Annotate AuthenticationTrustResolver methods with @Nullable

Since AuthenticationTrustResolver can handle null arguments (this is
also stated in the implementation of this interface), we should mark
these arguments as `@Nullable`.

Closes: gh-17764

Signed-off-by: Andrey Litvitski <[email protected]>

Author: therepanic

core/src/main/java/org/springframework/security/authentication/AuthenticationTrustResolver.java

@@ -16,6 +16,7 @@
 
 package org.springframework.security.authentication;
 
+import org.jspecify.annotations.Nullable;
 import org.springframework.security.core.Authentication;
 
 /**
@@ -37,7 +38,7 @@ public interface AuthenticationTrustResolver {
 	 * @return <code>true</code> the passed authentication token represented an anonymous
 	 * principal, <code>false</code> otherwise
 	 */
-	boolean isAnonymous(Authentication authentication);
+	boolean isAnonymous(@Nullable Authentication authentication);
 
 	/**
 	 * Indicates whether the passed <code>Authentication</code> token represents user that
@@ -51,7 +52,7 @@ public interface AuthenticationTrustResolver {
 	 * @return <code>true</code> the passed authentication token represented a principal
 	 * authenticated using a remember-me token, <code>false</code> otherwise
 	 */
-	boolean isRememberMe(Authentication authentication);
+	boolean isRememberMe(@Nullable Authentication authentication);
 
 	/**
 	 * Indicates whether the passed <code>Authentication</code> token represents a fully
@@ -66,7 +67,7 @@ public interface AuthenticationTrustResolver {
 	 * {@link #isRememberMe(Authentication)}, <code>false</code> otherwise
 	 * @since 6.1
 	 */
-	default boolean isFullyAuthenticated(Authentication authentication) {
+	default boolean isFullyAuthenticated(@Nullable Authentication authentication) {
 		return isAuthenticated(authentication) && !isRememberMe(authentication);
 	}
 
@@ -78,7 +79,7 @@ default boolean isFullyAuthenticated(Authentication authentication) {
 	 * {@link Authentication#isAuthenticated()} is true.
 	 * @since 6.1.7
 	 */
-	default boolean isAuthenticated(Authentication authentication) {
+	default boolean isAuthenticated(@Nullable Authentication authentication) {
 		return authentication != null && authentication.isAuthenticated() && !isAnonymous(authentication);
 	}
 

core/src/main/java/org/springframework/security/authentication/AuthenticationTrustResolverImpl.java

@@ -16,6 +16,7 @@
 
 package org.springframework.security.authentication;
 
+import org.jspecify.annotations.Nullable;
 import org.springframework.security.core.Authentication;
 
 /**
@@ -44,15 +45,15 @@ Class<? extends Authentication> getRememberMeClass() {
 	}
 
 	@Override
-	public boolean isAnonymous(Authentication authentication) {
+	public boolean isAnonymous(@Nullable Authentication authentication) {
 		if ((this.anonymousClass == null) || (authentication == null)) {
 			return false;
 		}
 		return this.anonymousClass.isAssignableFrom(authentication.getClass());
 	}
 
 	@Override
-	public boolean isRememberMe(Authentication authentication) {
+	public boolean isRememberMe(@Nullable Authentication authentication) {
 		if ((this.rememberMeClass == null) || (authentication == null)) {
 			return false;
 		}