Add nullability annotations to module/spring-boot-security-oauth2-resource-server

See gh-46587

Author: mhalbritter

module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/OAuth2ResourceServerProperties.java

@@ -23,6 +23,8 @@
 import java.util.Arrays;
 import java.util.List;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.source.InvalidConfigurationPropertyValueException;
 import org.springframework.core.io.Resource;
@@ -58,7 +60,7 @@ public static class Jwt {
 		/**
 		 * JSON Web Key URI to use to verify the JWT token.
 		 */
-		private String jwkSetUri;
+		private @Nullable String jwkSetUri;
 
 		/**
 		 * JSON Web Algorithms used for verifying the digital signatures.
@@ -69,12 +71,12 @@ public static class Jwt {
 		 * URI that can either be an OpenID Connect discovery endpoint or an OAuth 2.0
 		 * Authorization Server Metadata endpoint defined by RFC 8414.
 		 */
-		private String issuerUri;
+		private @Nullable String issuerUri;
 
 		/**
 		 * Location of the file containing the public key used to verify a JWT.
 		 */
-		private Resource publicKeyLocation;
+		private @Nullable Resource publicKeyLocation;
 
 		/**
 		 * Identifies the recipients that the JWT is intended for.
@@ -84,28 +86,28 @@ public static class Jwt {
 		/**
 		 * Prefix to use for authorities mapped from JWT.
 		 */
-		private String authorityPrefix;
+		private @Nullable String authorityPrefix;
 
 		/**
 		 * Regex to use for splitting the value of the authorities claim into authorities.
 		 */
-		private String authoritiesClaimDelimiter;
+		private @Nullable String authoritiesClaimDelimiter;
 
 		/**
 		 * Name of token claim to use for mapping authorities from JWT.
 		 */
-		private String authoritiesClaimName;
+		private @Nullable String authoritiesClaimName;
 
 		/**
 		 * JWT principal claim name.
 		 */
-		private String principalClaimName;
+		private @Nullable String principalClaimName;
 
-		public String getJwkSetUri() {
+		public @Nullable String getJwkSetUri() {
 			return this.jwkSetUri;
 		}
 
-		public void setJwkSetUri(String jwkSetUri) {
+		public void setJwkSetUri(@Nullable String jwkSetUri) {
 			this.jwkSetUri = jwkSetUri;
 		}
 
@@ -117,19 +119,19 @@ public void setJwsAlgorithms(List<String> jwsAlgorithms) {
 			this.jwsAlgorithms = jwsAlgorithms;
 		}
 
-		public String getIssuerUri() {
+		public @Nullable String getIssuerUri() {
 			return this.issuerUri;
 		}
 
-		public void setIssuerUri(String issuerUri) {
+		public void setIssuerUri(@Nullable String issuerUri) {
 			this.issuerUri = issuerUri;
 		}
 
-		public Resource getPublicKeyLocation() {
+		public @Nullable Resource getPublicKeyLocation() {
 			return this.publicKeyLocation;
 		}
 
-		public void setPublicKeyLocation(Resource publicKeyLocation) {
+		public void setPublicKeyLocation(@Nullable Resource publicKeyLocation) {
 			this.publicKeyLocation = publicKeyLocation;
 		}
 
@@ -141,35 +143,35 @@ public void setAudiences(List<String> audiences) {
 			this.audiences = audiences;
 		}
 
-		public String getAuthorityPrefix() {
+		public @Nullable String getAuthorityPrefix() {
 			return this.authorityPrefix;
 		}
 
-		public void setAuthorityPrefix(String authorityPrefix) {
+		public void setAuthorityPrefix(@Nullable String authorityPrefix) {
 			this.authorityPrefix = authorityPrefix;
 		}
 
-		public String getAuthoritiesClaimDelimiter() {
+		public @Nullable String getAuthoritiesClaimDelimiter() {
 			return this.authoritiesClaimDelimiter;
 		}
 
-		public void setAuthoritiesClaimDelimiter(String authoritiesClaimDelimiter) {
+		public void setAuthoritiesClaimDelimiter(@Nullable String authoritiesClaimDelimiter) {
 			this.authoritiesClaimDelimiter = authoritiesClaimDelimiter;
 		}
 
-		public String getAuthoritiesClaimName() {
+		public @Nullable String getAuthoritiesClaimName() {
 			return this.authoritiesClaimName;
 		}
 
-		public void setAuthoritiesClaimName(String authoritiesClaimName) {
+		public void setAuthoritiesClaimName(@Nullable String authoritiesClaimName) {
 			this.authoritiesClaimName = authoritiesClaimName;
 		}
 
-		public String getPrincipalClaimName() {
+		public @Nullable String getPrincipalClaimName() {
 			return this.principalClaimName;
 		}
 
-		public void setPrincipalClaimName(String principalClaimName) {
+		public void setPrincipalClaimName(@Nullable String principalClaimName) {
 			this.principalClaimName = principalClaimName;
 		}
 
@@ -195,39 +197,39 @@ public static class Opaquetoken {
 		/**
 		 * Client id used to authenticate with the token introspection endpoint.
 		 */
-		private String clientId;
+		private @Nullable String clientId;
 
 		/**
 		 * Client secret used to authenticate with the token introspection endpoint.
 		 */
-		private String clientSecret;
+		private @Nullable String clientSecret;
 
 		/**
 		 * OAuth 2.0 endpoint through which token introspection is accomplished.
 		 */
-		private String introspectionUri;
+		private @Nullable String introspectionUri;
 
-		public String getClientId() {
+		public @Nullable String getClientId() {
 			return this.clientId;
 		}
 
-		public void setClientId(String clientId) {
+		public void setClientId(@Nullable String clientId) {
 			this.clientId = clientId;
 		}
 
-		public String getClientSecret() {
+		public @Nullable String getClientSecret() {
 			return this.clientSecret;
 		}
 
-		public void setClientSecret(String clientSecret) {
+		public void setClientSecret(@Nullable String clientSecret) {
 			this.clientSecret = clientSecret;
 		}
 
-		public String getIntrospectionUri() {
+		public @Nullable String getIntrospectionUri() {
 			return this.introspectionUri;
 		}
 
-		public void setIntrospectionUri(String introspectionUri) {
+		public void setIntrospectionUri(@Nullable String introspectionUri) {
 			this.introspectionUri = introspectionUri;
 		}
 

module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/package-info.java

@@ -17,4 +17,7 @@
 /**
  * Support for Spring Security's OAuth2 resource server.
  */
+@NullMarked
 package org.springframework.boot.security.oauth2.server.resource.autoconfigure;
+
+import org.jspecify.annotations.NullMarked;

module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/ReactiveOAuth2ResourceServerJwkConfiguration.java

@@ -25,6 +25,8 @@
 import java.util.List;
 import java.util.Set;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.boot.autoconfigure.condition.AnyNestedCondition;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@@ -125,7 +127,7 @@ private JwtClaimValidator<List<String>> audValidator(List<String> audiences) {
 			return new JwtClaimValidator<>(JwtClaimNames.AUD, (aud) -> nullSafeDisjoint(aud, audiences));
 		}
 
-		private boolean nullSafeDisjoint(List<String> c1, List<String> c2) {
+		private boolean nullSafeDisjoint(@Nullable List<String> c1, List<String> c2) {
 			return c1 != null && !Collections.disjoint(c1, c2);
 		}
 

module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/reactive/package-info.java

@@ -17,4 +17,7 @@
 /**
  * Auto-configuration for Spring Security's Reactive OAuth2 resource server.
  */
+@NullMarked
 package org.springframework.boot.security.oauth2.server.resource.autoconfigure.reactive;
+
+import org.jspecify.annotations.NullMarked;

module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/OAuth2ResourceServerJwtConfiguration.java

@@ -25,6 +25,8 @@
 import java.util.List;
 import java.util.Set;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.beans.factory.ObjectProvider;
 import org.springframework.boot.autoconfigure.condition.AnyNestedCondition;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
@@ -124,7 +126,7 @@ private JwtClaimValidator<List<String>> audValidator(List<String> audiences) {
 			return new JwtClaimValidator<>(JwtClaimNames.AUD, (aud) -> nullSafeDisjoint(aud, audiences));
 		}
 
-		private boolean nullSafeDisjoint(List<String> c1, List<String> c2) {
+		private boolean nullSafeDisjoint(@Nullable List<String> c1, List<String> c2) {
 			return c1 != null && !Collections.disjoint(c1, c2);
 		}
 

module/spring-boot-security-oauth2-resource-server/src/main/java/org/springframework/boot/security/oauth2/server/resource/autoconfigure/servlet/package-info.java

@@ -17,4 +17,7 @@
 /**
  * Auto-configuration for Spring Security's OAuth2 resource server.
  */
+@NullMarked
 package org.springframework.boot.security.oauth2.server.resource.autoconfigure.servlet;
+
+import org.jspecify.annotations.NullMarked;