Add nullability annotations to module/spring-boot-security-oauth2-authorization-server

mhalbritter · mhalbritter · commit e53f90bafe65 · 2025-08-06T10:13:38.000+02:00
See gh-46587
diff --git a/module/spring-boot-security-oauth2-authorization-server/src/main/java/org/springframework/boot/security/oauth2/server/authorization/autoconfigure/servlet/OAuth2AuthorizationServerProperties.java b/module/spring-boot-security-oauth2-authorization-server/src/main/java/org/springframework/boot/security/oauth2/server/authorization/autoconfigure/servlet/OAuth2AuthorizationServerProperties.java
@@ -22,6 +22,8 @@
 import java.util.Map;
 import java.util.Set;
 
+import org.jspecify.annotations.Nullable;
+
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.NestedConfigurationProperty;
@@ -41,7 +43,7 @@ public class OAuth2AuthorizationServerProperties implements InitializingBean {
 	/**
 	 * URL of the Authorization Server's Issuer Identifier.
 	 */
-	private String issuer;
+	private @Nullable String issuer;
 
 	/**
 	 * Whether multiple issuers are allowed per host. Using path components in the URL of
@@ -68,11 +70,11 @@ public void setMultipleIssuersAllowed(boolean multipleIssuersAllowed) {
 		this.multipleIssuersAllowed = multipleIssuersAllowed;
 	}
 
-	public String getIssuer() {
+	public @Nullable String getIssuer() {
 		return this.issuer;
 	}
 
-	public void setIssuer(String issuer) {
+	public void setIssuer(@Nullable String issuer) {
 		this.issuer = issuer;
 	}
 
@@ -297,14 +299,14 @@ public static class Client {
 		/**
 		 * URL for the client's JSON Web Key Set.
 		 */
-		private String jwkSetUri;
+		private @Nullable String jwkSetUri;
 
 		/**
 		 * JWS algorithm that must be used for signing the JWT used to authenticate the
 		 * client at the Token Endpoint for the {@code private_key_jwt} and
 		 * {@code client_secret_jwt} authentication methods.
 		 */
-		private String tokenEndpointAuthenticationSigningAlgorithm;
+		private @Nullable String tokenEndpointAuthenticationSigningAlgorithm;
 
 		/**
 		 * Token settings of the registered client.
@@ -332,19 +334,20 @@ public void setRequireAuthorizationConsent(boolean requireAuthorizationConsent)
 			this.requireAuthorizationConsent = requireAuthorizationConsent;
 		}
 
-		public String getJwkSetUri() {
+		public @Nullable String getJwkSetUri() {
 			return this.jwkSetUri;
 		}
 
-		public void setJwkSetUri(String jwkSetUri) {
+		public void setJwkSetUri(@Nullable String jwkSetUri) {
 			this.jwkSetUri = jwkSetUri;
 		}
 
-		public String getTokenEndpointAuthenticationSigningAlgorithm() {
+		public @Nullable String getTokenEndpointAuthenticationSigningAlgorithm() {
 			return this.tokenEndpointAuthenticationSigningAlgorithm;
 		}
 
-		public void setTokenEndpointAuthenticationSigningAlgorithm(String tokenEndpointAuthenticationSigningAlgorithm) {
+		public void setTokenEndpointAuthenticationSigningAlgorithm(
+				@Nullable String tokenEndpointAuthenticationSigningAlgorithm) {
 			this.tokenEndpointAuthenticationSigningAlgorithm = tokenEndpointAuthenticationSigningAlgorithm;
 		}
 
@@ -362,17 +365,17 @@ public static class Registration {
 		/**
 		 * Client ID of the registration.
 		 */
-		private String clientId;
+		private @Nullable String clientId;
 
 		/**
 		 * Client secret of the registration. May be left blank for a public client.
 		 */
-		private String clientSecret;
+		private @Nullable String clientSecret;
 
 		/**
 		 * Name of the client.
 		 */
-		private String clientName;
+		private @Nullable String clientName;
 
 		/**
 		 * Client authentication method(s) that the client may use.
@@ -399,27 +402,27 @@ public static class Registration {
 		 */
 		private Set<String> scopes = new HashSet<>();
 
-		public String getClientId() {
+		public @Nullable String getClientId() {
 			return this.clientId;
 		}
 
-		public void setClientId(String clientId) {
+		public void setClientId(@Nullable String clientId) {
 			this.clientId = clientId;
 		}
 
-		public String getClientSecret() {
+		public @Nullable String getClientSecret() {
 			return this.clientSecret;
 		}
 
-		public void setClientSecret(String clientSecret) {
+		public void setClientSecret(@Nullable String clientSecret) {
 			this.clientSecret = clientSecret;
 		}
 
-		public String getClientName() {
+		public @Nullable String getClientName() {
 			return this.clientName;
 		}
 
-		public void setClientName(String clientName) {
+		public void setClientName(@Nullable String clientName) {
 			this.clientName = clientName;
 		}
 
diff --git a/module/spring-boot-security-oauth2-authorization-server/src/main/java/org/springframework/boot/security/oauth2/server/authorization/autoconfigure/servlet/package-info.java b/module/spring-boot-security-oauth2-authorization-server/src/main/java/org/springframework/boot/security/oauth2/server/authorization/autoconfigure/servlet/package-info.java
@@ -17,4 +17,7 @@
 /**
  * Auto-configuration for Spring Security's OAuth2 authorization server.
  */
+@NullMarked
 package org.springframework.boot.security.oauth2.server.authorization.autoconfigure.servlet;
+
+import org.jspecify.annotations.NullMarked;
