From 7abc1ae8dc400ea35382fd0da476692897af45fe Mon Sep 17 00:00:00 2001 From: alfonsoristorato Date: Sat, 13 Dec 2025 20:39:25 +0000 Subject: [PATCH 1/2] ensure JwtAuthenticationProvider.authenticate returns not null Authentication Signed-off-by: alfonsoristorato --- .../resource/authentication/JwtAuthenticationProvider.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java index d7daa116b54..89ed88599c0 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java @@ -21,6 +21,8 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.jspecify.annotations.NonNull; + import org.springframework.core.convert.converter.Converter; import org.springframework.security.authentication.AbstractAuthenticationToken; import org.springframework.security.authentication.AuthenticationProvider; @@ -83,7 +85,7 @@ public JwtAuthenticationProvider(JwtDecoder jwtDecoder) { * @throws AuthenticationException if authentication failed for some reason */ @Override - public Authentication authenticate(Authentication authentication) throws AuthenticationException { + public @NonNull Authentication authenticate(Authentication authentication) throws AuthenticationException { BearerTokenAuthenticationToken bearer = (BearerTokenAuthenticationToken) authentication; Jwt jwt = getJwt(bearer); AbstractAuthenticationToken token = this.jwtAuthenticationConverter.convert(jwt); From 74a15078a656e09f0960554cabe7cd7584e3bb82 Mon Sep 17 00:00:00 2001 From: alfonsoristorato Date: Sat, 13 Dec 2025 20:44:51 +0000 Subject: [PATCH 2/2] fix import order Signed-off-by: alfonsoristorato --- .../resource/authentication/JwtAuthenticationProvider.java | 1 - 1 file changed, 1 deletion(-) diff --git a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java index 89ed88599c0..5f56f509afa 100644 --- a/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java +++ b/oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtAuthenticationProvider.java @@ -20,7 +20,6 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; - import org.jspecify.annotations.NonNull; import org.springframework.core.convert.converter.Converter;