvas wants to merge 1 commit into
spring-projects:7.0.xfrom
paulvas:fix/oauth2-client-deprecated-calls
Closed

Refactor OAuth2 Client Deprecate Calls#18513
paulvas wants to merge 1 commit into
spring-projects:7.0.xfrom
paulvas:fix/oauth2-client-deprecated-calls

Conversation

@paulvas

@paulvas paulvas commented Jan 16, 2026

Copy link
Copy Markdown
Contributor

This pull request updates the OAuth2 client codebase to improve nullability annotations and enhance thread safety and static analysis in token expiration checks. The most important changes are grouped below:

Nullability annotation improvements:

  • Replaces org.springframework.lang.Nullable with org.jspecify.annotations.Nullable throughout the OAuth2 client codebase to standardize nullability annotations. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]

  • Updates method signatures by moving the @Nullable annotation inline with method declarations for authorize and getAuthorizedClient methods in various classes and interfaces, improving code clarity and consistency. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]

Token expiration check improvements:

  • Refactors the hasTokenExpired method in several providers to store the token's expiration time in a local variable before performing null checks and calculations. This change improves thread safety and prevents potential null pointer exceptions flagged by static analysis tools. [1] [2] [3] [4] [5] [6]

@paulvas
- Remove deprecated OAuth2 client Jackson2 serialization support and …
f0916ab 
…related tests

- Refactor and modernize OAuth2 client provider and test code
- Update to new Jackson and HTTP message converter APIs in tests
- Minor bug fixes and code style improvements
Closes spring-projectsgh-18433
Signed-off-by: paulvas <paulvas@gmail.com>
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Jan 16, 2026
@jgrandja

jgrandja commented Jan 16, 2026

Copy link
Copy Markdown
Collaborator

@paulvas I'm currently working on adding Nullability to the oauth2 modules. In general, the team is handling all the Nullability enhancements for the remaining modules. I'll go ahead and close this PR.

See gh-16882

@jgrandja jgrandja closed this Jan 16, 2026
@jgrandja jgrandja self-assigned this Jan 16, 2026
@jgrandja jgrandja added status: declined A suggestion or change that we don't feel we should currently apply in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Jan 16, 2026
@paulvas

paulvas commented Jan 16, 2026

Copy link
Copy Markdown
Contributor Author

@jgrandja, should I open another PR for remaining changes?

@jgrandja

jgrandja commented Jan 16, 2026

Copy link
Copy Markdown
Collaborator

@paulvas Sure, as long it's not related to Nullability.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@jgrandja jgrandja

Labels

in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: declined A suggestion or change that we don't feel we should currently apply

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@paulvas @jgrandja @spring-projects-issues